From 90a52553b7ec59e6b312212568f6de60663ff30d Mon Sep 17 00:00:00 2001 From: Dalton Burkhart Date: Sun, 21 Sep 2025 23:25:53 -0400 Subject: [PATCH 1/6] Removed duplicate env variables and updated env example --- .env.example | 8 +++++++- apps/backend/src/auth/auth.service.ts | 6 ++---- 2 files changed, 9 insertions(+), 5 deletions(-) diff --git a/.env.example b/.env.example index c0ee816e..c3f4c358 100644 --- a/.env.example +++ b/.env.example @@ -2,4 +2,10 @@ DATABASE_HOST=localhost DATABASE_PORT=5432 DATABASE_NAME=securing-safe-food DATABASE_USERNAME=postgres -DATABASE_PASSWORD=PLACEHOLDER_PASSWORD \ No newline at end of file +DATABASE_PASSWORD=PLACEHOLDER_PASSWORD + +AWS_ACCESS_KEY_ID = 'my-aws-access-key-id' +AWS_SECRET_ACCESS_KEY = 'my-aws-secret-access-key' +AWS_REGION = 'us-east-2' + +AWS_BUCKET_NAME = 'my-aws-bucket-name' \ No newline at end of file diff --git a/apps/backend/src/auth/auth.service.ts b/apps/backend/src/auth/auth.service.ts index e88d532e..173fa8ea 100644 --- a/apps/backend/src/auth/auth.service.ts +++ b/apps/backend/src/auth/auth.service.ts @@ -28,12 +28,10 @@ export class AuthService { this.providerClient = new CognitoIdentityProviderClient({ region: CognitoAuthConfig.region, credentials: { - accessKeyId: process.env.NX_AWS_ACCESS_KEY, - secretAccessKey: process.env.NX_AWS_SECRET_ACCESS_KEY, + accessKeyId: process.env.AWS_ACCESS_KEY_ID, + secretAccessKey: process.env.AWS_SECRET_ACCESS_KEY, }, }); - - this.clientSecret = process.env.COGNITO_CLIENT_SECRET; } // Computes secret hash to authenticate this backend to Cognito From c2acdd8fa9ffe086c4c3e9b1afbf43c8d73a6f6e Mon Sep 17 00:00:00 2001 From: Dalton Burkhart Date: Mon, 22 Sep 2025 18:25:02 -0400 Subject: [PATCH 2/6] Updated env example --- .env.example | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.env.example b/.env.example index c3f4c358..aa7c82a1 100644 --- a/.env.example +++ b/.env.example @@ -4,8 +4,8 @@ DATABASE_NAME=securing-safe-food DATABASE_USERNAME=postgres DATABASE_PASSWORD=PLACEHOLDER_PASSWORD -AWS_ACCESS_KEY_ID = 'my-aws-access-key-id' -AWS_SECRET_ACCESS_KEY = 'my-aws-secret-access-key' -AWS_REGION = 'us-east-2' +AWS_ACCESS_KEY_ID = PLACEHOLDER_AWS_ACCESS_KEY +AWS_SECRET_ACCESS_KEY = PLACEHOLDER_AWS_SECRET_KEY +AWS_REGION = PLACEHOLDER_AWS_REGION -AWS_BUCKET_NAME = 'my-aws-bucket-name' \ No newline at end of file +AWS_BUCKET_NAME = 'confirm-delivery-photos' \ No newline at end of file From 6cc12e7940015a3e4ab1552e9cd3873c57316d36 Mon Sep 17 00:00:00 2001 From: Dalton Burkhart Date: Mon, 22 Sep 2025 18:34:51 -0400 Subject: [PATCH 3/6] Updated backend README --- apps/backend/README.md | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/apps/backend/README.md b/apps/backend/README.md index 8e4e513c..0e02cf64 100644 --- a/apps/backend/README.md +++ b/apps/backend/README.md @@ -25,4 +25,21 @@ You can check that your database connection details are correct by running `nx s "LOG 🚀 Application is running on: http://localhost:3000/api" ``` -Finally, run `yarn run typeorm:migrate` to load all the tables into your database. If everything is set up correctly, you should see "Migration ... has been executed successfully." in the terminal. \ No newline at end of file +Finally, run `yarn run typeorm:migrate` to load all the tables into your database. If everything is set up correctly, you should see "Migration ... has been executed successfully." in the terminal. + +# AWS Setup + +We have a few environment variables that we utilize to access several AWS services throughout the application. Below is a list of each of them and how to access each after logging in to AWS + +1. `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY`: + - Click on your username in the top right corner, and navigate to Security Credentials + - Scroll down to access keys, and create a new key + - Select CLI as the purpose for the key, and add an optional description + - Replace both the public and secret keys in the .env file to those values. Note that the secret key will not be accessible after you leave this page + - Click done + +2. `AWS_REGION`: +This can be found next to your profile name when you login to the main page. Some accounts may be different, but we generally use us-east-1 or us-east-2 + +3. `AWS_BUCKET_NAME`: +This one is already given to you. As of right now, we only use one bucket, confirm-delivery-photos to store photos in a public S3 Bucket. This may be subject to change as we use S3 more in the project. \ No newline at end of file From 91a71a40e4eee1d60cff9f6ff2ca77b495d04915 Mon Sep 17 00:00:00 2001 From: Dalton Burkhart Date: Thu, 15 Jan 2026 01:58:35 -0500 Subject: [PATCH 4/6] Added Cognito back in and adjusted README accordingly --- apps/backend/README.md | 18 +++++++++++++++++- apps/backend/src/auth/auth.service.ts | 2 ++ 2 files changed, 19 insertions(+), 1 deletion(-) diff --git a/apps/backend/README.md b/apps/backend/README.md index 0e02cf64..888dcd28 100644 --- a/apps/backend/README.md +++ b/apps/backend/README.md @@ -42,4 +42,20 @@ We have a few environment variables that we utilize to access several AWS servic This can be found next to your profile name when you login to the main page. Some accounts may be different, but we generally use us-east-1 or us-east-2 3. `AWS_BUCKET_NAME`: -This one is already given to you. As of right now, we only use one bucket, confirm-delivery-photos to store photos in a public S3 Bucket. This may be subject to change as we use S3 more in the project. \ No newline at end of file +This one is already given to you. As of right now, we only use one bucket, confirm-delivery-photos to store photos in a public S3 Bucket. This may be subject to change as we use S3 more in the project. + +4. `COGNITO_CLIENT_SECRET`: +This is used to help authenticate you with AWS Cognito and allow you to properly sign in using proper credential. To find this: + - Navigate to AWS Cognito + - Go to App Clients, and click on 'ssf client w secret' + - There, you can validate the information in `aws_exports.ts`, as well copy the client secret into your env file + +5. Creating a new user within AWS Cognito + There are 2 ways you can create a new user in AWS Cognito. The simplest, is through loading the up, going to the landing page, and creating a new account there. If you choose to do it alternatively through the console, follow these steps: + - Navigate to AWS Cognito + - Go to Users + - If you do not already see your email there, create a new User, setting an email in password (this will be what you login with on the frontend) + - Click 'Create User' + - Load up the app, and go to the landing page + - Verify you are able to login with these new credentials you created + \ No newline at end of file diff --git a/apps/backend/src/auth/auth.service.ts b/apps/backend/src/auth/auth.service.ts index 173fa8ea..8d40956c 100644 --- a/apps/backend/src/auth/auth.service.ts +++ b/apps/backend/src/auth/auth.service.ts @@ -32,6 +32,8 @@ export class AuthService { secretAccessKey: process.env.AWS_SECRET_ACCESS_KEY, }, }); + + this.clientSecret = process.env.COGNITO_CLIENT_SECRET; } // Computes secret hash to authenticate this backend to Cognito From 3a3cd0e15affd4ef44058be87f7cd20cecdf71a4 Mon Sep 17 00:00:00 2001 From: Dalton Burkhart Date: Thu, 15 Jan 2026 01:59:38 -0500 Subject: [PATCH 5/6] Final commit --- .env.example | 1 + 1 