good?

backend/Dockerfile.server

@@ -18,4 +18,4 @@ COPY --from=builder /app/bin/sac /sac
 
 EXPOSE 8080
 
-ENTRYPOINT [ "/sac" ]
+ENTRYPOINT [ "/sac" ]

backend/config/app.go

@@ -1,19 +1,7 @@
 package config
 
-import "fmt"
-
 type ApplicationSettings struct {
-	Port    uint16 `env:"PORT"`
-	Host    string `env:"HOST"`
-	BaseUrl string `env:"BASE_URL"`
-}
-
-func (s *ApplicationSettings) ApplicationURL() string {
-	var host string
-	if s.Host == "127.0.0.1" {
-		host = "localhost"
-	} else {
-		host = s.Host
-	}
-	return fmt.Sprintf("http://%s:%d", host, s.Port)
+	Port      uint16 `env:"PORT"`
+	Host      string `env:"HOST"`
+	PublicURL string `env:"PUBLIC_URL"`
 }

backend/config/config.go

@@ -8,8 +8,10 @@ import (
 )
 
 func GetConfiguration(path string) (*Settings, error) {
-	if err := godotenv.Load(path); err != nil {
-		return nil, fmt.Errorf("failed to load environment variables: %s", err.Error())
+	if path != "" {
+		if err := godotenv.Load(path); err != nil {
+			return nil, fmt.Errorf("failed to load environment variables: %s", err.Error())
+		}
 	}
 
 	intSettings, err := env.ParseAs[intermediateSettings]()

backend/config/oauth_microsoft.go

@@ -6,23 +6,51 @@ const (
 	tenantID string = "a8eec281-aaa3-4dae-ac9b-9a398b9215e7"
 )
 
-type MicrosoftOAuthSettings struct {
+type MicrosoftWebOAuthSettings struct {
 	Key    *m.Secret[string]
 	Secret *m.Secret[string]
 	Tenant string
 }
 
-type intermediateMicrosoftOAuthSetting struct {
+type MicrosoftMobileOAuthSettings struct {
+	Key    *m.Secret[string]
+	Tenant string
+}
+
+type intermediateMicrosoftWebOAuthSettings struct {
+	Key    string `env:"KEY"`
+	Secret string `env:"SECRET"`
+}
+
+func (i *intermediateMicrosoftWebOAuthSettings) into() (*MicrosoftWebOAuthSettings, error) {
+	secretKey, err := m.NewSecret(i.Key)
+	if err != nil {
+		return nil, err
+	}
+
+	secretSecret, err := m.NewSecret(i.Secret)
+	if err != nil {
+		return nil, err
+	}
+
+	return &MicrosoftWebOAuthSettings{
+		Key:    secretKey,
+		Secret: secretSecret,
+		Tenant: tenantID,
+	}, nil
+}
+
+type intermediateMicrosoftMobileOAuthSettings struct {
 	Key string `env:"KEY"`
 }
 
-func (i *intermediateMicrosoftOAuthSetting) into() (*MicrosoftOAuthSettings, error) {
+func (i *intermediateMicrosoftMobileOAuthSettings) into() (*MicrosoftMobileOAuthSettings, error) {
 	secretKey, err := m.NewSecret(i.Key)
 	if err != nil {
 		return nil, err
 	}
 
-	return &MicrosoftOAuthSettings{
+	return &MicrosoftMobileOAuthSettings{
 		Key:    secretKey,
 		Tenant: tenantID,
 	}, nil

backend/config/settings.go

@@ -12,11 +12,12 @@ type Settings struct {
 }
 
 type Integrations struct {
-	Google   GoogleOAuthSettings
-	Microsft MicrosoftOAuthSettings
-	AWS      AWSSettings
-	Resend   ResendSettings
-	Search   SearchSettings
+	Google          GoogleOAuthSettings
+	MicrosoftWeb    MicrosoftWebOAuthSettings
+	MicrosoftMobile MicrosoftMobileOAuthSettings
+	AWS             AWSSettings
+	Resend          ResendSettings
+	Search          SearchSettings
 }
 
 type intermediateSettings struct {
@@ -86,7 +87,12 @@ func (i *intermediateSettings) into() (*Settings, error) {
 		return nil, err
 	}
 
-	microsoft, err := i.Microsft.into()
+	microsoftWeb, err := i.MicrosoftWeb.into()
+	if err != nil {
+		return nil, err
+	}
+
+	microsoftMobile, err := i.MicrosoftMobile.into()
 	if err != nil {
 		return nil, err
 	}
@@ -105,11 +111,12 @@ func (i *intermediateSettings) into() (*Settings, error) {
 		SuperUser:    *superUser,
 		Calendar:     *calendar,
 		Integrations: Integrations{
-			Google:   *google,
-			Microsft: *microsoft,
-			AWS:      *aws,
-			Resend:   *resend,
-			Search:   *search,
+			Google:          *google,
+			MicrosoftWeb:    *microsoftWeb,
+			MicrosoftMobile: *microsoftMobile,
+			AWS:             *aws,
+			Resend:          *resend,
+			Search:          i.Search,
 		},
 	}, nil
 }

backend/entities/auth/base/handlers.go

@@ -7,6 +7,7 @@ import (
 
 	"github.com/GenerateNU/sac/backend/integrations/oauth/soth"
 	"github.com/GenerateNU/sac/backend/integrations/oauth/soth/sothic"
+	"github.com/GenerateNU/sac/backend/utilities"
 
