Matthias-Claudius-Schule/borrow-system
4
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 2 Wiki Activity

Compare commits

base: Matthias-Claudius-Schule:dev
Branches Tags
Matthias-Claudius-Schule:dev Matthias-Claudius-Schule:debian12 Matthias-Claudius-Schule:dev_next-js Matthias-Claudius-Schule:hostALT Matthias-Claudius-Schule:dev_v2-admin Matthias-Claudius-Schule:dev_v1-admin Matthias-Claudius-Schule:debian12_v1-admin Matthias-Claudius-Schule:devALT Matthias-Claudius-Schule:debian12_v1 Matthias-Claudius-Schule:dev_v1 Matthias-Claudius-Schule:debian12ALT
Matthias-Claudius-Schule:v2.0 Matthias-Claudius-Schule:v1.2 Matthias-Claudius-Schule:v1.1
..
compare: Matthias-Claudius-Schule:d039336f39a540205e365cead4c771a07fecbae8
Branches Tags
Matthias-Claudius-Schule:debian12 Matthias-Claudius-Schule:dev Matthias-Claudius-Schule:dev_next-js Matthias-Claudius-Schule:hostALT Matthias-Claudius-Schule:dev_v2-admin Matthias-Claudius-Schule:dev_v1-admin Matthias-Claudius-Schule:debian12_v1-admin Matthias-Claudius-Schule:devALT Matthias-Claudius-Schule:debian12_v1 Matthias-Claudius-Schule:dev_v1 Matthias-Claudius-Schule:debian12ALT
Matthias-Claudius-Schule:v2.0 Matthias-Claudius-Schule:v1.2 Matthias-Claudius-Schule:v1.1

3 Commits
dev ... d039336f39

Author SHA1 Message Date
Theis Gaedigk
d039336f39 Merge branch 'dev' into debian12 2025-11-23 20:20:41 +01:00
Theis Gaedigk
4c781e9325 changed ports 2025-11-23 20:12:41 +01:00
Theis Gaedigk
451e6b3646 published v2 2025-11-23 20:11:36 +01:00
25 changed files with 460 additions and 630 deletions
Expand all files Collapse all files

4
.gitignore vendored
View File

@@ -113,7 +113,3 @@ secrets/
keys/
ToDo.txt
# only in development branch
next-env.d.ts

