implement admin panel with login functionality and dashboard layout

2025-08-31 18:07:49 +02:00
parent 8fb70ccccd
commit 217803ba8f
16 changed files with 409 additions and 2 deletions
--- a/backend/routes/api.js
+++ b/backend/routes/api.js
@@ -8,6 +8,7 @@ import {
  getBorrowableItemsFromDatabase,
  createLoanInDatabase,
  onTake,
+  loginAdmin,
  onReturn,
 } from "../services/database.js";
 import { authenticate, generateToken } from "../services/tokenService.js";
@@ -166,4 +167,33 @@ router.post("/createLoan", authenticate, async (req, res) => {
  }
 });

+
+
+// Admin panel functions
+
+router.post("/loginAdmin", async (req, res) => {
+  const { username, password } = req.body || {};
+  if (!username || !password) {
+    return res
+      .status(400)
+      .json({ message: "Username and password are required" });
+  }
+
+  const result = await loginAdmin(username, password);
+  if (result.success) {
+    const token = await generateToken({
+      username: result.data.username,
+      role: result.data.role,
+    });
+
+    return res.status(200).json({
+      message: "Login successful",
+      first_name: result.data.first_name,
+      token,
+    });
+  }
+
+  return res.status(401).json({ message: "Invalid credentials" });
+});
+
 export default router;
--- a/backend/scheme.sql
+++ b/backend/scheme.sql
@@ -12,6 +12,17 @@ CREATE TABLE `users` (
  UNIQUE KEY `username` (`username`)
 );

+CREATE TABLE `admins` (
+  `id` int NOT NULL AUTO_INCREMENT,
+  `username` varchar(100) NOT NULL,
+  `password` varchar(255) NOT NULL,
+  `first_name` varchar(255) NOT NULL,
+  `last_name` varchar(255) NOT NULL,
+  `entry_created_at` timestamp NULL DEFAULT CURRENT_TIMESTAMP,
+  PRIMARY KEY (`id`),
+  UNIQUE KEY `username` (`username`)
+);
+
 CREATE TABLE `loans` (
  `id` int NOT NULL AUTO_INCREMENT,
  `username` varchar(100) NOT NULL,
--- a/backend/services/database.js
+++ b/backend/services/database.js
@@ -319,3 +319,12 @@ export const onReturn = async (loanId) => {
  }
  return { success: false };
 };
+
+export const loginAdmin = async (username, password) => {
+  const [result] = await pool.query(
+    "SELECT * FROM admins WHERE username = ? AND password = ?",
+    [username, password]
+  );
+  if (result.length > 0) return { success: true, data: result[0] };
+  return { success: false };
+};