kyle/vip-coordinator
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
d2754db37706a14a855f74dd800769b843033823
vip-coordinator/backend-old-20260125/dist/index.js
kyle 868f7efc23
Some checks failed
CI/CD Pipeline / Backend Tests (push) Has been cancelled
Details
CI/CD Pipeline / Frontend Tests (push) Has been cancelled
Details
CI/CD Pipeline / Build Docker Images (push) Has been cancelled
Details
CI/CD Pipeline / Security Scan (push) Has been cancelled
Details
CI/CD Pipeline / Deploy to Staging (push) Has been cancelled
Details
CI/CD Pipeline / Deploy to Production (push) Has been cancelled
Details
Major Enhancement: NestJS Migration + CASL Authorization + Error Handling 
Complete rewrite from Express to NestJS with enterprise-grade features:

## Backend Improvements
- Migrated from Express to NestJS 11.0.1 with TypeScript
- Implemented Prisma ORM 7.3.0 for type-safe database access
- Added CASL authorization system replacing role-based guards
- Created global exception filters with structured logging
- Implemented Auth0 JWT authentication with Passport.js
- Added vehicle management with conflict detection
- Enhanced event scheduling with driver/vehicle assignment
- Comprehensive error handling and logging

## Frontend Improvements
- Upgraded to React 19.2.0 with Vite 7.2.4
- Implemented CASL-based permission system
- Added AbilityContext for declarative permissions
- Created ErrorHandler utility for consistent error messages
- Enhanced API client with request/response logging
- Added War Room (Command Center) dashboard
- Created VIP Schedule view with complete itineraries
- Implemented Vehicle Management UI
- Added mock data generators for testing (288 events across 20 VIPs)

## New Features
- Vehicle fleet management (types, capacity, status tracking)
- Complete 3-day Jamboree schedule generation
- Individual VIP schedule pages with PDF export (planned)
- Real-time War Room dashboard with auto-refresh
- Permission-based navigation filtering
- First user auto-approval as administrator

## Documentation
- Created CASL_AUTHORIZATION.md (comprehensive guide)
- Created ERROR_HANDLING.md (error handling patterns)
- Updated CLAUDE.md with new architecture
- Added migration guides and best practices

## Technical Debt Resolved
- Removed custom authentication in favor of Auth0
- Replaced role checks with CASL abilities
- Standardized error responses across API
- Implemented proper TypeScript typing
- Added comprehensive logging

