Route Changes
This commit is contained in:
@@ -1,188 +1,242 @@
|
||||
import { FastifyInstance } from "fastify";
|
||||
import jwt from "jsonwebtoken";
|
||||
import {secrets} from "../utils/secrets";
|
||||
import { FastifyInstance } from "fastify"
|
||||
import jwt from "jsonwebtoken"
|
||||
import { secrets } from "../utils/secrets"
|
||||
|
||||
export default async function routes(server: FastifyInstance) {
|
||||
import {
|
||||
authTenantUsers,
|
||||
authUsers,
|
||||
authProfiles,
|
||||
tenants
|
||||
} from "../../db/schema"
|
||||
|
||||
import { eq } from "drizzle-orm"
|
||||
|
||||
|
||||
export default async function tenantRoutes(server: FastifyInstance) {
|
||||
|
||||
|
||||
// -------------------------------------------------------------
|
||||
// GET CURRENT TENANT
|
||||
// -------------------------------------------------------------
|
||||
server.get("/tenant", async (req) => {
|
||||
if(req.tenant) {
|
||||
if (req.tenant) {
|
||||
return {
|
||||
message: `Hallo vom Tenant ${req.tenant?.name}`,
|
||||
tenant_id: req.tenant?.id,
|
||||
};
|
||||
} else {
|
||||
return {
|
||||
message: `Server ist in MultiTenant Mode. Sie bekommen alles für Sie verfügbare`,
|
||||
};
|
||||
}
|
||||
|
||||
|
||||
|
||||
});
|
||||
|
||||
server.post("/tenant/switch", async (req, reply) => {
|
||||
if (!req.user) {
|
||||
return reply.code(401).send({ error: "Unauthorized" });
|
||||
}
|
||||
|
||||
const body = req.body as { tenant_id: string };
|
||||
console.log(body);
|
||||
|
||||
// prüfen ob user im Tenant Mitglied ist
|
||||
const { data: tenantUser, error } = await server.supabase
|
||||
.from("auth_tenant_users")
|
||||
.select("*")
|
||||
.eq("user_id", req.user.user_id)
|
||||
.eq("tenant_id", body.tenant_id)
|
||||
.single();
|
||||
|
||||
if (error || !tenantUser) {
|
||||
return reply.code(403).send({ error: "Not a member of this tenant" });
|
||||
}
|
||||
|
||||
// neues JWT mit tenant_id ausstellen
|
||||
const token = jwt.sign(
|
||||
{
|
||||
user_id: req.user.user_id,
|
||||
email: req.user.email,
|
||||
tenant_id: body.tenant_id,
|
||||
},
|
||||
secrets.JWT_SECRET!,
|
||||
{ expiresIn: "6h" }
|
||||
);
|
||||
|
||||
reply.setCookie("token", token, {
|
||||
path: "/",
|
||||
httpOnly: true,
|
||||
sameSite: process.env.NODE_ENV === "production" ? "none" : "lax",
|
||||
secure: process.env.NODE_ENV === "production", // lokal: false, prod: true
|
||||
maxAge: 60 * 60 * 3, // 3 Stunden
|
||||
})
|
||||
|
||||
return { token };
|
||||
});
|
||||
|
||||
server.get("/tenant/users", async (req, reply) => {
|
||||
const { tenant_id } = req.params as { tenant_id: string };
|
||||
const authUser = req.user // kommt aus JWT (user_id + tenant_id)
|
||||
|
||||
if (!authUser) {
|
||||
return reply.code(401).send({ error: "Unauthorized" })
|
||||
}
|
||||
|
||||
const { data, error } = await server.supabase
|
||||
.from("auth_tenant_users")
|
||||
.select(`
|
||||
user_id,
|
||||
auth_users!tenantusers_user_id_fkey ( id, email, created_at, auth_profiles(*))`)
|
||||
.eq("tenant_id", authUser.tenant_id);
|
||||
|
||||
if (error) {
|
||||
console.log(error);
|
||||
return reply.code(400).send({ error: error.message });
|
||||
}
|
||||
|
||||
let correctedData = data.map(i => {
|
||||
|
||||
|
||||
return {
|
||||
id: i.user_id,
|
||||
// @ts-ignore
|
||||
email: i.auth_users.email,
|
||||
// @ts-ignore
|
||||
profile: i.auth_users.auth_profiles.find(x => x.tenant_id === authUser.tenant_id),
|
||||
// @ts-ignore
|
||||
full_name: i.auth_users.auth_profiles.find(x => x.tenant_id === authUser.tenant_id)?.full_name,
|
||||
}
|
||||
})
|
||||
}
|
||||
return {
|
||||
message: "Server ist im MultiTenant-Modus – es werden alle verfügbaren Tenants geladen."
