Add user system, login/register pages, and reader management dashboard
This commit is contained in:
parent
85ca136c5a
commit
633b0a79a0
3
migrations/0002_add_users.sql
Normal file
3
migrations/0002_add_users.sql
Normal file
|
|
@ -0,0 +1,3 @@
|
||||||
|
CREATE TABLE IF NOT EXISTS users (id INTEGER PRIMARY KEY AUTOINCREMENT, username TEXT UNIQUE NOT NULL, password TEXT NOT NULL, created_at DATETIME DEFAULT CURRENT_TIMESTAMP);
|
||||||
|
|
||||||
|
ALTER TABLE places ADD COLUMN ownerId INTEGER REFERENCES users(id);
|
||||||
10
package-lock.json
generated
10
package-lock.json
generated
|
|
@ -9,6 +9,7 @@
|
||||||
"version": "1.0.0",
|
"version": "1.0.0",
|
||||||
"license": "ISC",
|
"license": "ISC",
|
||||||
"dependencies": {
|
"dependencies": {
|
||||||
|
"bcryptjs": "^3.0.3",
|
||||||
"colors": "^1.4.0",
|
"colors": "^1.4.0",
|
||||||
"dotenv": "^17.3.1",
|
"dotenv": "^17.3.1",
|
||||||
"express": "^5.2.1",
|
"express": "^5.2.1",
|
||||||
|
|
@ -178,6 +179,15 @@
|
||||||
],
|
],
|
||||||
"license": "MIT"
|
"license": "MIT"
|
||||||
},
|
},
|
||||||
|
"node_modules/bcryptjs": {
|
||||||
|
"version": "3.0.3",
|
||||||
|
"resolved": "https://registry.npmjs.org/bcryptjs/-/bcryptjs-3.0.3.tgz",
|
||||||
|
"integrity": "sha512-GlF5wPWnSa/X5LKM1o0wz0suXIINz1iHRLvTS+sLyi7XPbe5ycmYI3DlZqVGZZtDgl4DmasFg7gOB3JYbphV5g==",
|
||||||
|
"license": "BSD-3-Clause",
|
||||||
|
"bin": {
|
||||||
|
"bcrypt": "bin/bcrypt"
|
||||||
|
}
|
||||||
|
},
|
||||||
"node_modules/bindings": {
|
"node_modules/bindings": {
|
||||||
"version": "1.5.0",
|
"version": "1.5.0",
|
||||||
"resolved": "https://registry.npmjs.org/bindings/-/bindings-1.5.0.tgz",
|
"resolved": "https://registry.npmjs.org/bindings/-/bindings-1.5.0.tgz",
|
||||||
|
|
|
||||||
|
|
@ -1,5 +1,6 @@
|
||||||
{
|
{
|
||||||
"dependencies": {
|
"dependencies": {
|
||||||
|
"bcryptjs": "^3.0.3",
|
||||||
"colors": "^1.4.0",
|
"colors": "^1.4.0",
|
||||||
"dotenv": "^17.3.1",
|
"dotenv": "^17.3.1",
|
||||||
"express": "^5.2.1",
|
"express": "^5.2.1",
|
||||||
|
|
|
||||||
306
public/css/style.css
Normal file
306
public/css/style.css
Normal file
|
|
@ -0,0 +1,306 @@
|
||||||
|
:root {
|
||||||
|
--bg: #0f1115;
|
||||||
|
--panel: #171a21;
|
||||||
|
--border: #262b36;
|
||||||
|
--text: #e6e9ef;
|
||||||
|
--muted: #8b93a7;
|
||||||
|
--accent: #4f7cff;
|
||||||
|
--accent-hover: #6a90ff;
|
||||||
|
--danger: #e5484d;
|
||||||
|
--success: #3ecf8e;
|
||||||
|
}
|
||||||
|
|
||||||
|
* {
|
||||||
|
box-sizing: border-box;
|
||||||
|
}
|
||||||
|
|
||||||
|
body {
|
||||||
|
margin: 0;
|
||||||
|
font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, Helvetica, Arial, sans-serif;
|
||||||
|
background: var(--bg);
|
||||||
|
color: var(--text);
|
||||||
|
}
|
||||||
|
|
||||||
|
.auth-wrapper {
|
||||||
|
min-height: 100vh;
|
||||||
|
display: flex;
|
||||||
|
align-items: center;
|
||||||
|
justify-content: center;
|
||||||
|
padding: 24px;
|
||||||
|
}
|
||||||
|
|
||||||
|
.auth-card {
|
||||||
|
width: 100%;
|
||||||
|
max-width: 380px;
|
||||||
|
background: var(--panel);
|
||||||
|
border: 1px solid var(--border);
|
||||||
|
border-radius: 12px;
|
||||||
|
padding: 32px;
|
||||||
|
}
|
||||||
|
|
||||||
|
.auth-card h1 {
|
||||||
|
margin: 0 0 4px;
|
||||||
|
font-size: 22px;
|
||||||
|
}
|
||||||
|
|
||||||
|
.auth-card p.subtitle {
|
||||||
|
margin: 0 0 24px;
|
||||||
|
color: var(--muted);
|
||||||
|
font-size: 14px;
|
||||||
|
}
|
||||||
|
|
||||||
|
label {
|
||||||
|
display: block;
|
||||||
|
font-size: 13px;
|
||||||
|
margin-bottom: 6px;
|
||||||
|
color: var(--muted);
|
||||||
|
}
|
||||||
|
|
||||||
|
input {
|
||||||
|
width: 100%;
|
||||||
|
padding: 10px 12px;
|
||||||
|
margin-bottom: 16px;
|
||||||
|
border-radius: 8px;
|
||||||
|
border: 1px solid var(--border);
|
||||||
|
background: #0f1115;
|
||||||
|
color: var(--text);
|
||||||
|
font-size: 14px;
|
||||||
|
}
|
||||||
|
|
||||||
|
input:focus {
|
||||||
|
outline: none;
|
||||||
|
border-color: var(--accent);
|
||||||
|
}
|
||||||
|
|
||||||
|
button {
|
||||||
|
cursor: pointer;
|
||||||
|
border: none;
|
||||||
|
border-radius: 8px;
|
||||||
|
font-size: 14px;
|
||||||
|
font-weight: 600;
|
||||||
|
padding: 10px 16px;
|
||||||
|
}
|
||||||
|
|
||||||
|
button.primary {
|
||||||
|
width: 100%;
|
||||||
|
background: var(--accent);
|
||||||
|
color: #fff;
|
||||||
|
}
|
||||||
|
|
||||||
|
button.primary:hover {
|
||||||
|
background: var(--accent-hover);
|
||||||
|
}
|
||||||
|
|
||||||
|
button.secondary {
|
||||||
|
background: transparent;
|
||||||
|
border: 1px solid var(--border);
|
||||||
|
color: var(--text);
|
||||||
|
}
|
||||||
|
|
||||||
|
button.danger {
|
||||||
|
background: var(--danger);
|
||||||
|
color: #fff;
|
||||||
|
}
|
||||||
|
|
||||||
|
.error {
|
||||||
|
background: rgba(229, 72, 77, 0.12);
|
||||||
|
border: 1px solid rgba(229, 72, 77, 0.4);
|
||||||
|
color: #ff9a9c;
|
||||||
|
padding: 8px 12px;
|
||||||
|
border-radius: 8px;
|
||||||
|
font-size: 13px;
|
||||||
|
margin-bottom: 16px;
|
||||||
|
display: none;
|
||||||
|
}
|
||||||
|
|
||||||
|
.error.visible {
|
||||||
|
display: block;
|
||||||
|
}
|
||||||
|
|
||||||
|
.switch-link {
|
||||||
|
text-align: center;
|
||||||
|
margin-top: 16px;
|
||||||
|
font-size: 13px;
|
||||||
|
color: var(--muted);