413
Docs/backend_API_docs/README.md
View File

@@ -1,32 +1,27 @@
# Borrow System API Documentation
# Backend API (V2) Documentation
**Frontend:** https://insta.the1s.de
**Backend base URL:** `https://insta.the1s.de/backend/api`
This document describes the current backend API routes and their real response shapes, based on the code in `backendV2`.
---
## Base URLs
- Frontend: `https://insta.the1s.de`
- Backend: `https://backend.insta.the1s.de`
- Base path: `https://backend.insta.the1s.de/api`
Service status: `https://status.the1s.de`
---
## Authentication
All API endpoints require **either**:
All **protected** endpoints require an API key as a path parameter `:key`.
### 1. Bearer Token (JWT)
Rules for `:key`:
Send an `Authorization` header:
```http
Authorization: Bearer <JWT_TOKEN>
```
- Used for user-based access.
- Token must be valid and not expired.
### 2. API Key (for devices / machine-to-machine)
Include an API key in the route as `:key` parameter:
```text
/api/.../:key/...
```
- Exactly 8 characters
- Digits only (`^[0-9]{8}$`)
Example:
@@ -34,48 +29,59 @@ Example:
GET /api/items/12345678
```
Where `12345678` is your API key.
The API key is validated server-side.
On missing / invalid key:
- Status: `401 Unauthorized`
- Body (exact message depends on `authenticate` in `backendV2/services/authentication.js`)
Auth-related modules:
- `backendV2/services/authentication.js`
- `backendV2/services/database.js`
Route handlers:
- `backendV2/routes/api/api.route.js`
- `backendV2/routes/api/api.database.js`
---
## Common Response Codes
## Endpoints (Overview)
- `200 OK` Request was successful.
- `401 Unauthorized` Missing or malformed credentials.
- `403 Forbidden` Credentials invalid or not allowed to access this resource.
- `404 Not Found` Resource (e.g., loan) not found.
- `500 Internal Server Error` Unexpected server error.
1. **Public**
- `GET /api/all-items` List all items (no auth; from original docs)
2. **Items (authenticated)**
- `GET /api/items/:key` List all items
- `POST /api/change-state/:key/:itemId/:state` Toggle item safe state
3. **Loans (authenticated)**
- `GET /api/get-loan-by-code/:key/:loan_code` Get loan by code
- `POST /api/set-take-date/:key/:loan_code` Set “take” date and mark items as out
- `POST /api/set-return-date/:key/:loan_code` Set “return” date and mark items as returned
---
## Endpoints
## 1) Items
### 1. Get All Items
### 1.1 Get all items
**GET** `/api/items/:key`
Returns a list of all items.
Returns all items wrapped in a `data` property.
#### Path Parameters
- Handler: `getItemsFromDatabaseV2` in `api.database.js`
- SQL: `SELECT * FROM items;`
- `:key` API key (8-digit number)
#### Authentication
- Either:
- Valid `Authorization: Bearer <token>`
- Or valid `:key` path parameter
#### Request Example
#### Example request
```http
GET /api/items/12345678 HTTP/1.1
Host: backend.insta.the1s.de
Authorization: Bearer <JWT_TOKEN>
GET https://backend.insta.the1s.de/api/items/12345678
```
#### Successful Response (200)
#### Successful response
```json
{
@@ -84,9 +90,8 @@ Authorization: Bearer <JWT_TOKEN>
"id": 1,
"item_name": "DJI 1er Mikro",
"can_borrow_role": 4,
"inSafe": 1,
"safe_nr": 3,
"door_key": "123",
"in_safe": 1,
"safe_nr": "01",
"entry_created_at": "2025-08-19T22:02:16.000Z",
"entry_updated_at": "2025-08-19T22:02:16.000Z",
"last_borrowed_person": "alice",
@@ -96,271 +101,245 @@ Authorization: Bearer <JWT_TOKEN>
}
```
#### Error Response (500)
#### Error response
```json
{
"message": "Failed to fetch items"
}
{ "message": "Failed to fetch items" }
```
#### Status codes
- `200 OK` success, `data` is an array (possibly empty)
- `401 Unauthorized` invalid / missing key
- `500 Internal Server Error` database error or `success: false` from DB layer
---
### 2. Toggle Item Safe State
Toggles `in_safe` between `0` and `1` for a given item.
**Keep in mind that when you return a loan by code, the item states are automatically updated.**
### 2.2 Toggle item safe state
**POST** `/api/change-state/:key/:itemId`
#### Path Parameters
> You do not need this endpoint to set the states of the items when the items are taken out or returned. When you take or return a loan, the item states are set automatically by the loan endpoints. This endpoint is only for manually toggling the `inSafe` state of an item.
- `:key` API key (8-digit number)
- `:itemId` Item ID (integer)
Path parameters:
#### Authentication
- `:key` API key (8 digits)
- `:itemId` numeric `id` of the item
- Either Bearer token or `:key` API key.
Handler in `api.route.js` calls `changeInSafeStateV2(itemId)`, which executes:
#### Request Example
```sql
UPDATE items SET in_safe = NOT in_safe WHERE id = ?
```
#### Example request
```http
POST /api/change-state/12345678/42 HTTP/1.1
Host: backend.insta.the1s.de
POST https://backend.insta.the1s.de/api/change-state/12345678/42
```
#### Successful Response (200)
(Will toggle `in_safe` for item `42`.)
#### Successful response (current implementation)
```json
{
"data": {}
"data": null
}
```
_(Implementation currently only returns `{ success: true }`, so `data` may be empty.)_
#### Error responses
#### Error Response (500)
Invalid `state` (anything other than `"0"` or `"1"`):
```json
{
"message": "Failed to update item state"
}
{ "message": "Invalid state value" }
```
Failed update:
```json
{ "message": "Failed to update item state" }
```
#### Status codes
- `200 OK` item state toggled
- `400 Bad Request` invalid `state` parameter
- `401 Unauthorized` invalid / missing key
- `500 Internal Server Error` database/update failure or `success: false` from DB layer