file changed, 1 insertion(+) diff --git a/.env.example b/.env.example index aa7c82a1..1c2d9c96 100644 --- a/.env.example +++ b/.env.example @@ -7,5 +7,6 @@ DATABASE_PASSWORD=PLACEHOLDER_PASSWORD AWS_ACCESS_KEY_ID = PLACEHOLDER_AWS_ACCESS_KEY AWS_SECRET_ACCESS_KEY = PLACEHOLDER_AWS_SECRET_KEY AWS_REGION = PLACEHOLDER_AWS_REGION +COGNITO_CLIENT_SECRET = PLACEHOLDER_COGNITO_CLIENT_SECRET AWS_BUCKET_NAME = 'confirm-delivery-photos' \ No newline at end of file From 73a609a932749b420437662a2b39d2107bcb47b0 Mon Sep 17 00:00:00 2001 From: Dalton Burkhart Date: Sat, 17 Jan 2026 22:56:39 -0500 Subject: [PATCH 6/6] Updated README --- apps/backend/README.md | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/apps/backend/README.md b/apps/backend/README.md index 888dcd28..9cb8488f 100644 --- a/apps/backend/README.md +++ b/apps/backend/README.md @@ -34,12 +34,14 @@ We have a few environment variables that we utilize to access several AWS servic 1. `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY`: - Click on your username in the top right corner, and navigate to Security Credentials - Scroll down to access keys, and create a new key - - Select CLI as the purpose for the key, and add an optional description + - Select "Local code" as the purpose for the key, and add an optional description - Replace both the public and secret keys in the .env file to those values. Note that the secret key will not be accessible after you leave this page - Click done 2. `AWS_REGION`: -This can be found next to your profile name when you login to the main page. Some accounts may be different, but we generally use us-east-1 or us-east-2 +This can be found next to your profile name when you login to the main page. Some accounts may be different, but we generally use us-east-1 or us-east-2. +This is the region that you find on the right side after clicking on the location dropdown, usually saying "United States (*some region*)". +For example, if we want to use Ohio as the region, we would put `AWS_REGION="us-east2"` 3. `AWS_BUCKET_NAME`: This one is already given to you. As of right now, we only use one bucket, confirm-delivery-photos to store photos in a public S3 Bucket. This may be subject to change as we use S3 more in the project. @@ -47,12 +49,16 @@ This one is already given to you. As of right now, we only use one bucket, confi 4. `COGNITO_CLIENT_SECRET`: This is used to help authenticate you with AWS Cognito and allow you to properly sign in using proper credential. To find this: - Navigate to AWS Cognito + - Make sure you are on "United States (N. Virginia) as your region + - Go into User pools and click on the one that says "ssf" (NOTE: You can also validate the User pool id in the `auth/aws_exports.ts` file) - Go to App Clients, and click on 'ssf client w secret' - - There, you can validate the information in `aws_exports.ts`, as well copy the client secret into your env file + - There, you can validate the information in `auth/aws_exports.ts` (the `userPoolClientId`), as well as copy the client secret into your env file 5. Creating a new user within AWS Cognito There are 2 ways you can create a new user in AWS Cognito. The simplest, is through loading the up, going to the landing page, and creating a new account there. If you choose to do it alternatively through the console, follow these steps: - Navigate to AWS Cognito + - Make sure you are on "United States (N. Virginia) as your region + - Go into User pools and click on the one that says "ssf" - Go to Users - If you do not already see your email there, create a new User, setting an email in password (this will be what you login with on the frontend) - Click 'Create User'