|
||||||
|
}
|
||||||
|
|
||||||
|
.switch-link a {
|
||||||
|
color: var(--accent);
|
||||||
|
text-decoration: none;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Dashboard */
|
||||||
|
.app-shell {
|
||||||
|
display: flex;
|
||||||
|
min-height: 100vh;
|
||||||
|
}
|
||||||
|
|
||||||
|
.sidebar {
|
||||||
|
width: 260px;
|
||||||
|
background: var(--panel);
|
||||||
|
border-right: 1px solid var(--border);
|
||||||
|
padding: 24px 16px;
|
||||||
|
display: flex;
|
||||||
|
flex-direction: column;
|
||||||
|
}
|
||||||
|
|
||||||
|
.sidebar h2 {
|
||||||
|
font-size: 16px;
|
||||||
|
margin: 0 0 24px;
|
||||||
|
}
|
||||||
|
|
||||||
|
.sidebar .user-info {
|
||||||
|
color: var(--muted);
|
||||||
|
font-size: 13px;
|
||||||
|
margin-bottom: 8px;
|
||||||
|
}
|
||||||
|
|
||||||
|
.place-list {
|
||||||
|
list-style: none;
|
||||||
|
margin: 0;
|
||||||
|
padding: 0;
|
||||||
|
flex: 1;
|
||||||
|
overflow-y: auto;
|
||||||
|
}
|
||||||
|
|
||||||
|
.place-list li {
|
||||||
|
padding: 10px 12px;
|
||||||
|
border-radius: 8px;
|
||||||
|
cursor: pointer;
|
||||||
|
font-size: 14px;
|
||||||
|
margin-bottom: 4px;
|
||||||
|
color: var(--muted);
|
||||||
|
}
|
||||||
|
|
||||||
|
.place-list li:hover {
|
||||||
|
background: rgba(255, 255, 255, 0.04);
|
||||||
|
}
|
||||||
|
|
||||||
|
.place-list li.active {
|
||||||
|
background: rgba(79, 124, 255, 0.15);
|
||||||
|
color: var(--text);
|
||||||
|
}
|
||||||
|
|
||||||
|
.main {
|
||||||
|
flex: 1;
|
||||||
|
padding: 32px 40px;
|
||||||
|
overflow-y: auto;
|
||||||
|
}
|
||||||
|
|
||||||
|
.main-header {
|
||||||
|
display: flex;
|
||||||
|
align-items: center;
|
||||||
|
justify-content: space-between;
|
||||||
|
margin-bottom: 24px;
|
||||||
|
}
|
||||||
|
|
||||||
|
.main-header h1 {
|
||||||
|
margin: 0;
|
||||||
|
font-size: 20px;
|
||||||
|
}
|
||||||
|
|
||||||
|
.card {
|
||||||
|
background: var(--panel);
|
||||||
|
border: 1px solid var(--border);
|
||||||
|
border-radius: 12px;
|
||||||
|
padding: 20px;
|
||||||
|
margin-bottom: 20px;
|
||||||
|
}
|
||||||
|
|
||||||
|
.card h3 {
|
||||||
|
margin-top: 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
.readers-grid {
|
||||||
|
display: grid;
|
||||||
|
grid-template-columns: repeat(auto-fill, minmax(260px, 1fr));
|
||||||
|
gap: 16px;
|
||||||
|
}
|
||||||
|
|
||||||
|
.reader-card {
|
||||||
|
background: #0f1115;
|
||||||
|
border: 1px solid var(--border);
|
||||||
|
border-radius: 10px;
|
||||||
|
padding: 16px;
|
||||||
|
}
|
||||||
|
|
||||||
|
.reader-card .reader-name {
|
||||||
|
font-weight: 600;
|
||||||
|
margin-bottom: 4px;
|
||||||
|
}
|
||||||
|
|
||||||
|
.reader-card .reader-id {
|
||||||
|
color: var(--muted);
|
||||||
|
font-size: 12px;
|
||||||
|
margin-bottom: 12px;
|
||||||
|
}
|
||||||
|
|
||||||
|
.reader-card .field {
|
||||||
|
display: flex;
|
||||||
|
align-items: center;
|
||||||
|
justify-content: space-between;
|
||||||
|
margin-bottom: 8px;
|
||||||
|
font-size: 13px;
|
||||||
|
}
|
||||||
|
|
||||||
|
.reader-card .field input[type="number"],
|
||||||
|
.reader-card .field select {
|
||||||
|
width: 90px;
|
||||||
|
margin: 0;
|
||||||
|
padding: 6px 8px;
|
||||||
|
}
|
||||||
|
|
||||||
|
.reader-card .actions {
|
||||||
|
display: flex;
|
||||||
|
gap: 8px;
|
||||||
|
margin-top: 12px;
|
||||||
|
}
|
||||||
|
|
||||||
|
.badge {
|
||||||
|
display: inline-block;
|
||||||
|
padding: 2px 8px;
|
||||||
|
border-radius: 999px;
|
||||||
|
font-size: 11px;
|
||||||
|
font-weight: 600;
|
||||||
|
}
|
||||||
|
|
||||||
|
.badge.on {
|
||||||
|
background: rgba(62, 207, 142, 0.15);
|
||||||
|
color: var(--success);
|
||||||
|
}
|
||||||
|
|
||||||
|
.badge.off {
|
||||||
|
background: rgba(229, 72, 77, 0.15);
|
||||||
|
color: var(--danger);
|
||||||
|
}
|
||||||
|
|
||||||
|
.empty-state {
|
||||||
|
color: var(--muted);
|
||||||
|
font-size: 14px;
|
||||||
|
text-align: center;
|
||||||
|
padding: 40px 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
.inline-form {
|
||||||
|
display: flex;
|
||||||
|
gap: 8px;
|
||||||
|
flex-wrap: wrap;
|
||||||
|
align-items: flex-end;
|
||||||
|
}
|
||||||
|
|
||||||
|
.inline-form .field-group {
|
||||||
|
flex: 1;
|
||||||
|
min-width: 140px;
|
||||||
|
}
|
||||||
|
|
||||||
|
.inline-form .field-group label {
|
||||||
|
margin-bottom: 4px;
|
||||||
|
}
|
||||||
|
|
||||||
|
.inline-form input {
|
||||||
|
margin-bottom: 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
.hidden {
|
||||||
|
display: none !important;
|
||||||
|
}
|
||||||
66
public/dashboard.html
Normal file
66
public/dashboard.html
Normal file
|
|
@ -0,0 +1,66 @@
|
||||||
|
<!DOCTYPE html>
|
||||||
|
<html lang="en">
|
||||||
|
<head>
|
||||||
|
<meta charset="UTF-8">
|
||||||
|
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
||||||
|
<title>Dashboard - NOTXCS</title>
|
||||||
|
<link rel="stylesheet" href="/css/style.css">
|
||||||
|
</head>
|
||||||
|
<body>
|
||||||
|
<div class="app-shell">
|
||||||
|
<aside class="sidebar">
|
||||||
|
<h2>NOTXCS</h2>
|
||||||
|
<div class="user-info">Signed in as <strong id="username-display"></strong></div>
|
||||||
|
<button class="secondary" id="logout-btn" style="margin-bottom: 16px;">Log out</button>
|
||||||
|
|
||||||
|
<ul class="place-list" id="place-list"></ul>
