Adição de rota privada

mdsreq-fga-unb · Dec 11, 2023 · b4f00ed · b4f00ed
1 parent 92db14d
commit b4f00ed
Show file tree

Hide file tree

Showing 12 changed files with 199 additions and 50 deletions.
diff --git a/backend/prisma/schema.prisma b/backend/prisma/schema.prisma
diff --git a/backend/src/controllers/classPlanController.ts b/backend/src/controllers/classPlanController.ts
@@ -130,12 +130,48 @@ export default class classPlanController {
   delete = async (req: Request, res: Response) => {
     try {
       const { id } = req.params
+      const data = await prisma.classPlan.findMany({
+        where: {
+          id,
+        },
+        select: {
+          id: true,
+          drills: {
+            select: {
+              id: true,
+              drillElements: {
+                select: {
+                  id: true,
+                },
+              },
+            },
+          },
+        },
+      })
 
-      const classPlan = await prisma.classPlan.delete({
-        where: { id },
+      data.map(async (item) => {
+        item.drills.map(async (drill) => {
+          drill.drillElements.map(async (drillElement) => {
+            await prisma.drillElement.delete({
+              where: {
+                id: drillElement.id,
+              },
+            })
+          })
+          await prisma.drill.delete({
+            where: {
+              id: drill.id,
+            },
+          })
+        })
       })
 
-      res.status(200).json(classPlan)
+      const plan = await prisma.classPlan.delete({
+        where: {
+          id,
+        },
+      })
+      res.status(200).json(plan)
     } catch (err) {
       err as Prisma.PrismaClientKnownRequestError
       res.status(500).json({ errors: { server: "Server error" } })

diff --git a/backend/src/controllers/drillController.ts b/backend/src/controllers/drillController.ts
@@ -93,12 +93,36 @@ export default class drillController {
   deleteById = async (req: Request, res: Response) => {
     try {
       const id = req.params.id
-      const deletedDrill = await prisma.drill.deleteMany({
+
+      const drills = await prisma.drill.findMany({
         where: {
           id,
         },
+        select: {
+          drillElements: {
+            select: {
+              id: true,
+            },
+          },
+        },
+      })
+
+      drills.map(async (drill) => {
+        drill.drillElements.map(async (drillElement) => {
+          await prisma.drillElement.delete({
+            where: {
+              id: drillElement.id,
+            },
+          })
+        })
+        await prisma.drill.delete({
+          where: {
+            id,
+          },
+        })
       })
-      res.status(204).json(deletedDrill)
+
+      res.status(204).json({ message: "Drill deleted" })
     } catch (err) {
       console.log(err)
       res.status(500).json({ error: "Internal Server Error" })

diff --git a/backend/src/middleware/authUser.ts b/backend/src/middleware/authUser.ts
@@ -1,4 +1,5 @@
-import { sign } from "jsonwebtoken"
+import { sign, verify } from "jsonwebtoken"
+import { Request, Response, NextFunction } from "express"
 
 interface Idata {
   id: string
@@ -11,4 +12,22 @@ export default class AuthUser {
       expiresIn: "30d",
     })
   }
+
+  async auth(
+    request: Request,
+    response: Response,
+    next: NextFunction,
+  ): Promise<Response | null> {
+    let token
+    try {
+      token = request.headers.authorization?.split(" ")[1]
+      verify(token as string, process.env.AUTH_CONFIG_SECRET as string)
+    } catch (err) {
+      return response.status(401).json({
+        message: "Token inválido!",
+      })
+    }
+    next()
+    return null
+  }
 }
diff --git a/backend/src/routes/classPlanRouters.ts b/backend/src/routes/classPlanRouters.ts
@@ -1,17 +1,20 @@
 import { Router } from "express"
 import classPlanController from "../controllers/classPlanController"
+import AuthUser from "../middleware/authUser"
 
 const classPlanRouters = Router()
+const authenticateUser = new AuthUser()
 const classPlan = new classPlanController()
 
