Major Enhancement: NestJS Migration + CASL Authorization + Error Handling
Some checks failed
CI/CD Pipeline / Backend Tests (push) Has been cancelled
CI/CD Pipeline / Frontend Tests (push) Has been cancelled
CI/CD Pipeline / Build Docker Images (push) Has been cancelled
CI/CD Pipeline / Security Scan (push) Has been cancelled
CI/CD Pipeline / Deploy to Staging (push) Has been cancelled
CI/CD Pipeline / Deploy to Production (push) Has been cancelled
Some checks failed
CI/CD Pipeline / Backend Tests (push) Has been cancelled
CI/CD Pipeline / Frontend Tests (push) Has been cancelled
CI/CD Pipeline / Build Docker Images (push) Has been cancelled
CI/CD Pipeline / Security Scan (push) Has been cancelled
CI/CD Pipeline / Deploy to Staging (push) Has been cancelled
CI/CD Pipeline / Deploy to Production (push) Has been cancelled
Complete rewrite from Express to NestJS with enterprise-grade features: ## Backend Improvements - Migrated from Express to NestJS 11.0.1 with TypeScript - Implemented Prisma ORM 7.3.0 for type-safe database access - Added CASL authorization system replacing role-based guards - Created global exception filters with structured logging - Implemented Auth0 JWT authentication with Passport.js - Added vehicle management with conflict detection - Enhanced event scheduling with driver/vehicle assignment - Comprehensive error handling and logging ## Frontend Improvements - Upgraded to React 19.2.0 with Vite 7.2.4 - Implemented CASL-based permission system - Added AbilityContext for declarative permissions - Created ErrorHandler utility for consistent error messages - Enhanced API client with request/response logging - Added War Room (Command Center) dashboard - Created VIP Schedule view with complete itineraries - Implemented Vehicle Management UI - Added mock data generators for testing (288 events across 20 VIPs) ## New Features - Vehicle fleet management (types, capacity, status tracking) - Complete 3-day Jamboree schedule generation - Individual VIP schedule pages with PDF export (planned) - Real-time War Room dashboard with auto-refresh - Permission-based navigation filtering - First user auto-approval as administrator ## Documentation - Created CASL_AUTHORIZATION.md (comprehensive guide) - Created ERROR_HANDLING.md (error handling patterns) - Updated CLAUDE.md with new architecture - Added migration guides and best practices ## Technical Debt Resolved - Removed custom authentication in favor of Auth0 - Replaced role checks with CASL abilities - Standardized error responses across API - Implemented proper TypeScript typing - Added comprehensive logging Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
This commit is contained in:
217
backend-old-20260125/dist/indexSimplified.js
vendored
Normal file
217
backend-old-20260125/dist/indexSimplified.js
vendored
Normal file
@@ -0,0 +1,217 @@
|
||||
"use strict";
|
||||
var __importDefault = (this && this.__importDefault) || function (mod) {
|
||||
return (mod && mod.__esModule) ? mod : { "default": mod };
|
||||
};
|
||||
Object.defineProperty(exports, "__esModule", { value: true });
|
||||
const express_1 = __importDefault(require("express"));
|
||||
const cors_1 = __importDefault(require("cors"));
|
||||
const dotenv_1 = __importDefault(require("dotenv"));
|
||||
const authService_1 = __importDefault(require("./services/authService"));
|
||||
const unifiedDataService_1 = __importDefault(require("./services/unifiedDataService"));
|
||||
const simpleValidation_1 = require("./middleware/simpleValidation");
|
||||
const errorHandler_1 = require("./middleware/errorHandler");
|
||||
dotenv_1.default.config();
|
||||
const app = (0, express_1.default)();
|
||||
const port = process.env.PORT || 3000;
|
||||
// Middleware
|
||||
app.use((0, cors_1.default)({
|
||||
origin: [
|
||||
process.env.FRONTEND_URL || 'http://localhost:5173',
|
||||
'https://bsa.madeamess.online'
|
||||
],
|
||||
credentials: true
|
||||
}));
|
||||
app.use(express_1.default.json());
|
||||