 	"github.com/gofiber/fiber/v2"
 	"gorm.io/gorm"
@@ -20,12 +21,20 @@ type Service interface {
 }
 
 type Handler struct {
-	db           *gorm.DB
-	authProvider soth.Provider
+	db                 *gorm.DB
+	webAuthProvider    soth.Provider
+	mobileAuthProvider soth.Provider
 }
 
 func (h *Handler) Login(c *fiber.Ctx) error {
-	sothic.SetProvider(c, h.authProvider.Name())
+	switch utilities.GetPlatform(c) {
+	case utilities.PlatformWeb:
+		sothic.SetProvider(c, h.webAuthProvider.Name())
+	case utilities.PlatformMobile:
+		sothic.SetProvider(c, h.mobileAuthProvider.Name())
+		sothic.SetProvider(c, h.mobileAuthProvider.Name())
+	}
+
 	if gfUser, err := sothic.CompleteUserAuth(c); err == nil {
 		user, err := FindOrCreateUser(context.TODO(), h.db, gfUser)
 		if err != nil {
@@ -89,7 +98,7 @@ func (h *Handler) ProviderCallback(c *fiber.Ctx) error {
 		return err
 	}
 
-	return c.SendStatus(http.StatusOK)
+	return c.Status(http.StatusOK).JSON(user)
 }
 
 func (h *Handler) ProviderLogout(c *fiber.Ctx) error {

backend/entities/auth/base/routes.go

@@ -9,29 +9,31 @@ import (
 )
 
 type Params struct {
-	authProvider   soth.Provider
-	providers      []soth.Provider
-	applicationURL string
-	router         fiber.Router
-	db             *gorm.DB
+	webAuthProvider    soth.Provider
+	mobileAuthProvider soth.Provider
+	providers          []soth.Provider
+	applicationURL     string
+	router             fiber.Router
+	db                 *gorm.DB
 }
 
-func NewParams(authProvider soth.Provider, applicationURL string, router fiber.Router, db *gorm.DB, emailer email.Emailer, validate *validator.Validate, providers ...soth.Provider) Params {
+func NewParams(webAuthProvider soth.Provider, mobileAuthProvider soth.Provider, applicationURL string, router fiber.Router, db *gorm.DB, emailer email.Emailer, validate *validator.Validate, providers ...soth.Provider) Params {
 	return Params{
-		authProvider:   authProvider,
-		providers:      providers,
-		applicationURL: applicationURL,
-		router:         router,
-		db:             db,
+		webAuthProvider:    webAuthProvider,
+		mobileAuthProvider: mobileAuthProvider,
+		providers:          providers,
+		applicationURL:     applicationURL,
+		router:             router,
+		db:                 db,
 	}
 }
 
 func Auth(params Params) {
 	soth.UseProviders(
-		append(params.providers, params.authProvider)...,
+		append(params.providers, params.webAuthProvider, params.mobileAuthProvider)...,
 	)
 
-	handler := Handler{db: params.db, authProvider: params.authProvider}
+	handler := Handler{db: params.db, webAuthProvider: params.webAuthProvider, mobileAuthProvider: params.mobileAuthProvider}
 
 	params.router.Route("/auth", func(r fiber.Router) {
 		r.Get("/login", handler.Login)

backend/entities/auth/base/transactions.go

@@ -13,9 +13,11 @@ func FindOrCreateUser(ctx context.Context, db *gorm.DB, user soth.User) (*models
 	var sacUser models.User
 	if err := db.WithContext(ctx).Where("email = ?", user.Email).First(&sacUser).Error; err != nil {
 		if errors.Is(err, gorm.ErrRecordNotFound) {
-			if err := createUser(ctx, db, user.Into()); err != nil {
+			user, err := createUser(ctx, db, *user.Into())
+			if err != nil {
 				return nil, err
 			}
+			return user, nil
 		} else {
 			return nil, err
 		}
@@ -24,24 +26,24 @@ func FindOrCreateUser(ctx context.Context, db *gorm.DB, user soth.User) (*models
 	return &sacUser, nil
 }
 
-func createUser(ctx context.Context, db *gorm.DB, user *models.User) error {
+func createUser(ctx context.Context, db *gorm.DB, user models.User) (*models.User, error) {
 	tx := db.WithContext(ctx).Begin()
 	defer func() {
 		if r := recover(); r != nil {
 			tx.Rollback()
 		}
 	}()
 