---
### 3. Get Loan by Code
## 3) Loans
Fetch loan information by `loan_code`.
### 3.1 Get loan by code
**GET** `/api/get-loan-by-code/:key/:loan_code`
#### Path Parameters
Path parameters:
- `:key` API key (8-digit number)
- `:loan_code` Loan code (string)
- `:key` API key
- `:loan_code` 6-digit loan code (`^[0-9]{6}$` per DB constraint)
#### Authentication
Database layer (`getLoanByCodeV2`) currently selects:
- Either Bearer token or `:key` API key.
#### Request Example
```http
GET /api/get-loan-by-code/12345678/12345 HTTP/1.1
Host: backend.insta.the1s.de
```sql
SELECT first_name, returned_date, take_date, lockers
FROM loans
WHERE loan_code = ?;
```
#### Successful Response (200)
#### Example request
```http
GET https://backend.insta.the1s.de/api/get-loan-by-code/12345678/646473
```
#### Successful response
```json
{
"data": {
"username": "john",
"first_name": "Theis",
"returned_date": null,
"take_date": "2025-01-01T10:00:00.000Z",
"lockers": "[1, 2, 3]"
"take_date": "2025-08-25T13:23:00.000Z",
"lockers": ["01", "03"]
}
}
```
#### Error Response (404)
#### Error response
```json
{
"message": "Loan not found"
}
{ "message": "Loan not found" }
```
#### Status codes
- `200 OK` loan found
- `401 Unauthorized` invalid / missing key
- `404 Not Found` no matching loan for this `loan_code`
---
### 4. Set Loan Return Date
Sets `returned_date = NOW()` on a loan and updates related items:
- `in_safe = 1`
- `currently_borrowing = NULL`
- `last_borrowed_person = username`
**POST** `/api/set-return-date/:key/:loan_code`
#### Path Parameters
- `:key` API key (8-digit number)
- `:loan_code` Loan code (string)
#### Authentication
- Either Bearer token or `:key` API key.
#### Request Example
```http
POST /api/set-return-date/12345678/12345 HTTP/1.1
Host: backend.insta.the1s.de
```
#### Successful Response (200)
```json
{
"data": {}
}
```
#### Error Response (500)
```json
{
"message": "Failed to set return date"
}
```
---
### 5. Set Loan Take Date
Sets `take_date = NOW()` on a loan and updates related items:
- `in_safe = 0`
- `currently_borrowing = username`
### 3.2 Set take date
**POST** `/api/set-take-date/:key/:loan_code`
#### Path Parameters
Path parameters:
- `:key` API key (8-digit number)
- `:loan_code` Loan code (string)
- `:key` API key
- `:loan_code` loan code
#### Authentication
- Either Bearer token or `:key` API key.
#### Request Example
#### Example request
```http
POST /api/set-take-date/12345678/LOAN-12345 HTTP/1.1
Host: backend.insta.the1s.de
POST https://backend.insta.the1s.de/api/set-take-date/12345678/646473
```
#### Successful Response (200)
#### Successful response
```json
{
"data": {}
"data": null
}
```
#### Error Response (500)
#### Error response
```json
{
"message": "Failed to set take date"
}
{ "message": "Failed to set take date" }
```
#### Status codes
- `200 OK` take date set and items marked as out
- `401 Unauthorized` invalid / missing key
- `500 Internal Server Error` invalid loan, missing items, or DB error / `success: false`
---
### 6. Open Door by Door Key
### 3.3 Set return date
Looks up an item by its `door_key`, toggles `in_safe`, and returns safe information.
**POST** `/api/set-return-date/:key/:loan_code`
**GET** `/api/open-door/:key/:doorKey`
Path parameters:
#### Path Parameters
- `:key` API key
- `:loan_code` loan code
- `:key` API key (8-digit number)
- `:doorKey` Door key/token (string) used by hardware to identify the locker.
#### Authentication
- Either Bearer token or `:key` API key.
#### Request Example
#### Example request
```http
GET /api/open-door/12345678/123 HTTP/1.1
Host: backend.insta.the1s.de
POST https://backend.insta.the1s.de/api/set-return-date/12345678/646473
```
#### Successful Response (200)
#### Successful response (current implementation)
```json
{
"data": null
}
```
#### Error response
```json
{ "message": "Failed to set return date" }
```
#### Status codes
- `200 OK` return date set and items marked as returned
- `401 Unauthorized` invalid / missing key
- `500 Internal Server Error` invalid loan, missing items, or DB error / `success: false`
---
## Common Response Shapes
**Success list (authenticated items):**
```json
{
"data": [
/* array of rows */
]
}
```
**Success single loan:**
```json
{
"data": {
"safe_nr": 5,
"id": 42
/* selected loan fields */
}
}
```
#### Error Response (500)
**Success mutations (current code):**
```json
{
"message": "Failed to open door"
}
{ "data": null }
```
---
## Authentication Error Messages
### Missing credentials
Status: `401`
**Errors:**
```json
{
"message": "Unauthorized"
}
{ "message": "Failed to fetch items" }
{ "message": "Failed to update item state" }
{ "message": "Invalid state value" }
{ "message": "Loan not found" }
{ "message": "Failed to set return date" }
{ "message": "Failed to set take date" }
```
### Invalid JWT
**HTTP Status Codes:**
Status: `403`
```json
{
"message": "Present token invalid"
}
```
### Invalid API Key
Status: `403`
```json
{
"message": "API Key invalid"
}
```
---
## Notes
- All responses are JSON.
- Time fields like `take_date` and `returned_date` are in the format returned by MySQL (usually ISO-like strings).
- `loaned_items_id` in the database is stored as a JSON array string (e.g. `"[1,2,3]"`) and is parsed internally; clients do not interact with this field directly via current endpoints.
- `200 OK` operation succeeded
- `400 Bad Request` invalid `state` parameter
- `401 Unauthorized` invalid/missing API key
- `404 Not Found` loan not found
- `500 Internal Server Error` database / server failure or `success: false` from DB layer

