diff --git a/backendV2/routes/admin/dataMgmt.route.js b/backendV2/routes/admin/apiDataMgmt.route.js similarity index 100% rename from backendV2/routes/admin/dataMgmt.route.js rename to backendV2/routes/admin/apiDataMgmt.route.js diff --git a/backendV2/routes/admin/database/userMgmt.database.js b/backendV2/routes/admin/database/userMgmt.database.js index e69de29..7a055fd 100644 --- a/backendV2/routes/admin/database/userMgmt.database.js +++ b/backendV2/routes/admin/database/userMgmt.database.js @@ -0,0 +1,30 @@ +import mysql from "mysql2"; +import dotenv from "dotenv"; +dotenv.config(); + +const pool = mysql + .createPool({ + host: process.env.DB_HOST, + user: process.env.DB_USER, + password: process.env.DB_PASSWORD, + database: process.env.DB_NAME, + }) + .promise(); + +export const loginFunc = async (username, password) => { + const [rows] = await pool.query( + "SELECT id, username, first_name, last_name, role, is_admin FROM users WHERE username = ? AND password = ?", + [username, password] + ); + + if (rows.length === 0) { + return { success: false, reason: "invalid_credentials" }; + } + + const user = rows[0]; + if (!user.is_admin) { + return { success: false, reason: "not_admin" }; + } + + return { success: true, data: user }; +}; diff --git a/backendV2/routes/app/loansMgmt.route.js b/backendV2/routes/admin/loanDataMgmt.route.js similarity index 100% rename from backendV2/routes/app/loansMgmt.route.js rename to backendV2/routes/admin/loanDataMgmt.route.js diff --git a/backendV2/routes/admin/userDataMgmt.route.js b/backendV2/routes/admin/userDataMgmt.route.js new file mode 100644 index 0000000..e69de29 diff --git a/backendV2/routes/admin/userMgmt.route.js b/backendV2/routes/admin/userMgmt.route.js index e69de29..a2dd56c 100644 --- a/backendV2/routes/admin/userMgmt.route.js +++ b/backendV2/routes/admin/userMgmt.route.js @@ -0,0 +1,29 @@ +import express from "express"; +import { authenticate, generateToken } from "../services/tokenService.js"; +const router = express.Router(); +import nodemailer from "nodemailer"; +import dotenv from "dotenv"; +dotenv.config(); + +// database funcs import +import { loginFunc } from "./database/userMgmt.database.js"; + +router.post("/login", async (req, res) => { + const result = await loginFunc(req.body.username, req.body.password); + + if (result.success) { + const token = await generateToken({ + username: result.data.username, + first_name: result.data.first_name, + last_name: result.data.last_name, + role: result.data.role, + }); + return res.status(200).json({ message: "Login erfolgreich", token }); + } + + if (result.reason === "not_admin") { + return res.status(403).json({ message: "Du bist kein Admin" }); + } + + return res.status(401).json({ message: "Ungültige Anmeldedaten" }); +}); diff --git a/backendV2/routes/app/database/userMgmt.database.js b/backendV2/routes/app/database/userMgmt.database.js index e69de29..1a5640c 100644 --- a/backendV2/routes/app/database/userMgmt.database.js +++ b/backendV2/routes/app/database/userMgmt.database.js @@ -0,0 +1,21 @@ +import mysql from "mysql2"; +import dotenv from "dotenv"; +dotenv.config(); + +const pool = mysql + .createPool({ + host: process.env.DB_HOST, + user: process.env.DB_USER, + password: process.env.DB_PASSWORD, + database: process.env.DB_NAME, + }) + .promise(); + +export const loginFunc = async (username, password) => { + const [result] = await pool.query( + "SELECT * FROM users WHERE username = ? AND password = ?", + [username, password] + ); + if (result.length > 