changed ports

Docs/backend_API_docs/README.md

@@ -1,88 +1,87 @@
-# Borrow System API Documentation
+# Backend API (V2) Documentation
 
-**Frontend:** https://insta.the1s.de  
-**Backend base URL:** `https://backend.insta.the1s.de/api`
+This document describes the current backend API routes and their real response shapes, based on the code in `backendV2`.
+
+---
+
+## Base URLs
+
+- Frontend: `https://insta.the1s.de`
+- Backend: `https://backend.insta.the1s.de`
+- Base path: `https://backend.insta.the1s.de/api`
+
+Service status: `https://status.the1s.de`
 
 ---
 
 ## Authentication
 
-All API endpoints require **either**:
+All **protected** endpoints require an API key as a path parameter `:key`.
 
-### 1. Bearer Token (JWT)
+Rules for `:key`:
 
-Send an `Authorization` header:
-
-```http
-Authorization: Bearer <JWT_TOKEN>
-```
-
-- Used for user-based access.
-- Token must be valid and not expired.
-
-### 2. API Key (for devices / machine-to-machine)
-
-Include an API key in the route as `:key` parameter:
-
-```text
-/api/.../:key/...
-```
+- Exactly 8 characters
+- Digits only (`^[0-9]{8}$`)
 
 Example:
 
 ```http
-GET /api/items/ABC123
+GET /api/items/12345678
 ```
 
-Where `ABC123` is your API key.  
-The API key is validated server-side.
+On missing / invalid key:
+
+- Status: `401 Unauthorized`
+- Body (exact message depends on `authenticate` in `backendV2/services/authentication.js`)
+
+Auth-related modules:
+
+- `backendV2/services/authentication.js`
+- `backendV2/services/database.js`
+
+Route handlers:
+
+- `backendV2/routes/api/api.route.js`
+- `backendV2/routes/api/api.database.js`
 
 ---
 
-## Common Response Codes
+## Endpoints (Overview)
 
-- `200 OK` – Request was successful.
-- `401 Unauthorized` – Missing or malformed credentials.
-- `403 Forbidden` – Credentials invalid or not allowed to access this resource.
-- `404 Not Found` – Resource (e.g., loan) not found.
-- `500 Internal Server Error` – Unexpected server error.
+1. **Public**
+
+   - `GET /api/all-items` – List all items (no auth; from original docs)
+
+2. **Items (authenticated)**
+
+   - `GET /api/items/:key` – List all items
+   - `POST /api/change-state/:key/:itemId/:state` – Toggle item safe state
+
+3. **Loans (authenticated)**
+   - `GET /api/get-loan-by-code/:key/:loan_code` – Get loan by code
+   - `POST /api/set-take-date/:key/:loan_code` – Set “take” date and mark items as out
+   - `POST /api/set-return-date/:key/:loan_code` – Set “return” date and mark items as returned
 
 ---
 
-## Endpoints
+## 1) Items
 
-### 1. Get All Items
+### 1.1 Get all items
 
 **GET** `/api/items/:key`
 
-Returns a list of all items.
+Returns all items wrapped in a `data` property.
 
-#### Path Parameters
+- Handler: `getItemsFromDatabaseV2` in `api.database.js`
+- SQL: `SELECT * FROM items;`
 
-- `:key` – API key (string)
-
-#### Authentication
-
-- Either:
-  - Valid `Authorization: Bearer <token>`
-  - Or valid `:key` path parameter
-
-#### Request Example
+#### Example request
 
 ```http
-GET /api/items/ABC123 HTTP/1.1
-Host: backend.insta.the1s.de
+GET https://backend.insta.the1s.de/api/items/12345678
 ```
 
