Feedback #1
Open
Feedback #1
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add codeql.yml for Github Actions. The code added is the template provided by GitHub.
## Pull Request Overview This PR sets up the admin/project information by updating the README.md file with the specific group number and team member names. It replaces the placeholder group identifier with the actual group assignment. - Updates group identifier from placeholder "Gxx" to "G09" - Adds complete team member list with 5 members
## Feature Submission: - Created CD workflow in Github Actions - Tested out deployment using a sample app to ensure that it works - Created Elastic Beanstalk Environment and added secrets into team's repository - Loaded MongoDB URI into Elastic Beanstalk Environment using AWS Secrets Store
Disabled cloud deployment workflow
## Implementation - [x] Add docker build to CI pipeline - [x] Publish docker image to GitHub Each micro service is built and published separately. - In branches other than `master`, only build will run. - In the `master` branch, both build and publish will run. ## Test - GitHub Actions for Docker Build when running at PR <img width="200" height="400" alt="image" src="https://github.com/user-attachments/assets/64e08088-f0c5-44a7-aa2a-438032c77377" /> <img width="300" height="204" alt="image" src="https://github.com/user-attachments/assets/936b2ad1-2892-4813-9678-1a37dca0f7a9" />
## Description Currently the CD pipeline throws an error when pushed into the `master` branch. <img width="1362" height="254" alt="image" src="https://github.com/user-attachments/assets/4d4fd560-4b8a-450a-936b-5cb37837b635" /> But since currently CD is not of focus, we will remove CD pipeline from GitHub Actions. Changes made has been saved in `cd.yml.disabled` and will be added back and fixed when required in future sprints.
## Description This PR adds [prettier dependencies](https://prettier.io/docs/install), recommendations for VSCode extension and autoformatting when using the VSCode to edit the code. ### Commands for Prettier Formatting To run formatting checks: ```bash npx prettier . --check ``` To format the code: ```bash npx prettier . --write ``` ## Follow-up Implementation - Add formatting checks to GitHub Actions - Configure and Integrate Prettier formatting with ESLint - Bulk format the repo
## Description This PR does a bulk format to all the `.tsx`, `.ts`, `.jsx`, `.js`, `.json`, `.yml` files in the repository. Added this as a separate PR as bulk changes are expected. ## Testing Running the following command in the root repository to produce the file changes make in this PR. ```bash npx prettier . --write ```` ## Follow-up Implementation Add GitHub Actions for Prettier Formatting Checks to ensure that all code in the repository are always formatted accordingly
## Description Currently, there are no formatting checks for the repo. To ensure the code consistency of the code in the repo, we will be introducing formatting checks in this PR. As part of the integration, we will be adding a script as follows: For formatting checks, we can run the command below. ```bash npm run format:check ``` For formatting the code, we can run the command below. ```bash npm run format:check ``` This ensure consistency with the checks run in GitHub Actions and the checks run manually. ## Things to Note This PR should only be merged after the following PR is merged: #16. _Update: Already merged._
## Description Fix all error-causing linting issues. Required by #21
Adapted from [PeerPrep User Service](https://github.com/CS3219-AY2526Sem1/PeerPrep-UserService) Features added: Checks password strength Sends a verification email a 6-digit OTP Verification of the 6-digit OTP
## Description Currently GitHub Actions only run formatting but not linting. We want to enable linting to ensure the code quality of the repository. ## Changes Made - Add prettier dependency to each microservices - so it is possible to run formatting without running `npm install` at root directory. - Add Linting Checks to Github Actions for each microservice in `format-lint.yml` ## To Note (for Developers) - Need to add a new job for each new microservice in ## Before Merging - Fix all lint issues in the repo (Merge #22 before merging this PR!) - _Update: Already merged!