Merge pull request #49 from GBSL-Informatik/refactor/better-auth

Refactor/better auth

Author: lebalz

.eslintrc.json

@@ -0,0 +1,28 @@
+{
+  "env": {
+    "es2021": true,
+    "node": true
+  },
+  "extends": ["prettier"],
+  "plugins": ["prettier", "@typescript-eslint"],
+  "parserOptions": {
+    "ecmaVersion": "latest",
+    "sourceType": "module"
+  },
+  "rules": {
+    "prettier/prettier": [
+      "error",
+      {
+        "arrowParens": "always",
+        "bracketSpacing": true,
+        "bracketSameLine": false,
+        "printWidth": 110,
+        "proseWrap": "never",
+        "singleQuote": true,
+        "trailingComma": "none",
+        "tabWidth": 4
+      }
+    ]
+  },
+  "parser": "@typescript-eslint/parser"
+}

.github/workflows/prettier-check.yml

@@ -17,7 +17,7 @@ jobs:
       - name: Set up Node.js
         uses: actions/setup-node@v4
         with:
-          node-version: '>=22.11'
+          node-version: '>=22.15'
 
       - name: Install dependencies
         run: yarn install

.gitignore

@@ -4,7 +4,8 @@ node_modules
 docs/prisma/**/*
 docs/*.svg
 dist/
+build/
 # Sentry Config File
 .sentryclirc
-
+*.dump
 src/generated/prisma

.prettierrc

@@ -7,4 +7,4 @@
     "singleQuote": true,
     "trailingComma": "none",
     "tabWidth": 4
-}
+}