|
||||||
|
|
||||||
|
<div class="card" style="margin-top: 16px;">
|
||||||
|
<h3 style="margin-top:0;font-size:14px;">Add place</h3>
|
||||||
|
<form id="add-place-form">
|
||||||
|
<label for="place-id">Place ID</label>
|
||||||
|
<input type="text" id="place-id" required>
|
||||||
|
<label for="place-api-key">API Key</label>
|
||||||
|
<input type="text" id="place-api-key" required>
|
||||||
|
<button type="submit" class="primary">Add place</button>
|
||||||
|
</form>
|
||||||
|
</div>
|
||||||
|
</aside>
|
||||||
|
|
||||||
|
<main class="main">
|
||||||
|
<div id="no-place" class="empty-state">
|
||||||
|
Select or create a place from the sidebar to manage its readers.
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div id="place-view" class="hidden">
|
||||||
|
<div class="main-header">
|
||||||
|
<h1 id="place-title"></h1>
|
||||||
|
<button class="danger" id="delete-place-btn">Delete place</button>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div class="card">
|
||||||
|
<h3>Add reader</h3>
|
||||||
|
<form id="add-reader-form" class="inline-form">
|
||||||
|
<div class="field-group">
|
||||||
|
<label for="reader-id">Reader ID</label>
|
||||||
|
<input type="text" id="reader-id" required>
|
||||||
|
</div>
|
||||||
|
<div class="field-group">
|
||||||
|
<label for="reader-name">Name</label>
|
||||||
|
<input type="text" id="reader-name" required>
|
||||||
|
</div>
|
||||||
|
<button type="submit" class="primary">Add reader</button>
|
||||||
|
</form>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div class="card">
|
||||||
|
<h3>Readers</h3>
|
||||||
|
<div id="readers-empty" class="empty-state hidden">No readers yet for this place.</div>
|
||||||
|
<div class="readers-grid" id="readers-grid"></div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</main>
|
||||||
|
</div>
|
||||||
|
<script src="/js/dashboard.js"></script>
|
||||||
|
</body>
|
||||||
|
</html>
|
||||||
14
public/index.html
Normal file
14
public/index.html
Normal file
|
|
@ -0,0 +1,14 @@
|
||||||
|
<!DOCTYPE html>
|
||||||
|
<html lang="en">
|
||||||
|
<head>
|
||||||
|
<meta charset="UTF-8">
|
||||||
|
<title>NOTXCS</title>
|
||||||
|
<script>
|
||||||
|
fetch('/auth/me').then(r => r.json()).then(data => {
|
||||||
|
window.location.replace(data.success ? '/dashboard.html' : '/login.html');
|
||||||
|
}).catch(() => window.location.replace('/login.html'));
|
||||||
|
</script>
|
||||||
|
</head>
|
||||||
|
<body>
|
||||||
|
</body>
|
||||||
|
</html>
|
||||||
188
public/js/dashboard.js
Normal file
188
public/js/dashboard.js
Normal file
|
|
@ -0,0 +1,188 @@
|
||||||
|
let currentPlaceId = null;
|
||||||
|
let places = [];
|
||||||
|
|
||||||
|
async function api(path, options = {}) {
|
||||||
|
const res = await fetch(path, {
|
||||||
|
headers: { 'Content-Type': 'application/json' },
|
||||||
|
...options
|
||||||
|
});
|
||||||
|
const data = await res.json().catch(() => ({ success: false, message: 'Invalid response from server' }));
|
||||||
|
if (res.status === 401) {
|
||||||
|
window.location.href = '/login.html';
|
||||||
|
throw new Error('Not authenticated');
|
||||||
|
}
|
||||||
|
return data;
|
||||||
|
}
|
||||||
|
|
||||||
|
async function init() {
|
||||||
|
const me = await api('/auth/me');
|
||||||
|
if (!me.success) {
|
||||||
|
window.location.href = '/login.html';
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
document.getElementById('username-display').textContent = me.user.username;
|
||||||
|
|
||||||
|
await loadPlaces();
|
||||||
|
}
|
||||||
|
|
||||||
|
async function loadPlaces() {
|
||||||
|
const data = await api('/dashboard/places');
|
||||||
|
places = data.places || [];
|
||||||
|
renderPlaceList();
|
||||||
|
}
|
||||||
|
|
||||||
|
function renderPlaceList() {
|
||||||
|
const list = document.getElementById('place-list');
|
||||||
|
list.innerHTML = '';
|
||||||
|
|
||||||
|
places.forEach((place) => {
|
||||||
|
const li = document.createElement('li');
|
||||||
|
li.textContent = place.id;
|
||||||
|
li.className = place.id === currentPlaceId ? 'active' : '';
|
||||||
|
li.addEventListener('click', () => selectPlace(place.id));
|
||||||
|
list.appendChild(li);
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
async function selectPlace(placeId) {
|
||||||
|
currentPlaceId = placeId;
|
||||||
|
renderPlaceList();
|
||||||
|
|
||||||
|
const data = await api(`/dashboard/places/${encodeURIComponent(placeId)}`);
|
||||||
|
if (!data.success) return;
|
||||||
|
|
||||||
|
document.getElementById('no-place').classList.add('hidden');
|
||||||
|
document.getElementById('place-view').classList.remove('hidden');
|
||||||
|
document.getElementById('place-title').textContent = placeId;
|
||||||
|
|
||||||
|
renderReaders(data.accessPoints || []);
|
||||||
|
}
|
||||||
|
|
||||||
|
function renderReaders(accessPoints) {
|
||||||
|
const grid = document.getElementById('readers-grid');
|
||||||
|
const empty = document.getElementById('readers-empty');
|
||||||
|
grid.innerHTML = '';
|
||||||
|
|
||||||
|
if (accessPoints.length === 0) {
|
||||||
|
empty.classList.remove('hidden');
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
empty.classList.add('hidden');
|
||||||
|
|
||||||
|
accessPoints.forEach((ap) => {
|
||||||
|
const card = document.createElement('div');
