From 27d21efefa50c8e2c0639e09b569343bc95b9966 Mon Sep 17 00:00:00 2001 From: Theis Gaedigk Date: Wed, 5 Nov 2025 10:25:23 +0100 Subject: [PATCH] began to refactor backend --- ...dataMgmt.route.js => apiDataMgmt.route.js} | 0 .../admin/database/userMgmt.database.js | 30 ++++++++++++++++++ .../loanDataMgmt.route.js} | 0 backendV2/routes/admin/userDataMgmt.route.js | 0 backendV2/routes/admin/userMgmt.route.js | 29 +++++++++++++++++ .../routes/app/database/userMgmt.database.js | 21 ++++++++++++ backendV2/routes/app/loanMgmt.route.js | 3 ++ backendV2/routes/app/userMgmt.route.js | 23 ++++++++++++++ backendV2/scheme.xlsx | Bin 12115 -> 12127 bytes backendV2/schemeV2.sql | 1 + backendV2/server.js | 4 +++ docker-compose.yml | 30 ++++++++++++++++++ 12 files changed, 141 insertions(+) rename backendV2/routes/admin/{dataMgmt.route.js => apiDataMgmt.route.js} (100%) rename backendV2/routes/{app/loansMgmt.route.js => admin/loanDataMgmt.route.js} (100%) create mode 100644 backendV2/routes/admin/userDataMgmt.route.js create mode 100644 backendV2/routes/app/loanMgmt.route.js diff --git a/backendV2/routes/admin/dataMgmt.route.js b/backendV2/routes/admin/apiDataMgmt.route.js similarity index 100% rename from backendV2/routes/admin/dataMgmt.route.js rename to backendV2/routes/admin/apiDataMgmt.route.js diff --git a/backendV2/routes/admin/database/userMgmt.database.js b/backendV2/routes/admin/database/userMgmt.database.js index e69de29..7a055fd 100644 --- a/backendV2/routes/admin/database/userMgmt.database.js +++ b/backendV2/routes/admin/database/userMgmt.database.js @@ -0,0 +1,30 @@ +import mysql from "mysql2"; +import dotenv from "dotenv"; +dotenv.config(); + +const pool = mysql + .createPool({ + host: process.env.DB_HOST, + user: process.env.DB_USER, + password: process.env.DB_PASSWORD, + database: process.env.DB_NAME, + }) + .promise(); + +export const loginFunc = async (username, password) => { + const [rows] = await pool.query( + "SELECT id, username, first_name, last_name, role, is_admin FROM users WHERE username = ? AND password = ?", + [username, password] + ); + + if (rows.length === 0) { + return { success: false, reason: "invalid_credentials" }; + } + + const user = rows[0]; + if (!user.is_admin) { + return { success: false, reason: "not_admin" }; + } + + return { success: true, data: user }; +}; diff --git a/backendV2/routes/app/loansMgmt.route.js b/backendV2/routes/admin/loanDataMgmt.route.js similarity index 100% rename from backendV2/routes/app/loansMgmt.route.js rename to backendV2/routes/admin/loanDataMgmt.route.js diff --git a/backendV2/routes/admin/userDataMgmt.route.js b/backendV2/routes/admin/userDataMgmt.route.js new file mode 100644 index 0000000..e69de29 diff --git a/backendV2/routes/admin/userMgmt.route.js b/backendV2/routes/admin/userMgmt.route.js index e69de29..a2dd56c 100644 --- a/backendV2/routes/admin/userMgmt.route.js +++ b/backendV2/routes/admin/userMgmt.route.js @@ -0,0 +1,29 @@ +import express from "express"; +import { authenticate, generateToken } from "../services/tokenService.js"; +const router = express.Router(); +import nodemailer from "nodemailer"; +import dotenv from "dotenv"; +dotenv.config(); + +// database funcs import +import { loginFunc } from "./database/userMgmt.database.js"; + +router.post("/login", async (req, res) => { + const result = await loginFunc(req.body.username, req.body.password); + + if (result.success) { + const token = await generateToken({ + username: result.data.username, + first_name: result.data.first_name, + last_name: result.data.last_name, + role: result.data.role, + }); + return res.status(200).json({ message: "Login erfolgreich", token }); + } + + if (result.reason === "not_admin") { + return res.status(403).json({ message: "Du bist kein Admin" }); + } + + return res.status(401).json({ message: "Ungültige Anmeldedaten" }); +}); diff --git a/backendV2/routes/app/database/userMgmt.database.js b/backendV2/routes/app/database/userMgmt.database.js index e69de29..1a5640c 100644 --- a/backendV2/routes/app/database/userMgmt.database.js +++ b/backendV2/routes/app/database/userMgmt.database.js @@ -0,0 +1,21 @@ +import mysql from "mysql2"; +import dotenv from "dotenv"; +dotenv.config(); + +const pool = mysql + .createPool({ + host: process.env.DB_HOST, + user: process.env.DB_USER, + password: process.env.DB_PASSWORD, + database: process.env.DB_NAME, + }) + .promise(); + +export const loginFunc = async (username, password) => { + const [result] = await pool.query( + "SELECT * FROM users WHERE username = ? AND