-or
-
-```http
-GET /api/items/dummyKey HTTP/1.1
-Host: backend.insta.the1s.de
-Authorization: Bearer <JWT_TOKEN>
-```
-
-#### Successful Response (200)
+#### Successful response
 
 ```json
 {
@@ -91,9 +90,8 @@ Authorization: Bearer <JWT_TOKEN>
       "id": 1,
       "item_name": "DJI 1er Mikro",
       "can_borrow_role": 4,
-      "inSafe": 1,
-      "safe_nr": 3,
-      "door_key": "123",
+      "in_safe": 1,
+      "safe_nr": "01",
       "entry_created_at": "2025-08-19T22:02:16.000Z",
       "entry_updated_at": "2025-08-19T22:02:16.000Z",
       "last_borrowed_person": "alice",
@@ -103,271 +101,245 @@ Authorization: Bearer <JWT_TOKEN>
 }
 ```
 
-#### Error Response (500)
+#### Error response
 
 ```json
-{
-  "message": "Failed to fetch items"
-}
+{ "message": "Failed to fetch items" }
 ```
 
+#### Status codes
+
+- `200 OK` – success, `data` is an array (possibly empty)
+- `401 Unauthorized` – invalid / missing key
+- `500 Internal Server Error` – database error or `success: false` from DB layer
+
 ---
 
-### 2. Toggle Item Safe State
-
-Toggles `in_safe` between `0` and `1` for a given item.
-
-**Keep in mind that when you return a loan by code, the item states are automatically updated.**
+### 2.2 Toggle item safe state
 
 **POST** `/api/change-state/:key/:itemId`
 
-#### Path Parameters
+> You do not need this endpoint to set the states of the items when the items are taken out or returned. When you take or return a loan, the item states are set automatically by the loan endpoints. This endpoint is only for manually toggling the `inSafe` state of an item.
 
-- `:key` – API key (string)
-- `:itemId` – Item ID (integer)
+Path parameters:
 
-#### Authentication
+- `:key` – API key (8 digits)
+- `:itemId` – numeric `id` of the item
 
-- Either Bearer token or `:key` API key.
+Handler in `api.route.js` calls `changeInSafeStateV2(itemId)`, which executes:
 
-#### Request Example
+```sql
+UPDATE items SET in_safe = NOT in_safe WHERE id = ?
+```
+
+#### Example request
 
 ```http
-POST /api/change-state/ABC123/42 HTTP/1.1
-Host: backend.insta.the1s.de
+POST https://backend.insta.the1s.de/api/change-state/12345678/42
 ```
 
-#### Successful Response (200)
+(Will toggle `in_safe` for item `42`.)
+
+#### Successful response (current implementation)
 
 ```json
 {
-  "data": {}
+  "data": null
 }
 ```
 
-_(Implementation currently only returns `{ success: true }`, so `data` may be empty.)_
+#### Error responses
 
-#### Error Response (500)
+Invalid `state` (anything other than `"0"` or `"1"`):
 
 ```json
-{
-  "message": "Failed to update item state"
-}
+{ "message": "Invalid state value" }
 ```
 
+Failed update:
+
+```json
+{ "message": "Failed to update item state" }
+```
+
+#### Status codes
+
+- `200 OK` – item state toggled
+- `400 Bad Request` – invalid `state` parameter
+- `401 Unauthorized` – invalid / missing key
+- `500 Internal Server Error` – database/update failure or `success: false` from DB layer
+
 ---
 
-### 3. Get Loan by Code
+## 3) Loans
 
-Fetch loan information by `loan_code`.
+### 3.1 Get loan by code
 
 **GET** `/api/get-loan-by-code/:key/:loan_code`
 
-#### Path Parameters
+Path parameters:
 
-- `:key` – API key (string)
-- `:loan_code` – Loan code (string)
+- `:key` – API key
+- `:loan_code` – 6-digit loan code (`^[0-9]{6}$` per DB constraint)
 
-#### Authentication
+Database layer (`getLoanByCodeV2`) currently selects:
 
-- Either Bearer token or `:key` API key.
-
-#### Request Example
-
-```http
-GET /api/get-loan-by-code/ABC123/12345 HTTP/1.1
-Host: backend.insta.the1s.de
+```sql
+SELECT first_name, returned_date, take_date, lockers
+FROM loans
+WHERE loan_code = ?;
 ```
 
-#### Successful Response (200)
+#### Example request
+
+```http
+GET https://backend.insta.the1s.de/api/get-loan-by-code/12345678/646473
+```
+
+#### Successful response
 