|
||||||
|
card.className = 'reader-card';
|
||||||
|
card.innerHTML = `
|
||||||
|
<div class="reader-name">${escapeHtml(ap.name)}</div>
|
||||||
|
<div class="reader-id">${escapeHtml(ap.id)}</div>
|
||||||
|
<div class="field">
|
||||||
|
<span>Enabled</span>
|
||||||
|
<input type="checkbox" data-field="enabled" ${ap.enabled ? 'checked' : ''}>
|
||||||
|
</div>
|
||||||
|
<div class="field">
|
||||||
|
<span>Armed</span>
|
||||||
|
<input type="checkbox" data-field="armState" ${ap.armState ? 'checked' : ''}>
|
||||||
|
</div>
|
||||||
|
<div class="field">
|
||||||
|
<span>Unlock time (s)</span>
|
||||||
|
<input type="number" data-field="unlockTime" value="${ap.unlockTime}" min="0">
|
||||||
|
</div>
|
||||||
|
<div class="actions">
|
||||||
|
<button class="secondary save-btn">Save</button>
|
||||||
|
<button class="danger delete-btn">Delete</button>
|
||||||
|
</div>
|
||||||
|
`;
|
||||||
|
|
||||||
|
card.querySelector('.save-btn').addEventListener('click', () => saveReader(ap.id, card));
|
||||||
|
card.querySelector('.delete-btn').addEventListener('click', () => deleteReader(ap.id));
|
||||||
|
|
||||||
|
grid.appendChild(card);
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
function escapeHtml(str) {
|
||||||
|
const div = document.createElement('div');
|
||||||
|
div.textContent = str;
|
||||||
|
return div.innerHTML;
|
||||||
|
}
|
||||||
|
|
||||||
|
async function saveReader(readerId, card) {
|
||||||
|
const enabled = card.querySelector('[data-field="enabled"]').checked;
|
||||||
|
const armState = card.querySelector('[data-field="armState"]').checked ? 1 : 0;
|
||||||
|
const unlockTime = parseInt(card.querySelector('[data-field="unlockTime"]').value, 10) || 0;
|
||||||
|
|
||||||
|
await api(`/dashboard/places/${encodeURIComponent(currentPlaceId)}/access-points/${encodeURIComponent(readerId)}`, {
|
||||||
|
method: 'PUT',
|
||||||
|
body: JSON.stringify({ enabled, armState, unlockTime })
|
||||||
|
});
|
||||||
|
selectPlace(currentPlaceId);
|
||||||
|
}
|
||||||
|
|
||||||
|
async function deleteReader(readerId) {
|
||||||
|
if (!confirm(`Delete reader "${readerId}"?`)) return;
|
||||||
|
await api(`/dashboard/places/${encodeURIComponent(currentPlaceId)}/access-points/${encodeURIComponent(readerId)}`, {
|
||||||
|
method: 'DELETE'
|
||||||
|
});
|
||||||
|
selectPlace(currentPlaceId);
|
||||||
|
}
|
||||||
|
|
||||||
|
document.getElementById('add-place-form').addEventListener('submit', async (e) => {
|
||||||
|
e.preventDefault();
|
||||||
|
const id = document.getElementById('place-id').value.trim();
|
||||||
|
const apiKey = document.getElementById('place-api-key').value.trim();
|
||||||
|
if (!id || !apiKey) return;
|
||||||
|
|
||||||
|
const data = await api('/dashboard/places', {
|
||||||
|
method: 'POST',
|
||||||
|
body: JSON.stringify({ id, apiKey })
|
||||||
|
});
|
||||||
|
|
||||||
|
if (data.success) {
|
||||||
|
document.getElementById('place-id').value = '';
|
||||||
|
document.getElementById('place-api-key').value = '';
|
||||||
|
await loadPlaces();
|
||||||
|
selectPlace(id);
|
||||||
|
} else {
|
||||||
|
alert(data.message || 'Failed to add place');
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
|
document.getElementById('add-reader-form').addEventListener('submit', async (e) => {
|
||||||
|
e.preventDefault();
|
||||||
|
if (!currentPlaceId) return;
|
||||||
|
|
||||||
|
const id = document.getElementById('reader-id').value.trim();
|
||||||
|
const name = document.getElementById('reader-name').value.trim();
|
||||||
|
if (!id || !name) return;
|
||||||
|
|
||||||
|
const data = await api(`/dashboard/places/${encodeURIComponent(currentPlaceId)}/access-points`, {
|
||||||
|
method: 'POST',
|
||||||
|
body: JSON.stringify({ id, name })
|
||||||
|
});
|
||||||
|
|
||||||
|
if (data.success) {
|
||||||
|
document.getElementById('reader-id').value = '';
|
||||||
|
document.getElementById('reader-name').value = '';
|
||||||
|
selectPlace(currentPlaceId);
|
||||||
|
} else {
|
||||||
|
alert(data.message || 'Failed to add reader');
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
|
document.getElementById('delete-place-btn').addEventListener('click', async () => {
|
||||||
|
if (!currentPlaceId) return;
|
||||||
|
if (!confirm(`Delete place "${currentPlaceId}" and all of its readers?`)) return;
|
||||||
|
|
||||||
|
await api(`/dashboard/places/${encodeURIComponent(currentPlaceId)}`, { method: 'DELETE' });
|
||||||
|
currentPlaceId = null;
|
||||||
|
document.getElementById('place-view').classList.add('hidden');
|
||||||
|
document.getElementById('no-place').classList.remove('hidden');
|
||||||
|
await loadPlaces();
|
||||||
|
});
|
||||||
|
|
||||||
|
document.getElementById('logout-btn').addEventListener('click', async () => {
|
||||||
|
await api('/auth/logout', { method: 'POST' });
|
||||||
|
window.location.href = '/login.html';
|
||||||
|
});
|
||||||
|
|
||||||
|
init();
|
||||||
28
public/js/login.js
Normal file
28
public/js/login.js
Normal file
|
|
@ -0,0 +1,28 @@
|
||||||
|
document.getElementById('login-form').addEventListener('submit', async (e) => {
|
||||||
|
e.preventDefault();
|
||||||
|
const errorEl = document.getElementById('error');
|
||||||
|
errorEl.classList.remove('visible');
|
||||||
|
|
||||||
|
