improved error logging

Co-authored-by: Copilot <copilot@github.com>
added request limiter to backend
2026-04-26 16:24:11 +02:00 · 2026-04-26 16:10:34 +02:00 · 2026-04-26 15:59:57 +02:00 · 2026-04-26 15:03:37 +02:00 · 2026-04-26 14:57:59 +02:00 · 2026-04-26 14:40:53 +02:00
33 changed files with 1473 additions and 630 deletions
@@ -0,0 +1,3 @@
 [submodule "no-as-a-service"]
 	path = no-as-a-service
 	url = https://github.com/hotheadhacker/no-as-a-service.git
@@ -12,6 +12,7 @@
  "dependencies": {
    "@chakra-ui/react": "^3.28.0",
    "@emotion/react": "^11.14.0",
    "@lottiefiles/dotlottie-react": "^0.19.0",
    "@tailwindcss/vite": "^4.1.11",
    "@tanstack/react-query": "^5.90.5",
    "i18next": "^25.6.0",
@@ -1,6 +1,7 @@
 import {
  Button,
  Flex,
  Image,
  Heading,
  Stack,
  Text,
@@ -190,6 +191,13 @@ export const Header = () => {
        <Stack gap={1}>
          {/* Titelzeile ohne Mobile-Menu (wurde nach oben verlegt) */}
          <Flex align="center" justify="space-between" gap={2}>
            <Image
              src="/icon_borrow-system-frontend_dark.png"
              alt="borrow-system logo"
              boxSize="10"
              objectFit="contain"
              flexShrink={0}
            />
            <Heading
              size="2xl"
              className="tracking-tight text-slate-900 dark:text-slate-100"
@@ -36,12 +36,43 @@ export const UserDialogue = (props: UserDialogueProps) => {
  const [msgTitle, setMsgTitle] = useState("");
  const [msgDescription, setMsgDescription] = useState("");
  const [isMsgNAAS, setIsMsgNAAS] = useState(false);
  const [msgStatusNAAS, setMsgStatusNAAS] = useState<"error" | "success">(
    "error",
  );
  const [msgTitleNAAS, setMsgTitleNAAS] = useState("");
  const [msgDescriptionNAAS, setMsgDescriptionNAAS] = useState("");
  const [oldPassword, setOldPassword] = useState("");
  const [newPassword, setNewPassword] = useState("");
  const [confirmPassword, setConfirmPassword] = useState("");
  // Dialog control
  const [isPwOpen, setPwOpen] = useState(false);
  const [naasDialog, setNaasDialog] = useState(false);
  const [naas, setNaas] = useState("");
  const openNAAS = async () => {
    try {
      const response = await fetch(`${API_BASE}/no`, {
        headers: {
          "Content-Type": "application/json",
          Authorization: `Bearer ${Cookies.get("token")}`,
        },
      });
      const data = await response.json();
      setNaas(data.reason);
      setNaasDialog(true);
    } catch (error) {
      setMsgStatusNAAS("error");
      setMsgTitleNAAS(t("naas-error"));
      setMsgDescriptionNAAS(t("naas-error-desc"));
      setIsMsgNAAS(true);
      console.log(msgStatusNAAS, msgTitleNAAS, msgDescriptionNAAS);
    }
  };
  const changePassword = async () => {
    if (newPassword !== confirmPassword) {
@@ -147,14 +178,31 @@ export const UserDialogue = (props: UserDialogueProps) => {
            </Button>
          </Stack>
        </Card.Body>
-        <Card.Footer justifyContent="flex-end">
+        <Card.Footer>
-          <Button variant="outline" onClick={() => props.setUserDialog(false)}>
+          <Stack w="100%" gap={3}>
-            {t("cancel")}
+            {isMsgNAAS && (
-          </Button>
+              <MyAlert
                status={msgStatusNAAS}
                title={msgTitleNAAS}
                description={msgDescriptionNAAS}
              />
            )}
            <HStack justify="flex-end" gap={2} wrap="wrap">
              <Button
                variant="outline"
                onClick={() => props.setUserDialog(false)}
              >
                {t("cancel")}
              </Button>
              <Button variant="outline" onClick={() => openNAAS()}>
                {t("try-naas")}
              </Button>
            </HStack>
          </Stack>
        </Card.Footer>
      </Card.Root>
-      {/* Passwort-Dialog (kontrolliert) */}
+      {/* Passwort-Dialog */}
      <Dialog.Root open={isPwOpen} onOpenChange={(e: any) => setPwOpen(e.open)}>
        <Portal>
          <Dialog.Backdrop />
@@ -215,6 +263,31 @@ export const UserDialogue = (props: UserDialogueProps) => {
          </Dialog.Positioner>
        </Portal>
      </Dialog.Root>
      <HStack wrap="wrap" gap="4">
        <Dialog.Root
          placement={"center"}
          open={naasDialog}
          motionPreset="slide-in-bottom"
        >
          <Portal>
            <Dialog.Backdrop />
            <Dialog.Positioner>
              <Dialog.Content>
                <Dialog.Header>
                  <Dialog.Title>{t("naas-header")}</Dialog.Title>
                </Dialog.Header>
                <Dialog.Body>
                  <p>{naas}</p>
                </Dialog.Body>
                <Dialog.CloseTrigger asChild>
                  <CloseButton onClick={() => setNaasDialog(false)} size="sm" />
                </Dialog.CloseTrigger>
              </Dialog.Content>
            </Dialog.Positioner>
          </Portal>
        </Dialog.Root>
      </HStack>
    </Flex>
  );
 };
@@ -0,0 +1,28 @@
 import { DotLottieReact } from "@lottiefiles/dotlottie-react";
 export const unlockAnimation = () => {
  return (
    <DotLottieReact
      src="https://lottie.host/f839baa1-9c64-44c4-9386-f0e4c87ab208/2Iw1m4k86d.lottie"
      autoplay
    />
  );
 };
 export const approvalAnimation = () => {
  return (
    <DotLottieReact
      src="https://lottie.host/b7257009-9e3f-43e2-8112-a176f4696e4c/iQxxqAVOGX.lottie"
      autoplay
    />
  );
 };
 export const logoutAnimation = () => {
  return (
    <DotLottieReact
      src="https://lottie.host/4975758c-de38-4d15-9f74-927709751d32/v8FtKpnD1y.lottie"
      autoplay
    />
  );
 };
@@ -42,6 +42,12 @@ export const ContactPage = () => {
        text: t("contactPage_successText"),
      });
      setMessage("");
    } else if (result.status === 503) {
      setAlert({
        type: "error",
        headline: t("serviceDeactivatedHeadline"),
        text: t("contactPage_serviceDeactivatedText"),
      });
    } else {
      setAlert({
        type: "error",
@@ -18,6 +18,7 @@ import { borrowAbleItemsAtom } from "@/states/Atoms";
 import { createLoan } from "@/utils/Fetcher";
 import { Header } from "@/components/Header";
 import { useTranslation } from "react-i18next";
 import { approvalAnimation } from "@/components/dotLottie";
 export interface User {
  username: string;
@@ -27,6 +28,8 @@ export interface User {
 export const HomePage = () => {
  const { t } = useTranslation();
  const [showAnimation, setShowAnimation] = useState(false);
  const [borrowableItems, setBorrowableItems] = useAtom(borrowAbleItemsAtom);
  const [startDate, setStartDate] = useState("");
  const [endDate, setEndDate] = useState("");
@@ -46,155 +49,172 @@ export const HomePage = () => {
    setSelectedItems((prevSelected) =>
      prevSelected.includes(itemId)
        ? prevSelected.filter((id) => id !== itemId)
-        : [...prevSelected, itemId]
+        : [...prevSelected, itemId],
    );
  };
  const showApprovalAnimation = (seconds: number) => {
    const milliseconds = seconds * 1000;
    setShowAnimation(true);
    window.setTimeout(() => {
      setShowAnimation(false);
    }, milliseconds);
  };
  return (
-    <Container className="px-6 sm:px-8 pt-10">
+    <>
-      <Header />
+      {showAnimation && (
-      {isMsg && (
+        <div className="fixed inset-0 z-9999 flex items-center justify-center pointer-events-none">
-        <MyAlert
+          <div>{approvalAnimation()}</div>
-          status={msgStatus}
+        </div>
          title={msgTitle}
          description={msgDescription}
        />
      )}
-      <Stack as="main">
+      <Container className="px-6 sm:px-8 pt-10">
-        <Text>{t("timezone-info")}</Text>
+        <Header />
-        <label htmlFor="startDate">
+        {isMsg && (
-          <strong>
+          <MyAlert
-            <Text>{t("start-date")}</Text>
+            status={msgStatus}
-          </strong>
+            title={msgTitle}
-        </label>
+            description={msgDescription}
-        <Input
+          />
-          id="startDate"
+        )}
-          placeholder={t("start-date")}
+        <Stack as="main">
-          type="datetime-local"
+          <Text>{t("timezone-info")}</Text>
-          value={startDate}
+          <label htmlFor="startDate">
-          onChange={(e) => setStartDate(e.target.value)}
+            <strong>
-        />
+              <Text>{t("start-date")}</Text>
-        <label htmlFor="endDate">
+            </strong>
-          <strong>
+          </label>
-            <Text>{t("end-date")}</Text>
+          <Input
-          </strong>
+            id="startDate"
-        </label>
+            placeholder={t("start-date")}
-        <Input
+            type="datetime-local"
