lucien/bank-app
1
0
Fork 0
generated from lucien/api-template
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

add: added routes and improved frontend

Browse source
This commit is contained in:
Lukian 2025-04-27 18:23:16 +02:00
parent 37c96f5341
commit 94e4d5750f
15 changed files with 1039 additions and 172 deletions
Download patch file Download diff file Expand all files Collapse all files

205
back/api/users.js
View file

@ -1,9 +1,212 @@
const express = require('express');
const { getConnection, addUser } = require('../libs/mysql');
const { getConnection, addUser, getUsers, getUser, getUserAccounts, addAccount, removeAccount, getUserCards, addCard, removeCard, setAccountBalance, getAccount } = require('../libs/mysql');
const { checkAuth } = require('../libs/middlewares');
const router = express.Router();
router.post('/', checkAuth, async (req, res) => {
const user = req.user;
if (!user.admin) {
return res.status(403).json({ error: 'Permission denied' });
}
const connection = await getConnection();
const users = await getUsers(connection);
connection.end();
res.send(users );
});
router.post('/:id', checkAuth, async (req, res) => {
const this_user = req.user;
const { id } = req.params;
if (!this_user.admin) {
return res.status(403).json({ error: 'Permission denied' });
}
const connection = await getConnection();
const user = await getUser(connection, id);
connection.end();
if (!user[0]) {
return res.status(404).send({ error: 'User not found' });
}
res.send(user[0]);
});
router.post('/:id/accounts', checkAuth, async (req, res) => {
const this_user = req.user;
const { id } = req.params;
if (!this_user.admin) {
return res.status(403).json({ error: 'Permission denied' });
}
const connection = await getConnection();
const user = await getUser(connection, id);
if (!user[0]) {
return res.status(404).send({ error: 'User not found' });
}
const accounts = await getUserAccounts(connection, id);
connection.end();
res.send(accounts);
});
router.post('/:user_id/accounts/:account_id/delete', checkAuth, async (req, res) => {
const this_user = req.user;
const { user_id, account_id } = req.params;
if (!this_user.admin) {
return res.status(403).json({ error: 'Permission denied' });
}
const connection = await getConnection();
const user = await getUser(connection, user_id);
if (!user[0]) {
return res.status(404).send({ error: 'User not found' });
}
await removeAccount(connection, account_id);
connection.end();
res.send({ message: 'Account removed' });
});
router.post('/:user_id/accounts/:account_id/add-balance', checkAuth, async (req, res) => {
const this_user = req.user;
const { user_id, account_id } = req.params;
const { balance } = req.body;
if (!this_user.admin) {
return res.status(403).json({ error: 'Permission denied' });
}
if (!balance) {
return res.status(400).json({ error: 'Balance is required' });
}
const connection = await getConnection();
const user = await getUser(connection, user_id);
if (!user[0]) {
return res.status(404).send({ error: 'User not found' });
}
const account = await getAccount(connection, account_id);
if (!account[0]) {
return res.status(404).send({ error: 'Account not found' });
}
await setAccountBalance(connection, account_id, account[0].balance + balance);
connection.end();
res.send({ message: 'Balance added' });
});
router.post('/:id/create-account', checkAuth, async (req, res) => {
const this_user = req.user;
const { name } = req.body;
const { id } = req.params;
if (!this_user.admin) {
return res.status(403).json({ error: 'Permission denied' });
}
if (!name) {
return res.status(400).json({ error: 'Name is required' });
}
const connection = await getConnection();
const user = await getUser(connection, id);
if (!user[0]) {
return res.status(404).send({ error: 'User not found' });
}
await addAccount(connection, id, name);
connection.end();
res.send({ message: 'Account created' });
});
router.post('/:id/cards', checkAuth, async (req, res) => {
const this_user = req.user;
const { id } = req.params;
if (!this_user.admin) {
return res.status(403).json({ error: 'Permission denied' });
}
const connection = await getConnection();
const user = await getUser(connection, id);
if (!user[0]) {
return res.status(404).send({ error: 'User not found' });
}
const cards = await getUserCards(connection, id);
connection.end();
res.send(cards);
});
router.post('/:user_id/cards/:card_id/delete', checkAuth, async (req, res) => {
const this_user = req.user;
const { user_id, card_id } = req.params;
if (!this_user.admin) {
return res.status(403).json({ error: 'Permission denied' });
}
const connection = await getConnection();
const user = await getUser(connection, user_id);
if (!user[0]) {
return res.status(404).send({ error: 'User not found' });
}
await removeCard(connection, card_id);
connection.end();
res.send({ message: 'Card removed' });
});
router.post('/:user_id/create-card', checkAuth, async (req, res) => {
const this_user = req.user;
const { user_id } = req.params;
const { account_id } = req.body;
if (!this_user.admin) {
return res.status(403).json({ error: 'Permission denied' });
}
const connection = await getConnection();
const user = await getUser(connection, user_id);
if (!user[0]) {
return res.status(404).send({ error: 'User not found' });
}
const numero = Math.floor(Math.random() * 1000000000);
const expiration = new Date();
expiration.setFullYear(expiration.getFullYear() + 5);
const expirationString = `${expiration.getMonth() + 1}/${expiration.getFullYear() % 100}`;
const cvc = Math.floor(Math.random() * 1000);
await addCard(connection, account_id, numero, expirationString, cvc);
connection.end();
res.send({ message: 'Card created' });
});
router.post('/add', checkAuth, async (req, res) => {
const user = req.user;
const { name, lastname, email, numero, password } = req.body;