Matthias-Claudius-Schule/borrow-system
3
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'dev_v1-admin' into debian12_v1-admin

Browse Source
This commit is contained in:
Theis Gaedigk
2025-09-03 14:53:25 +02:00
parent 784bd1e8ce c0ae12185a
commit b36f1ba9ba
12 changed files with 334 additions and 59 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
backend/routes/api.js
View File

@@ -18,6 +18,8 @@ import {
getAllItems,
deleteItemID,
createItem,
changeUserPassword,
changeUserPasswordFRONTEND,
} from "../services/database.js";
import { authenticate, generateToken } from "../services/tokenService.js";
const router = express.Router();
@@ -175,6 +177,21 @@ router.post("/createLoan", authenticate, async (req, res) => {
}
});
router.post("/changePassword", authenticate, async (req, res) => {
const { oldPassword, newPassword } = req.body || {};
const username = req.user.username;
const result = await changeUserPasswordFRONTEND(
username,
oldPassword,
newPassword
);
if (result.success) {
res.status(200).json({ message: "Password changed successfully" });
} else {
res.status(500).json({ message: "Failed to change password" });
}
});
// Admin panel functions
router.post("/loginAdmin", async (req, res) => {
@@ -223,10 +240,10 @@ router.get("/verifyToken", authenticate, async (req, res) => {
res.status(200).json({ message: "Token is valid" });
});
router.put("/editUser/:id", authenticate, async (req, res) => {
router.post("/editUser/:id", authenticate, async (req, res) => {
const userId = req.params.id;
const { username, role, password } = req.body || {};
const result = await handleEdit(userId, username, role, password);
const { username, role } = req.body || {};
const result = await handleEdit(userId, username, role);
if (result.success) {
return res.status(200).json({ message: "User edited successfully" });
}
@@ -276,4 +293,17 @@ router.post("/createItem", authenticate, async (req, res) => {
return res.status(500).json({ message: "Failed to create item" });
});
router.post("/changePWadmin", authenticate, async (req, res) => {
const newPassword = req.body.newPassword;
if (!newPassword) {
return res.status(400).json({ message: "New password is required" });
}
const result = await changeUserPassword(req.body.username, newPassword);
if (result.success) {
return res.status(200).json({ message: "Password changed successfully" });
}
return res.status(500).json({ message: "Failed to change password" });
});
export default router;

63
backend/services/database.js
View File

@@ -88,11 +88,8 @@ export const getItemsFromDatabase = async (role) => {
};
export const getLoansFromDatabase = async () => {
const [result] = await pool.query("SELECT * FROM loans;");
if (result.length > 0) {
return { success: true, data: result };
}
return { success: false };
const [rows] = await pool.query("SELECT * FROM loans;");
return { success: true, data: rows.length > 0 ? rows : null };
};
export const getUserLoansFromDatabase = async (username) => {
@@ -298,24 +295,44 @@ export const createLoanInDatabase = async (
// These functions are only temporary, and will be deleted when the full bin is set up.
export const onTake = async (loanId) => {
const [items] = await pool.query(
"SELECT loaned_items_id FROM loans WHERE id = ?",
[loanId]
);
const [setItemStates] = await pool.query(
"UPDATE items SET inSafe = 0 WHERE id IN (?)",
[items.map((item) => item.loaned_items_id)]
);
const [result] = await pool.query(
"UPDATE loans SET take_date = NOW() WHERE id = ?",
[loanId]
);
if (result.affectedRows > 0) {
if (result.affectedRows > 0 && setItemStates.affectedRows > 0) {
return { success: true };
}
return { success: false };
};
export const onReturn = async (loanId) => {
const [items] = await pool.query(
"SELECT loaned_items_id FROM loans WHERE id = ?",
[loanId]
);
const [setItemStates] = await pool.query(
"UPDATE items SET inSafe = 1 WHERE id IN (?)",
[items.map((item) => item.loaned_items_id)]
);
const [result] = await pool.query(
"UPDATE loans SET returned_date = NOW() WHERE id = ?",
[loanId]
);
if (result.affectedRows > 0) {
if (result.affectedRows > 0 && setItemStates.affectedRows > 0) {
return { success: true };
}
return { success: false };
@@ -331,7 +348,9 @@ export const loginAdmin = async (username, password) => {
};
export const getAllUsers = async () => {
const [result] = await pool.query("SELECT * FROM users");
const [result] = await pool.query(
"SELECT id, username, role, entry_created_at FROM users"
);
if (result.length > 0) return { success: true, data: result };
return { success: false };
};
@@ -342,10 +361,10 @@ export const deleteUserID = async (userId) => {
return { success: false };
};
export const handleEdit = async (userId, username, role, password) => {
export const handleEdit = async (userId, username, role) => {
const [result] = await pool.query(
"UPDATE users SET username = ?, role = ?, password = ? WHERE id = ?",
[username, role, password, userId]
"UPDATE users SET username = ?, role = ? WHERE id = ?",
[username, role, userId]
);
if (result.affectedRows > 0) return { success: true };
return { success: false };
@@ -386,3 +405,25 @@ export const createItem = async (item_name, can_borrow_role) => {
if (result.affectedRows > 0) return { success: true };
return { success: false };
};
export const changeUserPassword = async (username, newPassword) => {
const [result] = await pool.query(
"UPDATE users SET password = ? WHERE username = ?",
[newPassword, username]
);
if (result.affectedRows > 0) return { success: true };
return { success: false };
};
export const changeUserPasswordFRONTEND = async (
username,
oldPassword,
newPassword
) => {
const [result] = await pool.query(
"UPDATE users SET password = ? WHERE username = ? AND password = ?",
[newPassword, username, oldPassword]
);
if (result.affectedRows > 0) return { success: true };
return { success: false };
};