2
FrontendV2/Dockerfile
View File

@@ -1,4 +1,4 @@
FROM node:22-alpine AS builder
FROM node:18 as builder
WORKDIR /app

8
FrontendV2/nginx.conf
View File

@@ -9,14 +9,6 @@ server {
try_files $uri $uri/ /index.html;
}
location = /backend {
return 301 /backend/;
}
location /backend/ {
proxy_pass http://borrow_system-backend_v2:8004/;
}
location ~* \.(?:js|mjs|css|png|jpg|jpeg|gif|ico|svg|woff2?)$ {
expires 1y;
access_log off;

200
FrontendV2/src/components/Header.tsx
View File

@@ -4,18 +4,25 @@ import {
Heading,
Stack,
Text,
CloseButton,
Dialog,
Portal,
HStack,
IconButton,
Menu,
Box,
Avatar,
Card,
Grid,
} from "@chakra-ui/react";
import { PasswordInput } from "@/components/ui/password-input";
import Cookies from "js-cookie";
import { useAtom } from "jotai";
import { setIsLoggedInAtom, triggerLogoutAtom } from "@/states/Atoms";
import { useNavigate } from "react-router-dom";
import {
CircleUserRound,
RotateCcwKey,
Code,
LifeBuoy,
LogOut,
@@ -26,19 +33,69 @@ import {
} from "lucide-react";
import { useUserContext } from "@/states/Context";
import { useState } from "react";
import MyAlert from "./myChakra/MyAlert";
import { useTranslation } from "react-i18next";
import { UserDialogue } from "./UserDialogue";
import { API_BASE } from "@/config/api.config";
export const Header = () => {
const navigate = useNavigate();
const userData = useUserContext();
console.log(userData);
const { t } = useTranslation();
// Error handling states
const [isMsg, setIsMsg] = useState(false);
const [msgStatus, setMsgStatus] = useState<"error" | "success">("error");
const [msgTitle, setMsgTitle] = useState("");
const [msgDescription, setMsgDescription] = useState("");
const [oldPassword, setOldPassword] = useState("");
const [newPassword, setNewPassword] = useState("");
const [confirmPassword, setConfirmPassword] = useState("");
const [, setTriggerLogout] = useAtom(triggerLogoutAtom);
const [, setIsLoggedIn] = useAtom(setIsLoggedInAtom);
// Dialog control
const [isPwOpen, setPwOpen] = useState(false);
const [userDialog, setUserDialog] = useState(false);
const changePassword = async () => {
if (newPassword !== confirmPassword) {
setMsgTitle(t("err_pw_change"));
setMsgDescription(t("pw_mismatch"));
setMsgStatus("error");
setIsMsg(true);
return;
}
const response = await fetch(`${API_BASE}/api/users/change-password`, {
method: "POST",
headers: {
"Content-Type": "application/json",
Authorization: `Bearer ${Cookies.get("token")}`,
},
body: JSON.stringify({ oldPassword, newPassword }),
});
if (!response.ok) {
setMsgTitle(t("err_pw_change"));
setMsgDescription(t("pw_mismatch"));
setMsgStatus("error");
setIsMsg(true);
return;
}
setMsgTitle(t("pw_success"));
setMsgDescription(t("pw_success_desc"));
setMsgStatus("success");
setIsMsg(true);
setOldPassword("");
setNewPassword("");
setConfirmPassword("");
};
const username = userData.first_name ? userData.first_name : "N/A";
const fullname = userData.first_name + " " + userData.last_name;
const randomColor = [
@@ -318,7 +375,146 @@ export const Header = () => {
</Flex>
{/* User Info Dialoge */}
{userDialog && <UserDialogue setUserDialog={setUserDialog} fullname={fullname} randomColor={randomColor} />}
{userDialog && (
<Flex
position="fixed"
inset={0}
zIndex={1000}
align="center"
justify="center"
bg="blackAlpha.400"
backdropFilter="blur(6px)"
>
<Card.Root maxW="sm" w="full" mx={4}>
<Card.Header>
<Card.Title>
<Flex justify="center" align="center" w="100%">
<Avatar.Root
size={"2xl"}
colorPalette={randomColor[Math.floor(Math.random() * 10)]}
>
<Avatar.Fallback name={fullname} />
</Avatar.Root>
</Flex>
</Card.Title>
<Card.Description>{t("user-info-desc")}</Card.Description>
</Card.Header>
<Card.Body>
<Stack gap="4" w="full">
<Box as="dl">
<Grid
templateColumns="auto 1fr"
rowGap={2}
columnGap={4}
alignItems="start"
>
<Text as="dt" fontWeight="bold" textAlign="left">
{t("first-name")}:
</Text>
<Text as="dd">{userData.first_name}</Text>
<Text as="dt" fontWeight="bold" textAlign="left">
{t("last-name")}:
</Text>
<Text as="dd">{userData.last_name}</Text>
<Text as="dt" fontWeight="bold" textAlign="left">
{t("username")}:
</Text>
<Text as="dd">{userData.username}</Text>
<Text as="dt" fontWeight="bold" textAlign="left">
{t("role")}:
</Text>
<Text as="dd">{userData.role}</Text>
<Text as="dt" fontWeight="bold" textAlign="left">
{t("admin-status")}:
</Text>
<Text as="dd">
{userData.is_admin ? t("yes") : t("no")}
</Text>
</Grid>
</Box>
<Button variant="solid" onClick={() => setPwOpen(true)}>
<HStack gap={2}>
<RotateCcwKey size={18} />
<Text as="span">{t("change-password")}</Text>
</HStack>
</Button>
</Stack>
</Card.Body>
<Card.Footer justifyContent="flex-end">
<Button variant="outline" onClick={() => setUserDialog(false)}>
{t("cancel")}
</Button>
</Card.Footer>
</Card.Root>
</Flex>
)}
{/* Passwort-Dialog (kontrolliert) */}
<Dialog.Root open={isPwOpen} onOpenChange={(e: any) => setPwOpen(e.open)}>
<Portal>
<Dialog.Backdrop />
<Dialog.Positioner>
<Dialog.Content maxW="md">
<Dialog.Header>
<Dialog.Title>{t("change-password")}</Dialog.Title>
</Dialog.Header>
<form
onSubmit={(e) => {
e.preventDefault();
changePassword();
}}
>
<Dialog.Body>
<Stack gap={3}>
<PasswordInput
value={oldPassword}
onChange={(e) => setOldPassword(e.target.value)}
placeholder={t("old-password")}
/>
<PasswordInput
value={newPassword}
onChange={(e) => setNewPassword(e.target.value)}
placeholder={t("new-password")}
/>
<PasswordInput
value={confirmPassword}
onChange={(e) => setConfirmPassword(e.target.value)}
placeholder={t("confirm-password")}
/>
</Stack>
</Dialog.Body>
<Dialog.Footer>
<Stack w="100%" gap={3}>
{isMsg && (
<MyAlert
status={msgStatus}
title={msgTitle}
description={msgDescription}
/>
)}
<HStack justify="flex-end" gap={2}>
<Dialog.ActionTrigger asChild>
<Button variant="outline">{t("cancel")}</Button>
</Dialog.ActionTrigger>
<Button type="submit" colorScheme="teal">
{t("save")}
</Button>
</HStack>
</Stack>
</Dialog.Footer>
</form>
<Dialog.CloseTrigger asChild>
<CloseButton size="sm" />
</Dialog.CloseTrigger>
</Dialog.Content>
</Dialog.Positioner>
</Portal>
</Dialog.Root>
</Stack>
);
};