-	if err := tx.Create(user).Error; err != nil {
+	if err := tx.Create(&user).Error; err != nil {
 		tx.Rollback()
-		return err
+		return nil, err
 	}
 
 	welcomeTask := models.WelcomeTask{Name: user.Name, Email: user.Email}
 	if err := tx.Create(&welcomeTask).Error; err != nil {
 		tx.Rollback()
-		return err
+		return nil, err
 	}
 
-	return tx.Commit().Error
+	return &user, tx.Commit().Error
 }

backend/entities/clubs/followers/routes.go

@@ -1,8 +1,6 @@
 package followers
 
 import (
-	authMiddleware "github.com/GenerateNU/sac/backend/middleware/auth"
-
 	"github.com/GenerateNU/sac/backend/types"
 )
 
@@ -15,12 +13,12 @@ func ClubFollower(clubParams types.RouteParams) {
 	clubFollowers.Get("/", clubParams.UtilityMiddleware.Paginator, clubFollowerController.GetClubFollowers)
 	clubFollowers.Post(
 		"/:userID",
-		authMiddleware.AttachExtractor(clubParams.AuthMiddleware.ClubAuthorizeById, authMiddleware.ExtractFromParams("clubID")),
+		clubParams.AuthMiddleware.UserAuthorizeById,
 		clubFollowerController.CreateClubFollowing,
 	)
 	clubFollowers.Delete(
 		"/:userID",
-		authMiddleware.AttachExtractor(clubParams.AuthMiddleware.ClubAuthorizeById, authMiddleware.ExtractFromParams("clubID")),
+		clubParams.AuthMiddleware.UserAuthorizeById,
 		clubFollowerController.DeleteClubFollowing,
 	)
 }

backend/entities/events/rsvps/routes.go

@@ -10,7 +10,7 @@ func EventsRSVPs(params types.RouteParams) {
 	controller := NewController(NewHandler(params.ServiceParams))
 
 	// api/v1/events/:eventID/rsvps/*
-	params.Router.Route("/rsvps", func(r fiber.Router) {
+	params.Router.Route("/:eventID/rsvps", func(r fiber.Router) {
 		r.Get("/", params.UtilityMiddleware.Paginator, controller.GetEventRSVPs)
 		r.Post("/:userID", controller.CreateEventRSVP)
 		r.Delete("/:userID", params.AuthMiddleware.UserAuthorizeById, params.AuthMiddleware.Authorize(permission.DeleteAll), controller.DeleteEventRSVP)

backend/integrations/oauth/crypt/crypt.go

@@ -17,7 +17,7 @@ func Encrypt(data string, passphrase string) (string, error) {
 	}
 
 	plaintext := []byte(data)
-	if len(plaintext) > 1028 {
+	if len(plaintext) > 4096 {
 		return "", fmt.Errorf("plaintext too long")
 	}
 

backend/integrations/oauth/soth/goog/session.go

@@ -1,11 +1,12 @@
 package goog
 
 import (
-	"encoding/json"
 	"errors"
 	"strings"
 	"time"
 
+	go_json "github.com/goccy/go-json"
+
 	"github.com/GenerateNU/sac/backend/integrations/oauth/soth"
 	"github.com/GenerateNU/sac/backend/utilities"
 )
@@ -48,7 +49,7 @@ func (s *Session) Authorize(provider soth.Provider, params soth.Params) (string,
 
 // Marshal the session into a string
 func (s Session) Marshal() string {
-	b, _ := json.Marshal(s)
+	b, _ := go_json.Marshal(s)
 	return string(b)
 }
 
@@ -59,6 +60,6 @@ func (s Session) String() string {
 // UnmarshalSession will unmarshal a JSON string into a session.
 func (p *Provider) UnmarshalSession(data string) (soth.Session, error) {
 	sess := &Session{}
-	err := json.NewDecoder(strings.NewReader(data)).Decode(sess)
+	err := go_json.NewDecoder(strings.NewReader(data)).Decode(sess)
 	return sess, err
 }

backend/integrations/oauth/soth/msft/msft.go → backend/integrations/oauth/soth/msft_mobile/msft_mobile.go

@@ -1,4 +1,4 @@
-package msft
+package msft_mobile
 
 import (
 	"bytes"
@@ -29,13 +29,13 @@ const (
 var defaultScopes = []string{"openid", "offline_access", "user.read", "calendars.readwrite", "email", "profile"}
 
 // New creates a new microsoftonline Provider, and sets up important connection details.
-// You should always call `msft.New` to get a new Provider. Never try to create
+// You should always call `msft_mobile.New` to get a new Provider. Never try to create
 // one manually.
 func New(clientKey *m.Secret[string], callbackURL string, tenant string, scopes ...string) *Provider {
 	p := &Provider{
 		ClientKey:    clientKey,
 		CallbackURL:  callbackURL,
-		ProviderName: "microsoftonline",
+		ProviderName: "microsoftonlineweb",
 		tenant:       tenant,
 	}