PCR Next.js port

backend/Dockerfile.dev

@@ -0,0 +1,14 @@
+FROM pennlabs/django-base:f0f05216db7c23c1dbb5b95c3bc9e8a2603bf2fd
+
+LABEL maintainer="Penn Labs"
+
+WORKDIR /backend
+
+# Copy project dependencies
+COPY Pipfile* ./
+
+# Install backend dependencies
+RUN pipenv install --dev
+
+# Alias runserver command
+RUN echo 'alias runserver="python manage.py runserver 0.0.0.0:8000"' >> ~/.bashrc

backend/PennCourses/authentication/jwt.py

@@ -0,0 +1,64 @@
+import logging
+import pprint
+import threading
+import time
+
+import jwt
+from django.conf import settings
+from django.contrib.auth.models import AnonymousUser
+from rest_framework import authentication, exceptions
+
+
+logger = logging.getLogger(__name__)
+
+REFRESH_INTERVAL = 3600  # 1 hour
+jwks_client = jwt.PyJWKClient(settings.JWKS_URI)
+jwks_client_lock = threading.Lock()
+
+
+def get_jwks_client():
+    with jwks_client_lock:
+        return jwks_client
+
+
+def start_jwks_refresh():
+    def refresh():
+        global jwks_client
+        while True:
+            try:
+                new_client = jwt.PyJWKClient(settings.JWKS_URI)
+                with jwks_client_lock:
+                    jwks_client = new_client
+                    logger.info("[JWK] JWKs client updated and cached.")
+            except Exception as e:
+                logger.info("[JWK] Error updating JWKs client: %s", e)
+            time.sleep(REFRESH_INTERVAL)
+
+    thread = threading.Thread(target=refresh, daemon=True)
+    thread.start()
+
+
+def verify_jwt(token):
+    try:
+        signing_key = jwks_client.get_signing_key_from_jwt(token).key
+        payload = jwt.decode(
+            token, signing_key, audience=settings.AUTH_OIDC_CLIENT_ID, algorithms=["RS256"]
+        )
+        return payload
+    except jwt.PyJWTError:
+        raise exceptions.AuthenticationFailed("Invalid JWT Token.")
+
+
+class JWTAuthentication(authentication.BaseAuthentication):
+    """
+    Authentication based on JWT tokens stored in cookies.
+    """
+
+    def authenticate(self, request):
+        id_token = request.COOKIES.get("id_token")
+        if id_token:
+            payload = verify_jwt(id_token)
+            if payload:
+                pprint.pprint(payload)
+                return (payload, None)
+        return (AnonymousUser, None)

backend/PennCourses/settings/base.py

@@ -14,6 +14,10 @@
 
 import boto3
 import dj_database_url
+import dotenv
+
+
+dotenv.load_dotenv()
 
 
 DOMAINS = os.environ.get("DOMAINS", "example.com").split(",")
@@ -174,6 +178,10 @@
 WEBHOOK_USERNAME = os.environ.get("WEBHOOK_USERNAME", "webhook")
 WEBHOOK_PASSWORD = os.environ.get("WEBHOOK_PASSWORD", "password")
 
+# Penn Labs Platform JWKs
+JWKS_URI = f"https://platform.pennlabs.org/accounts/.well-known/jwks.json"
+AUTH_OIDC_CLIENT_ID = os.environ.get("AUTH_OIDC_CLIENT_ID", "")
+
 # Email Configuration
 SMTP_HOST = os.environ.get("SMTP_HOST", "")
 SMTP_PORT = os.environ.get("SMTP_PORT", 587)
@@ -199,6 +207,7 @@
         "rest_framework.authentication.SessionAuthentication",
         "rest_framework.authentication.BasicAuthentication",
         "accounts.authentication.PlatformAuthentication",
+        "PennCourses.authentication.jwt.JWTAuthentication",
     ],
 }
 

backend/Pipfile

@@ -66,6 +66,7 @@ drf-nested-routers = "*"
 google-api-python-client = "*"
 asyncio = "*"
 aiohttp = "*"
+pyjwt = "*"
 