-          id="endDate"
+            value={startDate}
-          placeholder={t("end-date")}
+            onChange={(e) => setStartDate(e.target.value)}
-          type="datetime-local"
+          />
-          value={endDate}
+          <label htmlFor="endDate">
-          onChange={(e) => setEndDate(e.target.value)}
+            <strong>
-        />
+              <Text>{t("end-date")}</Text>
-        <Button
+            </strong>
-          onClick={async () => {
+          </label>
-            setIsLoadingA(true);
+          <Input
-            if (!startDate || !endDate) {
+            id="endDate"
-              setMsgStatus("error");
+            placeholder={t("end-date")}
-              setMsgTitle(t("missing-fields"));
+            type="datetime-local"
-              setMsgDescription(t("missing-fields-desc"));
+            value={endDate}
-              setIsMsg(true);
+            onChange={(e) => setEndDate(e.target.value)}
-              setIsLoadingA(false);
+          />
-              return;
+          <Button
-            }
+            onClick={async () => {
-            await getBorrowableItems(startDate, endDate).then((response) => {
+              setIsLoadingA(true);
-              setIsLoadingA(false);
+              if (!startDate || !endDate) {
              if (response && response.status === "error") {
                setMsgStatus("error");
-                setMsgTitle(response.title || t("error"));
+                setMsgTitle(t("missing-fields"));
-                setMsgDescription(response.description || t("unknown-error"));
+                setMsgDescription(t("missing-fields-desc"));
                setIsMsg(true);
                setIsLoadingA(false);
                return;
              }
-              setBorrowableItems(response.data);
+              await getBorrowableItems(startDate, endDate).then((response) => {
-              setIsMsg(false);
+                setIsLoadingA(false);
-            });
+                if (response && response.status === "error") {
-          }}
+                  setMsgStatus("error");
-        >
+                  setMsgTitle(response.title || t("error"));
-          {t("get-borrowable-items")}
+                  setMsgDescription(response.description || t("unknown-error"));
        </Button>
        {isLoadingA && (
          <VStack colorPalette="teal">
            <Spinner color="colorPalette.600" />
            <Text color="colorPalette.600">{t("loading")}</Text>
          </VStack>
        )}
        {borrowableItems.length > 0 && (
          <Table.ScrollArea borderWidth="1px" rounded="md">
            <Table.Root size="sm" stickyHeader>
              <Table.Header>
                <Table.Row bg="bg.subtle">
                  <Table.ColumnHeader></Table.ColumnHeader>
                  <Table.ColumnHeader>{t("item")}</Table.ColumnHeader>
                </Table.Row>
              </Table.Header>
              <Table.Body>
                {borrowableItems.map((item) => (
                  <Table.Row key={item.id}>
                    <Table.Cell>
                      <input
                        onChange={() => handleCheckboxChange(item.id)}
                        type="checkbox"
                        name={item.id}
                        id={item.id}
                      />
                    </Table.Cell>
                    <Table.Cell>{item.item_name}</Table.Cell>
                  </Table.Row>
                ))}
                <Table.Row>
                  <Table.Cell colSpan={2}>
                    <InputGroup
                      endElement={
                        <Span color="fg.muted" textStyle="xs">
                          {note.length} / {MAX_CHARACTERS}
                        </Span>
                      }
                    >
                      <Input
                        placeholder={t("optional-note")}
                        value={note}
                        maxLength={MAX_CHARACTERS}
                        onChange={(e) => {
                          setNote(
                            e.currentTarget.value.slice(0, MAX_CHARACTERS)
                          );
                        }}
                      />
                    </InputGroup>
                  </Table.Cell>
                </Table.Row>
              </Table.Body>
            </Table.Root>
          </Table.ScrollArea>
        )}
        {selectedItems.length >= 1 && (
          <Button
            onClick={() =>
              createLoan(selectedItems, startDate, endDate, note).then(
                (response) => {
                  if (response.status === "error") {
                    setMsgStatus("error");
                    setMsgTitle(response.title || t("error"));
                    setMsgDescription(
                      response.description || t("unknown-error")
                    );
                    setIsMsg(true);
                    return;
                  }
                  setMsgStatus("success");
                  setMsgTitle(t("success"));
                  setMsgDescription(t("loan-success"));
                  setIsMsg(true);
                  return;
                }
-              )
+                setBorrowableItems(response.data);
-            }
+                setIsMsg(false);
              });
            }}
          >
-            {t("create-loan")}
+            {t("get-borrowable-items")}
          </Button>
-        )}
+          {isLoadingA && (
-      </Stack>
+            <VStack colorPalette="teal">
-    </Container>
+              <Spinner color="colorPalette.600" />
              <Text color="colorPalette.600">{t("loading")}</Text>
            </VStack>
          )}
          {borrowableItems.length > 0 && (
            <Table.ScrollArea borderWidth="1px" rounded="md">
              <Table.Root size="sm" stickyHeader>
                <Table.Header>
                  <Table.Row bg="bg.subtle">
                    <Table.ColumnHeader></Table.ColumnHeader>
                    <Table.ColumnHeader>{t("item")}</Table.ColumnHeader>
                  </Table.Row>
                </Table.Header>
                <Table.Body>
                  {borrowableItems.map((item) => (
                    <Table.Row key={item.id}>
                      <Table.Cell>
                        <input
                          onChange={() => handleCheckboxChange(item.id)}
                          type="checkbox"
                          name={item.id}
                          id={item.id}
                        />
                      </Table.Cell>
                      <Table.Cell>{item.item_name}</Table.Cell>
                    </Table.Row>
                  ))}
                  <Table.Row>
                    <Table.Cell colSpan={2}>
                      <InputGroup
                        endElement={
                          <Span color="fg.muted" textStyle="xs">
                            {note.length} / {MAX_CHARACTERS}
                          </Span>
                        }
                      >
                        <Input
                          placeholder={t("optional-note")}
                          value={note}
                          maxLength={MAX_CHARACTERS}
                          onChange={(e) => {
                            setNote(
                              e.currentTarget.value.slice(0, MAX_CHARACTERS),
                            );
                          }}
                        />
                      </InputGroup>
                    </Table.Cell>
                  </Table.Row>
                </Table.Body>
              </Table.Root>
            </Table.ScrollArea>
          )}
          {selectedItems.length >= 1 && (
            <Button
              onClick={() =>
                createLoan(selectedItems, startDate, endDate, note).then(
                  (response) => {
                    if (response.status === "error") {
                      setMsgStatus("error");
                      setMsgTitle(response.title || t("error"));
                      setMsgDescription(
                        response.description || t("unknown-error"),
                      );
                      setIsMsg(true);
                      return;
                    }
                    showApprovalAnimation(3);
                    setMsgStatus("success");
                    setMsgTitle(t("success"));
                    setMsgDescription(t("loan-success"));
                    setIsMsg(true);
                  },
                )
              }
            >
              {t("create-loan")}
            </Button>
          )}
        </Stack>
      </Container>
    </>
  );
 };
@@ -79,6 +79,16 @@ const Landingpage: React.FC = () => {
            Authorization: `Bearer ${Cookies.get("token")}`,
