Revert main back to v1.0.1 state

CONTRIBUTING.md

@@ -1,130 +1,130 @@
-   # 🌟 Contributing to GitHub Tracker
+# 🌟 Contributing to GitHub Tracker
 
-   Thank you for showing interest in **GitHub Tracker**! 🚀  
-   Whether you're here to fix a bug, propose an enhancement, or add a new feature, we’re thrilled to welcome you aboard. Let’s build something awesome together!
+Thank you for showing interest in **GitHub Tracker**! 🚀  
+Whether you're here to fix a bug, propose an enhancement, or add a new feature, we’re thrilled to welcome you aboard. Let’s build something awesome together!
 
-   <br>
+<br>
 
-   ## 🧑‍⚖️ Code of Conduct
+## 🧑‍⚖️ Code of Conduct
 
-   Please make sure to read and adhere to our [Code of Conduct](https://github.com/GitMetricsLab/github_tracker/CODE_OF_CONDUCT.md) before contributing. We aim to foster a respectful and inclusive environment for everyone.
+Please make sure to read and adhere to our [Code of Conduct](https://github.com/GitMetricsLab/github_tracker/CODE_OF_CONDUCT.md) before contributing. We aim to foster a respectful and inclusive environment for everyone.
 
-   <br>
+<br>
 
-   ## 🛠 Project Structure
+## 🛠 Project Structure
 
-   ```bash
-   github_tracker/
-   ├── backend/                  # Node.js + Express backend
-   │   ├── routes/               # API routes
-   │   ├── controllers/          # Logic handlers
-   │   └── index.js              # Entry point for server
-   │
-   ├── frontend/                 # React + Vite frontend
-   │   ├── components/           # Reusable UI components
-   │   ├── pages/                # Main pages/routes
-   │   └── main.jsx              # Root file
-   │
-   ├── public/                   # Static assets like images
-   │
-   ├── .gitignore
-   ├── README.md
-   ├── package.json
-   ├── tailwind.config.js
-   └── CONTRIBUTING.md
-   ```
+```bash
+github_tracker/
+├── backend/                  # Node.js + Express backend
+│   ├── routes/               # API routes
+│   ├── controllers/          # Logic handlers
+│   └── index.js              # Entry point for server
+│
+├── frontend/                 # React + Vite frontend
+│   ├── components/           # Reusable UI components
+│   ├── pages/                # Main pages/routes
+│   └── main.jsx              # Root file
+│
+├── public/                   # Static assets like images
+│
+├── .gitignore
+├── README.md
+├── package.json
+├── tailwind.config.js
+└── CONTRIBUTING.md
+```
 
-   ---
+---
 
-   ## 🤝 How to Contribute
+## 🤝 How to Contribute
 
-   ### 🧭 First-Time Contribution Steps
+### 🧭 First-Time Contribution Steps
 
-   1. **Fork the Repository** 🍴  
-      Click "Fork" to create your own copy under your GitHub account.
+1. **Fork the Repository** 🍴  
+   Click "Fork" to create your own copy under your GitHub account.
 
-   2. **Clone Your Fork** 📥  
-      ```bash
-      git clone https://github.com/<your-username>/github_tracker.git
-      ```
+2. **Clone Your Fork** 📥  
+   ```bash
+   git clone https://github.com/<your-username>/github_tracker.git
+   ```
 
-   3. **Navigate to the Project Folder** 📁  
-      ```bash
-      cd github_tracker
-      ```
+3. **Navigate to the Project Folder** 📁  
+   ```bash
+   cd github_tracker
+   ```
 
-   4. **Create a New Branch** 🌿  
-      ```bash
-      git checkout -b your-feature-name
-      ```
+4. **Create a New Branch** 🌿  
+   ```bash
+   git checkout -b your-feature-name
+   ```
 
-   5. **Make Your Changes** ✍  
-      After modifying files, stage and commit:
+5. **Make Your Changes** ✍  
+   After modifying files, stage and commit:
 
-      ```bash
-      git add .
-      git commit -m "✨ Added [feature/fix]: your message"
-      ```
+   ```bash
+   git add .
+   git commit -m "✨ Added [feature/fix]: your message"
+   ```
 