0) return { success: true, data: result[0] }; + return { success: false }; +}; diff --git a/backendV2/routes/app/loanMgmt.route.js b/backendV2/routes/app/loanMgmt.route.js new file mode 100644 index 0000000..5a81370 --- /dev/null +++ b/backendV2/routes/app/loanMgmt.route.js @@ -0,0 +1,3 @@ +import express from "express"; + +const router = express.Router(); \ No newline at end of file diff --git a/backendV2/routes/app/userMgmt.route.js b/backendV2/routes/app/userMgmt.route.js index e69de29..3114902 100644 --- a/backendV2/routes/app/userMgmt.route.js +++ b/backendV2/routes/app/userMgmt.route.js @@ -0,0 +1,23 @@ +import express from "express"; +import { authenticate, generateToken } from "../services/tokenService.js"; +const router = express.Router(); +import nodemailer from "nodemailer"; +import dotenv from "dotenv"; +dotenv.config(); + +// database funcs import +import { loginFunc } from "./database/userMgmt.database.js"; + +router.post("/login", async (req, res) => { + const result = await loginFunc(req.body.username, req.body.password); + if (result.success) { + const token = await generateToken({ + username: result.data.username, + role: result.data.role, + }); + res.status(200).json({ message: "Login successful", token }); + } else { + res.status(401).json({ message: "Invalid credentials" }); + } +}); + diff --git a/backendV2/scheme.xlsx b/backendV2/scheme.xlsx index 6ccfd7c..156790c 100644 Binary files a/backendV2/scheme.xlsx and b/backendV2/scheme.xlsx differ diff --git a/backendV2/schemeV2.sql b/backendV2/schemeV2.sql index 79c0c90..6caf0cb 100644 --- a/backendV2/schemeV2.sql +++ b/backendV2/schemeV2.sql @@ -4,6 +4,7 @@ CREATE TABLE users ( id int NOT NULL AUTO_INCREMENT, username varchar(100) NOT NULL UNIQUE, password varchar(255) NOT NULL, + email varchar(255) NOT NULL, first_name varchar(255) NOT NULL, last_name varchar(255) NOT NULL, role int NOT NULL, diff --git a/backendV2/server.js b/backendV2/server.js index 467b044..7603dae 100644 --- a/backendV2/server.js +++ b/backendV2/server.js @@ -1,11 +1,15 @@ import express from "express"; import cors from "cors"; import env from "dotenv"; +import loansMgmtRouter from "./routes/app/loanMgmt.route.js"; +import userMgmtRouter from "./routes/app/userMgmt.route.js"; env.config(); const app = express(); const port = 8002; app.use(cors()); +app.use("/api/loans", loansMgmtRouter); +app.use("/api/users", userMgmtRouter); // Increase body size limits to support large CSV JSON payloads app.use(express.urlencoded({ extended: true, limit: "10mb" })); app.set("view engine", "ejs"); diff --git a/docker-compose.yml b/docker-compose.yml index a027198..9d6c22b 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -33,6 +33,21 @@ services: timeout: 5s retries: 3 + backend_v2: + container_name: borrow_system-backend_v2 + build: ./backendV2 + ports: + - "8004:8004" + environment: + NODE_ENV: production + DB_HOST: mysql_v2 + DB_USER: root + DB_PASSWORD: ${DB_PASSWORD_V2} + DB_NAME: borrow_system_v2 + depends_on: + - mysql_v2 + restart: unless-stopped + mysql: container_name: borrow_system-mysql image: mysql:8.0 @@ -47,5 +62,20 @@ services: ports: - "3309:3306" + mysql_v2: + container_name: borrow_system-mysql-v2 + image: mysql:8.0 + restart: unless-stopped + environment: + MYSQL_ROOT_PASSWORD: ${DB_PASSWORD_V2} + MYSQL_DATABASE: borrow_system_v2 + TZ: Europe/Berlin + volumes: + - mysql-v2-data:/var/lib/mysql + - ./mysql-timezone.cnf:/etc/mysql/conf.d/timezone.cnf:ro + ports: + - "3310:3306" + volumes: mysql-data: + mysql-v2-data: