From eff1f6142207aa9136fe65ac7981ddd19b717311 Mon Sep 17 00:00:00 2001
From: Theis Gaedigk <theis.gaedigk@icloud.com>
Date: Sat, 27 Sep 2025 23:29:19 +0200
Subject: [PATCH] Refactor API routes: remove API key requirement for allLoans
 and allItems endpoints, update comments for clarity

---
 backend/routes/apiV2.js | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/backend/routes/apiV2.js b/backend/routes/apiV2.js
index 15f994d..1d32c54 100644
--- a/backend/routes/apiV2.js
+++ b/backend/routes/apiV2.js
@@ -111,8 +111,8 @@ router.post("/setTakeDate/:key/:loan_code", apiKeyGuard, async (req, res) => {
   }
 });
 
-// Route for API to get ALL loans from the database without sensitive info
-router.get("/allLoans/:key", apiKeyGuard, async (req, res) => {
+// Route for API to get ALL loans from the database without sensitive info (only for landingpage)
+router.get("/allLoans", async (req, res) => {
   const result = await getAllLoansV2();
   if (result.success) {
     return res.status(200).json(result.data);
@@ -120,8 +120,8 @@ router.get("/allLoans/:key", apiKeyGuard, async (req, res) => {
   return res.status(500).json({ message: "Failed to fetch loans" });
 });
 
-// Route for API to get ALL items form the database
-router.get("/allItems/:key", apiKeyGuard, async (req, res) => {
+// Route for API to get ALL items from the database (only for landingpage)
+router.get("/allItems", async (req, res) => {
   const result = await getItemsFromDatabaseV2();
   if (result.success) {
     res.status(200).json(result.data);