Supertokens auth patch

[heyitsmass]

Description

Implementation and conversion of the supertokens backend auth along with general clean up and refactoring associated with it.

A major change is the additional of Terms Of Use, Priacy Policy, Data Disclaimer, Data Request Form, and The Skeleton for the Cookie Policy was created. This is a placed in a static footer across every route in the homepage.

• See: /home/policies/

  Motivation and Context

  The current auth implementation works but doesn't integrate well with other third party integrations, Supertokens already has prebuilt UI's, login flows, user dashboards, and other useful tools that gives us a proper authentication system powered by a trusted backend.

  Screenshot:

- Login Screen (CSS To be updated)

- Sign Up (CSS To be updated)

- Forgot Password

- User Management Dashboard Login

- User Dashboard

- User Data

- /home route protection

- Sign in

- Sign out

- Sign Up

- Sign up/in with Discord

- Sign up/in with Google

- Sign up/in with Facebook

- Sign up/in with Github

- Additional Notes

Not visible in the repo are the two backend servers setup for the supertokens auth; These are run on a self-hosted nginx reverse proxied server with proper SSL certification and validation.

- The Supertokens auth backend;

Visit: https://baypi.bayview.dev/api/hello to validate it's working - API requests outside of 'hello' require an API token for valid request.

You should see Hello in the browser.

Any request performed on the website via supertokens travels through this backend server for authentication

- The Cockroach DB three node SQL cluster:

Supertokens does not support logging into and signing up for the website with MongoDB as a backend database integration, Thus we needed a reliable SQL cluster to handle all of the secure user data. Thus a Three node CockroachDB cluster was implemented.

Visit http://baypi.bayview.dev/dashboard to validate it's working

Credentials have been provided in the environment variables if you are a contributor.

Other general reactors were made to improve the structure of the project:

• The /home/[id] was removed and it's files were moved into the parent; The primary route is now /home and the users ID is loaded into the context on sign-in
• Notifiers were moved into their own folder, See - /lib/notifier
• The Coordinated Itinerary was removed
• The Models were separated into the unique components, See -/models/
  • Backwards compatibility support has been added as to not break current implementation
• The User type was removed in favor of the supertokens type and the _id now populates the Itinerary Section
  • Itineraries are automatically created for a user when they sign up and stored into mongoose, they're reloaded into the context when the user logs in
  • The Start and End Date were removed in favor of querying the first and last event for less overhead
    • The ItineraryManager was moved into the /lib folder as it defines implementation now instead of types
    • The TopBar was updated to support the current user and logging out with SuperTokens
    • The Python API files were deprecated and moved into /deprecated as it's no longer going to be used for Legal purposes however will remain as it's a working proof of concept.

Types of changes

• [ ] Bug fix (non-breaking change which fixes an issue)
• [X] New feature (non-breaking change which adds functionality)
• [X] Refactoring (non-breaking change)
• [ ] Breaking change (fix or feature that would cause existing functionality to change)

Checklist:

• [X] My code follows the code style of this project.
• [ ] My change requires a change to the documentation.
• [ ] I have updated the documentation accordingly.
• [X] I have read the CONTRIBUTING document.
• [ ] I have added tests to cover my changes.

[vercel[bot]]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
bay-view	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Nov 21, 2023 8:32am