          },
        });
        if (loanRes.status === 503) {
          setError(
            "error",
            t("serviceDeactivatedHeadline"),
            t("loan_page_serviceDeactivatedText"),
          );
          setIsLoading(false);
          return;
        }
        const loanData = await loanRes.json();
        if (Array.isArray(loanData)) {
          setLoans(loanData);
@@ -4,26 +4,47 @@ import { Button, Card, Field, Input, Stack } from "@chakra-ui/react";
 import { setIsLoggedInAtom, triggerLogoutAtom } from "@/states/Atoms";
 import { useAtom } from "jotai";
 import Cookies from "js-cookie";
-import { Navigate, useNavigate, useLocation } from "react-router-dom";
+import { useNavigate, useLocation } from "react-router-dom";
 import { PasswordInput } from "@/components/ui/password-input";
 import { useTranslation } from "react-i18next";
 import { API_BASE } from "@/config/api.config";
 import { unlockAnimation } from "@/components/dotLottie";
 import { logoutAnimation } from "@/components/dotLottie";
 export const LoginPage = () => {
  const { t } = useTranslation();
  const [isLoggedIn, setIsLoggedIn] = useAtom(setIsLoggedInAtom);
  const [triggerLogout, setTriggerLogout] = useAtom(triggerLogoutAtom);
  const [showAnimation, setShowAnimation] = useState(false);
  const [showLogout, setShowLogout] = useState(false);
  const navigate = useNavigate();
  const location = useLocation();
  const from = location.state?.from?.pathname || "/";
  useEffect(() => {
-    if (isLoggedIn) {
+    if (triggerLogout) {
-      navigate(from, { replace: true });
+      setShowLogout(true);
-      window.location.reload(); // if deleted, the user context is not updated in time
+      window.setTimeout(() => {
        setShowLogout(false);
      }, 4500);
    }
-  }, [isLoggedIn, navigate, from]);
+
    if (!isLoggedIn) return;
    // Existing sessions should redirect immediately, fresh logins wait for animation.
    if (!showAnimation) {
      navigate(from, { replace: true });
      return;
    }
    const timeoutId = window.setTimeout(() => {
      navigate(from, { replace: true });
      window.location.reload(); // keeps user context in sync after login
    }, 3000);
    return () => window.clearTimeout(timeoutId);
  }, [isLoggedIn, showAnimation, navigate, from]);
  const loginFnc = async (username: string, password: string) => {
    const response = await fetch(`${API_BASE}/api/users/login`, {
@@ -42,6 +63,8 @@ export const LoginPage = () => {
      };
    }
    setShowAnimation(true);
    Cookies.set("token", data.token);
    setIsLoggedIn(true);
    return { success: true };
@@ -62,58 +85,75 @@ export const LoginPage = () => {
      return;
    }
    setTriggerLogout(false);
    navigate(from, { replace: true });
  };
  if (isLoggedIn) {
    return <Navigate to={from} replace />;
  }
  return (
-    <div className="flex flex-1 items-center justify-center p-4">
+    <>
-      <form onSubmit={(e) => e.preventDefault()}>
+      {showAnimation && (
-        <Card.Root maxW="sm">
+        <div className="fixed inset-0 z-9999 flex items-center justify-center pointer-events-none">
-          <Card.Header>
+          <div>{unlockAnimation()}</div>
-            <Card.Title>{t("login")}</Card.Title>
+        </div>
-            <Card.Description>{t("enter-credentials")}</Card.Description>
+      )}
-          </Card.Header>
+
-          <Card.Body>
+      {showLogout && (
-            <Stack gap="4" w="full">
+        <div className="fixed inset-0 z-9999 flex items-center justify-center pointer-events-none">
-              <Field.Root>
+          <div>{logoutAnimation()}</div>
-                <Field.Label>{t("username")}</Field.Label>
+        </div>
-                <Input
+      )}
-                  value={username}
+
-                  onChange={(e) => setUsername(e.target.value)}
+      <div className="flex flex-1 items-center justify-center p-4">
        <form onSubmit={(e) => e.preventDefault()}>
          <Card.Root maxW="sm">
            <Card.Header>
              <Card.Title>{t("login")}</Card.Title>
              <Card.Description>{t("enter-credentials")}</Card.Description>
            </Card.Header>
            <Card.Body>
              <Stack gap="4" w="full">
                <Field.Root>
                  <Field.Label>{t("username")}</Field.Label>
                  <Input
                    value={username}
                    onChange={(e) => setUsername(e.target.value)}
                  />
                </Field.Root>
                <Field.Root>
                  <Field.Label>{t("password")}</Field.Label>
                  <PasswordInput
                    value={password}
                    onChange={(e) => setPassword(e.target.value)}
                  />
                </Field.Root>
              </Stack>
            </Card.Body>
            <Card.Footer justifyContent="flex-end">
              {isError && (
                <MyAlert
                  status="error"
                  title={errorMsg}
                  description={errorDsc}
                />
-              </Field.Root>
+              )}
-              <Field.Root>
+              <Button
-                <Field.Label>{t("password")}</Field.Label>
+                type="submit"
-                <PasswordInput
+                onClick={() => handleLogin()}
-                  value={password}
+                variant="solid"
-                  onChange={(e) => setPassword(e.target.value)}
+              >
                Login
              </Button>
            </Card.Footer>
            <Card.Footer justifyContent="flex-end">
              {triggerLogout && (
                <MyAlert
                  status="success"
                  title={t("logout-success")}
                  description={t("logout-success-desc")}
                />
-              </Field.Root>
+              )}
-            </Stack>
+            </Card.Footer>
-          </Card.Body>
+          </Card.Root>
-          <Card.Footer justifyContent="flex-end">
+        </form>
-            {isError && (
+      </div>
-              <MyAlert status="error" title={errorMsg} description={errorDsc} />
+    </>
            )}
            <Button type="submit" onClick={() => handleLogin()} variant="solid">
              Login
            </Button>
          </Card.Footer>
          <Card.Footer justifyContent="flex-end">
            {triggerLogout && (
              <MyAlert
                status="success"
                title={t("logout-success")}
                description={t("logout-success-desc")}
              />
            )}
          </Card.Footer>
        </Card.Root>
      </form>
    </div>
  );
 };
@@ -52,6 +52,13 @@ export const MyLoansPage = () => {
        });
        if (!res.ok) {
          if (res.status === 503) {
            setMsgStatus("error");
            setMsgTitle(t("serviceDeactivatedHeadline"));
            setMsgDescription(t("loan_page_serviceDeactivatedText"));
            setIsMsg(true);
            return;
          }
          setMsgStatus("error");
          setMsgTitle(t("error"));
          setMsgDescription(t("error-fetching-loans"));
@@ -84,6 +91,14 @@ export const MyLoansPage = () => {
      });
      if (!res.ok) {
        if (res.status === 507) {
          setMsgStatus("error");
          setMsgTitle(t("error"));
          setMsgDescription(t("error-deleting-loan-507"));
          setIsMsg(true);
          return;
        }
        setMsgStatus("error");
        setMsgTitle(t("error"));
        setMsgDescription(t("error-deleting-loan"));
@@ -17,6 +17,16 @@ export const getBorrowableItems = async (
    });
    if (!response.ok) {
      if (response.status === 503) {
        return {
          data: null,
          status: "error",
          title: "Service deactivated",
          description:
            "The loan service is currently deactivated. Please try again later.",
        };
      }
      return {
        data: null,
        status: "error",
@@ -60,6 +70,16 @@ export const createLoan = async (
  });
  if (!response.ok) {
    if (response.status === 503) {
      return {
        data: null,
        status: "error",
        title: "Service deactivated",
        description:
          "The loan service is currently deactivated. Please try again later.",
      };
    }
    return {
      data: null,
      status: "error",
@@ -88,5 +88,11 @@
    "take-loan-success": "Ausleihe erfolgreich abgeholt",
    "return-loan-success": "Ausleihe erfolgreich zurückgegeben",
    "network-error": "Netzwerkfehler. Kontaktieren Sie den Administrator.",
-    "contactPage_messageDescription": "Bitte geben Sie hier Ihre Nachricht ein. Der Systemadministrator (Theis Gaedigk) wird sich so schnell wie möglich bei Ihnen melden."