-classPlanRouters.post("/", classPlan.create)
-classPlanRouters.get("/:id", classPlan.show)
+classPlanRouters.post("/", authenticateUser.auth, classPlan.create)
+classPlanRouters.get("/:id", authenticateUser.auth, classPlan.show)
 classPlanRouters.get(
   "/pesquisa-data-titulo/:userId/:title/:startDate/:finalDate",
+  authenticateUser.auth,
   classPlan.searchByCreatedAtOrTitle,
 )
 classPlanRouters.get("/planos-usuario/:userId", classPlan.list)
-classPlanRouters.put("/:id", classPlan.updateById)
-classPlanRouters.delete("/:id", classPlan.delete)
+classPlanRouters.put("/:id", authenticateUser.auth, classPlan.updateById)
+classPlanRouters.delete("/:id", authenticateUser.auth, classPlan.delete)
 
 export default classPlanRouters
diff --git a/backend/src/routes/drillElementRouters.ts b/backend/src/routes/drillElementRouters.ts
@@ -1,12 +1,22 @@
 import { Router } from "express"
 import drillElementController from "@/controllers/drillElementController"
+import AuthUser from "../middleware/authUser"
 
 const drillElementRouters = Router()
+const authenticateUser = new AuthUser()
 const drillElement = new drillElementController()
 
-drillElementRouters.post("/", drillElement.create)
-drillElementRouters.get("/:drillId", drillElement.getManyByDrillId)
-drillElementRouters.put("/:id", drillElement.updateById)
-drillElementRouters.delete("/:id", drillElement.deleteById)
+drillElementRouters.post("/", authenticateUser.auth, drillElement.create)
+drillElementRouters.get(
+  "/:drillId",
+  authenticateUser.auth,
+  drillElement.getManyByDrillId,
+)
+drillElementRouters.put("/:id", authenticateUser.auth, drillElement.updateById)
+drillElementRouters.delete(
+  "/:id",
+  authenticateUser.auth,
+  drillElement.deleteById,
+)
 
 export default drillElementRouters
diff --git a/backend/src/routes/drillRouters.ts b/backend/src/routes/drillRouters.ts
@@ -1,14 +1,20 @@
 import { Router } from "express"
 import drillController from "../controllers/drillController"
+import AuthUser from "../middleware/authUser"
 
+const authenticateUser = new AuthUser()
 const drillRouters = Router()
 const drill = new drillController()
 
-drillRouters.post("/", drill.create)
-drillRouters.get("/:classPlanId", drill.getManyByClassPlanId)
-drillRouters.get("/drill/:id", drill.show)
-drillRouters.put("/:id", drill.updateById)
-drillRouters.put("/image/:id", drill.updateImage)
-drillRouters.delete("/:id", drill.deleteById)
+drillRouters.post("/", authenticateUser.auth, drill.create)
+drillRouters.get(
+  "/:classPlanId",
+  authenticateUser.auth,
+  drill.getManyByClassPlanId,
+)
+drillRouters.get("/drill/:id", authenticateUser.auth, drill.show)
+drillRouters.put("/:id", authenticateUser.auth, drill.updateById)
+drillRouters.put("/image/:id", authenticateUser.auth, drill.updateImage)
+drillRouters.delete("/:id", authenticateUser.auth, drill.deleteById)
 
 export default drillRouters
diff --git a/frontend/src/components/Header.tsx b/frontend/src/components/Header.tsx
@@ -1,4 +1,5 @@
 import { Icon } from '@iconify/react/dist/iconify.js';
+import { useEffect, useState } from 'react';
 
 const Header = (props: {
   hasReturnArrow: boolean;
@@ -10,6 +11,14 @@ const Header = (props: {
     window.location.href = '/login';
   };
 
+  useEffect(() => {
+    console.log("Aqui");
+    const user  = localStorage.getItem('user');
+    if(!user){
+      logout();
+    }
+  }, []);
+
   return (
     <header
       className="sticky top-0 z-999 flex w-full bg-white drop-shadow-1 dark:bg-boxdark dark:drop-shadow-none"

diff --git a/frontend/src/service/apiService.ts b/frontend/src/service/apiService.ts
@@ -13,24 +13,24 @@ class Apiservice {
     this.apiurl = apiurl;
   }
 