 ```json
 {
   "data": {
-    "username": "john",
+    "first_name": "Theis",
     "returned_date": null,
-    "take_date": "2025-01-01T10:00:00.000Z",
-    "lockers": "[1, 2, 3]"
+    "take_date": "2025-08-25T13:23:00.000Z",
+    "lockers": ["01", "03"]
   }
 }
 ```
 
-#### Error Response (404)
+#### Error response
 
 ```json
-{
-  "message": "Loan not found"
-}
+{ "message": "Loan not found" }
 ```
 
+#### Status codes
+
+- `200 OK` – loan found
+- `401 Unauthorized` – invalid / missing key
+- `404 Not Found` – no matching loan for this `loan_code`
+
 ---
 
-### 4. Set Loan Return Date
-
-Sets `returned_date = NOW()` on a loan and updates related items:
-
-- `in_safe = 1`
-- `currently_borrowing = NULL`
-- `last_borrowed_person = username`
-
-**POST** `/api/set-return-date/:key/:loan_code`
-
-#### Path Parameters
-
-- `:key` – API key (string)
-- `:loan_code` – Loan code (string)
-
-#### Authentication
-
-- Either Bearer token or `:key` API key.
-
-#### Request Example
-
-```http
-POST /api/set-return-date/ABC123/12345 HTTP/1.1
-Host: backend.insta.the1s.de
-```
-
-#### Successful Response (200)
-
-```json
-{
-  "data": {}
-}
-```
-
-#### Error Response (500)
-
-```json
-{
-  "message": "Failed to set return date"
-}
-```
-
----
-
-### 5. Set Loan Take Date
-
-Sets `take_date = NOW()` on a loan and updates related items:
-
-- `in_safe = 0`
-- `currently_borrowing = username`
+### 3.2 Set take date
 
 **POST** `/api/set-take-date/:key/:loan_code`
 
-#### Path Parameters
+Path parameters:
 
-- `:key` – API key (string)
-- `:loan_code` – Loan code (string)
+- `:key` – API key
+- `:loan_code` – loan code
 
-#### Authentication
-
-- Either Bearer token or `:key` API key.
-
-#### Request Example
+#### Example request
 
 ```http
-POST /api/set-take-date/ABC123/LOAN-12345 HTTP/1.1
-Host: backend.insta.the1s.de
+POST https://backend.insta.the1s.de/api/set-take-date/12345678/646473
 ```
 
-#### Successful Response (200)
+#### Successful response
 
 ```json
 {
-  "data": {}
+  "data": null
 }
 ```
 
-#### Error Response (500)
+#### Error response
 
 ```json
-{
-  "message": "Failed to set take date"
-}
+{ "message": "Failed to set take date" }
 ```
 
+#### Status codes
+
+- `200 OK` – take date set and items marked as out
+- `401 Unauthorized` – invalid / missing key
+- `500 Internal Server Error` – invalid loan, missing items, or DB error / `success: false`
+
 ---
 
-### 6. Open Door by Door Key
+### 3.3 Set return date
 
-Looks up an item by its `door_key`, toggles `in_safe`, and returns safe information.
+**POST** `/api/set-return-date/:key/:loan_code`
 
-**GET** `/api/open-door/:key/:doorKey`
+Path parameters:
 
-#### Path Parameters
+- `:key` – API key
+- `:loan_code` – loan code
 
-- `:key` – API key (string)
-- `:doorKey` – Door key/token (string) used by hardware to identify the locker.
-
-#### Authentication
-
-- Either Bearer token or `:key` API key.
-
-#### Request Example
+#### Example request
 
