Skip to content

Commit c3219ef

Browse files
committed
feat (secruity): prepare repo for public release
1 parent 93a3c98 commit c3219ef

12 files changed

Lines changed: 274 additions & 101 deletions

LICENSE

Lines changed: 29 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,29 @@
1+
Apache License
2+
Version 2.0, January 2004
3+
http://www.apache.org/licenses/
4+
5+
Copyright (c) 2025 ThinkAI Platform
6+
7+
LICENSED UNDER THE APACHE LICENSE, VERSION 2.0 (THE "LICENSE");
8+
YOU MAY NOT USE THIS FILE EXCEPT IN COMPLIANCE WITH THE LICENSE.
9+
YOU MAY OBTAIN A COPY OF THE LICENSE AT
10+
11+
http://www.apache.org/licenses/LICENSE-2.0
12+
13+
UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING, SOFTWARE
14+
DISTRIBUTED UNDER THE LICENSE IS DISTRIBUTED ON AN "AS IS" BASIS,
15+
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
16+
SEE THE LICENSE FOR THE SPECIFIC LANGUAGE GOVERNING PERMISSIONS AND
17+
LIMITATIONS UNDER THE LICENSE.
18+
19+
-----------------------------------------------------------------------------
20+
21+
ATTRIBUTION REQUIREMENT:
22+
23+
When using or adapting ThinkAI Platform for hackathons, events, or other
24+
public uses, attribution must be provided in a visible manner, such as:
25+
26+
"Powered by ThinkAI Platform - https://github.com/1337-Artificial-Intelligence/thinkai_main"
27+
28+
This attribution must be visible in the user interface, documentation, and any
29+
promotional materials for the event or hackathon.

README.md

Lines changed: 104 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,104 @@
1+
# ThinkAI Platform
2+
3+
ThinkAI is an AI learning and challenge platform designed to help students and teams collaborate on AI projects and challenges.
4+
5+
## Features
6+
7+
- User authentication and role-based access control (admin, mentor, team)
8+
- Challenge creation and management
9+
- Team collaboration tools
10+
- Project submission and validation
11+
12+
## Project Structure
13+
14+
The project is divided into two main parts:
15+
16+
- **Backend**: Node.js API with Express and MongoDB
17+
- **Frontend**: React application with modern UI components
18+
19+
## Setup and Installation
20+
21+
### Prerequisites
22+
23+
- Node.js (v14 or higher)
24+
- MongoDB
25+
- npm or yarn
26+
27+
### Backend Setup
28+
29+
1. Navigate to the backend directory:
30+
```bash
31+
cd backend
32+
```
33+
34+
2. Install dependencies:
35+
```bash
36+
npm install
37+
```
38+
39+
3. Create a `.env` file based on `.env.example`:
40+
```bash
41+
cp .env.example .env
42+
```
43+
44+
4. Update the `.env` file with your configuration values
45+
46+
5. Start the development server:
47+
```bash
48+
npm run dev
49+
```
50+
51+
### Frontend Setup
52+
53+
1. Navigate to the frontend directory:
54+
```bash
55+
cd frontend
56+
```
57+
58+
2. Install dependencies:
59+
```bash
60+
npm install
61+
```
62+
63+
3. Start the development server:
64+
```bash
65+
npm start
66+
```
67+
68+
## Scripts
69+
70+
The repository contains several utility scripts in the `backend/src/scripts` directory:
71+
72+
- `createAdmin.js`: Creates an admin user
73+
- `createMentor.js`: Creates mentor accounts from a CSV file
74+
- `createTeams.js`: Creates team accounts from a CSV file
75+
76+
For security reasons, sensitive data files are not included in the repository. Template files are provided that show the required format.
77+
78+
## Configuration
79+
80+
All sensitive configuration is managed through environment variables. See `.env.example` for required variables.
81+
82+
## Contributing
83+
84+
Contributions are welcome! Please feel free to submit a Pull Request.
85+
86+
1. Fork the repository
87+
2. Create your feature branch (`git checkout -b feature/amazing-feature`)
88+
3. Commit your changes (`git commit -m 'Add some amazing feature'`)
89+
4. Push to the branch (`git push origin feature/amazing-feature`)
90+
5. Open a Pull Request
91+
92+
## License
93+
94+
This project is licensed under the Apache License 2.0 - see the [LICENSE](LICENSE) file for details.
95+
96+
### Attribution Requirement
97+
98+
When using ThinkAI Platform for hackathons, events, or other public uses, attribution must be provided:
99+
100+
```
101+
Powered by ThinkAI Platform - https://github.com/1337-Artificial-Intelligence/thinkai_main
102+
```
103+
104+
This attribution must be visible in the user interface, documentation, and any promotional materials for the event or hackathon.

backend/.env.example

Lines changed: 8 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2,4 +2,11 @@ PORT=5000
22
MONGODB_URI=mongodb://localhost:27017/thinkai
33
JWT_SECRET=your_jwt_secret_key_here
44
JWT_EXPIRES_IN=24h
5-
NODE_ENV=development
5+
NODE_ENV=development
6+
7+
# Admin credentials
8+
ADMIN_PASSWORD=your_secure_admin_password_here
9+
10+
# CSV file paths (absolute paths or relative to script directory)
11+
MENTORS_CSV_PATH=./path/to/mentors.csv
12+
TEAMS_CSV_PATH=./path/to/teams.csv

backend/.gitignore

Lines changed: 7 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -133,4 +133,10 @@ dist
133133
.yarn/unplugged
134134
.yarn/build-state.yml
135135
.yarn/install-state.gz
136-
.pnp.*
136+
.pnp.*
137+
138+
# Sensitive data files
139+
/src/scripts/mentors.csv
140+
/src/scripts/teams.csv
141+
# Keep template files
142+
!/src/scripts/*.template.csv

backend/package-lock.json

Lines changed: 1 addition & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

backend/src/scripts/createAdmin.js

Lines changed: 7 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,9 @@ require('dotenv').config();
22
const mongoose = require('mongoose');
33
const bcrypt = require('bcryptjs');
44