-   6. **Push Your Branch to GitHub** 🚀  
-      ```bash
-      git push origin your-feature-name
-      ```
+6. **Push Your Branch to GitHub** 🚀  
+   ```bash
+   git push origin your-feature-name
+   ```
 
-   7. **Open a Pull Request** 🔁  
-      Go to the original repo and click **Compare & pull request**.
-      
-   ---
+7. **Open a Pull Request** 🔁  
+   Go to the original repo and click **Compare & pull request**.
+
+---
 
-   ## 🚦 Pull Request Guidelines
+## 🚦 Pull Request Guidelines
 
-   ### **Split Big Changes into Multiple Commits**
-   - When making large or complex changes, break them into smaller, logical commits. 
-   - Each commit should represent a single purpose or unit of change (e.g. refactoring, adding a feature, fixing a bug).
-   ---
-   - ✅ Ensure your code builds and runs without errors.
-   - 🧪 Include tests where applicable.
-   - 💬 Add comments if the logic is non-trivial.
-   - 📸 Attach screenshots for UI-related changes.
-   - 🔖 Use meaningful commit messages and titles.
+### **Split Big Changes into Multiple Commits**
+- When making large or complex changes, break them into smaller, logical commits. 
+- Each commit should represent a single purpose or unit of change (e.g. refactoring, adding a feature, fixing a bug).
+---
+- ✅ Ensure your code builds and runs without errors.
+- 🧪 Include tests where applicable.
+- 💬 Add comments if the logic is non-trivial.
+- 📸 Attach screenshots for UI-related changes.
+- 🔖 Use meaningful commit messages and titles.
 
-   ---
+---
 
-   ## 🐞 Reporting Issues
+## 🐞 Reporting Issues
 
-   If you discover a bug or have a suggestion:
+If you discover a bug or have a suggestion:
 
-   ➡️ [Open an Issue](https://github.com/GitMetricsLab/github_tracker/issues/new/choose)
+➡️ [Open an Issue](https://github.com/GitMetricsLab/github_tracker/issues/new/choose)
 
-   Please include:
+Please include:
 
-   - **Steps to Reproduce**
-   - **Expected vs. Actual Behavior**
-   - **Screenshots/Logs (if any)**
+- **Steps to Reproduce**
+- **Expected vs. Actual Behavior**
+- **Screenshots/Logs (if any)**
 
-   ---
+---
 
-   ## 🧠 Good Coding Practices
+## 🧠 Good Coding Practices
 
-   1. **Consistent Style**  
-      Stick to the project's linting and formatting conventions (e.g., ESLint, Prettier, Tailwind classes).
+1. **Consistent Style**  
+   Stick to the project's linting and formatting conventions (e.g., ESLint, Prettier, Tailwind classes).
 
-   2. **Meaningful Naming**  
-      Use self-explanatory names for variables and functions.
+2. **Meaningful Naming**  
+   Use self-explanatory names for variables and functions.
 
-   3. **Avoid Duplication**  
-      Keep your code DRY (Don't Repeat Yourself).
+3. **Avoid Duplication**  
+   Keep your code DRY (Don't Repeat Yourself).
 
-   4. **Testing**  
-      Add unit or integration tests for any new logic.
+4. **Testing**  
+   Add unit or integration tests for any new logic.
 
-   5. **Review Others’ PRs**  
-      Help others by reviewing their PRs too!
+5. **Review Others’ PRs**  
+   Help others by reviewing their PRs too!
 
-   ---
+---
 
-   ## 🙌 Thank You!
+## 🙌 Thank You!
 
-   We’re so glad you’re here. Your time and effort are deeply appreciated. Feel free to reach out via Issues or Discussions if you need any help.
+We’re so glad you’re here. Your time and effort are deeply appreciated. Feel free to reach out via Issues or Discussions if you need any help.
 
