feat(authorization): enable two roles: user and admin

ngyngcphu · Sep 29, 2023 · e571a5b · e571a5b
1 parent e5b09b5
commit e571a5b
Show file tree

Hide file tree

Showing 18 changed files with 173 additions and 212 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -2,12 +2,11 @@ name: CI
 
 on:
   pull_request:
-    branches: ["master"]
+    branches: ["main"]
     # See docs at https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#example-excluding-paths
     paths-ignore:
       - '.husky/**'
       - '**.md'
-      - 'package.json'
 
 jobs:
   test:

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -12,9 +12,9 @@ env:
   # Use docker.io for Docker Hub if empty
   REGISTRY: ghcr.io
   # Image name MUST have a pattern like <org_name_lowercase>/<repo_name_lowercase>
-  IMAGE_NAME: phucvinh57/fastify-template
+  IMAGE_NAME: ngyngcphu/tick3D-be
   # username login to ghcr MUST be organization or personal name in lower case
-  CD_USERNAME: phucvinh57
+  CD_USERNAME: ngyngcphu
 
 name: Release and deploy
 
@@ -31,74 +31,74 @@ jobs:
           release-type: node
           pull-request-header: "Bot (:robot:) requested to create a new release on ${{ github.ref_name }}"
 
-  ## Use if need to build package
-  # build:
-  #   name: Build
-  #   needs: [release]
-  #   runs-on: ubuntu-latest
+  # Use if need to build package
+  build:
+    name: Build
+    needs: [release]
+    runs-on: ubuntu-latest
   #   if: ${{ needs.release.outputs.build == 'true' }}
-  #   steps:
-  #     - uses: actions/checkout@v3
-  #       name: Checkout repository
-
-  #     - name: Set up QEMU
-  #       uses: docker/setup-qemu-action@v2
+    steps:
+      - uses: actions/checkout@v3
+        name: Checkout repository
+        
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v2
 
-  #     - name: Setup Docker buildx
-  #       uses: docker/setup-buildx-action@v2
-  #       with:
-  #         version: v0.9.1
+      - name: Setup Docker buildx
+        uses: docker/setup-buildx-action@v2
+        with:
+          version: v0.9.1
 
-  #     - name: Log into registry ${{ env.REGISTRY }}
-  #       uses: docker/login-action@v2
-  #       with:
-  #         registry: ${{ env.REGISTRY }}
-  #         username: ${{ env.CD_USERNAME }}
-  #         password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Log into registry ${{ env.REGISTRY }}
+        uses: docker/login-action@v2
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ env.CD_USERNAME }}
+          password: ${{ secrets.GITHUB_TOKEN }}
 
-  #     - name: Build and push
-  #       uses: docker/build-push-action@v3
-  #       with:
-  #         context: .
-  #         push: true
-  #         tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ needs.release.outputs.tag_name }}
+      - name: Build and push
+        uses: docker/build-push-action@v3
+        with:
+          context: .
+          push: true
+          tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ needs.release.outputs.tag_name }}, ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest
 
-  ## Use if need to deploy on a server
-  # deploy:
-  #   name: Deploy
-  #   runs-on: ubuntu-latest
-  #   needs: [build]
-  #   env:
-  #     POSTGRES_URL: postgresql://${{ secrets.POSTGRES_USER }}:${{ secrets.POSTGRES_PASSWORD }}@postgres:5432/${{ secrets.POSTGRES_DB }}?schema=public
-  #   steps:
-  #     - name: Deploy
-  #       uses: appleboy/ssh-action@master
-  #       with:
-  #         host: ${{ secrets.VPS_HOST }}
-  #         port: ${{ secrets.VPS_PORT }}
-  #         username: ${{ secrets.VPS_USERNAME }}
-  #         password: ${{ secrets.VPS_PASSWORD }}
+  # Use if need to deploy on a server
+  deploy:
+    name: Deploy
+    runs-on: ubuntu-latest
+    needs: [build]
+    env:
+      POSTGRES_URL: postgresql://${{ secrets.POSTGRES_USER }}:${{ secrets.POSTGRES_PASSWORD }}@postgres:5432/${{ secrets.POSTGRES_DB }}?schema=public
+    steps:
+      - name: Deploy
+        uses: appleboy/ssh-action@master
+        with:
+          host: ${{ secrets.VPS_HOST }}
+          port: ${{ secrets.VPS_PORT }}
+          username: ${{ secrets.VPS_USERNAME }}
+          password: ${{ secrets.VPS_PASSWORD }}
 
-  #         # TODO: Remove docker volumes in Dev stage only
-  #         script: |
-  #           export CR_PAT=${{ secrets.GITHUB_TOKEN }}
-  #           echo $CR_PAT | docker login ${{ env.REGISTRY }} -u ${{ env.CD_USERNAME }} --password-stdin
-  #           docker pull ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.IMAGE_TAG }}
+          # TODO: Remove docker volumes in Dev stage only
+          script: |
+            export CR_PAT=${{ secrets.GITHUB_TOKEN }}
+            echo $CR_PAT | docker login ${{ env.REGISTRY }} -u ${{ env.CD_USERNAME }} --password-stdin
+            docker pull ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest
             