+    "contactPage_messageDescription": "Bitte geben Sie hier Ihre Nachricht ein. Der Systemadministrator (Theis Gaedigk) wird sich so schnell wie möglich bei Ihnen melden.",
    "naas": "No-as-a-service",
    "try-naas": "Klick mich",
    "naas-error": "Fehler mit no-as-a-service",
    "naas-error-desc": "Ein Fehler ist beim Kommunizieren mit no-as-a-service aufgetreten.",
    "naas-header": "Eine gute Möglichkeit, nein zu sagen...",
    "error-deleting-loan-507": "Die Ausleihe kann nicht gelöscht werden, da sie noch nicht zurückgegeben wurde."
 }
@@ -88,5 +88,14 @@
    "take-loan-success": "Loan taken successfully",
    "return-loan-success": "Loan returned successfully",
    "network-error": "Network error. Please contact the administrator.",
-    "contactPage_messageDescription": "Please enter your message here. The system administrator (Theis Gaedigk) will get back to you as soon as possible."
+    "contactPage_messageDescription": "Please enter your message here. The system administrator (Theis Gaedigk) will get back to you as soon as possible.",
    "naas": "No-as-a-service",
    "try-naas": "Click me",
    "naas-error": "Error with no-as-a-service",
    "naas-error-desc": "An error occurred while communicating with no-as-a-service.",
    "naas-header": "A good way to say no...",
    "error-deleting-loan-507": "The loan cannot be deleted because it has not been returned yet.",
    "serviceDeactivatedHeadline": "Service deactivated",
    "contactPage_serviceDeactivatedText": "The contact service is currently deactivated. Please try again later.",
    "loan_page_serviceDeactivatedText": "The loan service is currently deactivated. Please try again later."
 }
@@ -7,6 +7,7 @@ import UserTable from "../components/UserTable";
 import ItemTable from "../components/ItemTable";
 import LoanTable from "../components/LoanTable";
 import APIKeyTable from "@/components/APIKeyTable";
 import ServerConfig from "@/components/ServerConfig";
 import { MoveLeft } from "lucide-react";
 type DashboardProps = {
@@ -44,6 +45,7 @@ const Dashboard: React.FC<DashboardProps> = ({ onLogout }) => {
        viewSchliessfaecher={() => setActiveView("Schließfächer")}
        viewUser={() => setActiveView("User")}
        viewAPI={() => setActiveView("API")}
        viewConfig={() => setActiveView("Server Konfiguration")}
      />
      <Box flex="1" display="flex" flexDirection="column">
        <Flex
@@ -88,6 +90,7 @@ const Dashboard: React.FC<DashboardProps> = ({ onLogout }) => {
          {activeView === "Ausleihen" && <LoanTable />}
          {activeView === "Gegenstände" && <ItemTable />}
          {activeView === "API" && <APIKeyTable />}
          {activeView === "Server Konfiguration" && <ServerConfig />}
        </Box>
      </Box>
    </Flex>
@@ -9,6 +9,7 @@ type SidebarProps = {
  viewSchliessfaecher: () => void;
  viewUser: () => void;
  viewAPI: () => void;
  viewConfig: () => void;
 };
 const Sidebar: React.FC<SidebarProps> = ({
@@ -16,6 +17,7 @@ const Sidebar: React.FC<SidebarProps> = ({
  viewGegenstaende,
  viewUser,
  viewAPI,
  viewConfig
 }) => {
  const [info, setInfo] = useState<any>(null);
@@ -83,6 +85,15 @@ const Sidebar: React.FC<SidebarProps> = ({
          >
            API Keys
          </Link>
          <Link
            px={3}
            py={2}
            rounded="md"
            _hover={{ bg: "gray.700", textDecoration: "none" }}
            onClick={viewConfig}
          >
            Server Konfiguration
          </Link>
        </VStack>
        <Box mt="auto" pt={8} fontSize="xs" color="gray.500">
@@ -0,0 +1,175 @@
 import React from "react";
 import {
  Table,
  Spinner,
  Text,
  VStack,
  Heading,
  Switch,
 } from "@chakra-ui/react";
 import MyAlert from "./myChakra/MyAlert";
 import Cookies from "js-cookie";
 import { useState, useEffect } from "react";
 import { formatDateTime } from "@/utils/userFuncs";
 import { API_BASE } from "@/config/api.config";
 type Items = {
  id: number;
  function_name: string;
  active: boolean;
  entry_created_at: string;
  updated_at: string | null;
 };
 const ServerConfig: React.FC = () => {
  const [items, setItems] = useState<Items[]>([]);
  const [errorStatus, setErrorStatus] = useState<"error" | "success">("error");
  const [errorMessage, setErrorMessage] = useState("");
  const [errorDsc, setErrorDsc] = useState("");
  const [isError, setIsError] = useState(false);
  const [isLoading, setIsLoading] = useState(false);
  const [reload, setReload] = useState(false);
  const handleSwitchChange = async (id: number, newState: boolean) => {
    try {
      const response = await fetch(
        `${API_BASE}/api/admin/server-config/update?functionName=${encodeURIComponent(
          items.find((item) => item.id === id)?.function_name || "",
        )}&active=${newState}`,
        {
          method: "POST",
          headers: {
            Authorization: `Bearer ${Cookies.get("token")}`,
          },
        },
      );
      if (response.ok) {
        setReload((prev) => !prev);
        setError(
          "success",
          "Status updated",
          "The function status was updated successfully.",
        );
      } else {
        setError(
          "error",
          "Failed to update status",
          "There is an error updating the function status.",
        );
      }
    } catch (error) {
      setError(
        "error",
        "Failed to update status",
        "There is an error updating the function status.",
      );
    }
  };
  const setError = (
    status: "error" | "success",
    message: string,
    description: string,
  ) => {
    setIsError(false);
    setErrorStatus(status);
    setErrorMessage(message);
    setErrorDsc(description);
    setIsError(true);
  };
  useEffect(() => {
    const fetchData = async () => {
      setIsLoading(true);
      try {
        const response = await fetch(
          `${API_BASE}/api/admin/server-config/all`,
          {
            method: "GET",
            headers: {
              Authorization: `Bearer ${Cookies.get("token")}`,
            },
          },
        );
        const data = await response.json();
        return data.data;
      } catch (error) {
        setError("error", "Failed to fetch items", "There is an error");
      } finally {
        setIsLoading(false);
      }
    };
    fetchData().then((data) => {
      if (Array.isArray(data)) {
        setItems(data);
      }
    });
  }, [reload]);
  return (
    <>
      <Heading marginBottom={4} size="2xl">
        Server Konfiguration
      </Heading>
      {isError && (
        <MyAlert
          status={errorStatus}
          description={errorDsc}
          title={errorMessage}
        />
      )}
      {isLoading && (
        <VStack colorPalette="teal">
          <Spinner color="colorPalette.600" />
          <Text color="colorPalette.600">Loading...</Text>
        </VStack>
      )}
      <Table.Root size="sm" striped w="100%" style={{ tableLayout: "auto" }}>
        <Table.Header>
          <Table.Row>
            <Table.ColumnHeader width="1%" whiteSpace="nowrap">
              <strong>#</strong>
            </Table.ColumnHeader>
            <Table.ColumnHeader>
              <strong>Service Name</strong>
            </Table.ColumnHeader>
            <Table.ColumnHeader>
              <strong>Toggle</strong>
            </Table.ColumnHeader>
            <Table.ColumnHeader>
              <strong>Eintrag erstellt am</strong>
            </Table.ColumnHeader>
          </Table.Row>
        </Table.Header>
        <Table.Body>
          {items.map((item) => (
            <Table.Row key={item.id}>
              <Table.Cell whiteSpace="nowrap">{item.id}</Table.Cell>
              <Table.Cell fontFamily="mono">{item.function_name}</Table.Cell>
              <Table.Cell>
                <Switch.Root
                  checked={item.active}
                  onCheckedChange={() =>
                    handleSwitchChange(item.id, !item.active)
                  }
                >
                  <Switch.HiddenInput />
                  <Switch.Control>
                    <Switch.Thumb />
                  </Switch.Control>
                  <Switch.Label />
                </Switch.Root>
              </Table.Cell>
              <Table.Cell whiteSpace="nowrap">
