Merge branch 'develop' into hp/feat/add-pricing-page

.github/CODEOWNERS

@@ -1,5 +1,5 @@
 # https://help.github.com/en/github/creating-cloning-and-archiving-repositories/about-code-owners
 
 apps/web @kriptonian1
-apps/workspace @kriptonian1
+apps/platform @kriptonian1
 apps/api @rajdip-b

apps/api/src/auth/auth.e2e.spec.ts

@@ -8,14 +8,12 @@ import { AuthModule } from './auth.module'
 import { MAIL_SERVICE } from '../mail/services/interface.service'
 import { MockMailService } from '../mail/services/mock.service'
 import { AppModule } from '../app/app.module'
-import { Otp } from '@prisma/client'
-import cleanUp from '../common/cleanup'
+import { AuthService } from './service/auth.service'
 
 describe('Auth Controller Tests', () => {
   let app: NestFastifyApplication
   let prisma: PrismaService
-
-  let otp: Otp
+  let authService: AuthService
 
   beforeAll(async () => {
     const moduleRef = await Test.createTestingModule({
@@ -29,11 +27,14 @@ describe('Auth Controller Tests', () => {
       new FastifyAdapter()
     )
     prisma = moduleRef.get(PrismaService)
+    authService = moduleRef.get(AuthService)
 
     await app.init()
     await app.getHttpAdapter().getInstance().ready()
+  })
 
-    await cleanUp(prisma)
+  afterEach(async () => {
+    await prisma.user.deleteMany()
   })
 
   it('should be defined', async () => {
@@ -71,7 +72,9 @@ describe('Auth Controller Tests', () => {
   })
 
   it('should have generated an otp', async () => {
-    otp = await prisma.otp.findFirst({
+    await authService.sendOtp('johndoe@keyshade.xyz')
+
+    const otp = await prisma.otp.findFirst({
       where: {
         user: {
           email: 'johndoe@keyshade.xyz'
@@ -86,6 +89,15 @@ describe('Auth Controller Tests', () => {
   })
 
   it('should upsert otp if regenerated', async () => {
+    await authService.sendOtp('johndoe@keyshade.xyz')
+    const otp = await prisma.otp.findFirst({
+      where: {
+        user: {
+          email: 'johndoe@keyshade.xyz'
+        }
+      }
+    })
+
     await app.inject({
       method: 'POST',
       url: '/auth/send-otp/johndoe@keyshade.xyz'
@@ -104,8 +116,6 @@ describe('Auth Controller Tests', () => {
     expect(regenerated.expiresAt).toBeDefined()
     expect(regenerated.code.length).toBe(6)
     expect(regenerated.code).not.toBe(otp.code)
-
-    otp = regenerated
   })
 
   it('should not be able to validate otp with invalid email', async () => {
@@ -118,15 +128,13 @@ describe('Auth Controller Tests', () => {
   })
 
   it('should not be able to validate otp with invalid otp', async () => {
+    await authService.sendOtp('johndoe@keyshade.xyz')
+
     const response = await app.inject({
       method: 'POST',
       url: '/auth/validate-otp?email=johndoe@keyshade.xyz&otp=123456'
     })
 
     expect(response.statusCode).toBe(401)
   })
-
-  afterAll(async () => {
-    await cleanUp(prisma)
-  })
 })

apps/api/src/auth/guard/auth/auth.guard.ts

@@ -12,6 +12,7 @@ import { PrismaService } from '../../../prisma/prisma.service'
 import { ONBOARDING_BYPASSED } from '../../../decorators/bypass-onboarding.decorator'
 import { AuthenticatedUserContext } from '../../auth.types'
 import { toSHA256 } from '../../../common/to-sha256'
+import { EnvSchema } from '../../../common/env/env.schema'
 
 const X_E2E_USER_EMAIL = 'x-e2e-user-email'
 const X_KEYSHADE_TOKEN = 'x-keyshade-token'
@@ -41,17 +42,23 @@ export class AuthGuard implements CanActivate {
     let user: AuthenticatedUserContext | null = null
     const request = context.switchToHttp().getRequest()
     const authType = this.getAuthType(request)
+    const parsedEnv = EnvSchema.safeParse(process.env)
+    let nodeEnv
 
-    //@ts-expect-error process.env.NODE_ENV parses to 'dev'
-    if (process.env.NODE_ENV !== 'e2e' && authType === 'NONE') {
+    if (!parsedEnv.success) {
+      nodeEnv = 'dev' // Default to a valid value or handle appropriately
+    } else {
+      nodeEnv = parsedEnv.data.NODE_ENV
+    }
+
+    if (nodeEnv !== 'e2e' && authType === 'NONE') {
       throw new ForbiddenException('No authentication provided')
     }
 
     // In case the environment is e2e, we want to authenticate the user using the email
     // else we want to authenticate the user using the JWT token.
 
-    // @ts-expect-error process.env.NODE_ENV parses to 'dev'
-    if (authType !== 'API_KEY' && process.env.NODE_ENV === 'e2e') {
+    if (authType !== 'API_KEY' && nodeEnv === 'e2e') {
       const email = request.headers[X_E2E_USER_EMAIL]
       if (!email) {
         throw new ForbiddenException()

apps/api/src/common/env/env.schema.ts

@@ -28,7 +28,7 @@ const e2eEnvSchema = z.object({
 const generalSchema = z.object({
   NODE_ENV: z.literal('dev'),
   DATABASE_URL: z.string(),
-  ADMIN_EMAIL: z.string(),
+  ADMIN_EMAIL: z.string().email(),
 
   REDIS_URL: z.string(),
   REDIS_PASSWORD: z.string().optional(),
@@ -56,10 +56,13 @@ const generalSchema = z.object({
 
   SMTP_HOST: z.string(),
   SMTP_PORT: z.string(),
-  SMTP_EMAIL_ADDRESS: z.string(),
+  SMTP_EMAIL_ADDRESS: z.string().email(),
   SMTP_PASSWORD: z.string(),
-  // TODO: add regex check for FORM_EMAIL value as represented in .env.example (your-name <your-name@email.com>)
-  FROM_EMAIL: z.string(),
+  FROM_EMAIL: z
+    .string()
+    .regex(
+      /^[a-zA-Z0-9._%+-]+(?: [a-zA-Z0-9._%+-]+)* <[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}>$/
+    ),
 
   JWT_SECRET: z.string(),
 
@@ -75,7 +78,7 @@ const generalSchema = z.object({
   MINIO_BUCKET_NAME: z.string().optional(),
   MINIO_USE_SSL: z.string().optional(),
 
-  FEEDBACK_FORWARD_EMAIL: z.string()
+  FEEDBACK_FORWARD_EMAIL: z.string().email()
 })
 
 export type EnvSchemaType = z.infer<typeof generalSchema>