-   **Happy Coding!** 💻🚀  
+**Happy Coding!** 💻🚀  

backend/config/passportConfig.js

@@ -9,13 +9,12 @@ passport.use(
             try {
                 const user = await User.findOne( {email} );
                 if (!user) {
-                    // Generic message prevents user enumeration
-                    return done(null, false, { message: 'Invalid credentials' });
+                    return done(null, false, { message: 'Email is invalid '});
                 }
 
                 const isMatch = await user.comparePassword(password);
                 if (!isMatch) {
-                    return done(null, false, { message: 'Invalid credentials' });
+                    return done(null, false, { message: 'Invalid password' });
                 }
 
                 return done(null, {
@@ -35,10 +34,10 @@ passport.serializeUser((user, done) => {
     done(null, user.id);
 });
 
-// Deserialize user — exclude password hash from req.user on every request
+// Deserialize user (retrieve user from session)
 passport.deserializeUser(async (id, done) => {
     try {
-        const user = await User.findById(id).select('-password');
+        const user = await User.findById(id);
         done(null, user);
     } catch (err) {
         done(err, null);

backend/package.json

@@ -17,7 +17,6 @@
     "cors": "^2.8.5",
     "dotenv": "^16.4.5",
     "express": "^4.21.1",
-    "express-rate-limit": "^7.5.1",
     "express-session": "^1.18.1",
     "mongoose": "^8.8.2",
     "passport": "^0.7.0",

backend/routes/auth.js

@@ -26,29 +26,13 @@ router.post("/signup", validateRequest(signupSchema), async (req, res) => {
             return res.status(400).json({ message: 'User already exists' });
         }
 
-        res.status(500).json({ message: 'Error creating user' });
+        res.status(500).json({ message: 'Error creating user', error: err.message });
     }
 });
 
-// Login route — session is regenerated after successful authentication
-// to prevent session fixation; only safe fields returned in the response
-router.post("/login", validateRequest(loginSchema), (req, res, next) => {
-    passport.authenticate('local', (err, user, info) => {
-        if (err) return next(err);
-        if (!user) return res.status(401).json({ message: info?.message || 'Invalid credentials' });
-
-        req.session.regenerate((regenerateErr) => {
-            if (regenerateErr) return next(regenerateErr);
-
-            req.logIn(user, (loginErr) => {
-                if (loginErr) return next(loginErr);
-                res.status(200).json({
-                    message: 'Login successful',
-                    user: { id: user.id, username: user.username, email: user.email },
-                });
-            });
-        });
-    })(req, res, next);
+// Login route
+router.post("/login", validateRequest(loginSchema), passport.authenticate('local'), (req, res) => {
+    res.status(200).json( { message: 'Login successful', user: req.user } );
 });
 
 // Logout route
@@ -57,7 +41,7 @@ router.get("/logout", (req, res) => {
     req.logout((err) => {
 
         if (err)
-            return res.status(500).json({ message: 'Logout failed' });
+            return res.status(500).json({ message: 'Logout failed', error: err.message });
         else
             res.status(200).json({ message: 'Logged out successfully' });
     });

backend/server.js

@@ -3,7 +3,6 @@ const mongoose = require('mongoose');
 const session = require('express-session');
 const passport = require('passport');
 const bodyParser = require('body-parser');
-const rateLimit = require('express-rate-limit');
 require('dotenv').config();
 const cors = require('cors');
 
@@ -15,10 +14,7 @@ const logger = require('./logger');
 const app = express();
 
 // CORS configuration
-app.use(cors({
-  origin: process.env.CLIENT_URL || 'http://localhost:5173',
-  credentials: true,
-}));
+app.use(cors('*'));
 
 // Middleware
 app.use(bodyParser.json());
@@ -30,19 +26,6 @@ app.use(session({
 app.use(passport.initialize());
 app.use(passport.session());
 
-// Rate limiting — 10 attempts per 15-minute window per IP on auth endpoints
-const authLimiter = rateLimit({
-    windowMs: 15 * 60 * 1000,
-    max: 10,
-    standardHeaders: true,
-    legacyHeaders: false,
-    message: { message: 'Too many attempts, please try again after 15 minutes.' },
-    skipSuccessfulRequests: true,
-});
-
-app.use('/api/auth/login', authLimiter);
-app.use('/api/auth/signup', authLimiter);
-
 // Routes
 const authRoutes = require('./routes/auth');
 app.use('/api/auth', authRoutes);

package.json

@@ -1,5 +1,5 @@
 {
-  "name": "github-tracker",
+  "name": "GitHub Tracker",
   "private": true,
   "version": "0.0.0",
   "type": "module",