                {formatDateTime(item.entry_created_at)}
              </Table.Cell>
            </Table.Row>
          ))}
        </Table.Body>
      </Table.Root>
    </>
  );
 };
 export default ServerConfig;
@@ -1,9 +1,9 @@
 {
    "backend-info": {
-        "version": "v2.1.1 (dev)"
+        "version": "v2.2 (dev)"
    },
    "frontend-info": {
-        "version": "v2.1.2 (dev)"
+        "version": "v2.2 (dev)"
    },
    "admin-panel-info": {
        "version": "v1.3.2 (dev)"
@@ -1,18 +1,19 @@
 {
  "name": "backendv2",
-  "version": "1.0.0",
+  "version": "v2.1.1 (dev)",
  "lockfileVersion": 3,
  "requires": true,
  "packages": {
    "": {
      "name": "backendv2",
-      "version": "1.0.0",
+      "version": "v2.1.1 (dev)",
      "license": "ISC",
      "dependencies": {
        "cors": "^2.8.5",
        "dotenv": "^17.2.1",
        "ejs": "^3.1.10",
        "express": "^5.1.0",
        "express-rate-limit": "^8.4.1",
        "jose": "^6.0.12",
        "mysql2": "^3.14.3",
        "nodemailer": "^7.0.6"
@@ -349,6 +350,24 @@
        "url": "https://opencollective.com/express"
      }
    },
    "node_modules/express-rate-limit": {
      "version": "8.4.1",
      "resolved": "https://registry.npmjs.org/express-rate-limit/-/express-rate-limit-8.4.1.tgz",
      "integrity": "sha512-NGVYwQSAyEQgzxX1iCM978PP9AdO/hW93gMcF6ZwQCm+rFvLsBH6w4xcXWTcliS8La5EPRN3p9wzItqBwJrfNw==",
      "license": "MIT",
      "dependencies": {
        "ip-address": "10.1.0"
      },
      "engines": {
        "node": ">= 16"
      },
      "funding": {
        "url": "https://github.com/sponsors/express-rate-limit"
      },
      "peerDependencies": {
        "express": ">= 4.11"
      }
    },
    "node_modules/filelist": {
      "version": "1.0.4",
      "resolved": "https://registry.npmjs.org/filelist/-/filelist-1.0.4.tgz",
@@ -527,6 +546,15 @@
      "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==",
      "license": "ISC"
    },
    "node_modules/ip-address": {
      "version": "10.1.0",
      "resolved": "https://registry.npmjs.org/ip-address/-/ip-address-10.1.0.tgz",
      "integrity": "sha512-XXADHxXmvT9+CRxhXg56LJovE+bmWnEWB78LB83VZTprKTmaC5QfruXocxzTZ2Kl0DNwKuBdlIhjL8LeY8Sf8Q==",
      "license": "MIT",
      "engines": {
        "node": ">= 12"
      }
    },
    "node_modules/ipaddr.js": {
      "version": "1.9.1",
      "resolved": "https://registry.npmjs.org/ipaddr.js/-/ipaddr.js-1.9.1.tgz",
@@ -15,6 +15,7 @@
    "dotenv": "^17.2.1",
    "ejs": "^3.1.10",
    "express": "^5.1.0",
    "express-rate-limit": "^8.4.1",
    "jose": "^6.0.12",
    "mysql2": "^3.14.3",
    "nodemailer": "^7.0.6"
@@ -0,0 +1,26 @@
 import mysql from "mysql2";
 import dotenv from "dotenv";
 dotenv.config();
 const pool = mysql
  .createPool({
    host: process.env.DB_HOST,
    user: process.env.DB_USER,
    password: process.env.DB_PASSWORD,
    database: process.env.DB_NAME,
  })
  .promise();
 export const getAllFunctions = async () => {
  const [rows] = await pool.query("SELECT * FROM functions");
  return { success: true, data: rows };
 };
 export const updateFunctionStatus = async (functionName, active) => {
  const [result] = await pool.query(
    "UPDATE functions SET active = ? WHERE function_name = ?",
    [active, functionName],
  );
  if (result.affectedRows > 0) return { success: true };
  return { success: false };
 };
@@ -0,0 +1,50 @@
 import express from "express";
 import { authenticateAdmin } from "../../services/authentication.js";
 const router = express.Router();
 import dotenv from "dotenv";
 dotenv.config();
 // database funcs import
 import {
  getAllFunctions,
  updateFunctionStatus,
 } from "./database/serverConfMgmt.database.js";
 // Route to get all functions and their statuses
 router.get("/all", async (req, res) => {
  try {
    const result = await getAllFunctions();
    if (result.success) {
      res.status(200).json({ data: result.data });
    } else {
      res.status(500).json({ message: "Failed to fetch functions" });
    }
  } catch (error) {
    res
      .status(500)
      .json({ message: "An error occurred", error: error.message });
  }
 });
 // Route to update the status of a function
 router.post("/update", async (req, res) => {
  const functionName = req.query.functionName;
  let active = req.query.active;
  if (active === "false") {
    active = 0;
  } else if (active === "true") {
    active = 1;
  } else {
    res.status(406).json({ message: "Got unexpected format" });
  }
  const result = await updateFunctionStatus(functionName, active);
  if (result.success) {
    res.status(200).json({ message: "Function status updated successfully" });
  } else {
    res.status(500).json({ message: "Failed to update function status" });
  }
 });
 export default router;
@@ -1,9 +1,12 @@
 import express from "express";
 import { authenticate } from "../../services/authentication.js";
 import { checkIfServiceIsActive } from "../../services/functions.js";
 const router = express.Router();
 import dotenv from "dotenv";
 dotenv.config();
 const loan_service = "Loan Service";
 import {
  getItemsFromDatabaseV2,
  changeInSafeStateV2,
@@ -39,6 +42,7 @@ router.post("/change-state/:key/:itemId", authenticate, async (req, res) => {
 router.get(
  "/get-loan-by-code/:key/:loan_code",
  authenticate,
  checkIfServiceIsActive(loan_service),
  async (req, res) => {
    const loan_code = req.params.loan_code;
    const result = await getLoanByCodeV2(loan_code);
@@ -54,6 +58,7 @@ router.get(
 router.post(
  "/set-return-date/:key/:loan_code",
  authenticate,
  checkIfServiceIsActive(loan_service),
  async (req, res) => {
    const loanCode = req.params.loan_code;
    const result = await setReturnDateV2(loanCode);
@@ -69,6 +74,7 @@ router.post(
 router.post(
  "/set-take-date/:key/:loan_code",
  authenticate,
  checkIfServiceIsActive(loan_service),
  async (req, res) => {
    const loanCode = req.params.loan_code;
    const result = await setTakeDateV2(loanCode);
@@ -234,6 +234,23 @@ export const getBorrowableItemsFromDatabase = async (
 };
 export const SETdeleteLoanFromDatabase = async (loanId) => {
  const [checkIfdatesReturned] = await pool.query(
    "SELECT take_date, returned_date FROM loans WHERE id = ? AND deleted = 0",
    [loanId],
  );
  if (checkIfdatesReturned.length === 0) {
    return { success: false, code: "LOAN_NOT_FOUND" };
  }
  const { take_date, returned_date } = checkIfdatesReturned[0];
  const bothNull = take_date === null && returned_date === null;
  const bothSet = take_date !== null && returned_date !== null;
  if (!(bothNull || bothSet)) {
    return { success: false, code: "LOAN_NOT_RETURNED" };
  }
  const [result] = await pool.query(
    "UPDATE loans SET deleted = 1 WHERE id = ?;",
    [loanId],
@@ -1,9 +1,16 @@
 import express from "express";
 import { authenticate, generateToken } from "../../services/authentication.js";
 import {
  checkIfServiceIsActive,
  checkIfServiceIsActive2,
 } from "../../services/functions.js";
 const router = express.Router();
 import dotenv from "dotenv";
 dotenv.config();
 const loan_service = "Loan Service";
 const loan_mailer_service = "Loan Mailer";
 // database funcs import
 import {
  createLoanInDatabase,
@@ -18,106 +25,129 @@ import {
 } from "./database/loansMgmt.database.js";
 import { sendMailLoan } from "./services/mailer.js";
-router.post("/createLoan", authenticate, async (req, res) => {
+router.post(
-  try {
+  "/createLoan",
-    const { items, startDate, endDate, note } = req.body || {};
+  checkIfServiceIsActive(loan_service),
  authenticate,
  async (req, res) => {
    try {
      const { items, startDate, endDate, note } = req.body || {};
-    if (!Array.isArray(items) || items.length === 0) {
+      if (!Array.isArray(items) || items.length === 0) {
-      return res.status(400).json({ message: "Items array is required" });
+        return res.status(400).json({ message: "Items array is required" });
-    }
+      }
-    // If dates are not provided, default to now .. +7 days
+      // If dates are not provided, default to now .. +7 days
-    const start =
+      const start =
-      startDate ?? new Date().toISOString().slice(0, 19).replace("T", " ");
+        startDate ?? new Date().toISOString().slice(0, 19).replace("T", " ");
-    const end =
+      const end =
-      endDate ??