app.use(express_1.default.static('public'));
|
||||
// Health check
|
||||
app.get('/api/health', (req, res) => {
|
||||
res.json({
|
||||
status: 'OK',
|
||||
timestamp: new Date().toISOString(),
|
||||
version: '2.0.0' // Simplified version
|
||||
});
|
||||
});
|
||||
// Auth routes
|
||||
app.get('/auth/google', (req, res) => {
|
||||
res.redirect(authService_1.default.getGoogleAuthUrl());
|
||||
});
|
||||
app.post('/auth/google/callback', async (req, res) => {
|
||||
try {
|
||||
const { code } = req.body;
|
||||
const { user, token } = await authService_1.default.handleGoogleAuth(code);
|
||||
res.json({ user, token });
|
||||
}
|
||||
catch (error) {
|
||||
res.status(400).json({ error: 'Authentication failed' });
|
||||
}
|
||||
});
|
||||
app.get('/auth/me', authService_1.default.requireAuth, (req, res) => {
|
||||
res.json(req.user);
|
||||
});
|
||||
app.post('/auth/logout', (req, res) => {
|
||||
res.json({ message: 'Logged out successfully' });
|
||||
});
|
||||
// VIP routes
|
||||
app.get('/api/vips', authService_1.default.requireAuth, async (req, res, next) => {
|
||||
try {
|
||||
const vips = await unifiedDataService_1.default.getVips();
|
||||
res.json(vips);
|
||||
}
|
||||
catch (error) {
|
||||
next(error);
|
||||
}
|
||||
});
|
||||
app.get('/api/vips/:id', authService_1.default.requireAuth, async (req, res, next) => {
|
||||
try {
|
||||
const vip = await unifiedDataService_1.default.getVipById(req.params.id);
|
||||
if (!vip)
|
||||
return res.status(404).json({ error: 'VIP not found' });
|
||||
res.json(vip);
|
||||
}
|
||||
catch (error) {
|
||||
next(error);
|
||||
}
|
||||
});
|
||||
app.post('/api/vips', authService_1.default.requireAuth, authService_1.default.requireRole(['coordinator', 'administrator']), (0, simpleValidation_1.validate)(simpleValidation_1.schemas.createVip), async (req, res, next) => {
|
||||
try {
|
||||
const vip = await unifiedDataService_1.default.createVip(req.body);
|
||||
res.status(201).json(vip);
|
||||
}
|
||||
catch (error) {
|
||||
next(error);
|
||||
}
|
||||
});
|
||||
app.put('/api/vips/:id', authService_1.default.requireAuth, authService_1.default.requireRole(['coordinator', 'administrator']), (0, simpleValidation_1.validate)(simpleValidation_1.schemas.updateVip), async (req, res, next) => {
|
||||
try {
|
||||
const vip = await unifiedDataService_1.default.updateVip(req.params.id, req.body);
|
||||
if (!vip)
|
||||
return res.status(404).json({ error: 'VIP not found' });
|
||||
res.json(vip);
|
||||
}
|
||||
catch (error) {
|
||||
next(error);
|
||||
}
|
||||
});
|
||||
app.delete('/api/vips/:id', authService_1.default.requireAuth, authService_1.default.requireRole(['coordinator', 'administrator']), async (req, res, next) => {
|
||||
try {
|
||||
const vip = await unifiedDataService_1.default.deleteVip(req.params.id);
|
||||
if (!vip)
|
||||
return res.status(404).json({ error: 'VIP not found' });
|
||||
res.json({ message: 'VIP deleted successfully' });
|
||||
}
|
||||
catch (error) {
|
||||
next(error);
|
||||
}
|
||||
});
|
||||
// Driver routes
|
||||
app.get('/api/drivers', authService_1.default.requireAuth, async (req, res, next) => {
|
||||
try {
|
||||
const drivers = await unifiedDataService_1.default.getDrivers();
|
||||
res.json(drivers);
|
||||
}
|
||||
catch (error) {
|
||||
next(error);
|
||||
}
|
||||
});
|
||||
app.post('/api/drivers', authService_1.default.requireAuth, authService_1.default.requireRole(['coordinator', 'administrator']), (0, simpleValidation_1.validate)(simpleValidation_1.schemas.createDriver), async (req, res, next) => {
|
||||
try {
|
||||
const driver = await unifiedDataService_1.default.createDriver(req.body);
|
||||
res.status(201).json(driver);
|
||||
}
|
||||
catch (error) {
|
||||
next(error);
|
||||
}
|
||||
});
|
||||
app.put('/api/drivers/:id', authService_1.default.requireAuth, authService_1.default.requireRole(['coordinator', 'administrator']), (0, simpleValidation_1.validate)(simpleValidation_1.schemas.updateDriver), async (req, res, next) => {
