From 4e12e02bc805170e6b03d33e0ef894b2a3021fb3 Mon Sep 17 00:00:00 2001 From: Rory& Date: Sun, 1 Jun 2025 11:13:55 +0200 Subject: Add alarm endpoints, basic budget routes, spend history --- src/api/middlewares/authMiddleware.js | 8 ++++++- src/api/routes/alarmRoutes.js | 41 +++++++++++++++++++++++++++++++++++ src/api/routes/budgetRoutes.js | 20 +++++++++++++++++ src/api/routes/index.js | 2 ++ 4 files changed, 70 insertions(+), 1 deletion(-) create mode 100644 src/api/routes/alarmRoutes.js create mode 100644 src/api/routes/budgetRoutes.js (limited to 'src/api') diff --git a/src/api/middlewares/authMiddleware.js b/src/api/middlewares/authMiddleware.js index 1187112..8553517 100644 --- a/src/api/middlewares/authMiddleware.js +++ b/src/api/middlewares/authMiddleware.js @@ -1,5 +1,5 @@ import { validateJwtToken } from '#util/jwtUtils.js'; -import { DbUser } from '#db/schemas/index.js'; +import { DbUser, UserType } from '#db/schemas/index.js'; /** * @param options {AuthValidationOptions} @@ -15,6 +15,12 @@ export function validateAuth(options) { const user = (req.user = await DbUser.findById(auth.id).exec()); + // admin can do everything + if (user.type == UserType.ADMIN) { + next(); + return; + } + if (options.roles && !options.roles.includes(user.type)) { res.status(401).send('Unauthorized'); return; diff --git a/src/api/routes/alarmRoutes.js b/src/api/routes/alarmRoutes.js new file mode 100644 index 0000000..5170327 --- /dev/null +++ b/src/api/routes/alarmRoutes.js @@ -0,0 +1,41 @@ +import { validateAuth } from '#api/middlewares/index.js'; +import { UserType } from '#db/schemas/index.js'; + +export const alarmByUserRoute = { + route: '/alarm/:id', + onGetValidation: validateAuth({ roles: [UserType.MONITOR] }), + async onGet(req, res) { + const user = await getUserById(req.query.id); + res.send(user.alarm); + }, + + onDeleteValidation: validateAuth({ roles: [UserType.MONITOR] }), + async onDelete(req, res) { + const user = await getUserById(req.query.id); + user.alarm = null; + await user.save(); + res.status(204).send(); + } +}; + +export const alarmRoute = { + onGetValidation: validateAuth({ roles: [UserType.USER] }), + async onGet(req, res) { + res.send(req.user.alarm); + }, + + route: '/alarm/@me', + onPutValidation: validateAuth({ roles: [UserType.USER] }), + async onPut(req, res) { + req.user.alarm = req.body; + await req.user.save(); + res.status(204).send(); + }, + + onDeleteValidation: validateAuth({ roles: [UserType.USER] }), + async onDelete(req, res) { + req.user.alarm = null; + await req.user.save(); + res.status(204).send(); + } +}; diff --git a/src/api/routes/budgetRoutes.js b/src/api/routes/budgetRoutes.js new file mode 100644 index 0000000..ed827e8 --- /dev/null +++ b/src/api/routes/budgetRoutes.js @@ -0,0 +1,20 @@ +import { validateAuth } from '#api/middlewares/index.js'; +import { UserType } from '#db/schemas/index.js'; + +export const getBudgetByUserRoute = { + route: '/budget/:id', + onGetValidation: validateAuth({ roles: [UserType.MONITOR] }), + onGet(req, res) {} +}; + +export const addBudgetByUserRoute = { + route: '/budget/:id/add', + onGetValidation: validateAuth({ roles: [UserType.MONITOR] }), + onGet(req, res) {} +}; + +export const getBudgetRoute = { + route: '/budget/@me', + onGetValidation: validateAuth({ roles: [UserType.USER] }), + onGet(req, res) {} +}; diff --git a/src/api/routes/index.js b/src/api/routes/index.js index 745dd27..4feeb11 100644 --- a/src/api/routes/index.js +++ b/src/api/routes/index.js @@ -2,3 +2,5 @@ export * from './statusRoute.js'; export * from './indexRoute.js'; export * from './auth/index.js'; +export * from './budgetRoutes.js'; +export * from './alarmRoutes.js'; -- cgit 1.5.1