+        endDate ??
-      new Date(Date.now() + 7 * 24 * 60 * 60 * 1000)
+        new Date(Date.now() + 7 * 24 * 60 * 60 * 1000)
-        .toISOString()
+          .toISOString()
-        .slice(0, 19)
+          .slice(0, 19)
-        .replace("T", " ");
+          .replace("T", " ");
-    // Coerce item IDs to numbers and filter invalids
+      // Coerce item IDs to numbers and filter invalids
-    const itemIds = items
+      const itemIds = items
-      .map((v) => Number(v))
+        .map((v) => Number(v))
-      .filter((n) => Number.isFinite(n));
+        .filter((n) => Number.isFinite(n));
-    if (itemIds.length === 0) {
+      if (itemIds.length === 0) {
-      return res.status(400).json({ message: "No valid item IDs provided" });
+        return res.status(400).json({ message: "No valid item IDs provided" });
-    }
+      }
-    const result = await createLoanInDatabase(
+      const result = await createLoanInDatabase(
-      req.user.username,
+        req.user.username,
-      start,
+        start,
-      end,
+        end,
-      note,
+        note,
-      itemIds,
+        itemIds,
    );
    if (result.success) {
      const mailInfo = await getLoanInfoWithID(result.data.id);
      console.log(mailInfo);
      sendMailLoan(
        mailInfo.data.username,
        mailInfo.data.loaned_items_name,
        mailInfo.data.start_date,
        mailInfo.data.end_date,
        mailInfo.data.created_at,
        mailInfo.data.note,
      );
-      return res.status(201).json({
+
-        message: "Loan created successfully",
+      if (result.success) {
-        loanId: result.data.id,
+        if (await checkIfServiceIsActive2(loan_mailer_service)) {
-        loanCode: result.data.loan_code,
+          const mailInfo = await getLoanInfoWithID(result.data.id);
-      });
+          console.log(mailInfo);
          sendMailLoan(
            mailInfo.data.username,
            mailInfo.data.loaned_items_name,
            mailInfo.data.start_date,
            mailInfo.data.end_date,
            mailInfo.data.created_at,
            mailInfo.data.note,
          );
        }
        return res.status(201).json({
          message: "Loan created successfully",
          loanId: result.data.id,
          loanCode: result.data.loan_code,
        });
      }
      if (result.code === "CONFLICT") {
        return res
          .status(409)
          .json({ message: "Items not available in the selected period" });
      }
      if (result.code === "BAD_REQUEST") {
        return res.status(400).json({ message: result.message });
      }
      return res.status(500).json({ message: "Failed to create loan" });
    } catch (err) {
      console.error("createLoan error:", err);
      return res.status(500).json({ message: "Failed to create loan" });
    }
  },
 );
-    if (result.code === "CONFLICT") {
+router.get(
-      return res
+  "/loans",
-        .status(409)
+  checkIfServiceIsActive(loan_service),
-        .json({ message: "Items not available in the selected period" });
+  authenticate,
  async (req, res) => {
    const result = await getLoansFromDatabase(req.user.username);
    if (result.success) {
      res.status(200).json(result.data);
    } else if (result.status) {
      res.status(200).json([]);
    } else {
      res.status(500).json({ message: "Failed to fetch loans" });
    }
  },
 );
-    if (result.code === "BAD_REQUEST") {
+router.post(
-      return res.status(400).json({ message: result.message });
+  "/set-return-date/:loan_code",
  checkIfServiceIsActive(loan_service),
  authenticate,
  async (req, res) => {
    const loanCode = req.params.loan_code;
    const result = await setReturnDate(loanCode);
    if (result.success) {
      res.status(200).json({ data: result.data });
    } else {
      res.status(500).json({ message: "Failed to set return date" });
    }
  },
 );
-    return res.status(500).json({ message: "Failed to create loan" });
+router.post(
-  } catch (err) {
+  "/set-take-date/:loan_code",
-    console.error("createLoan error:", err);
+  checkIfServiceIsActive(loan_service),
-    return res.status(500).json({ message: "Failed to create loan" });
+  authenticate,
-  }
+  async (req, res) => {
-});
+    const loanCode = req.params.loan_code;
-
+    const result = await setTakeDate(loanCode);
-router.get("/loans", authenticate, async (req, res) => {
+    if (result.success) {
-  const result = await getLoansFromDatabase(req.user.username);
+      res.status(200).json({ data: result.data });
-  if (result.success) {
+    } else {
-    res.status(200).json(result.data);
+      res.status(500).json({ message: "Failed to set take date" });
-  } else if (result.status) {
+    }
-    res.status(200).json([]);
+  },
-  } else {
+);
    res.status(500).json({ message: "Failed to fetch loans" });
  }
 });
 router.post("/set-return-date/:loan_code", authenticate, async (req, res) => {
  const loanCode = req.params.loan_code;
  const result = await setReturnDate(loanCode);
  if (result.success) {
    res.status(200).json({ data: result.data });
  } else {
    res.status(500).json({ message: "Failed to set return date" });
  }
 });
 router.post("/set-take-date/:loan_code", authenticate, async (req, res) => {
  const loanCode = req.params.loan_code;
  const result = await setTakeDate(loanCode);
  if (result.success) {
    res.status(200).json({ data: result.data });
  } else {
    res.status(500).json({ message: "Failed to set take date" });
  }
 });
 router.get("/all-items", authenticate, async (req, res) => {
  const result = await getItems();
@@ -128,46 +158,71 @@ router.get("/all-items", authenticate, async (req, res) => {
  }
 });
-router.delete("/delete-loan/:id", authenticate, async (req, res) => {
+router.delete(
-  const loanId = req.params.id;
+  "/delete-loan/:id",
-  const result = await SETdeleteLoanFromDatabase(loanId);
+  checkIfServiceIsActive(loan_service),
-  if (result.success) {
+  authenticate,
-    res.status(200).json({ message: "Loan deleted successfully" });
+  async (req, res) => {
-  } else {
+    const loanId = req.params.id;
-    res.status(500).json({ message: "Failed to delete loan" });
+    const result = await SETdeleteLoanFromDatabase(loanId);
-  }
+    if (result.success) {
-});
+      res.status(200).json({ message: "Loan deleted successfully" });
    } else {
      if (result.code === "LOAN_NOT_FOUND") {
        res.status(404).json({ message: "Loan not found" });
      }
-router.get("/all-loans", authenticate, async (req, res) => {
+      if (result.code === "LOAN_NOT_RETURNED") {
-  const result = await getALLLoans();
+        res.status(507).json({
-  if (result.success) {