README.md

@@ -296,16 +296,17 @@ dokku letsencrypt:enable dev-teaching-api
 ## when it succeeds, re-enable the cloudflare proxy for domain.tld...
 ```
 
-### Speed Improvements
-If the API and the Database are running on the same server, you can improve the speed by disabling the tcp connection for the database. This can be done by setting the `DATABASE_URL` to `postgresql://teaching_website:teaching_website@localhost/teaching_website?sslmode=disable`.
-
-## Troubleshooting
+## Dump from production
 
-> [!Caution]
-> Authentication Error: When your API can not authenticate requests
->  - set the debug level in authConfig to 'info' and check the logs
->  - when it is a 401 error and the issue is about `Strategy.prototype.jwtVerify can not verify the token`, ensure to set `"requestedAccessTokenVersion": 2` in the API manifest (!! **not** in the Frontend's manifest, there it must still be `null` !!)
+```bash
+# inside shell of VSCode DevContainer (with configured dokku git remote)
+dokku postgres:export dev-teaching-api > tdev-backup.dump
+pg_restore -h localhost --verbose --clean --no-owner --no-privileges -U postgres -d teaching_api < tdev-backup.dump
+# when ai-pr was once merged/deployed to the db, run `delete from _prisma_migrations where migration_name ilike '%_ai_%';`
+```
 
+## Speed Improvements
+If the API and the Database are running on the same server, you can improve the speed by disabling the tcp connection for the database. This can be done by setting the `DATABASE_URL` to `postgresql://teaching_website:teaching_website@localhost/teaching_website?sslmode=disable`.
 
 ## CMS
 

eslint.config.mjs

@@ -0,0 +1,54 @@
+import { defineConfig } from 'eslint/config';
+import prettier from 'eslint-plugin-prettier';
+import typescriptEslint from '@typescript-eslint/eslint-plugin';
+import globals from 'globals';
+import tsParser from '@typescript-eslint/parser';
+import path from 'node:path';
+import { fileURLToPath } from 'node:url';
+import js from '@eslint/js';
+import { FlatCompat } from '@eslint/eslintrc';
+
+const __filename = fileURLToPath(import.meta.url);
+const __dirname = path.dirname(__filename);
+const compat = new FlatCompat({
+    baseDirectory: __dirname,
+    recommendedConfig: js.configs.recommended,
+    allConfig: js.configs.all
+});
+
+export default defineConfig([
+    {
+        extends: compat.extends('prettier'),
+
+        plugins: {
+            prettier,
+            '@typescript-eslint': typescriptEslint
+        },
+
+        languageOptions: {
+            globals: {
+                ...globals.node
+            },
+
+            parser: tsParser,
+            ecmaVersion: 'latest',
+            sourceType: 'module'
+        },
+
+        rules: {
+            'prettier/prettier': [
+                'error',
+                {
+                    arrowParens: 'always',
+                    bracketSpacing: true,
+                    bracketSameLine: false,
+                    printWidth: 110,
+                    proseWrap: 'never',
+                    singleQuote: true,
+                    trailingComma: 'none',
+                    tabWidth: 4
+                }
+            ]
+        }
+    }
+]);

package.json

@@ -1,65 +1,66 @@
 {
   "name": "teaching-website-backend",
   "version": "1.0.0",
-  "main": "index.js",
+  "main": "server.js",
   "repository": "https://github.com/GBSL-Informatik/teaching-website-backend.git",
   "author": "GBSL Informatik",
-  "license": "CC-BY-SA",
+  "license": "MIT",
   "scripts": {
-    "build": "yarn run prisma generate && tsc --build ./tsconfig.build.json && (yarn sentry:sourcemaps || true)",
-    "start": "node -r dotenv/config ./dist/src/server.js",
-    "dev": "dotenv -- nodemon src/server.ts",
-    "dummy:run": "ts-node -r dotenv/config ./bin/dummy.ts",
+    "dev": "cross-env NODE_ENV=development nodemon -r tsconfig-paths/register --exec ts-node ./src/server.ts --files",
+    "build": "yarn run prisma generate && tsc --build ./tsconfig.build.json",
+    "start": "cross-env NODE_ENV=production node ./dist/src/server.js",
+    "lint": "eslint . --ignore-pattern node_modules --fix",
+    "format": "prettier --write ./**/*.{ts,json}",
+    "format:check": "prettier --check ./**/*.{ts,json}",
     "db:migrate": "yarn prisma migrate deploy",
     "db:migrate:dev": "yarn prisma migrate dev",
     "db:seed": "yarn prisma db seed",
     "db:reset": "dotenv -- ts-node prisma/reset.ts",
     "db:recreate": "yarn run db:reset && yarn run db:migrate && yarn run db:seed",
-    "format": "prettier --write .",
-    "format:check": "prettier --check .",
     "sentry:sourcemaps": "sentry-cli sourcemaps inject --org $SENTRY_ORG --project $SENTRY_PROJECT ./dist && sentry-cli sourcemaps upload --org $SENTRY_ORG --project $SENTRY_PROJECT ./dist"
   },
   "dependencies": {
-    "@prisma/adapter-pg": "^6.15.0",
-    "@prisma/client": "^6.15.0",
+    "@better-auth/sso": "^1.3.26",
+    "@prisma/adapter-pg": "^6.16.2",
+    "@prisma/client": "^6.16.2",
     "@sentry/cli": "^2.52.0",
     "@sentry/node": "^10.8.0",
-    "connect-pg-simple": "^9.0.1",
+    "better-auth": "^1.3.27",
     "cors": "^2.8.5",
+    "cross-env": "^10.0.0",
+    "dotenv": "^17.2.2",
     "es-toolkit": "^1.39.10",
-    "express": "^4.19.2",
-    "express-session": "^1.18.0",
+    "express": "^5.1.0",
     "global": "^4.4.0",
     "morgan": "^1.10.0",
-    "passport": "^0.7.0",
-    "passport-azure-ad": "^4.3.5",
     "socket.io": "^4.8.1",
     "winston": "^3.13.0"