220
FrontendV2/src/components/UserDialogue.tsx
View File

@@ -1,220 +0,0 @@
import {
Button,
Flex,
Stack,
Text,
CloseButton,
Dialog,
Portal,
HStack,
Box,
Avatar,
Card,
Grid,
} from "@chakra-ui/react";
import { PasswordInput } from "@/components/ui/password-input";
import { RotateCcwKey } from "lucide-react";
import MyAlert from "./myChakra/MyAlert";
import { API_BASE } from "@/config/api.config";
import { useUserContext } from "@/states/Context";
import { useState } from "react";
import { useTranslation } from "react-i18next";
import Cookies from "js-cookie";
type UserDialogueProps = {
setUserDialog: (value: boolean) => void;
fullname: string;
randomColor: string[];
};
export const UserDialogue = (props: UserDialogueProps) => {
const userData = useUserContext();
const { t } = useTranslation();
// Error handling states
const [isMsg, setIsMsg] = useState(false);
const [msgStatus, setMsgStatus] = useState<"error" | "success">("error");
const [msgTitle, setMsgTitle] = useState("");
const [msgDescription, setMsgDescription] = useState("");
const [oldPassword, setOldPassword] = useState("");
const [newPassword, setNewPassword] = useState("");
const [confirmPassword, setConfirmPassword] = useState("");
// Dialog control
const [isPwOpen, setPwOpen] = useState(false);
const changePassword = async () => {
if (newPassword !== confirmPassword) {
setMsgTitle(t("err_pw_change"));
setMsgDescription(t("pw_mismatch"));
setMsgStatus("error");
setIsMsg(true);
return;
}
const response = await fetch(`${API_BASE}/api/users/change-password`, {
method: "POST",
headers: {
"Content-Type": "application/json",
Authorization: `Bearer ${Cookies.get("token")}`,
},
body: JSON.stringify({ oldPassword, newPassword }),
});
if (!response.ok) {
setMsgTitle(t("err_pw_change"));
setMsgDescription(t("pw_mismatch"));
setMsgStatus("error");
setIsMsg(true);
return;
}
setMsgTitle(t("pw_success"));
setMsgDescription(t("pw_success_desc"));
setMsgStatus("success");
setIsMsg(true);
setOldPassword("");
setNewPassword("");
setConfirmPassword("");
};
return (
<Flex
position="fixed"
inset={0}
zIndex={1000}
align="center"
justify="center"
bg="blackAlpha.400"
backdropFilter="blur(6px)"
>
<Card.Root maxW="sm" w="full" mx={4}>
<Card.Header>
<Card.Title>
<Flex justify="center" align="center" w="100%">
<Avatar.Root
size={"2xl"}
colorPalette={props.randomColor[Math.floor(Math.random() * 10)]}
>
<Avatar.Fallback name={props.fullname} />
</Avatar.Root>
</Flex>
</Card.Title>
<Card.Description>{t("user-info-desc")}</Card.Description>
</Card.Header>
<Card.Body>
<Stack gap="4" w="full">
<Box as="dl">
<Grid
templateColumns="auto 1fr"
rowGap={2}
columnGap={4}
alignItems="start"
>
<Text as="dt" fontWeight="bold" textAlign="left">
{t("first-name")}:
</Text>
<Text as="dd">{userData.first_name}</Text>
<Text as="dt" fontWeight="bold" textAlign="left">
{t("last-name")}:
</Text>
<Text as="dd">{userData.last_name}</Text>
<Text as="dt" fontWeight="bold" textAlign="left">
{t("username")}:
</Text>
<Text as="dd">{userData.username}</Text>
<Text as="dt" fontWeight="bold" textAlign="left">
{t("role")}:
</Text>
<Text as="dd">{userData.role}</Text>
<Text as="dt" fontWeight="bold" textAlign="left">
{t("admin-status")}:
</Text>
<Text as="dd">{userData.is_admin ? t("yes") : t("no")}</Text>
</Grid>
</Box>
<Button variant="solid" onClick={() => setPwOpen(true)}>
<HStack gap={2}>
<RotateCcwKey size={18} />
<Text as="span">{t("change-password")}</Text>
</HStack>
</Button>
</Stack>
</Card.Body>
<Card.Footer justifyContent="flex-end">
<Button variant="outline" onClick={() => props.setUserDialog(false)}>
{t("cancel")}
</Button>
</Card.Footer>
</Card.Root>
{/* Passwort-Dialog (kontrolliert) */}
<Dialog.Root open={isPwOpen} onOpenChange={(e: any) => setPwOpen(e.open)}>
<Portal>
<Dialog.Backdrop />
<Dialog.Positioner>
<Dialog.Content maxW="md">
<Dialog.Header>
<Dialog.Title>{t("change-password")}</Dialog.Title>
</Dialog.Header>
<form
onSubmit={(e) => {
e.preventDefault();
changePassword();
}}
>
<Dialog.Body>
<Stack gap={3}>
<PasswordInput
value={oldPassword}
onChange={(e) => setOldPassword(e.target.value)}
placeholder={t("old-password")}
/>
<PasswordInput
value={newPassword}
onChange={(e) => setNewPassword(e.target.value)}
placeholder={t("new-password")}
/>
<PasswordInput
value={confirmPassword}
onChange={(e) => setConfirmPassword(e.target.value)}
placeholder={t("confirm-password")}
/>
</Stack>
</Dialog.Body>
<Dialog.Footer>
<Stack w="100%" gap={3}>
{isMsg && (
<MyAlert
status={msgStatus}
title={msgTitle}
description={msgDescription}
/>
)}
<HStack justify="flex-end" gap={2}>
<Dialog.ActionTrigger asChild>
<Button variant="outline">{t("cancel")}</Button>
</Dialog.ActionTrigger>
<Button type="submit" colorScheme="teal">
{t("save")}
</Button>
</HStack>
</Stack>
</Dialog.Footer>
</form>
<Dialog.CloseTrigger asChild>
<CloseButton size="sm" />
</Dialog.CloseTrigger>
</Dialog.Content>
</Dialog.Positioner>
</Portal>
</Dialog.Root>
</Flex>
);
};

2
FrontendV2/src/components/footer/Footer.tsx
View File

@@ -14,7 +14,7 @@ export const Footer = () => {
left="0"
right="0"
>
Made with by Theis Gaedigk - Class of 2019 at MCS-Bochum
Made with by Theis Gaedigk - Year 2019 at MCS-Bochum
<br />
Frontend-Version: {info ? info["frontend-info"].version : "N/A"} |
Backend-Version: {info ? info["backend-info"].version : "N/A"}