const username = document.getElementById('username').value.trim();
|
||||||
|
const password = document.getElementById('password').value;
|
||||||
|
|
||||||
|
try {
|
||||||
|
const res = await fetch('/auth/login', {
|
||||||
|
method: 'POST',
|
||||||
|
headers: { 'Content-Type': 'application/json' },
|
||||||
|
body: JSON.stringify({ username, password })
|
||||||
|
});
|
||||||
|
const data = await res.json();
|
||||||
|
|
||||||
|
if (!data.success) {
|
||||||
|
errorEl.textContent = data.message || 'Login failed';
|
||||||
|
errorEl.classList.add('visible');
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
window.location.href = '/dashboard.html';
|
||||||
|
} catch (err) {
|
||||||
|
errorEl.textContent = 'Unable to reach the server. Please try again.';
|
||||||
|
errorEl.classList.add('visible');
|
||||||
|
}
|
||||||
|
});
|
||||||
28
public/js/register.js
Normal file
28
public/js/register.js
Normal file
|
|
@ -0,0 +1,28 @@
|
||||||
|
document.getElementById('register-form').addEventListener('submit', async (e) => {
|
||||||
|
e.preventDefault();
|
||||||
|
const errorEl = document.getElementById('error');
|
||||||
|
errorEl.classList.remove('visible');
|
||||||
|
|
||||||
|
const username = document.getElementById('username').value.trim();
|
||||||
|
const password = document.getElementById('password').value;
|
||||||
|
|
||||||
|
try {
|
||||||
|
const res = await fetch('/auth/register', {
|
||||||
|
method: 'POST',
|
||||||
|
headers: { 'Content-Type': 'application/json' },
|
||||||
|
body: JSON.stringify({ username, password })
|
||||||
|
});
|
||||||
|
const data = await res.json();
|
||||||
|
|
||||||
|
if (!data.success) {
|
||||||
|
errorEl.textContent = data.message || 'Registration failed';
|
||||||
|
errorEl.classList.add('visible');
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
window.location.href = '/dashboard.html';
|
||||||
|
} catch (err) {
|
||||||
|
errorEl.textContent = 'Unable to reach the server. Please try again.';
|
||||||
|
errorEl.classList.add('visible');
|
||||||
|
}
|
||||||
|
});
|
||||||
29
public/login.html
Normal file
29
public/login.html
Normal file
|
|
@ -0,0 +1,29 @@
|
||||||
|
<!DOCTYPE html>
|
||||||
|
<html lang="en">
|
||||||
|
<head>
|
||||||
|
<meta charset="UTF-8">
|
||||||
|
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
||||||
|
<title>Login - NOTXCS</title>
|
||||||
|
<link rel="stylesheet" href="/css/style.css">
|
||||||
|
</head>
|
||||||
|
<body>
|
||||||
|
<div class="auth-wrapper">
|
||||||
|
<div class="auth-card">
|
||||||
|
<h1>Welcome back</h1>
|
||||||
|
<p class="subtitle">Sign in to manage your readers and settings.</p>
|
||||||
|
<div id="error" class="error"></div>
|
||||||
|
<form id="login-form">
|
||||||
|
<label for="username">Username</label>
|
||||||
|
<input type="text" id="username" name="username" autocomplete="username" required>
|
||||||
|
|
||||||
|
<label for="password">Password</label>
|
||||||
|
<input type="password" id="password" name="password" autocomplete="current-password" required>
|
||||||
|
|
||||||
|
<button type="submit" class="primary">Log in</button>
|
||||||
|
</form>
|
||||||
|
<p class="switch-link">Don't have an account? <a href="/register.html">Register</a></p>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
<script src="/js/login.js"></script>
|
||||||
|
</body>
|
||||||
|
</html>
|
||||||
29
public/register.html
Normal file
29
public/register.html
Normal file
|
|
@ -0,0 +1,29 @@
|
||||||
|
<!DOCTYPE html>
|
||||||
|
<html lang="en">
|
||||||
|
<head>
|
||||||
|
<meta charset="UTF-8">
|
||||||
|
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
||||||
|
<title>Register - NOTXCS</title>
|
||||||
|
<link rel="stylesheet" href="/css/style.css">
|
||||||
|
</head>
|
||||||
|
<body>
|
||||||
|
<div class="auth-wrapper">
|
||||||
|
<div class="auth-card">
|
||||||
|
<h1>Create an account</h1>
|
||||||
|
<p class="subtitle">Register to start managing your readers.</p>
|
||||||
|
<div id="error" class="error"></div>
|
||||||
|
<form id="register-form">
|
||||||
|
<label for="username">Username</label>
|
||||||
|
<input type="text" id="username" name="username" autocomplete="username" minlength="3" required>
|
||||||
|
|
||||||
|
<label for="password">Password</label>
|
||||||
|
<input type="password" id="password" name="password" autocomplete="new-password" minlength="6" required>
|
||||||
|
|
||||||
|
<button type="submit" class="primary">Register</button>
|
||||||
|
</form>
|
||||||
|
<p class="switch-link">Already have an account? <a href="/login.html">Log in</a></p>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
<script src="/js/register.js"></script>
|
||||||
|
</body>
|
||||||
|
</html>
|
||||||
87
routes/auth.js
Normal file
87
routes/auth.js
Normal file
|
|
@ -0,0 +1,87 @@
|
||||||
|
const express = require('express');
|
||||||
|
const bcrypt = require('bcryptjs');
|
||||||
|
const router = express.Router();
|
||||||
|
|
||||||
|
let db;
|
||||||
|
|
||||||
|
module.exports = (dbInit) => {
|
||||||
|
db = dbInit;
|
||||||
|
return router;
|
||||||
|
};
|
||||||
|
|
||||||
|
router.post('/register', (req, res) => {
|
||||||
|
const { username, password } = req.body || {};
|
||||||
|
|
||||||
|
if (!username || !password) {
|
||||||
|
