Some features and some fixes

.github/CODEOWNERS

@@ -0,0 +1 @@
+@mh-anwar @jiasunzhu613 @TheAmanM @mohamad-damaj

.prettierrc

@@ -2,5 +2,11 @@
     "trailingComma": "es5",
     "tabWidth": 4,
     "semi": true,
-    "singleQuote": false
+    "singleQuote": false,
+    "bracketSpacing": true,
+    "arrowParens": "always",
+    "endOfLine": "lf",
+    "printWidth": 110,
+    "proseWrap": "preserve",
+    "htmlWhitespaceSensitivity": "css"
 }

CONTRIBUTING.md

@@ -0,0 +1,51 @@
+# Welcome to UofT Webring's Contributing Guidelines and Developer Quickstart!
+
+We welcome contribution through pull requests, questions, feature requests as well as bug reports (issues)!
+
+To push changes from a branch, you should first create a fork. This will create your copy of the repo and ensure that you are able to push changes to Github and make PRs.
+
+## Committing Changes and Writing Pull Requests
+
+**Committing changes**
+
+When committing changes please use [semantic commit messages](https://gist.github.com/joshbuchea/6f47e86d2510bce28f8e7f42ae84c716) and describe what the commit changed briefly using.
+
+**Pull Requests**
+
+When making pull requests please provide a descriptive title explaning the overall scope of the PR and provide details in a "description" section.
+
+We do not enforce a PR template to follow but if you are having trouble writing one, here is one you can follow:
+
+```
+Closes #{insert ticket number}
+
+## Description
+{
+            insert more detailed description here,
+            explaining what was changed
+}
+
+### Missing features
+{
+        Add all missing features from related tickets here, if any,
+        otherwise delete this section
+}
+```
+
+## Getting Started Locally
+
+First, run the development frontend server:
+
+```bash
+npm run dev
+# or
+yarn dev
+# or
+pnpm dev
+# or
+bun dev
+```
+
+Then start the DB locally using the [Supabase CLI](https://supabase.com/docs/guides/local-development/cli/getting-started).
+
+**First time using Supabase CLI?** Refer to our [quickstart](supabase/README.md) to get up to speed then refer to Supabase documentation!

README.md

@@ -1,42 +1,18 @@
-# Webring
-
-## Local Development Environment Variables (from Supabase CLI)
-
-```
-# Local development keys
-NEXT_PUBLIC_SUPABASE_URL=http://127.0.0.1:54321
-NEXT_PUBLIC_SUPABASE_ANON_KEY=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZS1kZW1vIiwicm9sZSI6ImFub24iLCJleHAiOjE5ODM4MTI5OTZ9.CRXP1A7WOeoJeXxjNni43kdQwgnWNReilDMblYTn_I0
-NEXT_PUBLIC_SUPABASE_SERVICE_ROLE_KEY=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZS1kZW1vIiwicm9sZSI6InNlcnZpY2Vfcm9sZSIsImV4cCI6MTk4MzgxMjk5Nn0.EGIM96RAZx35lJzdJsyH-qQwv8Hdp7fsn3W0YpN81IU
-HOME_DOMAIN =https://ourdomain/
-### Information from running supabase start
-#          API URL: http://127.0.0.1:54321
-#      GraphQL URL: http://127.0.0.1:54321/graphql/v1
-#   S3 Storage URL: http://127.0.0.1:54321/storage/v1/s3
-#           DB URL: postgresql://postgres:postgres@127.0.0.1:54322/postgres
-#       Studio URL: http://127.0.0.1:54323
-#     Inbucket URL: http://127.0.0.1:54324
-#       JWT secret: super-secret-jwt-token-with-at-least-32-characters-long
-#         anon key: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZS1kZW1vIiwicm9sZSI6ImFub24iLCJleHAiOjE5ODM4MTI5OTZ9.CRXP1A7WOeoJeXxjNni43kdQwgnWNReilDMblYTn_I0
-# service_role key: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZS1kZW1vIiwicm9sZSI6InNlcnZpY2Vfcm9sZSIsImV4cCI6MTk4MzgxMjk5Nn0.EGIM96RAZx35lJzdJsyH-qQwv8Hdp7fsn3W0YpN81IU
-#    S3 Access Key: 625729a08b95bf1b7ff351a663f3a23c
-#    S3 Secret Key: 850181e4652dd023b7a98c58ae0d2d34bd487ee0cc3254aed6eda37307425907
-#        S3 Region: local
-```
-
-You will also require a `DOMAIN_VALIDATION_SECRET_KEY`.
-
-## Getting Started
-
-First, run the development server:
-
-```bash
-npm run dev
-# or
-yarn dev
-# or
-pnpm dev
-# or
-bun dev
-```
-
-Open [http://localhost:3000](http://localhost:3000) with your browser to see the result.
+# UofT Webring 🪐
+
+A Webring environment providing a unified space for UofT students to gather and showcase their web portfolios.
+
+**Are you a UofT Student? Come [join](https://uoftwebring.com/signup) the UofT Webring community!**
+
+## Technologies
+
+-   Frontend: Next.JS
+-   DB / pseudo-backend: Supabase, Supabase SDK
+
+## Developer Quickstart
+
+Refer to our [contributing guide](CONTRIBUTING.md)!
+
+## Acknowledgements
+
+Special shout out to all the UWaterloo webrings ([CS](https://cs.uwatering.com/), [SE](https://se-webring.xyz/)) for the inspiration! Go check them out and meet all the cool people from there!