 [requires]
 python_full_version = "3.11"

backend/docker-compose.yaml

@@ -1,3 +1,5 @@
+version: "3"
+
 services:
   db:
     image: postgres:15.8
@@ -29,4 +31,4 @@ services:
     environment:
       - REDIS_URL=redis://redis:6379/1
       - DATABASE_URL=postgres://penn-courses:postgres@db:5432/postgres
-    command: pipenv run python manage.py runserver 0.0.0.0:8000
+    command: pipenv run python manage.py runserver 0.0.0.0:8000

backend/review/urls.py

@@ -8,6 +8,7 @@
     department_reviews,
     instructor_for_course_reviews,
     instructor_reviews,
+    test_jwt,
 )
 
 
@@ -42,4 +43,5 @@
         name="course-history",
     ),
     path("autocomplete", cache_page(MONTH_IN_SECONDS)(autocomplete), name="review-autocomplete"),
+    path("testjwt", test_jwt, name="test-jwt"),
 ]

backend/review/views.py

@@ -385,7 +385,8 @@ def course_plots(request, course_code):
             instructors__id__in=instructor_ids,
         ).distinct()
 
-    section_map = defaultdict(dict)  # a dict mapping semester to section id to section object
+    # a dict mapping semester to section id to section object
+    section_map = defaultdict(dict)
     for section in filtered_sections:
         section_map[section.efficient_semester][section.id] = section
 
@@ -753,6 +754,7 @@ def instructor_for_course_reviews(request, course_code, instructor_id):
     )
 
 
+@permission_classes([])
 @api_view(["GET"])
 @schema(
     PcxAutoSchema(
@@ -797,7 +799,7 @@ def autocomplete(request):
             {
                 "title": semester_prefix(course) + course["full_code"],
                 "desc": [course["title"]],
-                "url": f"/course/{course['full_code']}/{course['max_semester']}",
+                "url": f"/course/{course['full_code']}",
             }
             for course in courses
         ],
@@ -854,3 +856,18 @@ def join_depts(depts):
     return Response(
         {"courses": course_set, "departments": department_set, "instructors": instructor_set}
     )
+
+
+@permission_classes([IsAuthenticated])
+@api_view(["GET"])
+@schema(
+    PcxAutoSchema(
+        response_codes={
+            "test-jwt": {
+                "GET": {200: "[DESCRIBE_RESPONSE_SCHEMA]Test dump retrieved successfully."},
+            },
+        },
+    )
+)
+def test_jwt(request):
+    return Response({"hello": "hi"})

frontend/review-nextjs/.eslintrc.json

@@ -0,0 +1,6 @@
+{
+  "extends": ["next/core-web-vitals", "next/typescript"],
+  "rules": {
+    "@typescript-eslint/explicit-function-return-type": "off"
+  }
+}

frontend/review-nextjs/.gitignore

@@ -0,0 +1,36 @@
+# See https://help.github.com/articles/ignoring-files/ for more about ignoring files.
+
+# dependencies
+/node_modules
+/.pnp
+.pnp.js
+.yarn/install-state.gz
+
+# testing
+/coverage
+
+# next.js
+/.next/
+/out/
+
+# production
+/build
+
+# misc
+.DS_Store
+*.pem
+
+# debug
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+
+# local env files
+.env*.local
+
+# vercel
+.vercel
+
+# typescript
+*.tsbuildinfo
+next-env.d.ts

frontend/review-nextjs/README.md

@@ -0,0 +1,36 @@
+This is a [Next.js](https://nextjs.org) project bootstrapped with [`create-next-app`](https://nextjs.org/docs/app/api-reference/cli/create-next-app).
+
+## Getting Started
+
+First, run the development server:
+
+```bash
+npm run dev
+# or
+yarn dev
+# or
+pnpm dev
+# or
+bun dev
+```
+
+Open [http://localhost:3000](http://localhost:3000) with your browser to see the result.
+
+You can start editing the page by modifying `app/page.tsx`. The page auto-updates as you edit the file.
+
+This project uses [`next/font`](https://nextjs.org/docs/app/building-your-application/optimizing/fonts) to automatically optimize and load [Geist](https://vercel.com/font), a new font family for Vercel.
+
+## Learn More
+
+To learn more about Next.js, take a look at the following resources:
+
+- [Next.js Documentation](https://nextjs.org/docs) - learn about Next.js features and API.
+- [Learn Next.js](https://nextjs.org/learn) - an interactive Next.js tutorial.
+
+You can check out [the Next.js GitHub repository](https://github.com/vercel/next.js) - your feedback and contributions are welcome!
+
+## Deploy on Vercel
+
+The easiest way to deploy your Next.js app is to use the [Vercel Platform](https://vercel.com/new?utm_medium=default-template&filter=next.js&utm_source=create-next-app&utm_campaign=create-next-app-readme) from the creators of Next.js.
+
+Check out our [Next.js deployment documentation](https://nextjs.org/docs/app/building-your-application/deploying) for more details.