2
FrontendV2/src/utils/i18n/locales/de/de.json
View File

@@ -63,7 +63,7 @@
"timezone-info": "Die angezeigten Daten und Uhrzeiten werden in deutscher Zeitzone dargestellt und müssen auch so eingegeben werden.",
"optional-note": "Optionale Notiz",
"note": "Notiz",
"user-info-desc": "Hier können Sie Ihre persönlichen Informationen einsehen und das Passwort ändern. Falls Sie weitere Änderungen benötigen, wenden Sie sich bitte an einen Administrator.",
"user-info-desc": "Hier können Sie Ihre persönlichen Informationen einsehen und ändern.",
"role": "Rolle",
"admin-status": "Admin-Status",
"first-name": "Vorname",

2
FrontendV2/src/utils/i18n/locales/en/en.json
View File

@@ -63,7 +63,7 @@
"timezone-info": "The displayed dates and times are shown in Berlin timezone and must also be entered as such.",
"optional-note": "Optional note",
"note": "Note",
"user-info-desc": "Here you can view your personal information and change your password. If you need to make further changes, please contact an administrator.",
"user-info-desc": "Here you can view and edit your personal information.",
"role": "Role",
"admin-status": "Admin status",
"first-name": "First name",

15
FrontendV2/vite.config.ts
View File

@@ -1,16 +1,17 @@
import { defineConfig } from "vite";
import react from "@vitejs/plugin-react";
import svgr from "vite-plugin-svgr";
import tailwindcss from "@tailwindcss/vite";
import tsconfigPaths from "vite-tsconfig-paths";
export default defineConfig({
plugins: [react(), svgr(), tailwindcss(), tsconfigPaths()],
plugins: [tailwindcss()],
server: {
host: "0.0.0.0",
port: 8001,
watch: {
usePolling: true,
allowedHosts: ["insta.the1s.de"],
port: 8101,
watch: { usePolling: true },
hmr: {
host: "insta.the1s.de",
port: 8101,
protocol: "wss",
},
},
});

8
admin/nginx.conf
View File

@@ -9,14 +9,6 @@ server {
try_files $uri $uri/ /index.html;
}
location = /backend {
return 301 /backend/;
}
location /backend/ {
proxy_pass http://borrow_system-backend_v2:8004/;
}
location ~* \.(?:js|mjs|css|png|jpg|jpeg|gif|ico|svg|woff2?)$ {
expires 1y;
access_log off;

14
admin/src/components/AddItemForm.tsx
View File

@@ -29,8 +29,8 @@ const AddItemForm: React.FC<AddItemFormProps> = ({ onClose, alert }) => {
<Input id="item_name" placeholder="z.B. Laptop" />
</Field.Root>
<Field.Root>
<Field.Label>Schließfachnummer</Field.Label>
<Input id="safe_nr" placeholder="Nummer 1 - 6" />
<Field.Label>Schließfachnummer (immer zwei Zahlen)</Field.Label>
<Input id="lockerNumber" placeholder="Nummer 01 - 06" />
</Field.Root>
<Field.Root>
<Field.Label>Ausleih-Berechtigung (Rolle)</Field.Label>
@@ -57,15 +57,17 @@ const AddItemForm: React.FC<AddItemFormProps> = ({ onClose, alert }) => {
(document.getElementById("can_borrow_role") as HTMLInputElement)
?.value
);
const safeNrValue = (
document.getElementById("safe_nr") as HTMLInputElement
const lockerValue = (
document.getElementById("lockerNumber") as HTMLInputElement
)?.value.trim();
const safeNr = safeNrValue === "" ? null : safeNrValue;
const lockerNumber =
lockerValue === "" ? null : Number(lockerValue);
if (!name || Number.isNaN(role)) return;
if (lockerNumber !== null && Number.isNaN(lockerNumber)) return;
const res = await createItem(name, role, safeNr);
const res = await createItem(name, role, lockerNumber);
if (res.success) {
alert(
"success",

36
admin/src/components/ItemTable.tsx
View File

@@ -38,7 +38,6 @@ type Items = {
can_borrow_role: string;
in_safe: boolean;
safe_nr: string;
door_key: string;
entry_created_at: string;
entry_updated_at: string;
last_borrowed_person: string | null;
@@ -69,13 +68,7 @@ const ItemTable: React.FC = () => {
const handleLockerNumberChange = (id: number, value: string) => {
setItems((prev) =>
prev.map((it) => (it.id === id ? { ...it, safe_nr: value } : it))
);
};
const handleDoorKeyChange = (id: number, value: string) => {
setItems((prev) =>
prev.map((it) => (it.id === id ? { ...it, door_key: value } : it))
prev.map((it) => (it.id === id ? { ...it, lockerNumber: value } : it))
);
};
@@ -193,12 +186,7 @@ const ItemTable: React.FC = () => {
{/* make table fill available width, like UserTable */}
{!isLoading && (
<Table.Root
size="sm"
striped
w="100%"
style={{ tableLayout: "auto" }} // Spalten nach Content
>
<Table.Root size="sm" striped w="100%" style={{ tableLayout: "auto" }}>
<Table.Header>
<Table.Row>
<Table.ColumnHeader>
@@ -213,12 +201,9 @@ const ItemTable: React.FC = () => {
<Table.ColumnHeader>
<strong>Im Schließfach</strong>
</Table.ColumnHeader>
<Table.ColumnHeader width="1%" whiteSpace="nowrap">
<Table.ColumnHeader>
<strong>Schließfachnummer</strong>
</Table.ColumnHeader>
<Table.ColumnHeader width="1%" whiteSpace="nowrap">
<strong>Schlüssel</strong>
</Table.ColumnHeader>
<Table.ColumnHeader>
<strong>Eintrag erstellt am</strong>
</Table.ColumnHeader>
@@ -231,7 +216,7 @@ const ItemTable: React.FC = () => {
<Table.ColumnHeader>
<strong>Dav **</strong>
</Table.ColumnHeader>
<Table.ColumnHeader width="1%" whiteSpace="nowrap">
<Table.ColumnHeader>
<strong>Aktionen</strong>
</Table.ColumnHeader>
</Table.Row>
@@ -305,28 +290,17 @@ const ItemTable: React.FC = () => {
value={item.safe_nr}
/>
</Table.Cell>
<Table.Cell>
<Input
size="sm"
w="max-content"
onChange={(e) =>
handleDoorKeyChange(item.id, e.target.value)
}
value={item.door_key}
/>
</Table.Cell>
<Table.Cell>{formatDateTime(item.entry_created_at)}</Table.Cell>
<Table.Cell>{formatDateTime(item.entry_updated_at)}</Table.Cell>
<Table.Cell>{item.last_borrowed_person}</Table.Cell>
<Table.Cell>{item.currently_borrowing}</Table.Cell>
<Table.Cell whiteSpace="nowrap">
<Table.Cell>
<Button
onClick={() =>
handleEditItems(
item.id,
item.item_name,
item.safe_nr,
item.door_key,
item.can_borrow_role
).then((response) => {
if (response.success) {

