diff --git a/index.ts b/index.ts index fcd7663..d2795fc 100644 --- a/index.ts +++ b/index.ts @@ -8,10 +8,12 @@ import swaggerJsDoc from "swagger-jsdoc"; const app: Express = express(); const port = process.env.PORT || 3000; -import routes from "./src/routes/routes"; +import { initDatabase } from "./src/mongodb/mongodb"; import swaggerUI from "swagger-ui-express"; -import { initDatabase } from "./src/mongodb/mongodb"; +import adminRoutes from "./src/routes/adminRoutes"; +import userRoutes from "./src/routes/userRoutes"; +import eventRoutes from "./src/routes/eventRoutes"; const options = { definition: { @@ -39,11 +41,23 @@ const options = { }; app.use(bodyParser.json()); -app.use("/api/v1", routes); + +app.use("/api/v1/user", userRoutes); +app.use("/api/v1/admin", adminRoutes); +app.use("/api/v1/events", eventRoutes); const specs = swaggerJsDoc(options); app.use("/api-docs", swaggerUI.serve, swaggerUI.setup(specs)); +app.use((req, res, next) => { + res.status(404).send("not found"); +}); + +app.use((err: any, req: any, res: any, next: any) => { + console.log("req err", err.stack); + res.status(500).send({ err: "invalid request" }); +}); + initDatabase(); app.listen(port, () => { diff --git a/src/controllers/userController.ts b/src/controllers/userController.ts index ac3c117..f17eefe 100644 --- a/src/controllers/userController.ts +++ b/src/controllers/userController.ts @@ -13,7 +13,7 @@ export async function SignUp(req: Request, res: Response) { const existingUser = await User.findOne({ accountName }).lean(); if (existingUser) { - return res.status(400).json({ status: "err" }); + return res.status(400).json({ status: 1 }); } const isBase64Password = diff --git a/src/middleware/authMiddleware.ts b/src/middleware/authMiddleware.ts new file mode 100644 index 0000000..bf257b4 --- /dev/null +++ b/src/middleware/authMiddleware.ts @@ -0,0 +1,18 @@ +import { Request } from "express"; +import { Session } from "../models/session"; + +export async function sessionProtection(req: Request, res: any, next: any) { + const xAuthorization = req.get("x-authorization"); + + if (!xAuthorization) { + return res.status(401).json({ status: "err" }); + } + + const session = await Session.findOne({ sessionId: xAuthorization }).lean(); + + if (!session) { + return res.status(401).json({ status: "err" }); + } + + next(); +} diff --git a/src/models/session.ts b/src/models/session.ts index 0801cd0..459250a 100644 --- a/src/models/session.ts +++ b/src/models/session.ts @@ -1,12 +1,12 @@ import mongoose, { InferSchemaType, Schema } from "mongoose"; -import { ADMIN_MAX_USERS_PER_PAGE } from "../utils/utils"; +import { DEFAULT_SESSION_EXPIRATION } from "../utils/constants"; export const sessionSchema = new Schema({ sessionId: String, accountName: String, expiresAt: { type: Date, - default: new Date(Date.now() + ADMIN_MAX_USERS_PER_PAGE), + default: new Date(Date.now() + DEFAULT_SESSION_EXPIRATION), }, }); diff --git a/src/routes/adminRoutes.ts b/src/routes/adminRoutes.ts new file mode 100644 index 0000000..8ca4c25 --- /dev/null +++ b/src/routes/adminRoutes.ts @@ -0,0 +1,9 @@ +import express from "express"; +const router = express.Router(); + +import * as adminController from "../controllers/adminController"; +import { sessionProtection } from "../middleware/authMiddleware"; + +router.get("/users", sessionProtection, adminController.GetAllUsers); + +export default router; diff --git a/src/routes/eventRoutes.ts b/src/routes/eventRoutes.ts new file mode 100644 index 0000000..11d4ee8 --- /dev/null +++ b/src/routes/eventRoutes.ts @@ -0,0 +1,4 @@ +import express from "express"; +const router = express.Router(); + +export default router; diff --git a/src/routes/routes.ts b/src/routes/userRoutes.ts similarity index 91% rename from src/routes/routes.ts rename to src/routes/userRoutes.ts index 3ac7aa3..6db1231 100644 --- a/src/routes/routes.ts +++ b/src/routes/userRoutes.ts @@ -1,7 +1,6 @@ import express from "express"; const router = express.Router(); import * as userController from "../controllers/userController"; -import * as adminController from "../controllers/adminController"; /** * @swagger @@ -63,7 +62,7 @@ import * as adminController from "../controllers/adminController"; * type: string * example: 'err' */ -router.post("/user/signup", userController.SignUp); +router.post("/signup", userController.SignUp); /** * @swagger @@ -125,10 +124,8 @@ router.post("/user/signup", userController.SignUp); * type: string * example: 'err' */ -router.post("/user/login", userController.Login); +router.post("/login", userController.Login); -router.get("/user/profile/:accountName", userController.GetUserProfile); - -router.get("/admin/users", adminController.GetAllUsers); +router.get("/profile/:accountName", userController.GetUserProfile); export default router; diff --git a/src/utils/constants.ts b/src/utils/constants.ts new file mode 100644 index 0000000..2461843 --- /dev/null +++ b/src/utils/constants.ts @@ -0,0 +1,5 @@ +// Time duration in milliseconds for a default session expiration (7 days) +export const DEFAULT_SESSION_EXPIRATION: number = 7 * 24 * 60 * 60 * 1000; + +// Maximum number of users to display per page in the admin interface +export const ADMIN_MAX_USERS_PER_PAGE: number = 10; diff --git a/src/utils/utils.ts b/src/utils/utils.ts index 665ea44..09fff9c 100644 --- a/src/utils/utils.ts +++ b/src/utils/utils.ts @@ -2,9 +2,6 @@ import crypto from "crypto"; import { Session } from "../models/session"; import { Response } from "express"; -export const DEFAULT_SESSION_EXPIRATION = 7 * 24 * 60 * 60 * 1000; // 7 days -export const ADMIN_MAX_USERS_PER_PAGE = 10; - export async function saveSession(res: Response, accountName: string) { try { // Generate a random session ID