frontend/review-nextjs/app/(header)/about/page.tsx

@@ -0,0 +1,113 @@
+import React from "react";
+import Link from "next/link";
+import { cn } from "@/lib/utils";
+import Image from "next/image";
+
+export default function About() {
+    return (
+        <div className={cn("mx-[10%]")}>
+            <h2>Hey there!</h2>
+            <p>Welcome to the new Penn Course Review!</p>
+            <p>
+                The student-run Penn Course Review has served as a valuable
+                guide for course selection since the 1960s. In 2014, Penn Course
+                Review was completely redesigned to simplify the search
+                experience. In 2018, we updated the site again to continue
+                providing you with the best insights on courses. In 2021, we
+                migrated the site over to a shared backend with{" "}
+                <a
+                    target="_blank"
+                    rel="noopener noreferrer"
+                    href="https://penncoursealert.com/"
+                >
+                    Penn Course Alert
+                </a>{" "}
+                and{" "}
+                <a
+                    target="_blank"
+                    rel="noopener noreferrer"
+                    href="https://penncourseplan.com/"
+                >
+                    Penn Course Plan
+                </a>
+                , allowing us to serve additional metrics about course
+                registration difficulty (based on Penn Course Alert usage data
+                and course status updates). We hope to continue updating and
+                improving Penn Course Review in the years to come!
+            </p>
+
+            <h2>About</h2>
+            <p>
+                Penn Course Review is a student-run service that provides
+                numerical ratings and metrics for undergraduate courses and
+                professors at the University of Pennsylvania. PCR has a long
+                history of being a valuable and influential guide for course
+                selection.
+            </p>
+            <p>
+                PCR is developed and managed by{" "}
+                <a
+                    target="_blank"
+                    rel="noopener noreferrer"
+                    href="https://pennlabs.org/"
+                >
+                    Penn Labs
+                </a>
+                , a student developer organization on Penn&apos;s campus.
+            </p>
+
+            <p>
+                Penn Course Review compiles its information from online course
+                evaluations conducted at the end of each semester by the
+                Provost&apos;s office in conjunction with ISC.
+            </p>
+            <p>
+                Your evaluations and comments feed the Review, so the more
+                information you provide about your courses and professors, the
+                more comprehensive Penn Course Review will be.
+            </p>
+
+            <p>
+                If you want to look at courses on the go,{" "}
+                <a
+                    target="_blank"
+                    rel="noopener noreferrer"
+                    href="https://pennlabs.org/mobile/"
+                >
+                    PennMobile
+                </a>{" "}
+                is available for download! In the courses section, you are able
+                to view course descriptions and ratings!
+            </p>
+            <p>
+                Interested in building something using the Penn Courses API?
+                Check our our{" "}
+                <a
+                    target="_blank"
+                    rel="noopener noreferrer"
+                    href="https://penncoursereview.com/api/documentation/"
+                >
+                    API documentation
+                </a>
+                .
+            </p>
+            <p>Thanks and happy searching,</p>
+            <p>
+                <strong>Penn Labs</strong>
+            </p>
+
+            <Image
+                alt="Penn Labs"
+                src="/image/labs.png"
+                width={100}
+                height={100}
+            />
+
+            <h2>Questions</h2>
+            <p>
+                If you have any questions, take a look at our{" "}
+                <Link href="/faq">FAQs</Link> section.
+            </p>
+        </div>
+    );
+}