   },
-  "prisma": {
-    "schema": "./prisma/schema.prisma",
-    "seed": "dotenv -- ts-node prisma/seed.ts",
-    "reset": "dotenv -- ts-node prisma/reset.ts"
-  },
   "devDependencies": {
     "@mermaid-js/mermaid-cli": "^10.9.1",
-    "@types/connect-pg-simple": "^7.0.3",
     "@types/cors": "^2.8.17",
-    "@types/express": "^4.17.21",
+    "@types/express": "^5.0.3",
     "@types/morgan": "^1.9.9",
     "@types/node": "^20.14.6",
-    "@types/passport-azure-ad": "^4.3.6",
+    "@typescript-eslint/eslint-plugin": "^8.44.1",
+    "@typescript-eslint/parser": "^8.44.1",
     "dotenv-cli": "^7.4.2",
-    "nodemon": "^3.1.3",
-    "prettier": "^3.3.2",
-    "prisma": "^6.15.0",
+    "eslint": "^9.36.0",
+    "eslint-config-prettier": "^10.1.8",
+    "eslint-plugin-prettier": "^5.5.4",
+    "nodemon": "^3.1.10",
+    "prettier": "^3.6.2",
+    "prisma": "^6.17.1",
     "prisma-dbml-generator": "^0.12.0",
     "prisma-docs-generator": "^0.8.0",
-    "prisma-erd-generator": "^2.0.4",
+    "prisma-erd-generator": "^2.1.0",
     "ts-node": "^10.9.2",
-    "typescript": "^5.5.4"
+    "tsc-alias": "^1.8.16",
+    "tsconfig-paths": "^4.2.0",
+    "typescript": "^5.9.2",
+    "typescript-transform-paths": "^3.5.5"
   },
   "engines": {
-    "node": "^22.11.0"
+    "node": "^22.15.0"
   }
-}
+}

prisma.config.ts

@@ -0,0 +1,14 @@
+import 'dotenv/config';
+import path from 'node:path';
+
+import type { PrismaConfig } from 'prisma';
+
+export default {
+    experimental: {
+        adapter: true
+    },
+    migrations: {
+        seed: 'dotenv -- ts-node prisma/seed.ts'
+    }
+    // now you can use process.env variables
+} satisfies PrismaConfig;

prisma/migrations/20251005091234_remove_express_sessions/migration.sql

@@ -0,0 +1,8 @@
+/*
+  Warnings:
+
+  - You are about to drop the `sessions` table. If the table is not empty, all the data it contains will be lost.
+
+*/
+-- DropTable
+DROP TABLE "public"."sessions";

prisma/migrations/20251005093734_migrate_to_better_auth/migration.sql

@@ -0,0 +1,101 @@
+/*
+  Warnings:
+
+  - The `role` column on the `users` table would be dropped and recreated. This will lead to data loss if there is data in the column.
+
+*/
+-- AlterTable
+ALTER TABLE "public"."users" 
+ADD COLUMN     "ban_expires" TIMESTAMP(3),
+ADD COLUMN     "ban_reason" TEXT,
+ADD COLUMN     "banned" BOOLEAN DEFAULT false,
+ADD COLUMN     "email_verified" BOOLEAN NOT NULL DEFAULT false,
+ADD COLUMN     "image" TEXT,
+ADD COLUMN     "name" TEXT NOT NULL DEFAULT '',
+ADD COLUMN "trole" TEXT NOT NULL DEFAULT 'student';
+
+UPDATE "public"."users" SET "trole" = 'admin' WHERE "role" = 'ADMIN';
+UPDATE "public"."users" SET "trole" = 'teacher' WHERE "role" = 'TEACHER';
+
+ALTER TABLE "public"."users"
+DROP COLUMN "role";
+
+ALTER TABLE "public"."users"
+ADD COLUMN     "role" TEXT NOT NULL DEFAULT 'student';
+
+UPDATE "public"."users" SET "role" = trole;
+UPDATE "public"."users" SET "name" = CONCAT(first_name, ' ', last_name) WHERE name = '';
+
+ALTER TABLE "public"."users"
+DROP COLUMN "trole";
+
+-- DropEnum
+DROP TYPE "public"."Role";
+
+-- CreateTable
+CREATE TABLE "public"."sessions" (
+    "id" UUID NOT NULL DEFAULT gen_random_uuid(),
+    "ip_address" TEXT,
+    "user_agent" TEXT,
+    "user_id" UUID NOT NULL,
+    "token" TEXT NOT NULL,
+    "expires_at" TIMESTAMP(3) NOT NULL,
+    "created_at" TIMESTAMP(3) NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updated_at" TIMESTAMP(3) NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "impersonated_by" UUID,
+
+    CONSTRAINT "sessions_pkey" PRIMARY KEY ("id")
+);
+
+-- CreateTable
+CREATE TABLE "public"."accounts" (
+    "id" UUID NOT NULL DEFAULT gen_random_uuid(),
+    "account_id" TEXT NOT NULL,
+    "provider_id" TEXT NOT NULL,
+    "user_id" UUID NOT NULL,
+    "access_token" TEXT,
+    "refresh_token" TEXT,
+    "id_token" TEXT,
+    "expires_at" TIMESTAMP(3),
+    "password" TEXT,
+    "access_token_expires_at" TIMESTAMP(3),
+    "refresh_token_expires_at" TIMESTAMP(3),
+    "scope" TEXT,
+    "created_at" TIMESTAMP(3) NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updated_at" TIMESTAMP(3) NOT NULL DEFAULT CURRENT_TIMESTAMP,
+
+    CONSTRAINT "accounts_pkey" PRIMARY KEY ("id")
+);
+
+-- CreateTable
+CREATE TABLE "public"."verifications" (
+    "id" UUID NOT NULL DEFAULT gen_random_uuid(),
+    "identifier" TEXT NOT NULL,
+    "value" TEXT NOT NULL,
+    "expires_at" TIMESTAMP(3) NOT NULL,
+    "created_at" TIMESTAMP(3) DEFAULT CURRENT_TIMESTAMP,
+    "updated_at" TIMESTAMP(3) DEFAULT CURRENT_TIMESTAMP,
+
+    CONSTRAINT "verifications_pkey" PRIMARY KEY ("id")
+);
+
+-- CreateIndex
+CREATE UNIQUE INDEX "sessions_token_key" ON "public"."sessions"("token");
+
+-- CreateIndex
+CREATE INDEX "sessions_user_id_idx" ON "public"."sessions"("user_id");
+
+-- CreateIndex
+CREATE INDEX "sessions_user_id_token_idx" ON "public"."sessions"("user_id", "token");
+
+-- CreateIndex
+CREATE INDEX "accounts_user_id_idx" ON "public"."accounts"("user_id");
+
+-- CreateIndex
+CREATE INDEX "verifications_identifier_idx" ON "public"."verifications"("identifier");
+
+-- AddForeignKey
+ALTER TABLE "public"."sessions" ADD CONSTRAINT "sessions_user_id_fkey" FOREIGN KEY ("user_id") REFERENCES "public"."users"("id") ON DELETE CASCADE ON UPDATE CASCADE;
+
+-- AddForeignKey
+ALTER TABLE "public"."accounts" ADD CONSTRAINT "accounts_user_id_fkey" FOREIGN KEY ("user_id") REFERENCES "public"."users"("id") ON DELETE CASCADE ON UPDATE CASCADE;