+          message: "Cannot delete loan that has not been returned",
-    res.status(200).json(result.data);
+        });
-  } else {
+      }
    res.status(500).json({ message: "Failed to fetch loans" });
  }
 });
-router.post("/borrowable-items", authenticate, async (req, res) => {
+      res.status(500).json({ message: "Failed to delete loan" });
-  const { startDate, endDate } = req.body || {};
+    }
-  if (!startDate || !endDate) {
+  },
-    return res
+);
      .status(400)
      .json({ message: "startDate and endDate are required" });
  }
-  const result = await getBorrowableItemsFromDatabase(
+router.get(
-    startDate,
+  "/all-loans",
-    endDate,
+  checkIfServiceIsActive(loan_service),
-    req.user.role,
+  authenticate,
-  );
+  async (req, res) => {
-  if (result.success) {
+    const result = await getALLLoans();
-    // return the array directly for consistency with /items
+    if (result.success) {
-    return res.status(200).json(result.data);
+      res.status(200).json(result.data);
-  } else {
+    } else {
-    return res
+      res.status(500).json({ message: "Failed to fetch loans" });
-      .status(500)
+    }
-      .json({ message: "Failed to fetch borrowable items" });
+  },
-  }
+);
-});
+
 router.post(
  "/borrowable-items",
  checkIfServiceIsActive(loan_service),
  authenticate,
  async (req, res) => {
    const { startDate, endDate } = req.body || {};
    if (!startDate || !endDate) {
      return res
        .status(400)
        .json({ message: "startDate and endDate are required" });
    }
    const result = await getBorrowableItemsFromDatabase(
      startDate,
      endDate,
      req.user.role,
    );
    if (result.success) {
      // return the array directly for consistency with /items
      return res.status(200).json(result.data);
    } else {
      return res
        .status(500)
        .json({ message: "Failed to fetch borrowable items" });
    }
  },
 );
 export default router;
@@ -1,48 +1,66 @@
 import express from "express";
 import { authenticate, generateToken } from "../../services/authentication.js";
 import { checkIfServiceIsActive } from "../../services/functions.js";
 const router = express.Router();
 import dotenv from "dotenv";
 dotenv.config();
 const user_frontend_service = "User Frontend";
 const contact_form_service = "Contact Form Service";
 // database funcs import
 import { loginFunc, changePassword } from "./database/userMgmt.database.js";
 import { sendMail } from "./services/mailer_v2.js";
-router.post("/login", async (req, res) => {
+router.post(
-  const result = await loginFunc(req.body.username, req.body.password);
+  "/login",
-  if (result.success) {
+  checkIfServiceIsActive(user_frontend_service),
-    const token = await generateToken({
+  async (req, res) => {
-      username: result.data.username,
+    const result = await loginFunc(req.body.username, req.body.password);
-      is_admin: result.data.is_admin,
+    if (result.success) {
-      first_name: result.data.first_name,
+      const token = await generateToken({
-      last_name: result.data.last_name,
+        username: result.data.username,
-      role: result.data.role,
+        is_admin: result.data.is_admin,
-    });
+        first_name: result.data.first_name,
-    res.status(200).json({ message: "Login successful", token });
+        last_name: result.data.last_name,
-  } else {
+        role: result.data.role,
-    res.status(401).json({ message: "Invalid credentials" });
+      });
-  }
+      res.status(200).json({ message: "Login successful", token });
-});
+    } else {
      res.status(401).json({ message: "Invalid credentials" });
    }
  },
 );
-router.post("/change-password", authenticate, async (req, res) => {
+router.post(
-  const oldPassword = req.body.oldPassword;
+  "/change-password",
-  const newPassword = req.body.newPassword;
+  checkIfServiceIsActive(user_frontend_service),
-  const username = req.user.username;
+  authenticate,
-  const result = await changePassword(username, oldPassword, newPassword);
+  async (req, res) => {
-  if (result.success) {
+    const oldPassword = req.body.oldPassword;
-    res.status(200).json({ message: "Password changed successfully" });
+    const newPassword = req.body.newPassword;
-  } else {
+    const username = req.user.username;
-    res.status(500).json({ message: "Failed to change password" });
+    const result = await changePassword(username, oldPassword, newPassword);
-  }
+    if (result.success) {
-});
+      res.status(200).json({ message: "Password changed successfully" });
    } else {
      res.status(500).json({ message: "Failed to change password" });
    }
  },
 );
-router.post("/contact", authenticate, async (req, res) => {
+router.post(
-  const message = req.body.message;
+  "/contact",
-  const username = req.user.username;
+  checkIfServiceIsActive(contact_form_service),
  authenticate,
  async (req, res) => {
    const message = req.body.message;
    const username = req.user.username;
-  sendMail(username, message);
+    sendMail(username, message);
-  res.status(200).json({ message: "Contact message sent successfully" });
+    res.status(200).json({ message: "Contact message sent successfully" });
-});
+  },
 );
 export default router;
@@ -55,3 +55,14 @@ CREATE TABLE apiKeys (
  PRIMARY KEY (id),
  CHECK (api_key REGEXP '^[0-9]{8}$')
 ) ENGINE=InnoDB;
 CREATE TABLE functions (
  id INT NOT NULL AUTO_INCREMENT,
  function_name VARCHAR(500) NOT NULL UNIQUE,
  active BOOLEAN NOT NULL DEFAULT true,
  entry_updated_at timestamp NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
  entry_created_at TIMESTAMP NULL DEFAULT CURRENT_TIMESTAMP,
  PRIMARY KEY (id)
 ) ENGINE=InnoDB;
 INSERT INTO functions (function_name) VALUES ("Loan Mailer"), ("Loan Service"), ("Contact Form Service"), ("User Frontend"), ("API")
@@ -1,8 +1,25 @@
 import express from "express";
 import cors from "cors";
-import env from "dotenv";
+import dotenv from "dotenv";
 import info from "./info.json" assert { type: "json" };
 import { authenticate } from "./services/authentication.js";
 import { rateLimit } from "express-rate-limit";
 dotenv.config();
 const app = express();
 const port = 8004;
 const naasURL = process.env.NAAS_URL;
 const limiter = rateLimit({
  windowMs: 1 * 60 * 1000, // 1 minute
  limit: 50, // Limit each IP to 50 requests per `window` (here, per 1 minute).
  standardHeaders: "draft-8", // draft-6: `RateLimit-*` headers; draft-7 & draft-8: combined `RateLimit` header
  legacyHeaders: false, // Disable the `X-RateLimit-*` headers.
  ipv6Subnet: 56, // Set to 60 or 64 to be less aggressive, or 52 or 48 to be more aggressive
  // store: ... , // Redis, Memcached, etc. See below.