-  post(url: any, objeto: any) {
+  post(url: any, objeto: any, data: any = {}) {
     const requestUrl = `${this.apiurl}${url}`;
-    return httpClient.post(requestUrl, objeto);
+    return httpClient.post(requestUrl, objeto, data);
   }
 
-  put(url: any, objeto: any) {
+  put(url: any, objeto: any, objeto2: any = {}) {
     const requestUrl = `${this.apiurl}${url}`;
-    return httpClient.put(requestUrl, objeto);
+    return httpClient.put(requestUrl, objeto, objeto2);
   }
 
-  delete(url: any) {
+  delete(url: any, objeto: any = {}) {
     const requestUrl = `${this.apiurl}${url}`;
-    return httpClient.delete(requestUrl);
+    return httpClient.delete(requestUrl, objeto);
   }
 
-  get(url: any) {
+  get(url: any, objeto: any = {}) {
     const requestUrl = `${this.apiurl}${url}`;
-    return httpClient.get(requestUrl);
+    return httpClient.get(requestUrl, objeto);
   }
 }
 

diff --git a/frontend/src/service/classPlanService.ts b/frontend/src/service/classPlanService.ts
@@ -1,28 +1,42 @@
 import Apiservice from './apiService';
 
 class ClassPlanService extends Apiservice {
+
+  token = localStorage.getItem('token') as string;
+  user = localStorage.getItem('user');
+
   constructor() {
     super('/classPlan');
   }
 
   async save(data: any) {
-    return this.post('/', data);
+    return this.post('/', data, {
+      headers: { Authorization: `Bearer ${this.token}` },
+    });
   }
 
   async getById(id: string) {
-    return this.get('/' + id);
+    return this.get('/' + id, {
+      headers: { Authorization: `Bearer ${this.token}` },
+    });
   }
 
   async getManyById(userId: string) {
-    return this.get('/planos-usuario/' + userId);
+    return this.get('/planos-usuario/' + userId, {
+      headers: { Authorization: `Bearer ${this.token}` },
+    });
   }
 
   async remove(id: string) {
-    return this.delete('/' + id);
+    return this.delete('/' + id, {
+      headers: { Authorization: `Bearer ${this.token}` },
+    });
   }
 
   async updateById(id: string, data: any) {
-    return this.put('/' + id, data);
+    return this.put('/' + id, data, {
+      headers: { Authorization: `Bearer ${this.token}` },
+    });
   }
 
   async getManyByTitleOrDate(
@@ -33,13 +47,16 @@ class ClassPlanService extends Apiservice {
   ) {
     return this.get(
       '/pesquisa-data-titulo/' +
-        userId +
-        '/' +
-        title +
-        '/' +
-        startDate +
-        '/' +
-        finalDate,
+      userId +
+      '/' +
+      title +
+      '/' +
+      startDate +
+      '/' +
+      finalDate,
+      {
+        headers: { Authorization: `Bearer ${this.token}` },
+      }
     );
   }
 }

diff --git a/frontend/src/service/drillElementService.ts b/frontend/src/service/drillElementService.ts
@@ -1,24 +1,36 @@
 import Apiservice from './apiService';
 
 class DrillElementService extends Apiservice {
+
+  token = localStorage.getItem('token') as string;
+  user = localStorage.getItem('user');
+
   constructor() {
     super('/drillElement');
   }
 
   async save(data: any) {
-    return this.post('/', data);
+    return this.post('/', data, {
+      headers: { Authorization: `Bearer ${this.token}` },
+    });
   }
 
   async getManyByDrillId(drillId: string) {
-    return this.get('/' + drillId);
+    return this.get('/' + drillId, {
+      headers: { Authorization: `Bearer ${this.token}` },
+    });
   }
 
   async updateById(id: string, data: any) {
-    return this.put('/' + id, data);
+    return this.put('/' + id, data, {
+      headers: { Authorization: `Bearer ${this.token}` },
+    });
   }
 
   async deleteById(id: string) {
-    return this.delete('/' + id);
+    return this.delete('/' + id, {
+      headers: { Authorization: `Bearer ${this.token}` },
+    });
   }
 }