141 lines
7.3 KiB
JavaScript
141 lines
7.3 KiB
JavaScript
const express = require('express');
|
|
const router = express.Router();
|
|
|
|
const authMiddleware = require('../middleware/authMiddleware');
|
|
|
|
// Controllers used by POST routes
|
|
const LoginController = require('../controller/login/LoginController');
|
|
const EmailVerificationController = require('../controller/auth/EmailVerificationController');
|
|
const PasswordResetController = require('../controller/password-reset/PasswordResetController');
|
|
const ReferralTokenController = require('../controller/referral/ReferralTokenController');
|
|
const ReferralRegistrationController = require('../controller/referral/ReferralRegistrationController');
|
|
const PermissionController = require('../controller/permissions/PermissionController');
|
|
const DocumentTemplateController = require('../controller/documentTemplate/DocumentTemplateController');
|
|
const PersonalRegisterController = require('../controller/register/PersonalRegisterController');
|
|
const CompanyRegisterController = require('../controller/register/CompanyRegisterController');
|
|
const PersonalDocumentController = require('../controller/documents/PersonalDocumentController');
|
|
const CompanyDocumentController = require('../controller/documents/CompanyDocumentController');
|
|
const ContractUploadController = require('../controller/documents/ContractUploadController');
|
|
const CoffeeController = require('../controller/admin/CoffeeController');
|
|
const PersonalProfileController = require('../controller/profile/PersonalProfileController');
|
|
const CompanyProfileController = require('../controller/profile/CompanyProfileController');
|
|
const AdminUserController = require('../controller/admin/AdminUserController');
|
|
const CompanyStampController = require('../controller/companyStamp/CompanyStampController'); // <-- added
|
|
const MatrixController = require('../controller/matrix/MatrixController'); // Matrix admin operations
|
|
const PoolController = require('../controller/pool/PoolController');
|
|
|
|
const multer = require('multer');
|
|
const upload = multer({ storage: multer.memoryStorage() });
|
|
|
|
console.log('🛣️ Setting up POST routes');
|
|
|
|
// auth POSTs (moved from routes/auth.js)
|
|
router.post('/login', LoginController.login);
|
|
router.post('/refresh', LoginController.refresh);
|
|
router.post('/logout', LoginController.logout);
|
|
router.post('/send-verification-email', authMiddleware, EmailVerificationController.sendVerificationEmail);
|
|
router.post('/verify-email-code', authMiddleware, EmailVerificationController.verifyEmailCode);
|
|
|
|
// Password reset POSTs (moved)
|
|
router.post(
|
|
'/request-password-reset',
|
|
PasswordResetController.requestPasswordReset
|
|
);
|
|
router.post('/reset-password', PasswordResetController.resetPassword);
|
|
|
|
// Referral POSTs (moved from routes/referral.js)
|
|
router.post('/referral/create', authMiddleware, ReferralTokenController.create);
|
|
router.post('/referral/deactivate', authMiddleware, ReferralTokenController.deactivate);
|
|
router.post('/register/personal-referral', ReferralRegistrationController.registerPersonalReferral);
|
|
router.post('/register/company-referral', ReferralRegistrationController.registerCompanyReferral);
|
|
|
|
// Permissions POST (moved from routes/permissions.js)
|
|
router.post('/permissions', authMiddleware, PermissionController.create);
|
|
|
|
// Document templates upload & signature generation POSTs (moved)
|
|
router.post('/document-templates', authMiddleware, upload.single('file'), DocumentTemplateController.uploadTemplate);
|
|
router.post('/document-templates/:id/generate-pdf-with-signature', authMiddleware, DocumentTemplateController.generatePdfWithSignature);
|
|
|
|
// Document uploads (moved from routes/documents.js)
|
|
router.post('/upload/personal-id', authMiddleware, upload.fields([{ name: 'front', maxCount: 1 }, { name: 'back', maxCount: 1 }]), PersonalDocumentController.uploadPersonalId);