-  #           cd $HOME/thesis-222
-  #           rm -f .env
-  #           echo POSTGRES_USER=${{ secrets.POSTGRES_USER }} >> .env
-  #           echo POSTGRES_PASSWORD=${{ secrets.POSTGRES_PASSWORD }} >> .env
-  #           echo POSTGRES_DB=${{ secrets.POSTGRES_DB }} >> .env
-  #           echo POSTGRES_URL=${{ env.POSTGRES_URL }} >> .env
-  #           echo COOKIE_SECRET=${{ secrets.COOKIE_SECRET }} >> .env
-  #           echo JWT_SECRET=${{ secrets.JWT_SECRET }} >> .env
-  #           echo CORS_WHITE_LIST=${{ vars.CORS_WHITE_LIST }} >> .env
+            cd tick3D-be
+            rm -f .env
+            echo POSTGRES_USER=${{ secrets.POSTGRES_USER }} >> .env
+            echo POSTGRES_PASSWORD=${{ secrets.POSTGRES_PASSWORD }} >> .env
+            echo POSTGRES_DB=${{ secrets.POSTGRES_DB }} >> .env
+            echo POSTGRES_URL=${{ env.POSTGRES_URL }} >> .env
+            echo COOKIE_SECRET=${{ secrets.COOKIE_SECRET }} >> .env
+            echo JWT_SECRET=${{ secrets.JWT_SECRET }} >> .env
+            echo CORS_WHITE_LIST=${{ vars.CORS_WHITE_LIST }} >> .env
             
-  #           # curl https://raw.githubusercontent.com/phucvinh57/fastify-template/master/docker-compose.yml -o docker-compose.yml
-  #           docker-compose stop fastify
-  #           docker-compose rm -f fastify
-  #           docker-compose up -d fastify
+            curl https://raw.githubusercontent.com/ngyngcphu/tick3D-be/main/docker-compose.yml -o docker-compose.yml
+            docker-compose stop tick3D-be
+            docker-compose rm -f tick3D-be
+            docker-compose up -d tick3D-be
             
-  #           docker logout ${{ env.REGISTRY }}
+            docker logout ${{ env.REGISTRY }}
             
diff --git a/CHANGELOG.md b/CHANGELOG.md
diff --git a/docker-compose.dev.yml b/docker-compose.dev.yml
@@ -1,18 +1,18 @@
 version: "3.5"
 services:
-  postgres:
+  postgres_tick3D:
     image: postgres:15
-    container_name: postgres
+    container_name: postgres_tick3D
     environment:
       POSTGRES_USER: ${POSTGRES_USER}
       POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
       POSTGRES_DB: ${POSTGRES_DB}
     ports:
-      - 5432:5432
+      - 5433:5432
     volumes:
-      - postgres_db:/var/lib/postgresql/data
+      - postgres_db_tick3D:/var/lib/postgresql/data
     restart: always
 
 volumes:
-  postgres_db:
+  postgres_db_tick3D:
 
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -1,29 +1,29 @@
 version: "3.5"
 services:
-  postgres:
+  postgres_tick3D:
     image: postgres:15
-    container_name: postgres
+    container_name: postgres_tick3D
     environment:
       POSTGRES_USER: ${POSTGRES_USER}
       POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
       POSTGRES_DB: ${POSTGRES_DB}
     volumes:
-      - postgres_db:/var/lib/postgresql/data
+      - postgres_db_tick3D:/var/lib/postgresql/data
     restart: always
 
-  fastify:
+  tick3D-be:
     build:
       context: .
       dockerfile: ./Dockerfile
-    image: ghcr.io/phucvinh57/fastify-template:0.1.0
-    container_name: fastify_template
+    image: ghcr.io/ngyngcphu/tick3D-be:latest
+    container_name: tick3D-be
     ports:
-      - 8080:8080
+      - 8081:8080
     volumes:
       - .env:/app/.env
     depends_on:
-      - postgres
+      - postgres_tick3D
     restart: always
 
 volumes:
-  postgres_db:
+  postgres_db_tick3D:
diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
-  "name": "fastify-template",
-  "version": "1.6.1",
+  "name": "tick3d-be",
+  "version": "",
   "license": "ISC",
   "description": "",
   "type": "commonjs",
@@ -19,8 +19,8 @@
     "format": "prettier '**/*.{ts,js,json}' --write",
     "prepare": "is-ci || husky install",
     "bootstrap": "yarn start:docker && yarn && yarn db:migrate && npx prisma db seed",
-    "start:docker": "docker-compose -f docker-compose.dev.yml up -d",
-    "clean:docker": "docker-compose -f docker-compose.dev.yml down --volumes --remove-orphans",
+    "start:docker": "docker compose -f docker-compose.dev.yml up -d",
+    "clean:docker": "docker compose -f docker-compose.dev.yml down --volumes --remove-orphans",
     "clean:git": "git branch --merged >/tmp/merged-branches && nano /tmp/merged-branches && xargs git branch -D </tmp/merged-branches && git fetch --prune --all"
   },
   "dependencies": {

diff --git a/...rations/20230503014433_init/migration.sql → ...rations/20230929051435_init/migration.sql b/...rations/20230503014433_init/migration.sql → ...rations/20230929051435_init/migration.sql
@@ -1,8 +1,12 @@
+-- CreateEnum
+CREATE TYPE "UserRole" AS ENUM ('USER', 'ADMIN');
+
 -- CreateTable
 CREATE TABLE "User" (
     "id" TEXT NOT NULL,
     "email" VARCHAR(50) NOT NULL,
     "password" TEXT NOT NULL,
+    "role" "UserRole" NOT NULL DEFAULT 'USER',
 
     CONSTRAINT "User_pkey" PRIMARY KEY ("id")
 );

diff --git a/prisma/schema.prisma b/prisma/schema.prisma
@@ -15,4 +15,10 @@ model User {
   id       String @id @default(cuid())
   email    String @unique @db.VarChar(50)
   password String
+  role     UserRole   @default(USER)
+}
+
+enum UserRole {
+  USER
+  ADMIN
 }