SECURITY.md

@@ -0,0 +1,20 @@
+# Security Policy
+
+## Reporting a Vulnerability
+
+If you discover a potential security vulnerability in this project, we appreciate your help in disclosing it responsibly.
+
+### How to Report
+
+Please report security issues by privately filing it, see [here](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/privately-reporting-a-security-vulnerability#privately-reporting-a-security-vulnerability). 
+When reporting, please include as much relevant detail as possible:
+
+- Steps to reproduce the vulnerability  
+- A clear description of the issue and its impact  
+- Any relevant logs, screenshots, or proof-of-concept code  
+
+### Guidelines
+
+- If you're unsure whether the issue qualifies as a vulnerability, it's still better to report it privately first.  
+- Avoid sharing sensitive data in public issues.  
+- Use discretion and keep the issue confidential until it is addressed.  

app/(metadata)/manifest.webmanifest

@@ -0,0 +1,16 @@
+{
+    "name": "UofT Webring",
+    "start_url": "/",
+    "theme_color": "#010414",
+    "background_color": "#010414",
+    "display": "fullscreen",
+    "lang": "en",
+    "orientation": "portrait",
+    "icons": [
+        {
+            "url": "/favicon.ico",
+            "sizes": "16x16",
+            "type": "image/png"
+        }
+    ]
+}

app/(metadata)/sitemap.ts

@@ -0,0 +1,13 @@
+/*  We should make dynamic routes */
+import type { MetadataRoute } from "next";
+
+export default function sitemap(): MetadataRoute.Sitemap {
+    return [
+        {
+            url: "https://uoftwebring.com",
+            lastModified: new Date(),
+            changeFrequency: "weekly",
+            priority: 1,
+        },
+    ];
+}

app/actions.ts

@@ -1,67 +1,97 @@
 "use server";
 
-import {
-    createAdminClient,
-    createClient,
-    createServiceClient,
-} from "@/utils/supabase/server";
-import { SafeUser, SafeUserType } from "@/utils/zod";
+import { createAdminClient, createClient } from "@/utils/supabase/server";
+import { SafeUserType } from "@/utils/zod";
 import { PostgrestError } from "@supabase/supabase-js";
-import { User } from "@supabase/supabase-js";
 import { UserType } from "@/utils/zod";
-import { getAuthUser } from "./dashboard/actions";
-import { redirect } from "next/navigation";
 
-type FetchRingProfilesResponse =
-    | {
-          ringProfiles: SafeUserType[];
-          error: null;
-      }
-    | {
-          ringProfiles: null;
-          error: string;
-      };
+const PROFILE_COLUMNS =
+    "ring_id, tagline, domain, name, validated_user_component, github_url, image_url, is_verified, tags";
 
-export async function fetchRingProfiles(): Promise<FetchRingProfilesResponse> {
-    console.log("FETCHING PROFILES FOR RING");
-    // First, we get the client and fetch everything
-    const supabase = createAdminClient(); // Requires admin client to bypass RLS
+// Generic response type for uniform handling
+export type ApiResponse<T> = { data: T; error: null } | { data: null; error: string };
+
+// Specific aliases for clarity
+type GetAllUserProfilesResponse = ApiResponse<SafeUserType[]>;
+type GetUserProfileResponse = ApiResponse<SafeUserType>;
+type GetAuthUserProfileResponse = ApiResponse<UserType>;
+
+/**
+ * Fetches all user profiles from the `profile` table.
+ * Intended for server use only, as it bypasses Row Level Security (RLS) using an admin client.
+ *
+ * @returns {Promise<GetAllUserProfilesResponse>}
+ * An object containing all user profiles in `data` if successful,
+ * or an error message in `error` if the operation fails.
+ */
+export async function getAllUserProfiles(): Promise<GetAllUserProfilesResponse> {
+    // To fetch all user profiles, we need an admin client to bypass RLS
+    const supabase = createAdminClient();
     const { data, error } = await supabase
         .from("profile")
-        .select(
-            "ring_id, tagline, domain, name, valid, github_url, image_url, is_verified, tags"
-        )
+        .select(PROFILE_COLUMNS)
         .order("ring_id", { ascending: true });
 