|
|
router.post('/upload/company-id', authMiddleware, upload.fields([{ name: 'front', maxCount: 1 }, { name: 'back', maxCount: 1 }]), CompanyDocumentController.uploadCompanyId);
|
|
router.post('/upload/contract/personal', authMiddleware, upload.single('contract'), ContractUploadController.uploadPersonalContract);
|
|
router.post('/upload/contract/company', authMiddleware, upload.single('contract'), ContractUploadController.uploadCompanyContract);
|
|
|
|
// Profile completion POSTs (moved from routes/profile.js)
|
|
router.post('/profile/personal/complete', authMiddleware, PersonalProfileController.completeProfile);
|
|
router.post('/profile/company/complete', authMiddleware, CompanyProfileController.completeProfile);
|
|
|
|
// Admin POSTs (moved from routes/admin.js)
|
|
router.post('/admin/verify-user/:id', authMiddleware, AdminUserController.verifyUser);
|
|
router.post('/admin/send-password-reset/:userId', authMiddleware, async (req, res) => {
|
|
const userId = req.params.userId;
|
|
// require here to avoid circular/top-level ordering issues
|
|
const UnitOfWork = require('../database/UnitOfWork');
|
|
const PersonalUserRepository = require('../repositories/user/personal/PersonalUserRepository');
|
|
const CompanyUserRepository = require('../repositories/user/company/CompanyUserRepository');
|
|
|
|
const uow = new UnitOfWork();
|
|
let user = null;
|
|
try {
|
|
await uow.start();
|
|
const personalRepo = new PersonalUserRepository(uow);
|
|
const companyRepo = new CompanyUserRepository(uow);
|
|
user = await personalRepo.findById(userId);
|
|
if (!user) user = await companyRepo.findById(userId);
|
|
if (!user) {
|
|
await uow.rollback();
|
|
return res.status(404).json({ success: false, message: 'User not found.' });
|
|
}
|
|
const email = user.email;
|
|
await uow.commit();
|
|
|
|
// forward to PasswordResetController using same interface as original route
|
|
req.body = { email };
|
|
return PasswordResetController.requestPasswordReset(req, res);
|
|
} catch (err) {
|
|
try { await uow.rollback(); } catch (_) {}
|
|
console.error('[ADMIN SEND PASSWORD RESET] Error:', err);
|
|
return res.status(500).json({ success: false, message: 'Internal server error.' });
|
|
}
|
|
});
|
|
|
|
// Helper middleware for company-stamp routes
|
|
function adminOnly(req, res, next) {
|
|
if (!req.user || !['admin','super_admin'].includes(req.user.role)) {
|
|
return res.status(403).json({ error: 'Admin role required' });
|
|
}
|
|
next();
|
|
}
|
|
|
|
// NEW: ensure service sees a "company" user_type for admin users
|
|
function forceCompanyForAdmin(req, res, next) {
|
|
if (req.user && ['admin','super_admin'].includes(req.user.role) && req.user.user_type !== 'company') {
|
|
req.user.user_type = 'company'; // mimic company to satisfy service checks
|
|
}
|
|
next();
|
|
}
|
|
|
|
// Company-stamp POST
|
|
router.post('/company-stamps', authMiddleware, adminOnly, forceCompanyForAdmin, CompanyStampController.upload);
|
|
// Admin: create coffee product (supports multipart file 'picture')
|
|
router.post('/admin/coffee', authMiddleware, adminOnly, upload.single('picture'), CoffeeController.create);
|
|
// NEW: add user into matrix
|
|
router.post('/admin/matrix/add-user', authMiddleware, adminOnly, MatrixController.addUser); // already added
|
|
// NEW: Admin create pool
|
|
router.post('/admin/pools', authMiddleware, adminOnly, PoolController.create);
|
|
|
|
// Existing registration handlers (keep)
|
|
router.post('/register/personal', (req, res) => {
|
|
console.log('🔗 POST /register/personal route accessed');
|
|
PersonalRegisterController.register(req, res);
|
|
});
|
|
router.post('/register/company', (req, res) => {
|
|
console.log('🔗 POST /register/company route accessed');
|
|
CompanyRegisterController.register(req, res);
|
|
});
|
|
|
|
console.log('✅ POST routes configured successfully');
|
|
|
|
module.exports = router;
|