5+
// Default admin password for development only - should be overridden by environment variable
6+
const DEFAULT_ADMIN_PASSWORD = 'development_password_only';
7+
58
async function createAdmin() {
69
try {
710
// Connect to MongoDB
@@ -14,9 +17,12 @@ async function createAdmin() {
1417
await mongoose.connection.collection('teams').deleteOne({ teamName: 'admin' });
1518
console.log('Deleted existing admin if any');
1619

20+
// Get admin password from environment variable or use default (for development only)
21+
const adminPassword = process.env.ADMIN_PASSWORD || DEFAULT_ADMIN_PASSWORD;
22+
1723
// Hash password
1824
const salt = await bcrypt.genSalt(10);
19-
const hashedPassword = await bcrypt.hash('0m@L@APKpJmLT8', salt);
25+
const hashedPassword = await bcrypt.hash(adminPassword, salt);
2026
console.log('Generated hashed password');
2127

2228
// Create admin user directly in MongoDB to bypass any model validation

backend/src/scripts/createMentor.js

Lines changed: 32 additions & 25 deletions
Original file line numberDiff line numberDiff line change
@@ -3,6 +3,7 @@ const mongoose = require('mongoose');
33
const bcrypt = require('bcryptjs');
44
const fs = require('fs');
55
const csv = require('csv-parser');
6+
const path = require('path');
67

78
async function creatementorsFromCSV() {
89
try {
@@ -15,8 +16,12 @@ async function creatementorsFromCSV() {
1516
// Read and parse CSV file
1617
const mentors = [];
1718

19+
// Get CSV path from environment variable or use default path
20+
const csvPath = process.env.MENTORS_CSV_PATH || path.join(__dirname, 'mentors.csv');
21+
console.log(`Reading mentors from: ${csvPath}`);
22+
1823
await new Promise((resolve, reject) => {
19-
fs.createReadStream('mentors.csv')
24+
fs.createReadStream(csvPath)
2025
.pipe(csv())
2126
.on('data', (row) => {
2227
// Extract mentor data from CSV row
@@ -36,48 +41,50 @@ async function creatementorsFromCSV() {
3641

3742
console.log(`Found ${mentors.length} mentors in CSV file`);
3843

39-
// Clear existing mentors (optional - remove this if you want to keep existing mentors)
40-
// await mongoose.connection.collection('mentors').deleteMany({});
41-
// console.log('Cleared existing mentors');
44+
// We are updating existing mentors with new passwords
45+
console.log('Updating existing mentors with new passwords');
4246

4347

44-
// Create mentors in database
45-
const createdMentors = [];
48+
// Update mentors in database
49+
const updatedMentors = [];
4650

4751
for (const mentor of mentors) {
4852
try {
49-
// Generate a unique 5-character password for each mentor
53+
// Generate a unique password hash for each mentor
5054
const salt = await bcrypt.genSalt(10);
5155
const hashedPassword = await bcrypt.hash(mentor.mentorPassword, salt);
5256

53-
const mentorDoc = {
54-
teamName: mentor.mentorName,
55-
password: hashedPassword,
56-
role: 'mentor', // Default role for mentors
57-
isActive: true,
58-
createdAt: new Date(),
59-
updatedAt: new Date()
60-
};
61-
62-
const result = await mongoose.connection.collection('teams').insertOne(mentorDoc);
57+
// Update existing mentor with new password
58+
const result = await mongoose.connection.collection('teams').updateOne(
59+
{ teamName: mentor.mentorName },
60+
{
61+
$set: {
62+
password: hashedPassword,
63+
updatedAt: new Date()
64+
}
65+
}
66+
);
6367

64-
createdMentors.push({
65-
id: result.insertedId,
66-
mentorName: mentor.mentorName,
67-
password: mentor.mentorPassword // Store the plain password for display
68-
});
68+
if (result.matchedCount > 0) {
69+
updatedMentors.push({
70+
mentorName: mentor.mentorName,
71+
password: mentor.mentorPassword // Store the plain password for display
72+
});
73+
} else {
74+
console.log(`No mentor found with username: ${mentor.mentorName}`);
75+
}
6976
} catch (error) {
7077
console.error(`Error creating mentor ${mentor.mentorName}:`, error.message);
7178
}
7279
}
7380

7481
console.log('\n=== SUMMARY ===');
75-
console.log(`Successfully created ${createdMentors.length} mentors:`);
76-
createdMentors.forEach(mentor => {
82+
console.log(`Successfully updated ${updatedMentors.length} mentors:`);
83+
updatedMentors.forEach(mentor => {
7784
console.log(`${mentor.mentorName},${mentor.password}`);
7885
});
7986

80-
console.log('\nIMPORTANT: Save these passwords! Each mentor has a unique 5-character password.');
87+
console.log('\nIMPORTANT: Save these new passwords! Make sure to distribute them to the mentors.');
8188

8289
} catch (error) {
8390
console.error('Error creating mentors from CSV:', error);

0 commit comments

Comments
 (0)