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-01-31 08:50:25 +01:00

271 lines
10 KiB
JavaScript
Raw Blame History

"use strict";
var __importDefault = (this && this.__importDefault) || function (mod) {
return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", { value: true });
const express_1 = __importDefault(require("express"));
const cors_1 = __importDefault(require("cors"));
const dotenv_1 = __importDefault(require("dotenv"));
const authService_1 = __importDefault(require("./services/authService"));
const unifiedDataService_1 = __importDefault(require("./services/unifiedDataService"));
const simpleValidation_1 = require("./middleware/simpleValidation");
const errorHandler_1 = require("./middleware/errorHandler");
dotenv_1.default.config();
// Log environment variables status on startup
console.log('Environment variables loaded:');
console.log('- GOOGLE_CLIENT_ID:', process.env.GOOGLE_CLIENT_ID ? 'Set' : 'Not set');
console.log('- GOOGLE_CLIENT_SECRET:', process.env.GOOGLE_CLIENT_SECRET ? 'Set' : 'Not set');
console.log('- GOOGLE_REDIRECT_URI:', process.env.GOOGLE_REDIRECT_URI || 'Not set');
const app = (0, express_1.default)();
const port = process.env.PORT || 3000;
// Middleware
app.use((0, cors_1.default)({
origin: [
process.env.FRONTEND_URL || 'http://localhost:5173',
'https://bsa.madeamess.online'
],
credentials: true
}));
app.use(express_1.default.json());
app.use(express_1.default.static('public'));
// Health check
app.get('/api/health', (req, res) => {
res.json({
status: 'OK',
timestamp: new Date().toISOString(),
version: '2.0.0' // Simplified version
});
});
// Auth routes
app.get('/auth/setup', async (req, res) => {
try {
// Check if any users exist in the system
const userCount = await unifiedDataService_1.default.getUserCount();
res.json({
needsSetup: userCount === 0,
hasUsers: userCount > 0
});
}
catch (error) {
console.error('Error in /auth/setup:', error);
res.status(500).json({ error: 'Failed to check setup status' });
}
});
app.get('/auth/google', (req, res) => {
res.redirect(authService_1.default.getGoogleAuthUrl());
});
app.get('/auth/google/url', (req, res) => {
try {
// Return the Google OAuth URL as JSON for the frontend
const url = authService_1.default.getGoogleAuthUrl();
res.json({ url });
}
catch (error) {
console.error('Error generating Google Auth URL:', error);
res.status(500).json({
error: 'Google OAuth configuration error',
message: error.message
});
}
});
app.post('/auth/google/callback', async (req, res) => {
try {
const { code } = req.body;
const { user, token } = await authService_1.default.handleGoogleAuth(code);
res.json({ user, token });
}
catch (error) {
res.status(400).json({ error: 'Authentication failed' });
}
});
app.post('/auth/google/exchange', async (req, res) => {
try {
const { code } = req.body;
const { user, token } = await authService_1.default.handleGoogleAuth(code);
res.json({ user, token });
}
catch (error) {
res.status(400).json({ error: 'Authentication failed' });
}
});
app.post('/auth/google/verify', async (req, res) => {
try {
const { credential } = req.body;
const { user, token } = await authService_1.default.verifyGoogleToken(credential);
res.json({ user, token });
}
catch (error) {
console.error('Google token verification error:', error);
res.status(400).json({ error: 'Authentication failed' });
}
});
app.get('/auth/me', authService_1.default.requireAuth, (req, res) => {
res.json(req.user);
});
app.post('/auth/logout', (req, res) => {
res.json({ message: 'Logged out successfully' });
});
// VIP routes
app.get('/api/vips', async (req, res, next) => {
try {
const vips = await unifiedDataService_1.default.getVips();
res.json(vips);
}
catch (error) {
next(error);
}
});
app.get('/api/vips/:id', async (req, res, next) => {
try {
const vip = await unifiedDataService_1.default.getVipById(req.params.id);
if (!vip)
return res.status(404).json({ error: 'VIP not found' });
res.json(vip);
}
catch (error) {
next(error);
}
});
app.post('/api/vips', authService_1.default.requireAuth, authService_1.default.requireRole(['coordinator', 'administrator']), (0, simpleValidation_1.validate)(simpleValidation_1.schemas.createVip), async (req, res, next) => {
try {
const vip = await unifiedDataService_1.default.createVip(req.body);
res.status(201).json(vip);
}
catch (error) {
next(error);
}
});
app.put('/api/vips/:id', authService_1.default.requireAuth, authService_1.default.requireRole(['coordinator', 'administrator']), (0, simpleValidation_1.validate)(simpleValidation_1.schemas.updateVip), async (req, res, next) => {
try {
const vip = await unifiedDataService_1.default.updateVip(req.params.id, req.body);