8
admin/src/utils/userActions.ts
View File

@@ -165,7 +165,7 @@ export const deleteItem = async (itemId: number) => {
export const createItem = async (
item_name: string,
can_borrow_role: number,
lockerNumber: string | null
lockerNumber: number | null
) => {
console.log(JSON.stringify({ item_name, can_borrow_role, lockerNumber }));
try {
@@ -184,7 +184,7 @@ export const createItem = async (
return {
success: false,
message:
"Fehler beim Erstellen des Gegenstands. Der Name des Gegenstandes und die Schließfachnummer dürfen nicht mehrmals vergeben werden.",
"Fehler beim Erstellen des Gegenstands. Der Name des Gegenstandes darf nicht mehrmals vergeben werden.",
};
}
return { success: true };
@@ -198,9 +198,9 @@ export const handleEditItems = async (
itemId: number,
item_name: string,
safe_nr: string | null,
door_key: string | null,
can_borrow_role: string
) => {
const newSafeNr = Number(safe_nr || 0);
try {
const response = await fetch(
`${API_BASE}/api/admin/item-data/edit-item/${itemId}`,
@@ -210,7 +210,7 @@ export const handleEditItems = async (
"Content-Type": "application/json",
Authorization: `Bearer ${Cookies.get("token")}`,
},
body: JSON.stringify({ item_name, safe_nr, door_key, can_borrow_role }),
body: JSON.stringify({ item_name, newSafeNr, can_borrow_role }),
}
);
if (!response.ok) {

10
admin/vite.config.ts
View File

@@ -8,9 +8,13 @@ export default defineConfig({
plugins: [react(), svgr(), tailwindcss(), tsconfigPaths()],
server: {
host: "0.0.0.0",
port: 8003,
watch: {
usePolling: true,
allowedHosts: ["admin.insta.the1s.de"],
port: 8103,
watch: { usePolling: true },
hmr: {
host: "admin.insta.the1s.de",
port: 8103,
protocol: "wss",
},
},
});

6
backendV2/info.json
View File

@@ -1,11 +1,11 @@
{
"backend-info": {
"version": "v2.0.1 (dev)"
"version": "v2.0"
},
"frontend-info": {
"version": "v2.0 (dev)"
"version": "v2.0"
},
"admin-panel-info": {
"version": "v1.3 (dev)"
"version": "v1.2"
}
}

18
backendV2/routes/admin/database/itemDataMgmt.database.js
View File

@@ -32,22 +32,10 @@ export const createItem = async (item_name, can_borrow_role, lockerNumber) => {
return { success: false };
};
export const editItemById = async (
itemId,
item_name,
can_borrow_role,
safe_nr,
door_key
) => {
let newSafeNr;
if (safe_nr === null || safe_nr === "") {
newSafeNr = null;
} else {
newSafeNr = safe_nr;
}
export const editItemById = async (itemId, item_name, can_borrow_role) => {
const [result] = await pool.query(
"UPDATE items SET item_name = ?, can_borrow_role = ?, safe_nr = ?, door_key = ?, entry_updated_at = NOW() WHERE id = ?",
[item_name, can_borrow_role, newSafeNr, door_key, itemId]
"UPDATE items SET item_name = ?, can_borrow_role = ?, entry_updated_at = NOW() WHERE id = ?",
[item_name, can_borrow_role, itemId]
);
if (result.affectedRows > 0) return { success: true };
return { success: false };

7
backendV2/routes/admin/itemDataMgmt.route.js
View File

@@ -41,14 +41,11 @@ router.post("/create-item", authenticateAdmin, async (req, res) => {
router.post("/edit-item/:id", authenticateAdmin, async (req, res) => {
const itemId = req.params.id;
const { item_name, can_borrow_role, safe_nr, door_key } = req.body;
const { item_name, can_borrow_role } = req.body;
const result = await editItemById(
itemId,
item_name,
can_borrow_role,
safe_nr,
door_key
can_borrow_role
);
if (result.success) {
return res.status(200).json({ message: "Item edited successfully" });

