added documentation to keygen code

keygenServer/README.md

@@ -0,0 +1,18 @@
+This is the code for API key Generation
+
+## Client
+
+This is the interface a user goes to for requesting an API key.
+
+The client asks the server to generate a new API key. Only the client website 
+can request new keys.
+
+Login is handled through google auth. Keys are associated with email addresses.
+
+## Server
+
+Server handles requests for new keys. It also exposes and endpoint for verifying
+that a key exists. Currently it doesn't do anything more can check existance of 
+keys, but we will be fixing that soon.
+
+

keygenServer/client/Dockerfile

@@ -1,4 +1,8 @@
+# We deployed to Vercel so this Dockerfile isn't actually being used
+
 # Build stage
+
+
 FROM node:20-alpine AS builder
 
 WORKDIR /app
@@ -43,4 +47,4 @@ RUN yarn install --production --frozen-lockfile
 EXPOSE 3000
 
 # Start the application
-CMD ["yarn", "start"]
+CMD ["yarn", "start"]

keygenServer/client/app/main/page.tsx

@@ -1,4 +1,7 @@
 'use client';
+
+// This is the homepage of the app. Where you request a new key. 
+
 import { useEffect, useState } from 'react';
 import { useRouter } from 'next/navigation';
 
@@ -36,6 +39,7 @@ export default function MainPage() {
     router.push('/');
   };
 
+  // Call the server to obtain a key
   const generateApiKey = async () => {
     try {
       const response = await fetch('https://mcp-hackathon-tu1u.onrender.com/api/addKey', {
@@ -205,4 +209,4 @@ export default function MainPage() {
       </div>
     </div>
   );
-}
+}

keygenServer/client/app/page.tsx

@@ -1,7 +1,8 @@
 'use client';
-// import { auth, googleProvider } from '@/libs/firebase';
-// import { signInWithPopup } from 'firebase/auth';
-// import { AppRouterInstance } from 'next/dist/shared/lib/app-router-context.shared-runtime';
+
+// This is the login screen for the client website.
+
+
 import { useRouter } from 'next/navigation';
 import { useCallback } from 'react';
 

keygenServer/server/prisma/schema.prisma

@@ -1,8 +1,4 @@
-// This is your Prisma schema file,
-// learn more about it in the docs: https://pris.ly/d/prisma-schema
-
-// Looking for ways to speed up your queries, or scale easily with your serverless or edge functions?
-// Try Prisma Accelerate: https://pris.ly/cli/accelerate-init
+// Prisma Schema for API key DB
 
 generator client {
   provider = "prisma-client-js"

keygenServer/server/prisma_client.ts

@@ -1,5 +1,12 @@
-import { PrismaClient } from '@prisma/client'
+// Setting up prisma lib
 
-const prisma = new PrismaClient()
+import { PrismaClient } from '@prisma/client';
 
-export default prisma
+const globalForPrisma = globalThis as unknown as { prisma?: PrismaClient };
+
+export const prisma =
+  globalForPrisma.prisma ?? new PrismaClient();
+
+if (process.env.NODE_ENV !== 'production') {
+  globalForPrisma.prisma = prisma;
+}

keygenServer/server/server.ts

@@ -1,7 +1,7 @@
 import express, { Request, Response } from 'express';
 import cors from 'cors';
 import dotenv from 'dotenv';
-import prisma from './prisma_client';
+import { prisma } from './prisma_client';
 import crypto from 'crypto';
 
 
@@ -12,15 +12,17 @@ const port = process.env.PORT || 3001;
 
 // Whitelist of allowed client origins
 const allowedOrigins = [
+    // for testing
     'http://localhost:3000',
-    'https://mcp-hackathon.vercel.app',
-    'http://your-production-domain.com'
+    // deployed frontend
+    'https://mcp-hackathon.vercel.app'
 ];
 
 // Strict CORS configuration for protected routes
 const strictCorsOptions = {
     origin: (origin: string | undefined, callback: (err: Error | null, allow?: boolean) => void) => {
-        if (!origin || allowedOrigins.includes(origin)) {
+        // disallows CURL, Postman, etc.
+        if (origin && allowedOrigins.includes(origin)) {
             callback(null, true);
         } else {
             callback(new Error('Not allowed by CORS'));
@@ -33,25 +35,22 @@ const strictCorsOptions = {
 // Open CORS configuration for public routes
 const openCorsOptions = {
     origin: '*',
-    methods: ['GET', 'POST'],
+    methods: ['GET', 'POST', 'OPTIONS'],
     credentials: true
 };
 
-// app.use(cors({
-//     origin: allowedOrigins,
-//     credentials: true,
-//     methods: ['GET', 'POST', 'OPTIONS']
-// }));
 
 // Middleware
 app.use(express.json());
 
-
+// Generates Key
+// TODO: add verification that key doesn't exist and add key if needed.
+//          currently relying on sheer probablistic chance :P
 function generateApiKey(): string {
     return crypto.randomBytes(32).toString('hex');
 }
 
-// Public route example (no CORS restrictions)
+// Public route (no CORS restrictions)
 app.post('/api/verifyKey',
     cors(openCorsOptions),
     async (req: Request, res: Response) => {
@@ -63,6 +62,7 @@ app.post('/api/verifyKey',
                 return;
             }
 
+            // See if key is in database
             const key = await prisma.key.findFirst({
                 where: {
                     apiKey
@@ -85,6 +85,8 @@ app.post('/api/verifyKey',
 );
 
 // Protected route with strict CORS and authentication
+app.options('/api/addKey', cors(strictCorsOptions));
+app.options('/api/addKey/', cors(strictCorsOptions));
 app.post('/api/addKey', 
     cors(strictCorsOptions),
     async (req: Request, res: Response): Promise<void> => {
@@ -98,6 +100,7 @@ app.post('/api/addKey',
 
             const apiKey = generateApiKey();
             
+            // Add key to database
             const newKey = await prisma.key.create({
                 data: {
                     email,
@@ -118,4 +121,4 @@ app.post('/api/addKey',
 
 app.listen(port, () => {
     console.log(`Server running on port ${port}`);
-});
+});