79 lines
3.3 KiB
JavaScript
79 lines
3.3 KiB
JavaScript
const express = require('express');
|
|
const router = express.Router();
|
|
const LoginController = require('../controller/auth/LoginController');
|
|
const authMiddleware = require('../middleware/authMiddleware');
|
|
const UserStatusController = require('../controller/auth/UserStatusController');
|
|
const UnitOfWork = require('../repositories/UnitOfWork');
|
|
const UserRepository = require('../repositories/UserRepository');
|
|
const EmailVerificationController = require('../controller/auth/EmailVerificationController');
|
|
const UserController = require('../controller/auth/UserController');
|
|
const UserSettingsController = require('../controller/auth/UserSettingsController'); // Add this line
|
|
const PermissionController = require('../controller/permissions/PermissionController');
|
|
const AdminUserController = require('../controller/admin/AdminUserController'); // Import the AdminUserController
|
|
const PasswordResetController = require('../controller/password-reset/PasswordResetController');
|
|
const { createRateLimiter } = require('../middleware/rateLimiter');
|
|
|
|
// Login route
|
|
router.post('/login', LoginController.login);
|
|
|
|
// Refresh token route
|
|
router.post('/refresh', LoginController.refresh);
|
|
|
|
// Logout route
|
|
router.post('/logout', LoginController.logout);
|
|
|
|
// Get current authenticated user info
|
|
router.get('/me', authMiddleware, UserController.getMe);
|
|
|
|
// Secure endpoint to get current user's status
|
|
router.get('/user/status', authMiddleware, UserStatusController.getStatus);
|
|
|
|
// New endpoint for user status progress
|
|
router.get('/user/status-progress', authMiddleware, UserStatusController.getStatusProgress);
|
|
|
|
// Add this route for full user data by id
|
|
router.get('/users/:id/full', authMiddleware, UserController.getFullUserData);
|
|
|
|
// Send verification email
|
|
router.post('/send-verification-email', authMiddleware, EmailVerificationController.sendVerificationEmail);
|
|
|
|
// Verify email code
|
|
router.post('/verify-email-code', authMiddleware, EmailVerificationController.verifyEmailCode);
|
|
|
|
// Add user settings route
|
|
router.get('/user/settings', authMiddleware, UserSettingsController.getSettings); // Add this line
|
|
|
|
router.get('/users/:id/permissions', authMiddleware, (req, res, next) => {
|
|
console.log('[ROUTE] /users/:id/permissions called');
|
|
console.log('Request method:', req.method);
|
|
console.log('Request URL:', req.originalUrl);
|
|
console.log('Request params:', req.params);
|
|
console.log('Request body:', req.body);
|
|
console.log('Request headers:', req.headers);
|
|
next();
|
|
}, PermissionController.getUserPermissions); // Add this route
|
|
|
|
// Add admin-only route for fetching full user account details
|
|
router.get('/admin/users/:id/full', authMiddleware, AdminUserController.getFullUserAccountDetails); // Add this line
|
|
|
|
router.get('/users/:id/documents', authMiddleware, UserController.getUserDocumentsAndContracts); // Add this line
|
|
|
|
// Password reset request (rate limited)
|
|
router.post(
|
|
'/request-password-reset',
|
|
createRateLimiter({
|
|
keyGenerator: req => `pwreset:${req.ip}`,
|
|
max: 5,
|
|
windowSeconds: 3600
|
|
}),
|
|
PasswordResetController.requestPasswordReset
|
|
);
|
|
|
|
// Password reset token verification
|
|
router.get('/verify-password-reset', PasswordResetController.verifyPasswordResetToken);
|
|
|
|
// Password reset (submit new password)
|
|
router.post('/reset-password', PasswordResetController.resetPassword);
|
|
|
|
module.exports = router;
|