return res.status(400).json({ success: false, message: "Username and password are required" });
|
||||||
|
}
|
||||||
|
|
||||||
|
if (typeof username !== 'string' || typeof password !== 'string' || username.trim().length < 3 || password.length < 6) {
|
||||||
|
return res.status(400).json({ success: false, message: "Username must be at least 3 characters and password at least 6 characters" });
|
||||||
|
}
|
||||||
|
|
||||||
|
db.get(`SELECT id FROM users WHERE username = ?`, [username], (err, existing) => {
|
||||||
|
if (err) {
|
||||||
|
console.error('Failed to check for existing user:', err.message);
|
||||||
|
return res.status(500).json({ success: false, message: "Internal server error" });
|
||||||
|
}
|
||||||
|
|
||||||
|
if (existing) {
|
||||||
|
return res.status(409).json({ success: false, message: "Username is already taken" });
|
||||||
|
}
|
||||||
|
|
||||||
|
const hash = bcrypt.hashSync(password, 10);
|
||||||
|
db.run(`INSERT INTO users (username, password) VALUES (?, ?)`, [username, hash], function (err) {
|
||||||
|
if (err) {
|
||||||
|
console.error('Failed to create user:', err.message);
|
||||||
|
return res.status(500).json({ success: false, message: "Internal server error" });
|
||||||
|
}
|
||||||
|
|
||||||
|
req.session.userId = this.lastID;
|
||||||
|
req.session.username = username;
|
||||||
|
res.json({ success: true, user: { id: this.lastID, username } });
|
||||||
|
});
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
router.post('/login', (req, res) => {
|
||||||
|
const { username, password } = req.body || {};
|
||||||
|
|
||||||
|
if (!username || !password) {
|
||||||
|
return res.status(400).json({ success: false, message: "Username and password are required" });
|
||||||
|
}
|
||||||
|
|
||||||
|
db.get(`SELECT * FROM users WHERE username = ?`, [username], (err, user) => {
|
||||||
|
if (err) {
|
||||||
|
console.error('Failed to retrieve user:', err.message);
|
||||||
|
return res.status(500).json({ success: false, message: "Internal server error" });
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!user || !bcrypt.compareSync(password, user.password)) {
|
||||||
|
return res.status(401).json({ success: false, message: "Invalid username or password" });
|
||||||
|
}
|
||||||
|
|
||||||
|
req.session.userId = user.id;
|
||||||
|
req.session.username = user.username;
|
||||||
|
res.json({ success: true, user: { id: user.id, username: user.username } });
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
router.post('/logout', (req, res) => {
|
||||||
|
req.session.destroy((err) => {
|
||||||
|
if (err) {
|
||||||
|
console.error('Failed to destroy session:', err.message);
|
||||||
|
return res.status(500).json({ success: false, message: "Internal server error" });
|
||||||
|
}
|
||||||
|
res.clearCookie('connect.sid');
|
||||||
|
res.json({ success: true });
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
router.get('/me', (req, res) => {
|
||||||
|
if (!req.session.userId) {
|
||||||
|
return res.status(401).json({ success: false, message: "Not authenticated" });
|
||||||
|
}
|
||||||
|
res.json({ success: true, user: { id: req.session.userId, username: req.session.username } });
|
||||||
|
});
|
||||||
|
|
||||||
259
routes/dashboard.js
Normal file
259
routes/dashboard.js
Normal file
|
|
@ -0,0 +1,259 @@
|
||||||
|
const express = require('express');
|
||||||
|
const router = express.Router();
|
||||||
|
|
||||||
|
let db;
|
||||||
|
|
||||||
|
module.exports = (dbInit) => {
|
||||||
|
db = dbInit;
|
||||||
|
return router;
|
||||||
|
};
|
||||||
|
|
||||||
|
function requireAuth(req, res, next) {
|
||||||
|
if (!req.session || !req.session.userId) {
|
||||||
|
return res.status(401).json({ success: false, message: "Not authenticated" });
|
||||||
|
}
|
||||||
|
next();
|
||||||
|
}
|
||||||
|
|
||||||
|
function loadOwnedPlace(req, res, next) {
|
||||||
|
const { placeId } = req.params;
|
||||||
|
db.get(`SELECT * FROM places WHERE id = ? AND ownerId = ?`, [placeId, req.session.userId], (err, place) => {
|
||||||
|
if (err) {
|
||||||
|
console.error('Failed to retrieve place:', err.message);
|
||||||
|
return res.status(500).json({ success: false, message: "Internal server error" });
|
||||||
|
}
|
||||||
|
if (!place) {
|
||||||
|
return res.status(404).json({ success: false, message: "Place not found" });
|
||||||
|
}
|
||||||
|
req.place = place;
|
||||||
|
next();
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
router.use(requireAuth);
|
||||||
|
|
||||||
|
// List places owned by the current user
|
||||||
|
router.get('/places', (req, res) => {
|
||||||
|
db.all(`SELECT * FROM places WHERE ownerId = ?`, [req.session.userId], (err, places) => {
|
||||||
|
if (err) {
|
||||||
|
console.error('Failed to retrieve places:', err.message);
|
||||||
|
return res.status(500).json({ success: false, message: "Internal server error" });
|
||||||
|
}
|
||||||
|
res.json({ success: true, places });
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
// Create a new place
|
||||||
|
router.post('/places', (req, res) => {
|
||||||
|
const { id, apiKey, settings } = req.body || {};
|
||||||
|
if (!id || !apiKey) {
|
||||||
|
return res.status(400).json({ success: false, message: "Place id and apiKey are required" });
|
||||||
|
}
|
||||||
|
|