 ```http
-GET /api/open-door/ABC123/123 HTTP/1.1
-Host: backend.insta.the1s.de
+POST https://backend.insta.the1s.de/api/set-return-date/12345678/646473
 ```
 
-#### Successful Response (200)
+#### Successful response (current implementation)
+
+```json
+{
+  "data": null
+}
+```
+
+#### Error response
+
+```json
+{ "message": "Failed to set return date" }
+```
+
+#### Status codes
+
+- `200 OK` – return date set and items marked as returned
+- `401 Unauthorized` – invalid / missing key
+- `500 Internal Server Error` – invalid loan, missing items, or DB error / `success: false`
+
+---
+
+## Common Response Shapes
+
+**Success – list (authenticated items):**
+
+```json
+{
+  "data": [
+    /* array of rows */
+  ]
+}
+```
+
+**Success – single loan:**
 
 ```json
 {
   "data": {
-    "safe_nr": 5,
-    "id": 42
+    /* selected loan fields */
   }
 }
 ```
 
-#### Error Response (500)
+**Success – mutations (current code):**
 
 ```json
-{
-  "message": "Failed to open door"
-}
+{ "data": null }
 ```
 
----
-
-## Authentication Error Messages
-
-### Missing credentials
-
-Status: `401`
+**Errors:**
 
