From 7e6d657c2680395899b841fb8405a303dd2cadef Mon Sep 17 00:00:00 2001 From: alex Date: Sun, 11 Feb 2024 14:41:51 +0100 Subject: [PATCH] session protection --- src/routes/calendarRoutes.ts | 17 +++++++++++++--- src/routes/storeRoutes.ts | 5 +++-- src/routes/storeServicesRoutes.ts | 34 ++++++++++++++++++++++++++----- src/routes/usersRoutes.ts | 9 ++++---- 4 files changed, 51 insertions(+), 14 deletions(-) diff --git a/src/routes/calendarRoutes.ts b/src/routes/calendarRoutes.ts index 61443df..bb80873 100644 --- a/src/routes/calendarRoutes.ts +++ b/src/routes/calendarRoutes.ts @@ -11,6 +11,7 @@ import { } from "../utils/constants"; import User from "../models/user"; import { terminPlanerRequest } from "../utils/terminPlaner"; +import { sessionProtection } from "../middleware/authMiddleware"; router.get( "/auth/google", @@ -103,15 +104,25 @@ router.get( } ); -router.get("/store", calendarController.GetStoreId); -router.get("/settings", calendarController.GetCalendarSettings); +router.get("/store", sessionProtection, calendarController.GetStoreId); +router.get( + "/settings", + sessionProtection, + calendarController.GetCalendarSettings +); router.post( "/settings/personal", + sessionProtection, calendarController.UpdatePersonalCalendarSettings ); -router.post("/settings/store", calendarController.UpdateStoreCalendarSettings); +router.post( + "/settings/store", + sessionProtection, + calendarController.UpdateStoreCalendarSettings +); router.post( "/settings/personal/unlink", + sessionProtection, calendarController.UnlinkGoogleCalendar ); diff --git a/src/routes/storeRoutes.ts b/src/routes/storeRoutes.ts index 7f95ce2..19b2178 100644 --- a/src/routes/storeRoutes.ts +++ b/src/routes/storeRoutes.ts @@ -2,8 +2,9 @@ import express from "express"; const router = express.Router(); import * as storeController from "../controllers/storeController"; +import { sessionProtection } from "../middleware/authMiddleware"; -router.get("/:storeId", storeController.GetStore); -router.post("/:storeId", storeController.UpdateStore); +router.get("/:storeId", sessionProtection, storeController.GetStore); +router.post("/:storeId", sessionProtection, storeController.UpdateStore); export default router; diff --git a/src/routes/storeServicesRoutes.ts b/src/routes/storeServicesRoutes.ts index 5dea5d4..51fe3b0 100644 --- a/src/routes/storeServicesRoutes.ts +++ b/src/routes/storeServicesRoutes.ts @@ -2,23 +2,47 @@ import express from "express"; const router = express.Router(); import * as storeServicesController from "../controllers/storeServicesController"; +import { sessionProtection } from "../middleware/authMiddleware"; -router.get("/:storeId", storeServicesController.GetStoreServices); -router.post("/service", storeServicesController.CreateStoreService); -router.post("/update", storeServicesController.UpdateStoreService); -router.post("/activity", storeServicesController.CreateStoreServiceActivity); +router.get( + "/:storeId", + sessionProtection, + storeServicesController.GetStoreServices +); +router.post( + "/service", + sessionProtection, + storeServicesController.CreateStoreService +); +router.post( + "/update", + sessionProtection, + storeServicesController.UpdateStoreService +); +router.post( + "/activity", + sessionProtection, + storeServicesController.CreateStoreServiceActivity +); router.get( "/activities/:storeId/:serviceId", + sessionProtection, storeServicesController.GetStoreServiceActivities ); router.post( "/activity/update", + sessionProtection, storeServicesController.UpdateStoreServiceActivity ); router.delete( "/activity/:activityId", + sessionProtection, storeServicesController.DeleteStoreServiceActivity ); -router.delete("/:serviceId", storeServicesController.DeleteStoreService); +router.delete( + "/:serviceId", + sessionProtection, + storeServicesController.DeleteStoreService +); export default router; diff --git a/src/routes/usersRoutes.ts b/src/routes/usersRoutes.ts index 91a2970..b4f0edd 100644 --- a/src/routes/usersRoutes.ts +++ b/src/routes/usersRoutes.ts @@ -2,10 +2,11 @@ import express from "express"; const router = express.Router(); import * as usersController from "../controllers/usersController"; +import { sessionProtection } from "../middleware/authMiddleware"; -router.post("/", usersController.AddEmployee); -router.get("/:storeId", usersController.GetEmployees); -router.post("/update", usersController.UpdateEmployee); -router.delete("/", usersController.DeleteEmployee); +router.post("/", sessionProtection, usersController.AddEmployee); +router.get("/:storeId", sessionProtection, usersController.GetEmployees); +router.post("/update", sessionProtection, usersController.UpdateEmployee); +router.delete("/", sessionProtection, usersController.DeleteEmployee); export default router;