||||||
|
db.get(`SELECT id FROM places WHERE id = ?`, [id], (err, existing) => {
|
||||||
|
if (err) {
|
||||||
|
console.error('Failed to check for existing place:', err.message);
|
||||||
|
return res.status(500).json({ success: false, message: "Internal server error" });
|
||||||
|
}
|
||||||
|
if (existing) {
|
||||||
|
return res.status(409).json({ success: false, message: "A place with that id already exists" });
|
||||||
|
}
|
||||||
|
|
||||||
|
db.run(`INSERT INTO places (id, apiKey, settings, ownerId) VALUES (?, ?, ?, ?)`, [id, apiKey, settings || '{}', req.session.userId], (err) => {
|
||||||
|
if (err) {
|
||||||
|
console.error('Failed to create place:', err.message);
|
||||||
|
return res.status(500).json({ success: false, message: "Internal server error" });
|
||||||
|
}
|
||||||
|
res.json({ success: true, place: { id, apiKey, settings: settings || '{}', ownerId: req.session.userId } });
|
||||||
|
});
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
// Get a single place with its access points (readers)
|
||||||
|
router.get('/places/:placeId', loadOwnedPlace, (req, res) => {
|
||||||
|
db.all(`SELECT * FROM access_points WHERE placeId = ?`, [req.place.id], (err, accessPoints) => {
|
||||||
|
if (err) {
|
||||||
|
console.error('Failed to retrieve access points:', err.message);
|
||||||
|
return res.status(500).json({ success: false, message: "Internal server error" });
|
||||||
|
}
|
||||||
|
res.json({ success: true, place: req.place, accessPoints });
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
// Update a place's apiKey/settings
|
||||||
|
router.put('/places/:placeId', loadOwnedPlace, (req, res) => {
|
||||||
|
const apiKey = req.body.apiKey !== undefined ? req.body.apiKey : req.place.apiKey;
|
||||||
|
const settings = req.body.settings !== undefined ? req.body.settings : req.place.settings;
|
||||||
|
|
||||||
|
db.run(`UPDATE places SET apiKey = ?, settings = ? WHERE id = ?`, [apiKey, settings, req.place.id], (err) => {
|
||||||
|
if (err) {
|
||||||
|
console.error('Failed to update place:', err.message);
|
||||||
|
return res.status(500).json({ success: false, message: "Internal server error" });
|
||||||
|
}
|
||||||
|
res.json({ success: true });
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
// Delete a place (and its readers/acl entries)
|
||||||
|
router.delete('/places/:placeId', loadOwnedPlace, (req, res) => {
|
||||||
|
db.all(`SELECT id FROM access_points WHERE placeId = ?`, [req.place.id], (err, accessPoints) => {
|
||||||
|
if (err) {
|
||||||
|
console.error('Failed to retrieve access points:', err.message);
|
||||||
|
return res.status(500).json({ success: false, message: "Internal server error" });
|
||||||
|
}
|
||||||
|
|
||||||
|
const apIds = accessPoints.map(ap => ap.id);
|
||||||
|
const deleteAclAndAp = (cb) => {
|
||||||
|
if (apIds.length === 0) return cb();
|
||||||
|
const placeholders = apIds.map(() => '?').join(',');
|
||||||
|
db.run(`DELETE FROM acl WHERE accessPoint IN (${placeholders})`, apIds, (err) => {
|
||||||
|
if (err) return cb(err);
|
||||||
|
db.run(`DELETE FROM access_points WHERE placeId = ?`, [req.place.id], cb);
|
||||||
|
});
|
||||||
|
};
|
||||||
|
|
||||||
|
deleteAclAndAp((err) => {
|
||||||
|
if (err) {
|
||||||
|
console.error('Failed to delete readers for place:', err.message);
|
||||||
|
return res.status(500).json({ success: false, message: "Internal server error" });
|
||||||
|
}
|
||||||
|
|
||||||
|
db.run(`DELETE FROM places WHERE id = ?`, [req.place.id], (err) => {
|
||||||
|
if (err) {
|
||||||
|
console.error('Failed to delete place:', err.message);
|
||||||
|
return res.status(500).json({ success: false, message: "Internal server error" });
|
||||||
|
}
|
||||||
|
res.json({ success: true });
|
||||||
|
});
|
||||||
|
});
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
function loadOwnedAccessPoint(req, res, next) {
|
||||||
|
db.get(`SELECT * FROM access_points WHERE id = ? AND placeId = ?`, [req.params.accessPointId, req.place.id], (err, ap) => {
|
||||||
|
if (err) {
|
||||||
|
console.error('Failed to retrieve reader:', err.message);
|
||||||
|
return res.status(500).json({ success: false, message: "Internal server error" });
|
||||||
|
}
|
||||||
|
if (!ap) {
|
||||||
|
return res.status(404).json({ success: false, message: "Reader not found" });
|
||||||
|
}
|
||||||
|
req.accessPoint = ap;
|
||||||
|
next();
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
// Create a new reader (access point) for a place
|
||||||
|
router.post('/places/:placeId/access-points', loadOwnedPlace, (req, res) => {
|
||||||
|
const { id, name } = req.body || {};
|
||||||
|
if (!id || !name) {
|
||||||
|
return res.status(400).json({ success: false, message: "Reader id and name are required" });
|
||||||
|
}
|
||||||
|
|
||||||
|
const enabled = req.body.enabled !== undefined ? (req.body.enabled ? 1 : 0) : 1;
|
||||||
|
const unlockTime = req.body.unlockTime !== undefined ? req.body.unlockTime : 8;
|
||||||
|
const armState = req.body.armState !== undefined ? req.body.armState : 1;
|
||||||
|
|
||||||
|
db.get(`SELECT id FROM access_points WHERE id = ?`, [id], (err, existing) => {
|
||||||
|
if (err) {
|
||||||
|
console.error('Failed to check for existing reader:', err.message);
|
||||||