     if (error) {
         return {
-            ringProfiles: null,
+            data: null,
             error: `Error: ${(error as PostgrestError).message}`,
         };
     }
-    if (!data) {
-        return { ringProfiles: null, error: "Error: No data returned." };
-    }
-
-    // Next, we filter profiles that are not allowed to be in the ring
-    // Currently, no filtering is being done since a valid domain is required upon registration
-    // Below is some boiletplate code.
 
-    return {
-        ringProfiles: data,
-        error: null,
-    };
+    return data ? { data, error: null } : { data: null, error: "Error: No data returned." };
 }
 
-export const getUserProfile = async () => {
+/**
+ * Retrieves the authenticated user's profile from the `profile` table.
+ *
+ * Requires the user to be signed in. The user's ID is obtained from the Supabase auth session.
+ *
+ * @returns {Promise<GetAuthUserProfileResponse>}
+ * An object containing the user's profile in `data` if successful,
+ * or an error message in `error` if the user is not authenticated or the query fails.
+ */
+export const getAuthUserProfile = async (): Promise<GetAuthUserProfileResponse> => {
     const supabase = await createClient();
+    const {
+        data: { user },
+        error: authError,
+    } = await supabase.auth.getUser();
 
-    const { data, error: dataError } = await supabase
+    if (!user) {
+        return { data: null, error: authError?.message ?? "Auth error" };
+    }
+
+    const { data, error } = await supabase.from("profile").select("*").eq("id", user.id).single();
+
+    return data
+        ? { data: data as UserType, error: null }
+        : { data: null, error: error?.message ?? "Error fetching profile" };
+};
+
+/**
+ * Fetches a single user profile by its associated `subdomain` slug.
+ * Intended for server use, as it bypasses Row Level Security (RLS) using an admin client.
+ *
+ * @param {string} slug - The `subdomain` identifier corresponding to the user profile.
+ * @returns {Promise<GetUserProfileResponse>}
+ * An object containing the matching user profile in `data` if found,
+ * or an error message in `error` if the profile is not found or the query fails.
+ */
+export const getUserProfile = async (slug: string): Promise<GetUserProfileResponse> => {
+    // To fetch an arbitrary user (not the curr user), we need an admin client to bypass RLS
+    const supabase = createAdminClient();
+    const { data, error } = await supabase
         .from("profile")
-        .select("*");
+        .select(PROFILE_COLUMNS)
+        .eq("subdomain", slug)
+        .single();
 
-    return {
-        data: data?.at(0) as UserType,
-        error: dataError,
-    };
+    if (error) {
+        return {
+            data: null,
+            error: `Error: ${(error as PostgrestError).message}`,
+        };
+    }
+    return data ? { data, error: null } : { data: null, error: "Error: No data returned." };
 };

app/api/revalidate/route.ts

@@ -10,18 +10,12 @@ export async function POST(request: NextRequest) {
     // Check if the secret is missing in your environment variables
     if (!secret) {
         console.error("REVALIDATION_SECRET_TOKEN is not set.");
-        return NextResponse.json(
-            { message: "Server configuration error." },
-            { status: 500 }
-        );
+        return NextResponse.json({ message: "Server configuration error." }, { status: 500 });
     }
 
     // Check if the token from the header matches
     if (authHeader !== `Bearer ${secret}`) {
-        return NextResponse.json(
-            { message: "Unauthorized: Invalid token." },
-            { status: 401 }
-        );
+        return NextResponse.json({ message: "Unauthorized: Invalid token." }, { status: 401 });
     }
 
     // 2. Perform the revalidation
@@ -39,9 +33,6 @@ export async function POST(request: NextRequest) {
         });
     } catch (err) {
         console.error("Error during revalidation:", err);
-        return NextResponse.json(
-            { message: "Error revalidating" },
-            { status: 500 }
-        );
+        return NextResponse.json({ message: "Error revalidating" }, { status: 500 });
     }
 }