|
||||
try {
|
||||
const driver = await unifiedDataService_1.default.updateDriver(req.params.id, req.body);
|
||||
if (!driver)
|
||||
return res.status(404).json({ error: 'Driver not found' });
|
||||
res.json(driver);
|
||||
}
|
||||
catch (error) {
|
||||
next(error);
|
||||
}
|
||||
});
|
||||
app.delete('/api/drivers/:id', authService_1.default.requireAuth, authService_1.default.requireRole(['coordinator', 'administrator']), async (req, res, next) => {
|
||||
try {
|
||||
const driver = await unifiedDataService_1.default.deleteDriver(req.params.id);
|
||||
if (!driver)
|
||||
return res.status(404).json({ error: 'Driver not found' });
|
||||
res.json({ message: 'Driver deleted successfully' });
|
||||
}
|
||||
catch (error) {
|
||||
next(error);
|
||||
}
|
||||
});
|
||||
// Schedule routes
|
||||
app.get('/api/vips/:vipId/schedule', authService_1.default.requireAuth, async (req, res, next) => {
|
||||
try {
|
||||
const schedule = await unifiedDataService_1.default.getScheduleByVipId(req.params.vipId);
|
||||
res.json(schedule);
|
||||
}
|
||||
catch (error) {
|
||||
next(error);
|
||||
}
|
||||
});
|
||||
app.post('/api/vips/:vipId/schedule', authService_1.default.requireAuth, authService_1.default.requireRole(['coordinator', 'administrator']), (0, simpleValidation_1.validate)(simpleValidation_1.schemas.createScheduleEvent), async (req, res, next) => {
|
||||
try {
|
||||
const event = await unifiedDataService_1.default.createScheduleEvent(req.params.vipId, req.body);
|
||||
res.status(201).json(event);
|
||||
}
|
||||
catch (error) {
|
||||
next(error);
|
||||
}
|
||||
});
|
||||
app.put('/api/vips/:vipId/schedule/:eventId', authService_1.default.requireAuth, authService_1.default.requireRole(['coordinator', 'administrator']), (0, simpleValidation_1.validate)(simpleValidation_1.schemas.updateScheduleEvent), async (req, res, next) => {
|
||||
try {
|
||||
const event = await unifiedDataService_1.default.updateScheduleEvent(req.params.eventId, req.body);
|
||||
if (!event)
|
||||
return res.status(404).json({ error: 'Event not found' });
|
||||
res.json(event);
|
||||
}
|
||||
catch (error) {
|
||||
next(error);
|
||||
}
|
||||
});
|
||||
app.delete('/api/vips/:vipId/schedule/:eventId', authService_1.default.requireAuth, authService_1.default.requireRole(['coordinator', 'administrator']), async (req, res, next) => {
|
||||
try {
|
||||
const event = await unifiedDataService_1.default.deleteScheduleEvent(req.params.eventId);
|
||||
if (!event)
|
||||
return res.status(404).json({ error: 'Event not found' });
|
||||
res.json({ message: 'Event deleted successfully' });
|
||||
}
|
||||
catch (error) {
|
||||
next(error);
|
||||
}
|
||||
});
|
||||
// Admin routes (simplified)
|
||||
app.get('/api/admin/settings', authService_1.default.requireAuth, authService_1.default.requireRole(['administrator']), async (req, res, next) => {
|
||||
try {
|
||||
const settings = await unifiedDataService_1.default.getAdminSettings();
|
||||
res.json(settings);
|
||||
}
|
||||
catch (error) {
|
||||
next(error);
|
||||
}
|
||||
});
|
||||
app.post('/api/admin/settings', authService_1.default.requireAuth, authService_1.default.requireRole(['administrator']), async (req, res, next) => {
|
||||
try {
|
||||
const { key, value } = req.body;
|
||||
await unifiedDataService_1.default.updateAdminSetting(key, value);
|
||||
res.json({ message: 'Setting updated successfully' });
|
||||
}
|
||||
catch (error) {
|
||||
next(error);
|
||||
}
|
||||
});
|
||||
// Error handling
|
||||
app.use(errorHandler_1.notFoundHandler);
|
||||
app.use(errorHandler_1.errorHandler);
|
||||
// Start server
|
||||
app.listen(port, () => {
|
||||
console.log(`🚀 Server running on port ${port}`);
|
||||
console.log(`🏥 Health check: http://localhost:${port}/api/health`);
|
||||
console.log(`📚 API docs: http://localhost:${port}/api-docs.html`);
|
||||
});
|
||||
//# sourceMappingURL=indexSimplified.js.map
|
||||
Reference in New Issue
Block a user