 ```json
-{
-  "message": "Unauthorized"
-}
+{ "message": "Failed to fetch items" }
+{ "message": "Failed to update item state" }
+{ "message": "Invalid state value" }
+{ "message": "Loan not found" }
+{ "message": "Failed to set return date" }
+{ "message": "Failed to set take date" }
 ```
 
-### Invalid JWT
+**HTTP Status Codes:**
 
-Status: `403`
-
-```json
-{
-  "message": "Present token invalid"
-}
-```
-
-### Invalid API Key
-
-Status: `403`
-
-```json
-{
-  "message": "API Key invalid"
-}
-```
-
----
-
-## Notes
-
-- All responses are JSON.
-- Time fields like `take_date` and `returned_date` are in the format returned by MySQL (usually ISO-like strings).
-- `loaned_items_id` in the database is stored as a JSON array string (e.g. `"[1,2,3]"`) and is parsed internally; clients do not interact with this field directly via current endpoints.
+- `200 OK` – operation succeeded
+- `400 Bad Request` – invalid `state` parameter
+- `401 Unauthorized` – invalid/missing API key
+- `404 Not Found` – loan not found
+- `500 Internal Server Error` – database / server failure or `success: false` from DB layer

FrontendV2/src/components/footer/Footer.tsx

@@ -14,7 +14,7 @@ export const Footer = () => {
       left="0"
       right="0"
     >
-      Made with ❤️ by Theis Gaedigk - Class of 2019 at MCS-Bochum
+      Made with ❤️ by Theis Gaedigk - Year 2019 at MCS-Bochum
       <br />
       Frontend-Version: {info ? info["frontend-info"].version : "N/A"} |
       Backend-Version: {info ? info["backend-info"].version : "N/A"}

FrontendV2/src/components/ui/provider.tsx

@@ -1,15 +1,22 @@
-"use client"
+"use client";
 
-import { ChakraProvider, defaultSystem } from "@chakra-ui/react"
-import {
-  ColorModeProvider,
-  type ColorModeProviderProps,
-} from "./color-mode"
+import { ChakraProvider, defaultSystem } from "@chakra-ui/react";
+import * as React from "react";
+import type { ReactNode } from "react";
 
-export function Provider(props: ColorModeProviderProps) {
+export interface ColorModeProviderProps {
+  children: React.ReactNode;
+}
+
+export function ColorModeProvider({ children }: ColorModeProviderProps) {
+  // add real color-mode logic here if you need it
+  return <>{children}</>;
+}
+
+export function Provider({ children }: { children: ReactNode }) {
   return (
     <ChakraProvider value={defaultSystem}>
-      <ColorModeProvider {...props} />
+      <ColorModeProvider>{children}</ColorModeProvider>
     </ChakraProvider>
-  )
+  );
 }

FrontendV2/vite.config.ts

@@ -1,16 +1,23 @@
 import { defineConfig } from "vite";
-import react from "@vitejs/plugin-react";
-import svgr from "vite-plugin-svgr";
 import tailwindcss from "@tailwindcss/vite";
-import tsconfigPaths from "vite-tsconfig-paths";
+import path from "node:path";
 
 export default defineConfig({
-  plugins: [react(), svgr(), tailwindcss(), tsconfigPaths()],
+  plugins: [tailwindcss()],
+  resolve: {
+    alias: {
+      "@": path.resolve(__dirname, "src"),
+    },
+  },
   server: {
     host: "0.0.0.0",
-    port: 8001,
-    watch: {
-      usePolling: true,
+    allowedHosts: ["insta.the1s.de"],
+    port: 8101,
+    watch: { usePolling: true },
+    hmr: {
+      host: "insta.the1s.de",
+      port: 8101,
+      protocol: "wss",
     },
   },
 });

admin/src/components/AddItemForm.tsx

@@ -29,8 +29,8 @@ const AddItemForm: React.FC<AddItemFormProps> = ({ onClose, alert }) => {
               <Input id="item_name" placeholder="z.B. Laptop" />
             </Field.Root>
             <Field.Root>
-              <Field.Label>Schließfachnummer</Field.Label>
-              <Input id="safe_nr" placeholder="Nummer 1 - 6" />
+              <Field.Label>Schließfachnummer (immer zwei Zahlen)</Field.Label>
+              <Input id="lockerNumber" placeholder="Nummer 01 - 06" />
             </Field.Root>
             <Field.Root>
               <Field.Label>Ausleih-Berechtigung (Rolle)</Field.Label>
@@ -57,15 +57,17 @@ const AddItemForm: React.FC<AddItemFormProps> = ({ onClose, alert }) => {
                 (document.getElementById("can_borrow_role") as HTMLInputElement)
                   ?.value
               );
-              const safeNrValue = (
-                document.getElementById("safe_nr") as HTMLInputElement
+              const lockerValue = (