 });
 app.use(limiter);
 // frontend routes
 import loansMgmtRouter from "./routes/app/loanMgmt.route.js";
@@ -14,14 +31,11 @@ import loanDataMgmtRouter from "./routes/admin/loanDataMgmt.route.js";
 import itemDataMgmtRouter from "./routes/admin/itemDataMgmt.route.js";
 import apiDataMgmtRouter from "./routes/admin/apiDataMgmt.route.js";
 import userMgmtRouterADMIN from "./routes/admin/userMgmt.route.js";
 import serverConfMgmtRouter from "./routes/admin/serverConfMgmt.route.js";
 // API routes
 import apiRouter from "./routes/api/api.route.js";
 env.config();
 const app = express();
 const port = 8004;
 app.use(cors());
 // Body-Parser VOR den Routen registrieren
 app.use(express.json({ limit: "10mb" }));
@@ -37,6 +51,7 @@ app.use("/api/admin/user-data", userDataMgmtRouter);
 app.use("/api/admin/item-data", itemDataMgmtRouter);
 app.use("/api/admin/api-data", apiDataMgmtRouter);
 app.use("/api/admin/user-mgmt", userMgmtRouterADMIN);
 app.use("/api/admin/server-config", serverConfMgmtRouter);
 // API routes
 app.use("/api", apiRouter);
@@ -47,6 +62,20 @@ app.listen(port, () => {
  console.log(`Server is running on port: ${port}`);
 });
 app.get("/no", async (req, res) => {
  try {
    const response = await fetch(naasURL);
    if (!response.ok) {
      res.status(500).send("Request to no-as-a-service went wrong.");
    }
    const data = await response.json();
    res.json(data);
  } catch (error) {
    console.error("Error communicating with no-as-a-service:", error);
    res.status(500).send("Error communicating with no-as-a-service.");
  }
 });
 app.get("/verify", authenticate, async (req, res) => {
  res.status(200).json({ message: "Token is valid", user: req.user });
 });
@@ -1,8 +1,12 @@
 import { SignJWT, jwtVerify } from "jose";
 import env from "dotenv";
 import { verifyAPIKeyDB } from "./database.js";
 import { checkIfServiceIsActive2 } from "./functions.js";
 env.config();
 const api_service = "API";
 const user_frontend_service = "User Frontend";
 const secretKey = process.env.SECRET_KEY;
 if (!secretKey) {
  throw new Error("Missing SECRET_KEY environment variable");
@@ -45,6 +49,13 @@ export async function authenticate(req, res, next) {
  const apiKey = req.params.key;
  if (authHeader) {
    const serviceActive = await checkIfServiceIsActive2(user_frontend_service);
    if (!serviceActive) {
      return res
        .status(503)
        .json({ message: "User Frontend is currently unavailable." });
    }
    const parts = authHeader.split(" ");
    const scheme = parts[0];
    const token = parts[1];
@@ -61,6 +72,13 @@ export async function authenticate(req, res, next) {
      return res.status(403).json({ message: "Present token invalid" }); // present token invalid
    }
  } else if (apiKey) {
    const serviceActive = await checkIfServiceIsActive2(api_service);
    if (!serviceActive) {
      return res
        .status(503)
        .json({ message: "API Service is currently unavailable." });
    }
    try {
      await verifyAPIKey(apiKey);
      return next();
@@ -0,0 +1,42 @@
 import mysql from "mysql2";
 import dotenv from "dotenv";
 dotenv.config();
 const pool = mysql
  .createPool({
    host: process.env.DB_HOST,
    user: process.env.DB_USER,
    password: process.env.DB_PASSWORD,
    database: process.env.DB_NAME,
  })
  .promise();
 export function checkIfServiceIsActive(service) {
  return async (req, res, next) => {
    const [result] = await pool.query(
      "SELECT * FROM functions WHERE function_name = ? AND active = 1;",
      [service],
    );
    if (result.length > 0) {
      return next();
    }
    return res
      .status(503)
      .json({ message: `-${service}- is currently unavailable.` });
  };
 }
 export async function checkIfServiceIsActive2(service) {
  const [result] = await pool.query(
    "SELECT * FROM functions WHERE function_name = ? AND active = 1;",
    [service],
  );
  if (result.length > 0) {
    return true;
  }
  return false;
 }
@@ -0,0 +1,36 @@
 # Changelog for upcoming version: v2.2
 This update provides some new features for the design. It also contains some improvements and I have also fixed some bugs.
 ## New features
 - The overview page now has the note column and is overall better organised
 - I also addded the regular header to the page
 - I have added three animations to the Borrow System
 - I have added a new icon for the frontend, which is now also used in the header and the favicon. It is a dark version of the old icon, which fits better to the overall design. I have made it with Icon Composer. The old icon is still used for the admin panel, which has a light design. (Maybe I will change the admin panel design in the future...)
 - When you go to your user card (over the user icon in the header) you have a new button "Click me". If you click it, you will get an message... _I am just saying: I have implemented the no-as-a-service code in to my Backend._
 ## Improvements
 - I have the error logging for the API route wehre you can take loans improved.
 - If you try to delete a loan that has not been returned yet, you will get an 507 error code.
 ## Fixed bugs
 - Fixed bug: #13
 - Fixed bug for messaging when server has an error
 - Fixed footer height
 ---
 ## New version numbers
 **Backend:** v2.2
 **Frontend:** v2.2
 **Admin panel:** v1.3.2
 ---
 -[Theis](https://portfolio-theis.de)
@@ -4,14 +4,14 @@ services:
  #    build: ./FrontendV2
  #    ports:
  #      - "8001:80"
-  #    restart: unless-stopped
+  #    restart: always
  #  admin-frontend:
  #    container_name: borrow_system-admin-frontend
  #    build: ./admin
  #    ports:
  #      - "8003:80"
-  #    restart: unless-stopped
+  #    restart: always
  backend_v2:
    container_name: borrow_system-backend_v2
@@ -26,12 +26,12 @@ services:
      DB_NAME: borrow_system_new
    depends_on:
      - mysql_v2
-    restart: unless-stopped
+    restart: always
  mysql_v2:
    container_name: borrow_system-mysql-v2
    image: mysql:8.0
-    restart: unless-stopped
+    restart: always
    environment:
      MYSQL_ROOT_PASSWORD: ${DB_PASSWORD_V2}
      MYSQL_DATABASE: borrow_system_new
@@ -42,6 +42,15 @@ services:
    ports:
      - "3310:3306"
  no-as-a-service:
    container_name: borrow_system-naas
    ports:
      - "3000:3000"
    build:
      context: ./no-as-a-service
      dockerfile: Dockerfile
    restart: always
 volumes:
  mysql-data:
  mysql-v2-data:
Author	SHA1	Message	Date
theis.gaedigk	6fb03530df	improved error logging Co-authored-by: Copilot <copilot@github.com>	2026-04-26 16:24:11 +02:00
theis.gaedigk	d2c36e71be	added request limiter to backend	2026-04-26 16:10:34 +02:00
theis.gaedigk	40d784ab36	implemented service configuration to admin panel Co-authored-by: Copilot <copilot@github.com>	2026-04-26 15:59:57 +02:00
theis.gaedigk	60c85efd37	refactored backend Co-authored-by: Copilot <copilot@github.com>	2026-04-26 15:03:37 +02:00
theis.gaedigk	747932cf03	implemented service configuration to API service Co-authored-by: Copilot <copilot@github.com>	2026-04-26 14:57:59 +02:00
theis.gaedigk	0964109c4b	added new feature: service config; Currently implemented in: loanMgmt and userMgmt (only Backend) Co-authored-by: Copilot <copilot@github.com>	2026-04-26 14:40:53 +02:00
theis.gaedigk	5442f2f1f3	new feature: Error code 507 will return if you want to delete a loan that has not been returned	2026-04-24 18:44:07 +02:00
theis.gaedigk	56e073244f	edited version numbers	2026-04-21 21:54:09 +02:00
theis.gaedigk	d2dc74971f	edited changelog	2026-04-21 21:53:16 +02:00
theis.gaedigk	25709ea0d9	implemented naas in to user frontend	2026-04-21 21:49:54 +02:00
theis.gaedigk	f8ab2490fe	added no-as-a-service project as a submodule	2026-04-21 20:48:57 +02:00
theis.gaedigk	3de877dd2b	added icon to header and updated changelog	2026-04-19 22:04:49 +02:00
theis.gaedigk	5d0134017a	added changelog and edited version numbers	2026-04-19 21:47:53 +02:00
theis.gaedigk	07503ec079	added animations to borrow-system	2026-04-19 21:32:56 +02:00