began to refactor backend

backendV2/routes/admin/database/userMgmt.database.js

@@ -0,0 +1,30 @@
+import mysql from "mysql2";
+import dotenv from "dotenv";
+dotenv.config();
+
+const pool = mysql
+  .createPool({
+    host: process.env.DB_HOST,
+    user: process.env.DB_USER,
+    password: process.env.DB_PASSWORD,
+    database: process.env.DB_NAME,
+  })
+  .promise();
+
+export const loginFunc = async (username, password) => {
+  const [rows] = await pool.query(
+    "SELECT id, username, first_name, last_name, role, is_admin FROM users WHERE username = ? AND password = ?",
+    [username, password]
+  );
+
+  if (rows.length === 0) {
+    return { success: false, reason: "invalid_credentials" };
+  }
+
+  const user = rows[0];
+  if (!user.is_admin) {
+    return { success: false, reason: "not_admin" };
+  }
+
+  return { success: true, data: user };
+};

backendV2/routes/admin/userMgmt.route.js

@@ -0,0 +1,29 @@
+import express from "express";
+import { authenticate, generateToken } from "../services/tokenService.js";
+const router = express.Router();
+import nodemailer from "nodemailer";
+import dotenv from "dotenv";
+dotenv.config();
+
+// database funcs import
+import { loginFunc } from "./database/userMgmt.database.js";
+
+router.post("/login", async (req, res) => {
+  const result = await loginFunc(req.body.username, req.body.password);
+
+  if (result.success) {
+    const token = await generateToken({
+      username: result.data.username,
+      first_name: result.data.first_name,
+      last_name: result.data.last_name,
+      role: result.data.role,
+    });
+    return res.status(200).json({ message: "Login erfolgreich", token });
+  }
+
+  if (result.reason === "not_admin") {
+    return res.status(403).json({ message: "Du bist kein Admin" });
+  }
+
+  return res.status(401).json({ message: "Ungültige Anmeldedaten" });
+});

backendV2/routes/app/database/userMgmt.database.js

@@ -0,0 +1,21 @@
+import mysql from "mysql2";
+import dotenv from "dotenv";
+dotenv.config();
+
+const pool = mysql
+  .createPool({
+    host: process.env.DB_HOST,
+    user: process.env.DB_USER,
+    password: process.env.DB_PASSWORD,
+    database: process.env.DB_NAME,
+  })
+  .promise();
+
+export const loginFunc = async (username, password) => {
+  const [result] = await pool.query(
+    "SELECT * FROM users WHERE username = ? AND password = ?",
+    [username, password]
+  );
+  if (result.length > 0) return { success: true, data: result[0] };
+  return { success: false };
+};

backendV2/routes/app/loanMgmt.route.js

@@ -0,0 +1,3 @@
+import express from "express";
+
+const router = express.Router();

backendV2/routes/app/userMgmt.route.js

@@ -0,0 +1,23 @@
+import express from "express";
+import { authenticate, generateToken } from "../services/tokenService.js";
+const router = express.Router();
+import nodemailer from "nodemailer";
+import dotenv from "dotenv";
+dotenv.config();
+
+// database funcs import
+import { loginFunc } from "./database/userMgmt.database.js";
+
+router.post("/login", async (req, res) => {
+  const result = await loginFunc(req.body.username, req.body.password);
+  if (result.success) {
+    const token = await generateToken({
+      username: result.data.username,
+      role: result.data.role,
+    });
+    res.status(200).json({ message: "Login successful", token });
+  } else {
+    res.status(401).json({ message: "Invalid credentials" });
+  }
+});
+