+                document.getElementById("lockerNumber") as HTMLInputElement
               )?.value.trim();
 
-              const safeNr = safeNrValue === "" ? null : safeNrValue;
+              const lockerNumber =
+                lockerValue === "" ? null : Number(lockerValue);
 
               if (!name || Number.isNaN(role)) return;
+              if (lockerNumber !== null && Number.isNaN(lockerNumber)) return;
 
-              const res = await createItem(name, role, safeNr);
+              const res = await createItem(name, role, lockerNumber);
               if (res.success) {
                 alert(
                   "success",

admin/src/components/ItemTable.tsx

@@ -38,7 +38,6 @@ type Items = {
   can_borrow_role: string;
   in_safe: boolean;
   safe_nr: string;
-  door_key: string;
   entry_created_at: string;
   entry_updated_at: string;
   last_borrowed_person: string | null;
@@ -69,13 +68,7 @@ const ItemTable: React.FC = () => {
 
   const handleLockerNumberChange = (id: number, value: string) => {
     setItems((prev) =>
-      prev.map((it) => (it.id === id ? { ...it, safe_nr: value } : it))
-    );
-  };
-
-  const handleDoorKeyChange = (id: number, value: string) => {
-    setItems((prev) =>
-      prev.map((it) => (it.id === id ? { ...it, door_key: value } : it))
+      prev.map((it) => (it.id === id ? { ...it, lockerNumber: value } : it))
     );
   };
 
@@ -211,9 +204,6 @@ const ItemTable: React.FC = () => {
               <Table.ColumnHeader>
                 <strong>Schließfachnummer</strong>
               </Table.ColumnHeader>
-              <Table.ColumnHeader>
-                <strong>Schlüssel</strong>
-              </Table.ColumnHeader>
               <Table.ColumnHeader>
                 <strong>Eintrag erstellt am</strong>
               </Table.ColumnHeader>
@@ -300,16 +290,6 @@ const ItemTable: React.FC = () => {
                     value={item.safe_nr}
                   />
                 </Table.Cell>
-                <Table.Cell>
-                  <Input
-                    size="sm"
-                    w="max-content"
-                    onChange={(e) =>
-                      handleDoorKeyChange(item.id, e.target.value)
-                    }
-                    value={item.door_key}
-                  />
-                </Table.Cell>
                 <Table.Cell>{formatDateTime(item.entry_created_at)}</Table.Cell>
                 <Table.Cell>{formatDateTime(item.entry_updated_at)}</Table.Cell>
                 <Table.Cell>{item.last_borrowed_person}</Table.Cell>
@@ -321,7 +301,6 @@ const ItemTable: React.FC = () => {
                         item.id,
                         item.item_name,
                         item.safe_nr,
-                        item.door_key,
                         item.can_borrow_role
                       ).then((response) => {
                         if (response.success) {

admin/src/utils/userActions.ts

@@ -165,7 +165,7 @@ export const deleteItem = async (itemId: number) => {
 export const createItem = async (
   item_name: string,
   can_borrow_role: number,
-  lockerNumber: string | null
+  lockerNumber: number | null
 ) => {
   console.log(JSON.stringify({ item_name, can_borrow_role, lockerNumber }));
   try {
@@ -184,7 +184,7 @@ export const createItem = async (
       return {
         success: false,
         message:
-          "Fehler beim Erstellen des Gegenstands. Der Name des Gegenstandes und die Schließfachnummer dürfen nicht mehrmals vergeben werden.",
+          "Fehler beim Erstellen des Gegenstands. Der Name des Gegenstandes darf nicht mehrmals vergeben werden.",
       };
     }
     return { success: true };
@@ -198,9 +198,9 @@ export const handleEditItems = async (
   itemId: number,
   item_name: string,
   safe_nr: string | null,
-  door_key: string | null,
   can_borrow_role: string
 ) => {
+  const newSafeNr = Number(safe_nr || 0);
   try {
     const response = await fetch(
       `${API_BASE}/api/admin/item-data/edit-item/${itemId}`,
@@ -210,7 +210,7 @@ export const handleEditItems = async (
           "Content-Type": "application/json",
           Authorization: `Bearer ${Cookies.get("token")}`,
         },
-        body: JSON.stringify({ item_name, safe_nr, door_key, can_borrow_role }),