|
||||
}
|
||||
})
|
||||
|
||||
return { tenant_id, users: correctedData };
|
||||
});
|
||||
|
||||
|
||||
// -------------------------------------------------------------
|
||||
// SWITCH TENANT
|
||||
// -------------------------------------------------------------
|
||||
server.post("/tenant/switch", async (req, reply) => {
|
||||
try {
|
||||
if (!req.user) {
|
||||
return reply.code(401).send({ error: "Unauthorized" })
|
||||
}
|
||||
|
||||
const { tenant_id } = req.body as { tenant_id: string }
|
||||
if (!tenant_id) return reply.code(400).send({ error: "tenant_id required" })
|
||||
|
||||
// prüfen ob der User zu diesem Tenant gehört
|
||||
const membership = await server.db
|
||||
.select()
|
||||
.from(authTenantUsers)
|
||||
.where(
|
||||
eq(authTenantUsers.user_id, req.user.user_id)
|
||||
)
|
||||
.where(
|
||||
eq(authTenantUsers.tenant_id, Number(tenant_id))
|
||||
)
|
||||
|
||||
if (!membership.length) {
|
||||
return reply.code(403).send({ error: "Not a member of this tenant" })
|
||||
}
|
||||
|
||||
// JWT neu erzeugen
|
||||
const token = jwt.sign(
|
||||
{
|
||||
user_id: req.user.user_id,
|
||||
email: req.user.email,
|
||||
tenant_id,
|
||||
},
|
||||
secrets.JWT_SECRET!,
|
||||
{ expiresIn: "6h" }
|
||||
)
|
||||
|
||||
reply.setCookie("token", token, {
|
||||
path: "/",
|
||||
httpOnly: true,
|
||||
sameSite: process.env.NODE_ENV === "production" ? "none" : "lax",
|
||||
secure: process.env.NODE_ENV === "production",
|
||||
maxAge: 60 * 60 * 3,
|
||||
})
|
||||
|
||||
return { token }
|
||||
|
||||
} catch (err) {
|
||||
console.error("TENANT SWITCH ERROR:", err)
|
||||
return reply.code(500).send({ error: "Internal Server Error" })
|
||||
}
|
||||
})
|
||||
|
||||
|
||||
|
||||
// -------------------------------------------------------------
|
||||
// TENANT USERS (auth_users + auth_profiles)
|
||||
// -------------------------------------------------------------
|
||||
server.get("/tenant/users", async (req, reply) => {
|
||||
try {
|
||||
const authUser = req.user
|
||||
if (!authUser) return reply.code(401).send({ error: "Unauthorized" })
|
||||
|
||||
const tenantId = authUser.tenant_id
|
||||
|
||||
// 1) auth_tenant_users → user_ids
|
||||
const tenantUsers = await server.db
|
||||
.select()
|
||||
.from(authTenantUsers)
|
||||
.where(eq(authTenantUsers.tenant_id, tenantId))
|
||||
|
||||
const userIds = tenantUsers.map(u => u.user_id)
|
||||
|
||||
if (!userIds.length) {
|
||||
return { tenant_id: tenantId, users: [] }
|
||||
}
|
||||
|
||||
// 2) auth_users laden
|
||||
const users = await server.db
|
||||
.select()
|
||||
.from(authUsers)
|
||||
.where(inArray(authUsers.id, userIds))
|
||||
|
||||
// 3) auth_profiles pro Tenant laden
|
||||
const profiles = await server.db
|
||||
.select()
|
||||
.from(authProfiles)
|
||||
.where(eq(authProfiles.tenant_id, tenantId))
|
||||
.where(inArray(authProfiles.user_id, userIds))
|
||||
|
||||
const combined = users.map(u => {
|
||||
const profile = profiles.find(p => p.user_id === u.id)
|
||||
return {
|
||||
id: u.id,
|
||||
email: u.email,
|
||||
profile,
|
||||
full_name: profile?.full_name ?? null
|
||||
}
|
||||
})
|
||||
|
||||
return { tenant_id: tenantId, users: combined }
|
||||
|
||||
} catch (err) {
|
||||
console.error("/tenant/users ERROR:", err)
|
||||
return reply.code(500).send({ error: "Internal Server Error" })
|
||||
}
|
||||
})
|
||||
|
||||
|
||||
|
||||
// -------------------------------------------------------------
|
||||
// TENANT PROFILES
|
||||
// -------------------------------------------------------------
|
||||
server.get("/tenant/profiles", async (req, reply) => {
|
||||
const { tenant_id } = req.params as { tenant_id: string };
|
||||
const authUser = req.user // kommt aus JWT (user_id + tenant_id)
|
||||
try {
|
||||
const tenantId = req.user?.tenant_id
|
||||
if (!tenantId) return reply.code(401).send({ error: "Unauthorized" })
|
||||
|
||||
if (!authUser) {
|
||||
return reply.code(401).send({ error: "Unauthorized" })
|
||||
}
|
||||
|
||||
const { data, error } = await server.supabase
|
||||
.from("auth_profiles")
|
||||
.select()
|
||||
.eq("tenant_id", authUser.tenant_id);
|
||||
|
||||
if (error) {
|
||||
console.log(error);
|
||||
return reply.code(400).send({ error: error.message });
|
||||
const data = await server.db
|
||||
.select()
|
||||
.from(authProfiles)
|
||||
.where(eq(authProfiles.tenant_id, tenantId))