19
backendV2/routes/api/api.database.js
View File

@@ -114,22 +114,3 @@ export const getAllLoansV2 = async () => {
}
return { success: false };
};
export const openDoor = async (doorKey) => {
const [result] = await pool.query(
"SELECT safe_nr, id FROM items WHERE door_key = ?;",
[doorKey]
);
if (result.length > 0) {
const [changeItemSate] = await pool.query(
"UPDATE items SET in_safe = NOT in_safe WHERE id = ?",
[result[0].id]
);
if (changeItemSate.affectedRows > 0) {
return { success: true, data: result[0] };
} else {
return { success: false };
}
}
return { success: false };
};

13
backendV2/routes/api/api.route.js
View File

@@ -10,7 +10,6 @@ import {
setTakeDateV2,
setReturnDateV2,
getLoanByCodeV2,
openDoor,
} from "./api.database.js";
// Route for API to get all items from the database
@@ -80,16 +79,4 @@ router.post(
}
);
// Route for API to open a door
router.get("/open-door/:key/:doorKey", authenticate, async (req, res) => {
const doorKey = req.params.doorKey;
const result = await openDoor(doorKey);
if (result.success) {
res.status(200).json({ data: result.data });
} else {
res.status(500).json({ message: "Failed to open door" });
}
});
export default router;

12
backendV2/routes/app/database/loansMgmt.database.js
View File

@@ -69,20 +69,12 @@ export const createLoanInDatabase = async (
)
.filter(Boolean);
// Build lockers array (unique, only 2-digit numbers from safe_nr)
// Build lockers array (unique, only 2-digit strings)
const lockers = [
...new Set(
itemsRows
.map((r) => r.safe_nr)
.filter(
(sn) =>
sn !== null &&
sn !== undefined &&
Number.isInteger(Number(sn)) &&
Number(sn) >= 0 &&
Number(sn) <= 99
)
.map((sn) => Number(sn))
.filter((sn) => typeof sn === "string" && /^\d{2}$/.test(sn))
),
];

37
backendV2/routes/app/services/mailer.js
View File

@@ -2,38 +2,6 @@ import nodemailer from "nodemailer";
import dotenv from "dotenv";
dotenv.config();
const formatDateTime = (value) => {
if (value == null) return "N/A";
const toOut = (d) => {
if (!(d instanceof Date) || isNaN(d.getTime())) return "N/A";
const dd = String(d.getDate()).padStart(2, "0");
const mm = String(d.getMonth() + 1).padStart(2, "0");
const yyyy = d.getFullYear();
const hh = String(d.getHours()).padStart(2, "0");
const mi = String(d.getMinutes()).padStart(2, "0");
return `${dd}.${mm}.${yyyy} ${hh}:${mi} Uhr`;
};
if (value instanceof Date) return toOut(value);
if (typeof value === "number") return toOut(new Date(value));
const s = String(value).trim();
// Direct pattern: "YYYY-MM-DD[ T]HH:mm[:ss]"
const m = s.match(/^(\d{4})-(\d{2})-(\d{2})[ T](\d{2}):(\d{2})(?::\d{2})?/);
if (m) {
const [, y, M, d, h, min] = m;
return `${d}.${M}.${y} ${h}:${min} Uhr`;
}
// ISO or other parseable formats
const dObj = new Date(s);
if (!isNaN(dObj.getTime())) return toOut(dObj);
return "N/A";
};
function buildLoanEmail({ user, items, startDate, endDate, createdDate }) {
const brand = process.env.MAIL_BRAND_COLOR || "#0ea5e9";
const itemsList =
@@ -174,8 +142,7 @@ export function sendMailLoan(user, items, startDate, endDate, createdDate) {
html: buildLoanEmail({ user, items, startDate, endDate, createdDate }),
});
// debugging logs
// console.log("Message sent:", info.messageId);
console.log("Message sent:", info.messageId);
})();
// console.log("sendMailLoan called");
console.log("sendMailLoan called");
}

BIN
backendV2/scheme.xlsx Normal file
View File

Binary file not shown.

6
backendV2/schemeV2.sql
View File

@@ -37,13 +37,13 @@ CREATE TABLE items (
item_name varchar(255) NOT NULL UNIQUE,
can_borrow_role INT NOT NULL,
in_safe bool NOT NULL DEFAULT true,
safe_nr INT DEFAULT NULL UNIQUE,
door_key INT DEFAULT NULL UNIQUE,
safe_nr CHAR(2) DEFAULT NULL UNIQUE,
entry_created_at timestamp NULL DEFAULT CURRENT_TIMESTAMP,
entry_updated_at timestamp NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
last_borrowed_person varchar(255) DEFAULT NULL,
currently_borrowing varchar(255) DEFAULT NULL,
PRIMARY KEY (id)
PRIMARY KEY (id),
CHECK (safe_nr REGEXP '^[0-9]{2}$' OR safe_nr IS NULL)
) ENGINE=InnoDB;
CREATE TABLE apiKeys (

26
docker-compose.yml
View File

@@ -1,21 +1,23 @@
services:
# usr-frontend_v2:
# container_name: borrow_system-usr-frontend
# build: ./FrontendV2
# ports:
# - "8001:80"
# restart: unless-stopped
usr-frontend_v2:
container_name: borrow_system-usr-frontend
build: ./FrontendV2
ports:
- "8101:80"
restart: unless-stopped
# admin-frontend:
# container_name: borrow_system-admin-frontend
# build: ./admin
# ports:
# - "8003:80"
# restart: unless-stopped
admin-frontend:
container_name: borrow_system-admin-frontend
build: ./admin
ports:
- "8103:80"
restart: unless-stopped
backend_v2:
container_name: borrow_system-backend_v2
build: ./backendV2
ports:
- "8102:8102"
environment:
NODE_ENV: production
DB_HOST: mysql_v2