+        body: JSON.stringify({ item_name, newSafeNr, can_borrow_role }),
       }
     );
     if (!response.ok) {

admin/vite.config.ts

@@ -8,9 +8,13 @@ export default defineConfig({
   plugins: [react(), svgr(), tailwindcss(), tsconfigPaths()],
   server: {
     host: "0.0.0.0",
-    port: 8003,
-    watch: {
-      usePolling: true,
+    allowedHosts: ["admin.insta.the1s.de"],
+    port: 8103,
+    watch: { usePolling: true },
+    hmr: {
+      host: "admin.insta.the1s.de",
+      port: 8103,
+      protocol: "wss",
     },
   },
 });

backendV2/info.json

@@ -1,11 +1,11 @@
 {
     "backend-info": {
-        "version": "v2.0.1 (dev)"
+        "version": "v2.0"
     },
     "frontend-info": {
-        "version": "v2.0 (dev)"
+        "version": "v2.0"
     },
     "admin-panel-info": {
-        "version": "v1.3 (dev)"
+        "version": "v1.2"
     }
 }

backendV2/routes/admin/database/itemDataMgmt.database.js

@@ -32,22 +32,10 @@ export const createItem = async (item_name, can_borrow_role, lockerNumber) => {
   return { success: false };
 };
 
-export const editItemById = async (
-  itemId,
-  item_name,
-  can_borrow_role,
-  safe_nr,
-  door_key
-) => {
-  let newSafeNr;
-  if (safe_nr === null || safe_nr === "") {
-    newSafeNr = null;
-  } else {
-    newSafeNr = safe_nr;
-  }
+export const editItemById = async (itemId, item_name, can_borrow_role) => {
   const [result] = await pool.query(
-    "UPDATE items SET item_name = ?, can_borrow_role = ?, safe_nr = ?, door_key = ?, entry_updated_at = NOW() WHERE id = ?",
-    [item_name, can_borrow_role, newSafeNr, door_key, itemId]
+    "UPDATE items SET item_name = ?, can_borrow_role = ?, entry_updated_at = NOW() WHERE id = ?",
+    [item_name, can_borrow_role, itemId]
   );
   if (result.affectedRows > 0) return { success: true };
   return { success: false };

backendV2/routes/admin/itemDataMgmt.route.js

@@ -41,14 +41,11 @@ router.post("/create-item", authenticateAdmin, async (req, res) => {
 
 router.post("/edit-item/:id", authenticateAdmin, async (req, res) => {
   const itemId = req.params.id;
-  const { item_name, can_borrow_role, safe_nr, door_key } = req.body;
-
+  const { item_name, can_borrow_role } = req.body;
   const result = await editItemById(
     itemId,
     item_name,
-    can_borrow_role,
-    safe_nr,
-    door_key
+    can_borrow_role
   );
   if (result.success) {
     return res.status(200).json({ message: "Item edited successfully" });

backendV2/routes/api/api.database.js

@@ -114,22 +114,3 @@ export const getAllLoansV2 = async () => {
   }
   return { success: false };
 };
-
-export const openDoor = async (doorKey) => {
-  const [result] = await pool.query(
-    "SELECT safe_nr, id FROM items WHERE door_key = ?;",
-    [doorKey]
-  );
-  if (result.length > 0) {
-    const [changeItemSate] = await pool.query(
-      "UPDATE items SET in_safe = NOT in_safe WHERE id = ?",
-      [result[0].id]
-    );
-    if (changeItemSate.affectedRows > 0) {
-      return { success: true, data: result[0] };
-    } else {
-      return { success: false };
-    }
-  }
-  return { success: false };
-};

backendV2/routes/api/api.route.js

@@ -10,7 +10,6 @@ import {
   setTakeDateV2,
   setReturnDateV2,
   getLoanByCodeV2,
-  openDoor,
 } from "./api.database.js";
 
 // Route for API to get all items from the database
@@ -80,16 +79,4 @@ router.post(
   }
 );
 
-// Route for API to open a door
-router.get("/open-door/:key/:doorKey", authenticate, async (req, res) => {
-  const doorKey = req.params.doorKey;
-
-  const result = await openDoor(doorKey);
-  if (result.success) {
-    res.status(200).json({ data: result.data });
-  } else {
-    res.status(500).json({ message: "Failed to open door" });
-  }
-});
-
 export default router;

backendV2/routes/app/database/loansMgmt.database.js

@@ -69,20 +69,12 @@ export const createLoanInDatabase = async (
       )
       .filter(Boolean);
 
-    // Build lockers array (unique, only 2-digit numbers from safe_nr)
+    // Build lockers array (unique, only 2-digit strings)
     const lockers = [
       ...new Set(
         itemsRows
           .map((r) => r.safe_nr)
-          .filter(
-            (sn) =>
-              sn !== null &&
-              sn !== undefined &&
-              Number.isInteger(Number(sn)) &&
-              Number(sn) >= 0 &&