|
||||
|
||||
return { data }
|
||||
|
||||
} catch (err) {
|
||||
console.error("/tenant/profiles ERROR:", err)
|
||||
return reply.code(500).send({ error: "Internal Server Error" })
|
||||
}
|
||||
})
|
||||
|
||||
|
||||
return { data };
|
||||
});
|
||||
|
||||
// -------------------------------------------------------------
|
||||
// UPDATE NUMBER RANGE
|
||||
// -------------------------------------------------------------
|
||||
server.put("/tenant/numberrange/:numberrange", async (req, reply) => {
|
||||
if (!req.user) {
|
||||
return reply.code(401).send({ error: "Unauthorized" });
|
||||
try {
|
||||
const user = req.user
|
||||
if (!user) return reply.code(401).send({ error: "Unauthorized" })
|
||||
|
||||
const { numberrange } = req.params as { numberrange: string }
|
||||
const { numberRange } = req.body as { numberRange: any }
|
||||
|
||||
if (!numberRange) {
|
||||
return reply.code(400).send({ error: "numberRange required" })
|
||||
}
|
||||
|
||||
const tenantId = Number(user.tenant_id)
|
||||
|
||||
const currentTenantRows = await server.db
|
||||
.select()
|
||||
.from(tenants)
|
||||
.where(eq(tenants.id, tenantId))
|
||||
|
||||
const current = currentTenantRows[0]
|
||||
if (!current) return reply.code(404).send({ error: "Tenant not found" })
|
||||
|
||||
const updatedRanges = {
|
||||
...current.numberRanges,
|
||||
[numberrange]: numberRange
|
||||
}
|
||||
|
||||
const updated = await server.db
|
||||
.update(tenants)
|
||||
.set({ numberRanges: updatedRanges })
|
||||
.where(eq(tenants.id, tenantId))
|
||||
.returning()
|
||||
|
||||
return updated[0]
|
||||
|
||||
} catch (err) {
|
||||
console.error("/tenant/numberrange ERROR:", err)
|
||||
return reply.code(500).send({ error: "Internal Server Error" })
|
||||
}
|
||||
const { numberrange } = req.params as { numberrange?: string }
|
||||
|
||||
const body = req.body as { numberRange: object };
|
||||
console.log(body);
|
||||
|
||||
if(!body.numberRange) {
|
||||
return reply.code(400).send({ error: "numberRange required" });
|
||||
}
|
||||
|
||||
const {data:currentTenantData,error:numberRangesError} = await server.supabase.from("tenants").select().eq("id", req.user.tenant_id).single()
|
||||
|
||||
console.log(currentTenantData)
|
||||
console.log(numberRangesError)
|
||||
})
|
||||
|
||||
|
||||
let numberRanges = {
|
||||
// @ts-ignore
|
||||
...currentTenantData.numberRanges
|
||||
}
|
||||
|
||||
// @ts-ignore
|
||||
numberRanges[numberrange] = body.numberRange
|
||||
|
||||
|
||||
console.log(numberRanges)
|
||||
|
||||
const {data,error} = await server.supabase
|
||||
.from("tenants")
|
||||
.update({numberRanges: numberRanges})
|
||||
.eq('id',req.user.tenant_id)
|
||||
.select()
|
||||
|
||||
if(data && !error) {
|
||||
return reply.send(data)
|
||||
}
|
||||
});
|
||||
|
||||
// -------------------------------------------------------------
|
||||
// UPDATE TENANT OTHER FIELDS
|
||||
// -------------------------------------------------------------
|
||||
server.put("/tenant/other/:id", async (req, reply) => {
|
||||
if (!req.user) {
|
||||
return reply.code(401).send({ error: "Unauthorized" });
|
||||
try {
|
||||
const user = req.user
|
||||
if (!user) return reply.code(401).send({ error: "Unauthorized" })
|
||||
|
||||
const { id } = req.params as { id: string }
|
||||
const { data } = req.body as { data: any }
|
||||
|
||||
if (!data) return reply.code(400).send({ error: "data required" })
|
||||
|
||||
const updated = await server.db
|
||||
.update(tenants)
|
||||
.set(data)
|
||||
.where(eq(tenants.id, Number(user.tenant_id)))
|
||||
.returning()
|
||||
|
||||
return updated[0]
|
||||
|
||||
} catch (err) {
|
||||
console.error("/tenant/other ERROR:", err)
|
||||
return reply.code(500).send({ error: "Internal Server Error" })
|
||||
}
|
||||
const { id } = req.params as { id?: string }
|
||||
})
|
||||
|
||||
const body = req.body as { data: object };
|
||||
console.log(body);
|
||||
|
||||
if(!body.data) {
|
||||
return reply.code(400).send({ error: "data required" });
|
||||
}
|
||||
|
||||
const {data:dataReturn,error} = await server.supabase
|
||||
.from("tenants")
|
||||
.update(body.data)
|
||||
.eq('id',req.user.tenant_id)
|
||||
.select()
|
||||
|
||||
if(dataReturn && !error) {
|
||||
return reply.send(dataReturn)
|
||||
}
|
||||
});
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user