password = ?", + [username, password] + ); + if (result.length > 0) return { success: true, data: result[0] }; + return { success: false }; +}; diff --git a/backendV2/routes/app/loanMgmt.route.js b/backendV2/routes/app/loanMgmt.route.js new file mode 100644 index 0000000..5a81370 --- /dev/null +++ b/backendV2/routes/app/loanMgmt.route.js @@ -0,0 +1,3 @@ +import express from "express"; + +const router = express.Router(); \ No newline at end of file diff --git a/backendV2/routes/app/userMgmt.route.js b/backendV2/routes/app/userMgmt.route.js index e69de29..3114902 100644 --- a/backendV2/routes/app/userMgmt.route.js +++ b/backendV2/routes/app/userMgmt.route.js @@ -0,0 +1,23 @@ +import express from "express"; +import { authenticate, generateToken } from "../services/tokenService.js"; +const router = express.Router(); +import nodemailer from "nodemailer"; +import dotenv from "dotenv"; +dotenv.config(); + +// database funcs import +import { loginFunc } from "./database/userMgmt.database.js"; + +router.post("/login", async (req, res) => { + const result = await loginFunc(req.body.username, req.body.password); + if (result.success) { + const token = await generateToken({ + username: result.data.username, + role: result.data.role, + }); + res.status(200).json({ message: "Login successful", token }); + } else { + res.status(401).json({ message: "Invalid credentials" }); + } +}); + diff --git a/backendV2/scheme.xlsx b/backendV2/scheme.xlsx index 6ccfd7c21205f4f0e9083dbf04e011d2da31b4d9..156790c750795d96b35202fbb046495b944f49bd 100644 GIT binary patch delta 3221 zcmZ8jc{J3E7oQ>fnn#8qULxDr!lTg?3XvsbCuIg>&y+o1Gh+!u%-FMLls(JKPAcoO zWP7}fk}a~6$uO9o_kQR6-Z{Vf*FEPh|J?go#$9GzYCf?7StX71I%W_kfCB{L1A#yx zKFY!Vf!+`N{k@e!e0?hK-uJK26g)lzEef>~$%xEEpYw-1nxU zyL_?UlK|0TR-g!IKBQ(2Xe@kG=*icR^t@SWYZ(OAyYSiw-_5dS#08gL;K>LWC`eh+ zdKXj5o@$!pGrnhmM^|h?m?C-E6ijkR(MwPC9h#-)$UOp!i3vduklwqP716;0`f#89 zIJi4u(%O&B(%F0W>tPv6?6ntrxLfmd?1w2lP=I>x`pg_xMKaV-U%p*q=>pQ2jz`4L zs->dZP2PP|XIoa)eo7K9AKorZ2rsZ+5^rkzO>N)^t;toX5h5M6_=Grg)w7;jF+iML zjP!8k3I1$5Q%Wj-T-BrZk|mwYPL-Rf(+F+sq$_Qrd0I12)A`BOyg?lc4!XuOQ-K_S z!TIm{pEWn)(ef7|QsvTfungp|0|#QJms+0>ZCVy$j`QZ)wKdnqzGnh-D^=!oIu#zq zp-QN2ypQ*suWuXKM02WVbOlf=(<_zO4Y|ftu{H!ugJzeF(O99-aKSCd8OloEJKFC~ zC-}IB)dG0Q%W!Jz+B18cWQfY)o*59xQ~jC*)vEBPv6%55-C5_NJBSZ0)((ZbUhU{H zOOwVZtK~K?i`Fh64SdWZr0PG*=C$xDUc4p=*<{iF&|dlTrNuW;^;nPKe9CHF1_^?682@i*ze5{voBY}`3uv@Q-~%*M?NUu?xSqP z$x-YRb*~cVEVlK-x>p}=rQCB~z=oZ9tE4D2tlH$>bd^=V5gxVi%vJXHZx9`ACUXSt zp&@XI;?