if (!vip)
return res.status(404).json({ error: 'VIP not found' });
res.json(vip);
}
catch (error) {
next(error);
}
});
app.delete('/api/vips/:id', authService_1.default.requireAuth, authService_1.default.requireRole(['coordinator', 'administrator']), async (req, res, next) => {
try {
const vip = await unifiedDataService_1.default.deleteVip(req.params.id);
if (!vip)
return res.status(404).json({ error: 'VIP not found' });
res.json({ message: 'VIP deleted successfully' });
}
catch (error) {
next(error);
}
});
// Driver routes
app.get('/api/drivers', async (req, res, next) => {
try {
const drivers = await unifiedDataService_1.default.getDrivers();
res.json(drivers);
}
catch (error) {
next(error);
}
});
app.post('/api/drivers', authService_1.default.requireAuth, authService_1.default.requireRole(['coordinator', 'administrator']), (0, simpleValidation_1.validate)(simpleValidation_1.schemas.createDriver), async (req, res, next) => {
try {
const driver = await unifiedDataService_1.default.createDriver(req.body);
res.status(201).json(driver);
}
catch (error) {
next(error);
}
});
app.put('/api/drivers/:id', authService_1.default.requireAuth, authService_1.default.requireRole(['coordinator', 'administrator']), (0, simpleValidation_1.validate)(simpleValidation_1.schemas.updateDriver), async (req, res, next) => {
try {
const driver = await unifiedDataService_1.default.updateDriver(req.params.id, req.body);
if (!driver)
return res.status(404).json({ error: 'Driver not found' });
res.json(driver);
}
catch (error) {
next(error);
}
});
app.delete('/api/drivers/:id', authService_1.default.requireAuth, authService_1.default.requireRole(['coordinator', 'administrator']), async (req, res, next) => {
try {
const driver = await unifiedDataService_1.default.deleteDriver(req.params.id);
if (!driver)
return res.status(404).json({ error: 'Driver not found' });
res.json({ message: 'Driver deleted successfully' });
}
catch (error) {
next(error);
}
});
// Schedule routes
app.get('/api/vips/:vipId/schedule', authService_1.default.requireAuth, async (req, res, next) => {
try {
const schedule = await unifiedDataService_1.default.getScheduleByVipId(req.params.vipId);
res.json(schedule);
}
catch (error) {
next(error);
}
});
app.post('/api/vips/:vipId/schedule', authService_1.default.requireAuth, authService_1.default.requireRole(['coordinator', 'administrator']), (0, simpleValidation_1.validate)(simpleValidation_1.schemas.createScheduleEvent), async (req, res, next) => {
try {
const event = await unifiedDataService_1.default.createScheduleEvent(req.params.vipId, req.body);
res.status(201).json(event);
}
catch (error) {
next(error);
}
});
app.put('/api/vips/:vipId/schedule/:eventId', authService_1.default.requireAuth, authService_1.default.requireRole(['coordinator', 'administrator']), (0, simpleValidation_1.validate)(simpleValidation_1.schemas.updateScheduleEvent), async (req, res, next) => {
try {
const event = await unifiedDataService_1.default.updateScheduleEvent(req.params.eventId, req.body);
if (!event)
return res.status(404).json({ error: 'Event not found' });
res.json(event);
}
catch (error) {
next(error);
}
});
app.delete('/api/vips/:vipId/schedule/:eventId', authService_1.default.requireAuth, authService_1.default.requireRole(['coordinator', 'administrator']), async (req, res, next) => {
try {
const event = await unifiedDataService_1.default.deleteScheduleEvent(req.params.eventId);
if (!event)
return res.status(404).json({ error: 'Event not found' });
res.json({ message: 'Event deleted successfully' });
}
catch (error) {
next(error);
}
});
// Admin routes (simplified)
app.get('/api/admin/settings', authService_1.default.requireAuth, authService_1.default.requireRole(['administrator']), async (req, res, next) => {
try {
const settings = await unifiedDataService_1.default.getAdminSettings();
res.json(settings);
}
catch (error) {
next(error);
}
});
app.post('/api/admin/settings', authService_1.default.requireAuth, authService_1.default.requireRole(['administrator']), async (req, res, next) => {
try {
const { key, value } = req.body;
await unifiedDataService_1.default.updateAdminSetting(key, value);
res.json({ message: 'Setting updated successfully' });
}
catch (error) {
next(error);
}
});
// Error handling
app.use(errorHandler_1.notFoundHandler);
app.use(errorHandler_1.errorHandler);
// Start server
app.listen(port, () => {
console.log(`🚀 Server running on port ${port}`);
console.log(`🏥 Health check: http://localhost:${port}/api/health`);
console.log(`📚 API docs: http://localhost:${port}/api-docs.html`);
});
//# sourceMappingURL=index.js.map
Reference in New Issue View Git Blame Copy Permalink