_ ## Test Any linting issues could be viewed in the `Files changed` tab. Example of a sample lint failure. <img width="614" height="350" alt="image" src="https://github.com/user-attachments/assets/a6d82339-3667-45a9-9ab4-aae63ef76eb2" />
## Description In this PR, we will setting up the pipeline to update MongoDB with a problem retrieved from the LeetCode GraphQL. ## Planned Implementation - [x] Connect to LeetCode GraphQL and retrieve the question details - [x] Connect to MongoDB using Fastify + Mongoose - [x] Enable upload of one LeetCode GraphQL question to MongoDB - [x] Add `question-backend-service` to Docker, Docker Compose and GitHub Build and Publish Action - [x] Add rate limiting mechanisms for the HTTP request Moving these into another PR for ease of review: #24 - Determining the data required from leetcode - Bulk seeding (for initial data collection and migration) - Cron actions - automated jobs for fetching the most updates questions ## Things to Note (For Developers or Testers) - Need to create a `.env` file based on the `.env.example` before running docker compose at the root or docker build for the question service. - Remember to add the different services to the docker build in the .github actions (Not relevant to this PR) ## Tests Below is the content of Mongo DB containing the first entry of LeetCode GraphQL question <img width="674" height="140" alt="image" src="https://github.com/user-attachments/assets/363b5673-7b9b-47b5-9935-d0e355289574" />
## Description This PR is a fix of another PR: #21. An error logging in with `REVIEWDOG_GITHUB_API_TOKEN` was found when creating a new PR. The error details are as shown below. <img width="1280" height="754" alt="image" src="https://github.com/user-attachments/assets/69483d59-3a66-4864-80cf-4edf3647d0f9" /> Previously, the correct CI pipeline snippet is shown below for reference. <img width="1280" height="808" alt="image" src="https://github.com/user-attachments/assets/24002697-1dbf-48f1-b426-31cfa9cb4128" /> ## Testing Tested original configuration in this PR with a sample test case - Work as intended. But regardless, to be consistent with [the review dog documentation](https://deepwiki.com/reviewdog/reviewdog/6.1-github-actions#authentication-and-environment-variables), I have changed the configuration of `REVIEWDOG_GITHUB_API_TOKEN` to use `GITHUB_TOKEN` for authentication. Below is a sample output provided by ReviewDog after implementation. <img width="1462" height="702" alt="image" src="https://github.com/user-attachments/assets/d75db1a3-67f2-4203-a15d-d22b935b9173" /> Tested on the affected PR #27 with the changes in this PR - The lint check works as intended. Below is a snippet of the lint checks summary after testing the changes on the other branch. <img width="1156" height="874" alt="image" src="https://github.com/user-attachments/assets/4a1ef316-f90d-4196-bf28-ef74689479d1" />
This pull request introduces several improvements and clarifications to the user backend service, focusing on authentication, API documentation, and project setup. The most significant changes are the addition of a comprehensive authentication controller, enhanced documentation with CSRF protection requirements, and updates to the project structure and environment configuration. **Authentication & Security Enhancements** * Added a new `auth-controller.js` implementing login, logout, JWT token verification, OTP generation/verification, and secure cookie handling for authentication. Unverified users now receive OTPs and temporary access until verification. * All POST, PUT, PATCH, and DELETE API endpoints now require a CSRF token, with clear instructions and examples added to the documentation. [[1]](diffhunk://#diff-7a98f5882ba830611bd3aa4bc7d28ac3f981d2a9404b0f656105ed6cd51507acR81-R106) [[2]](diffhunk://#diff-7a98f5882ba830611bd3aa4bc7d28ac3f981d2a9404b0f656105ed6cd51507acR149-R156) [[3]](diffhunk://#diff-7a98f5882ba830611bd3aa4bc7d28ac3f981d2a9404b0f656105ed6cd51507acR220-R224) [[4]](diffhunk://#diff-7a98f5882ba830611bd3aa4bc7d28ac3f981d2a9404b0f656105ed6cd51507acR268-L193) [[5]](diffhunk://#diff-7a98f5882ba830611bd3aa4bc7d28ac3f981d2a9404b0f656105ed6cd51507acR310-R314) [[6]](diffhunk://#diff-7a98f5882ba830611bd3aa4bc7d28ac3f981d2a9404b0f656105ed6cd51507acR337-R341) **Documentation & API Response Updates** * The README has been rewritten and renamed to provide a clearer overview of the service, setup steps, Docker usage, and project structure. API documentation now includes required headers, example requests, and updated response schemas (including `isVerified`, JWT tokens, and OTP flows). [[1]](diffhunk://#diff-7a98f5882ba830611bd3aa4bc7d28ac3f981d2a9404b0f656105ed6cd51507acL1-R70) [[2]](diffhunk://#diff-7a98f5882ba830611bd3aa4bc7d28ac3f981d2a9404b0f656105ed6cd51507acR140) [[3]](diffhunk://#diff-7a98f5882ba830611bd3aa4bc7d28ac3f981d2a9404b0f656105ed6cd51507acL94-R176) [[4]](diffhunk://#diff-7a98f5882ba830611bd3aa4bc7d28ac3f981d2a9404b0f656105ed6cd51507acR208) [[5]](diffhunk://#diff-7a98f5882ba830611bd3aa4bc7d28ac3f981d2a9404b0f656105ed6cd51507acR256) [[6]](diffhunk://#diff-7a98f5882ba830611bd3aa4bc7d28ac3f981d2a9404b0f656105ed6cd51507acL267-R364) **Project Setup & Configuration** * Added a Docker Compose file and an example `.env` file to simplify local and cloud deployment, including all necessary environment variables for database, JWT, and email integration. [[1]](diffhunk://#diff-4b3eecd31edff8c10d9a070c33b6447f18f9c6310d61f9bcc937644216caa02aR1-R10) [[2]](diffhunk://#diff-f6fd9b4e78c79a715eae741778a12b4e415fccc751b381e3bdd445b58d92bdb1R1-R17) **User Expiration Logic** * Unverified users now have an expiration date set upon creation (24 hours), improving security and data hygiene. [[1]](diffhunk://#diff-337339e95729622fe8e32f7b797e6eaa432876b539c5666f2c1aec23e083d44bR10) [[2]](diffhunk://#diff-337339e95729622fe8e32f7b797e6eaa432876b539c5666f2c1aec23e083d44bR46-R53) **Frontend Integration Guide** * Added instructions to the micro-frontend setup guide for accessing user authentication state via the shared `useAuth` hook, including API details and usage examples for UI services.
Documentation: - Fix some documentation errors in README.md for user-backend-service and MICRO_FRONTEND_SETUP.md. - Fix some comments in ui-shell/App.tsx. Bug fix: - Uncomment settings for backend services in docker-compose.yml - Fix bug where unverified users could access user authorized pages (i.e. /matching, /settings).
Matching Service API done with Spring Boot. Coded together with @ToxicOptimism. Current Features: - Can find match, get match, cancel match, timeout - Can save and load preferences Edge Cases Handed: - Double tabs - Duplicated microservices due to horizontal scaling Main Tech used: - Spring Boot - Docker - Redis
Integrates matching ui service with the matching backend service via api links.
Issues faced in #27 - useAuth could not be imported into respective ui services - trying to further ensure that import works with respective ui services will cause excessive coupling between user ui service and other ui services Fix: - Removed context folder from user-ui-service with the useAuth context stuff - Duplicate the UserService.ts in ui-shell - Other ui services that may require UserService will need to duplicate the UserService.ts in user-ui-service
Description --- This pull request primarily introduces a password reset feature to the user backend service. It also includes updates to authentication/session handling, several visual and logic bug fixes, and updates to the documentation. --- **Password Reset Functionality:** - Add new endpoints and controller logic for: - Request a password reset - Validating reset token - Reset password - Single-use tokens for resetting password are generated, stored as hashes, and should expire after 30 minutes. - Password reset should also invalidate all existing user sessions by updating `passwordChangeAt`. --- **Authentication and Session Handling:** Previously, the cookies settings are set at: - If `rememberMe` is disabled, cookies will last for 7 days or until browser is closed. - If `rememberMe` is enabled, cookies will last permanently until cleared from browser. However, the jwt token expiry was previously set at 1 day regardless. Fix: Update the expiry for jwt token. - If `rememberMe` is disabled, jwt token will last for 1 day, cookies will last for 1 day or until browser is closed. - If `rememberMe` is enabled, jwt token will last for 30 days, cookies will last permanently until cleared from browser. - If a token is issued before a password change, the token is invalidated. --- **Other changes:** - Updated `.env.example` to use OAuth credentials for email (instead of app passwords), and updated the README to guide developers through the new setup. - Add a dialog box to indicate to a user when they log out. - Bug fix: If a user is already logged in, automatically redirect to `/matching`. - Bug fix: Update user require any one of the three fields `username, email, password`. - Bug fix: Visual bugs in update profile.