{&Y6U-`=w2N_CwnzcILEO>lg%eeY2H`~w~?Ugu2F^W%Ggy64RQup3TN!wbu4K7S3)Pk(|vTqjd+xe^? zy1J&UAZ^^WCI{8$|H5$p)-SU;Vf?M^d3*fbxy%BeEQIKZY0Y|3cBv&oZHCQj@MlF_ zcVJ`9{y^&?-?{id=qIxb)+5%@sm0p?L4Zua2{kA*T;`{YGXjBJ#uZbv;)i<;6L0P< zs~x*VoH^``-sE*k!kdnIk}BSUNrlXU^&dD*m^kFgZ)xyTY)g;=_(cKLzww-#=IB4I zBG@~7X#;K-c`118%vpKk#7Ttdn$pJ}?Wmh#mnk!v8?9Si9B65mLV?As&V%EROAU|eXlMsY=5 ztUY?7fRG17a%yD-dp!6wFC_o)>MkI9+4MUi|6+DW2FSes1NwC5oZTG zci^l&`45k^wpx4$&O!6tjmb<5b7u|+J@gBAKb*aXSHNY~z-?&KA!KFz^=4PF!SSg| zFc_yw!C*LzP&nVKaI=23l?w$?hC^MEF+*VyiI!Y0ruG99jlbbM=beelzizvAkgX$} zWZ%t&v{%%!aLLcUPbu@N1XF7sKOH*wZk3Fdg=N{Z@GgWm7Nc^ItCu`1%y}Ol*?k-` zrUX=wL+_i!J0>fj;eOuea6b&1%@1HC&v=Cf&o|I=UW&=Z-m6ir-{v!5<7A1k`o6{l z0;#c*9`cI->i;}EiIV(Wg+F#nfhw*zi&6O%iPy7n)V#A_y}C24Dq~lx`X=u~!*uW# zgt%_p>{%z^PQY#zh%oX$OQhX^`&EwkVsAm*x*T6Bj8=0UEzs4PKJ;Cgwy|E#5T<22 zMqFdi?l(-iyFrJ=ne@E5X0)c3?jY?y2)!xV1VXs{y?g~9Z+lLrZg9W4%ODZ&2=v;M zOFeh4_YG-qJ5S+u42K#L8vUXmN@e&XU#TnMFXV!F%4 zuh~Fbh!*=;a#|4{tAJI#(!aMRY;3GjTvhGNzUbL^PW}qp=WRm) zT7vPHOaYMs`+fzVJu|zY*n^<#2!(PchN&9?;BQ!pje9)NbHPL&^) znHyRx$$7umL;nh5_h!Yv~|S^lTq_4O8efbHHB z-3!9CcN-H+%0YBbaX&}u$)SA+Sv zVe=r_L7A7XcKK+>@sv)xX>hcSdro$fAvLNuS`A$`jS_A%B3XBiTJ5jBi{Fv9UN~(Id79?eZyx zU>N41fwA2KsRKWOB(DS6&wsm027?)7VZwYy5X1^1sR*;Oj49T2nba4^Tml2;coo5z zS<@pv^418G-!QA)3-^wut{a4&#+U7GLxm{~fBf8n)%<$p7YPbxa|+{^qqu+f`xBgI zosAqPGfu~%?VP2MTv)&D2~%i~nzWt0g3&0L+rd3kn8RQ8wT9037O<~01Gq#~FC^j{+V{{aos@@bb138r)%e2wI%Bnkb0H2u3=kW{903Hr~aPtoRmO3Y{f XEuLnXq%|c3ScD|6EXBI7@OSAyD*OFN delta 3179 zcmZ8kXE+;-_Ky{t)TkLNMy*)2X{*%`32K)b6^bI%*4IcWDmJ0jQdE?;wQKKHQH`4A zt;8!tm%T$p>)-d@=ehSj|MTg5IOjQEe(O-&XWSd+ftbMCtUEnS06;uD0Kf|X0HOoc zqJl#MP{F|g&}ejEje}b-UQZy-CY8Z40q<3YQfhh)gG7**Rb7g>ghZn5eD;lWiKWp+mttF>b~<>r@{7~4L?g8m3`Fl zMjkQG*1_rBz$Y_p&&&=lwqbqo?h7|zUL_IQ=#N>ZlW7-n)DUy;6KcoDUsPkGw_KE0 zA~*$<9W`1u;gR992%>|zo3+*%Lc)xArjItG4WW7Wh& zhl6-uw};J}PPXgMUnB7{wsQJ*7qiDS7WTB`bfr5Z=NdU2(PDmzwim%B@hVRfo09jvz9cizNng;<SeHj{0ag3gqom6(99e0|826V=Y}&#CY}}M#M739A=Bqq@$RPnoS6Q`JJdkC##%$B7~=ze_(;YD1WMe*?MFyXMYi+w8xuM`qHlL7VIVVy z3Ftz4=9?o_XGBJ(F_I3`k;BGvQtAbJn}X)Z3_GJJuAe&@J2#Ka{22Wr>kV zyPmh(Ed!O3Zx2<4OliLORbs`=V!