-              Number(sn) <= 99
-          )
-          .map((sn) => Number(sn))
+          .filter((sn) => typeof sn === "string" && /^\d{2}$/.test(sn))
       ),
     ];
 

backendV2/routes/app/services/mailer.js

@@ -2,38 +2,6 @@ import nodemailer from "nodemailer";
 import dotenv from "dotenv";
 dotenv.config();
 
-const formatDateTime = (value) => {
-  if (value == null) return "N/A";
-
-  const toOut = (d) => {
-    if (!(d instanceof Date) || isNaN(d.getTime())) return "N/A";
-    const dd = String(d.getDate()).padStart(2, "0");
-    const mm = String(d.getMonth() + 1).padStart(2, "0");
-    const yyyy = d.getFullYear();
-    const hh = String(d.getHours()).padStart(2, "0");
-    const mi = String(d.getMinutes()).padStart(2, "0");
-    return `${dd}.${mm}.${yyyy} ${hh}:${mi} Uhr`;
-  };
-
-  if (value instanceof Date) return toOut(value);
-  if (typeof value === "number") return toOut(new Date(value));
-
-  const s = String(value).trim();
-
-  // Direct pattern: "YYYY-MM-DD[ T]HH:mm[:ss]"
-  const m = s.match(/^(\d{4})-(\d{2})-(\d{2})[ T](\d{2}):(\d{2})(?::\d{2})?/);
-  if (m) {
-    const [, y, M, d, h, min] = m;
-    return `${d}.${M}.${y} ${h}:${min} Uhr`;
-  }
-
-  // ISO or other parseable formats
-  const dObj = new Date(s);
-  if (!isNaN(dObj.getTime())) return toOut(dObj);
-
-  return "N/A";
-};
-
 function buildLoanEmail({ user, items, startDate, endDate, createdDate }) {
   const brand = process.env.MAIL_BRAND_COLOR || "#0ea5e9";
   const itemsList =
@@ -174,8 +142,7 @@ export function sendMailLoan(user, items, startDate, endDate, createdDate) {
       html: buildLoanEmail({ user, items, startDate, endDate, createdDate }),
     });
 
-    // debugging logs
-    // console.log("Message sent:", info.messageId);
+    console.log("Message sent:", info.messageId);
   })();
-  // console.log("sendMailLoan called");
+  console.log("sendMailLoan called");
 }

backendV2/schemeV2.sql

@@ -37,13 +37,13 @@ CREATE TABLE items (
   item_name varchar(255) NOT NULL UNIQUE,
   can_borrow_role INT NOT NULL,
   in_safe bool NOT NULL DEFAULT true,
-  safe_nr INT DEFAULT NULL UNIQUE,
-  door_key INT DEFAULT NULL UNIQUE,
+  safe_nr CHAR(2) DEFAULT NULL UNIQUE,
   entry_created_at timestamp NULL DEFAULT CURRENT_TIMESTAMP,
   entry_updated_at timestamp NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
   last_borrowed_person varchar(255) DEFAULT NULL,
   currently_borrowing varchar(255) DEFAULT NULL,
-  PRIMARY KEY (id)
+  PRIMARY KEY (id),
+  CHECK (safe_nr REGEXP '^[0-9]{2}$' OR safe_nr IS NULL)
 ) ENGINE=InnoDB;
 
 CREATE TABLE apiKeys (

backendV2/server.js

@@ -20,7 +20,7 @@ import apiRouter from "./routes/api/api.route.js";
 
 env.config();
 const app = express();
-const port = 8004;
+const port = 8102;
 
 app.use(cors());
 // Body-Parser VOR den Routen registrieren

docker-compose.yml

@@ -1,23 +1,32 @@
 services:
-  #  usr-frontend_v2:
-  #    container_name: borrow_system-usr-frontend
-  #    build: ./FrontendV2
-  #    ports:
-  #      - "8001:80"
-  #    restart: unless-stopped
+  usr-frontend_v2:
+    container_name: borrow_system-usr-frontend
+    networks:
+      - proxynet
+      - borrow_system-internal
+    build: ./FrontendV2
+    ports:
+      - "8101:80"
+    restart: unless-stopped
 
-  #  admin-frontend:
-  #    container_name: borrow_system-admin-frontend
-  #    build: ./admin
-  #    ports:
-  #      - "8003:80"
-  #    restart: unless-stopped
+  admin-frontend:
+    container_name: borrow_system-admin-frontend
+    networks:
+      - proxynet
+      - borrow_system-internal
+    build: ./admin
+    ports:
+      - "8103:80"
+    restart: unless-stopped
 
   backend_v2:
     container_name: borrow_system-backend_v2
+    networks:
+      - proxynet
+      - borrow_system-internal
     build: ./backendV2
     ports:
-      - "8004:8004"
+      - "8102:8102"
     environment:
       NODE_ENV: production
       DB_HOST: mysql_v2
@@ -30,6 +39,8 @@ services:
 
   mysql_v2:
     container_name: borrow_system-mysql-v2
+    networks:
+      - borrow_system-internal
     image: mysql:8.0
     restart: unless-stopped
     environment:
@@ -45,3 +56,9 @@ services:
 volumes:
   mysql-data:
   mysql-v2-data:
+
+networks:
+  proxynet:
+    external: true
+  borrow_system-internal:
+    external: false