|
return res.status(500).json({ success: false, message: "Internal server error" });
|
||||||
|
}
|
||||||
|
if (existing) {
|
||||||
|
return res.status(409).json({ success: false, message: "A reader with that id already exists" });
|
||||||
|
}
|
||||||
|
|
||||||
|
db.run(
|
||||||
|
`INSERT INTO access_points (id, placeId, name, enabled, unlockTime, armState) VALUES (?, ?, ?, ?, ?, ?)`,
|
||||||
|
[id, req.place.id, name, enabled, unlockTime, armState],
|
||||||
|
(err) => {
|
||||||
|
if (err) {
|
||||||
|
console.error('Failed to create reader:', err.message);
|
||||||
|
return res.status(500).json({ success: false, message: "Internal server error" });
|
||||||
|
}
|
||||||
|
res.json({ success: true });
|
||||||
|
}
|
||||||
|
);
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
// Update a reader's settings
|
||||||
|
router.put('/places/:placeId/access-points/:accessPointId', loadOwnedPlace, loadOwnedAccessPoint, (req, res) => {
|
||||||
|
const ap = req.accessPoint;
|
||||||
|
const name = req.body.name !== undefined ? req.body.name : ap.name;
|
||||||
|
const enabled = req.body.enabled !== undefined ? (req.body.enabled ? 1 : 0) : ap.enabled;
|
||||||
|
const unlockTime = req.body.unlockTime !== undefined ? req.body.unlockTime : ap.unlockTime;
|
||||||
|
const armState = req.body.armState !== undefined ? req.body.armState : ap.armState;
|
||||||
|
const readyData = req.body.readyData !== undefined ? req.body.readyData : ap.readyData;
|
||||||
|
const disarmedData = req.body.disarmedData !== undefined ? req.body.disarmedData : ap.disarmedData;
|
||||||
|
const grantedData = req.body.grantedData !== undefined ? req.body.grantedData : ap.grantedData;
|
||||||
|
const deniedData = req.body.deniedData !== undefined ? req.body.deniedData : ap.deniedData;
|
||||||
|
|
||||||
|
db.run(
|
||||||
|
`UPDATE access_points SET name = ?, enabled = ?, unlockTime = ?, armState = ?, readyData = ?, disarmedData = ?, grantedData = ?, deniedData = ? WHERE id = ?`,
|
||||||
|
[name, enabled, unlockTime, armState, readyData, disarmedData, grantedData, deniedData, ap.id],
|
||||||
|
(err) => {
|
||||||
|
if (err) {
|
||||||
|
console.error('Failed to update reader:', err.message);
|
||||||
|
return res.status(500).json({ success: false, message: "Internal server error" });
|
||||||
|
}
|
||||||
|
res.json({ success: true });
|
||||||
|
}
|
||||||
|
);
|
||||||
|
});
|
||||||
|
|
||||||
|
// Delete a reader
|
||||||
|
router.delete('/places/:placeId/access-points/:accessPointId', loadOwnedPlace, loadOwnedAccessPoint, (req, res) => {
|
||||||
|
db.run(`DELETE FROM acl WHERE accessPoint = ?`, [req.accessPoint.id], (err) => {
|
||||||
|
if (err) {
|
||||||
|
console.error('Failed to delete ACL entries for reader:', err.message);
|
||||||
|
return res.status(500).json({ success: false, message: "Internal server error" });
|
||||||
|
}
|
||||||
|
db.run(`DELETE FROM access_points WHERE id = ?`, [req.accessPoint.id], (err) => {
|
||||||
|
if (err) {
|
||||||
|
console.error('Failed to delete reader:', err.message);
|
||||||
|
return res.status(500).json({ success: false, message: "Internal server error" });
|
||||||
|
}
|
||||||
|
res.json({ success: true });
|
||||||
|
});
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
// List ACL entries for a reader
|
||||||
|
router.get('/places/:placeId/access-points/:accessPointId/acl', loadOwnedPlace, loadOwnedAccessPoint, (req, res) => {
|
||||||
|
db.all(`SELECT * FROM acl WHERE accessPoint = ?`, [req.accessPoint.id], (err, entries) => {
|
||||||
|
if (err) {
|
||||||
|
console.error('Failed to retrieve ACL entries:', err.message);
|
||||||
|
return res.status(500).json({ success: false, message: "Internal server error" });
|
||||||
|
}
|
||||||
|
res.json({ success: true, acl: entries });
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
// Add an ACL entry for a reader
|
||||||
|
router.post('/places/:placeId/access-points/:accessPointId/acl', loadOwnedPlace, loadOwnedAccessPoint, (req, res) => {
|
||||||
|
const { type, data } = req.body || {};
|
||||||
|
if (type === undefined || !data) {
|
||||||
|
return res.status(400).json({ success: false, message: "ACL type and data are required" });
|
||||||
|
}
|
||||||
|
|
||||||
|
db.run(`INSERT INTO acl (accessPoint, type, data) VALUES (?, ?, ?)`, [req.accessPoint.id, type, data], function (err) {
|
||||||
|
if (err) {
|
||||||
|
console.error('Failed to create ACL entry:', err.message);
|
||||||
|
return res.status(500).json({ success: false, message: "Internal server error" });
|
||||||
|
}
|
||||||
|
res.json({ success: true, id: this.lastID });
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
// Delete an ACL entry
|
||||||
|
router.delete('/places/:placeId/access-points/:accessPointId/acl/:aclId', loadOwnedPlace, loadOwnedAccessPoint, (req, res) => {
|
||||||
|
db.run(`DELETE FROM acl WHERE id = ? AND accessPoint = ?`, [req.params.aclId, req.accessPoint.id], (err) => {
|
||||||
|
if (err) {
|
||||||
|
console.error('Failed to delete ACL entry:', err.message);
|
||||||
|
return res.status(500).json({ success: false, message: "Internal server error" });
|
||||||
|
}
|
||||||
|
res.json({ success: true });
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
Loading…
Reference in a new issue