~WqS4b&(2J|96xqTcBUeIW#R_Ft-Z5uv#o_+g5 z*NHIK3GeMANMZ9vRHt!DjM=?tG}FG=ohwaI(O^8N*K=lm7R=9UnhWy2Zf z4bi2}%ztDLkHZGIx}>HMn;-W!*js(HC{3`CwJbuUku|KRCkhpDJgneG_I+?trDy|g zKL5AF3H?U)YCKKdc|)ESfB!G;!Rs~qy_gfq1B%p1S_!+=_5|~I-y$@4;_ad=apci~ z>&`*sdFzQ0YoYYjQsU?AWx?-~{GH@`#x$Ml4=w9{0dcwV0!{542u6+@b}8(T-!!jf z#l?d}FdF}GyBJ3fqN;;Zww*{(4YAha6|yq+`R5C|W+mz~S3v1{KIkygY%e{_(p))& zUnw~Qr%oB${$U(vgav{Nr(IiFczOVkIa}wwNV_FT$`d?0jFi(Vn;GbwFo9edng3=z zgSWrsrsV?yxwtKn3f;Eo&*qSz%~5awW*H$@AO)0|CH!SLY`&Ujx?*OMbCS4o-h-_} zbTG$ZSTW{txZ2GCC}>y|Rfciff8IOI3{K=XMIUvYD?qWPY6rLL8(x4Veyz4t7IfAv zqYKCvmTHU=|d(?$r4fRa{E(8Rydo^Vpd-3RU%5${dB15 z?x^RWqo8e#(vH!XlQhlO?ptYTG5D}c`vmgx7={HqL7v= zgr|CRY+Z?w6`V|!Uxh)2u&>EcnzwIeF*JH1yW!$2A<J!5?qhcmUNAGNPblhIzegQ^Dp*z=3R%ySrj0&~I37oxF#rH(XTLq- z?96@=&NHaa#WGoKdI@mX;;E7@AE?sHRNB^wW!5Hv>?O-g8>i95Fcp`+@u9F1BjlkB zu%3E&Hq-9MpnfAaQ+~UcxMZXv@5_h&jt@r;utEAnA!^*7AZZkD=|P5vk!aKYXcLkJ z*@WamwjsHa;UrtKvkQJx2ED6AwA`&aTU%`U$qQrUpeuJm_89?ytH6H&`{KWWjmRdc zgGROsPQWS@I2Dv9CsWg^@@GtSXIwGZm+^cE621S)@#hv;p}+3!iw4``5Q%;I1QADn z=>Lu8tqnT_;`55$EB+C*TpUbVu zg0LbZuG*UkRGmpNjNdMzHj~OD`9ZT;jH!FA*q)zYlb@1Cd`wGPa2=YAP-QXlZ*-XK zlt7g&^Q^QfcQh(IC1^p;bPlHbC79ZxyLdifuh zc=o!=Q{KNW!{q%?v6z<;c?&;LZ>Q&bGr0zWCI})#pM7Tn46_<;3*Ts%NE7~(^Q3=I zAHN(v{b7QaJ%;XMEv{Djf?*k;EiBj9;y95=pBol=PY+RTagP~MIF-A~Le`IFffg?e za6PLm3roRl(VP_4jxLClXj8VVPtt?l_6ggDa%%m3nqP3s6BM1V^yiP(5Rb!OTJOHR zUnUD6mVFiL-6aM%#8F)GsXZB!+?u;q`3H~A`Q}I(bZzH`t*1jyQIa&y3(09v3nHT zBsYgMhNf_lI!<p92z& zV6-iw{i>6vS~QzylC+NMUF_N(`Q6R^ukn30v}0}x^M}2| z6X0i)O#a?Y70)XJnUBYltSuyZKyYbTBqcQRpa)W7zG=xWWup z73iyC9gulC*(KJk;N^CpH;ayw*9qH7?71$R4wF$cveh5*T9d`r=Z6_Q>v(bhqIcVM(Z6$=#*~YH zwY=$?5khZ&V6d_~*2L|a+--UioRfw{Ded=t_vWtGH6xb#o#Ari1zF;u{Yw^2ujLgO zFo+>_fn*BH*|pJ_qUPsbNv%u;Kd4t4%8$?IbwO+32)<3)wq;kXqr!1vaadn*7`%0% z+TfVk>kd9lz>Jxt>^`KTF7&{*Zjgne#>=Ilb1DbVbhBBdu3mG|c2PK5(~^?_Z%9zM zi@0BeuMJZj{Ar9grtvKsQ#q)*V(7?V#rD*TC5!#5@K%DSA>S0c;&E!= zWu!5HdE~}J#!Zzhyf7vPEPUroTsR+V2aocLtFl{AytRYZ>pXJIBGj#yL&2!yQ;qmr zmoM=;Tzf@#3%PP#UhfOAFaT*2WI|d>NXVIm4)MRFpgz>xq9+H-rjmz(_g@ZN!#$EQ zGfM3@!;i@Le$npfQgiy#+&q+@Ad7^HOsoc);0}5)XCtwahtV&r6o1JPq~Y(ACZkP! zy{{TErEz)0W>Y!;v2C1~8c&n9B9e*yKM5U|reej=f}2-S75}fD0|3Im75RUP8+VRd z6lbKW#OMtA-3sF3RMi;g`2W=osS1k!S1|wo>IEU3jgTmg2dczigVTpzVKBh`0hJQ} w4`qJG2Z8@N^!s0s!>P-i$BjWj{{{eV87jz-fjfd;V&KN