## Description In this PR, we will work on refactoring and extending from another PR #9 which sets up the Question Service and basic function required to communicate between LeetCode GraphQL to MongoDB. ## Main Changes - [x] Refactor Question Service to Question and LeetCode Service for better maintainability and scalability. - [x] Enable batch transfer from LeetCode GraphQL to MongoDB `leetcode-service` database - [x] Automated POST to `question-service.questions` for every update in `leetcode-service.questions` - [x] Add GET status for status and random question for specified `categoryTitle` and `difficulty` - [x] Add Cron Job to run daily sync for questions form leetcode. ## Service Responsibilities ### LeetCode Service - Fetch questions from LeetCode GraphQL. - Insert into `leetcode-service.questions`. - Post added questions to question service ### Question Service - Insert document into `questions-service.questions`. - Endpoints to retrieve a specific question or aggregate status (difficulty/category). ## API End points ### LeetCode Service Base URL: [http://localhost:5285/api/leetcode/](http://localhost:5285/api/leetcode/) Batch update question: [http://localhost:5285/api/leetcode/seed-batch](http://localhost:5285/api/leetcode/seed-batch) ### Question Service Base URL: [http://localhost:5275/api/question](http://localhost:5275/api/questions/) Get Category and Difficulty: [http://localhost:5275/api/questions/exists?categoryTitle={categoryTitle}&difficulty={difficulty}](http://localhost:5275/api/questions/exists?categoryTitle={categoryTitle}&difficulty={difficulty}) Get Random Question: [http://localhost:5275/api/questions/random?categoryTitle={categoryTitle}&difficulty={difficulty}](http://localhost:5275/api/questions/random?categoryTitle={categoryTitle}&difficulty={difficulty}) Add question: [http://localhost:5275/api/questions/post-question](http://localhost:5275/api/question/post-question) ## Rationale Previously, the idea was to have a one-command bulk transfer of ALL leetcode questions into the question bank in MongoDB. But there is the issue of huge transfer load - since we need to transfer the details of all 3000+ leetcode question. As such, this PR focuses on the approach of batch updates (of 200 Question per transfer), where we have an index that we keep track of and use that to track updates of the update progress when done manually. The approach of batch transfers could reduce DB load, simplify retries, and allow incremental progress tracking. ## Further Extension / Edge Cases to be Considered - Seed Cursor registers edge cases: 1. Docs with sync issues to `leetcode-service` but are not captured / retired. Instead, they are being forgotten entirely. 2. Issue with sync from `leetcode-service` to `question-service` are not captured and will be forgotten. - Additional queue to register for bad question: - Expand test coverage. - Notifying for bad document during cron job ## Other Changes / Implementation - Added `dbLimiter` to limit the access to the DB - Add `logger.ts` for consistent logging for the services individually
Add handling of match acceptance for users upon match. Additional Changes: - Frontend Bugfixes - Frontend retrieves timeout configs from backend
### Description
We will be parsing information regarding the different combination of
category and difficulty into a single API call instead of the initial
iteration of a GET API for one combination of category and difficulty.
### Testing
1. Run question-service
2. Call `POST
http://localhost:5275/api/v1/question-service/exists-categories-difficulties`
with the request body
```json
{
"categories": {
"Algorithms": ["Easy", "Medium", "Hard"],
"CS": ["Easy"]
}
}
```
Response:
```json
{
"Algorithms": {
"Easy": true,
"Medium": true,
"Hard": true
},
"CS": {
"Easy": false
}
}
```
3. Call `POST http://localhost:5275/api/v1/question-service/random` with
the request body
```json
{
"categories": {
"Algorithms": ["Easy", "Medium", "Hard"],
"Database": ["Easy"]
}
}
```
Response:
```json
{
"_id": "68ebac53b63b10de074be992",
"globalSlug": "leetcode:rearrange-products-table",
"__v": 0,
"categoryTitle": "Database",
"codeSnippets": [
{
"lang": "MySQL",
"langSlug": "mysql",
"code": "# Write your MySQL query statement below\n"
},
],
"content": "<p>Table: <code>Products</code></p>\n....",
"createdAt": "2025-10-12T13:25:40.139Z",
"difficulty": "Easy",
"exampleTestcases": "{\"headers\":{\"Products\":[\"product_id\",\"store1\",\"store2\",\"store3\"]},\"rows\":{\"Products\":[[0, 95, 100, 105], [1, 70, null, 80]]}}",
"hints": [],
"source": "leetcode",
"timeLimit": 30,
"title": "Rearrange Products Table",
"titleSlug": "rearrange-products-table",
"updatedAt": "2025-10-12T13:25:40.139Z"
}
```
### Note
_Using a POST API as it is typically against the HTTP specification to
have request body for GET since GET requests are meant to be
idempotent._
During matching, the preferences of users overlaps. This overlapping may bring upon preferences in which questions will not exist for them to attempt. This PR aims to fix that by changing the data structure of user preferences and removing min and max time for question preference.
Add parity check when updating or creating new user preference
Improve overall user experience by adding loading screens, fix UI bugs, and adding dialogs.
- refactored collab service files - added testcases using vitest - set up horizontal scaling using redis adapter by creating another container - integrated yjs redis to allow concurrent code editing on the code editor - refactored collab editor into helper files - added remote cursor manager extension
- fixed issue of having a new cursor pop up everytime u refresh ..
- remove initial sync to prevent code rerendering
Fixes the UI of the dialog that shows the answer and hides the show answer button when no answer is provided for the question.
- Graceful shutdown: collab backend traps SIGTERM/SIGINT, waits for Socket.IO/HTTP/Mongo to close, and Docker gives each replica 60 s to drain before SIGKILL. - Socket resiliency: introduced a socket manager that juggles ws1/ws2, rotates on disconnect/connect errors, and replays joinRoom so Yjs sessions survive when one container goes down. - HTTP failover: added collabApiFetch with the same target resolution/retry logic and moved all collab UI fetches (session hydration, disconnect, timer) onto it so REST calls keep working during replica failures.
Description --- This pull request adds a fallback option for chat service to store user state management in the local instance if in the event redis adapter cannot be initialised. The fallback solution does not support horizontal scaling since it functions in the event redis adapter fails to initialise, but allows us to demo the feature's functionality at least when a single instance is running. This pull request also includes a minor fix in user service.
- consolidated repeated attempts under the same question - prevent duplication of question entry
This pull request primarily ensures that chat service is able to graceful shutdown. This includes ensuring the HTTP server, Socket.IO server, any Redis connections are closed and all data are cleared when the service is shutdown.
## Description This PR sets up terraform.
Leetcode linting failure was previously caused by the use of `tsconfig.base.json`, which is not supported in ESLint. As such, this PR renames `tsconfig.base.json` to `tsconfig.json`, keeping `tsconfig.build.json` and `tsconfig.test.json` for its separate functionality.
This pull request primarily adds a README for chat service and updates the README for user service. --------- Co-authored-by: Copilot <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
👋! GitHub Classroom created this pull request as a place for your teacher to leave feedback on your work. It will update automatically. Don’t close or merge this pull request, unless you’re instructed to do so by your teacher.
In this pull request, your teacher can leave comments and feedback on your code. Click the Subscribe button to be notified if that happens.
Click the Files changed or Commits tab to see all of the changes pushed to the default branch since the assignment started. Your teacher can see this too.
Notes for teachers
Use this PR to leave feedback. Here are some tips:
For more information about this pull request, read “Leaving assignment feedback in GitHub”.
Subscribed: @wzhua02 @xGladiate @jiahui0309 @Ryuse @ToxicOptimism