154 lines
5.7 KiB
TypeScript
154 lines
5.7 KiB
TypeScript
import { Router } from "express";
|
|
import { IndexController, AuthController, DbController } from "../controllers";
|
|
import { transferController } from "../controllers";
|
|
import { paymentVAController } from "../controllers";
|
|
import { signController } from "../controllers";
|
|
import { authMiddleware, getUserFromToken } from "../middleware/auth";
|
|
import { vaMiddleware } from "../middleware/vaAuth";
|
|
import uploadController, {
|
|
singleUploadHandler,
|
|
multiUploadHandler,
|
|
} from "../controllers/uploadController";
|
|
import * as tokenController from "../controllers/tokenController";
|
|
import SyncController from "../controllers/syncController";
|
|
import { getPoolForDbId } from "../lib/dbPools";
|
|
import db from "../db";
|
|
import sequence from "../lib/sequence";
|
|
|
|
const router = Router();
|
|
const indexController = new IndexController();
|
|
const authController = new AuthController();
|
|
const dbController = new DbController();
|
|
|
|
export const setRoutes = () => {
|
|
router.get("/", indexController.getIndex);
|
|
router.post("/auth/login", (req, res) => authController.login(req, res));
|
|
// bootstrap superadmin (no auth required) - use only once
|
|
router.post("/auth/superadmin", (req, res) =>
|
|
authController.createSuperAdmin(req, res)
|
|
);
|
|
router.post("/auth/logout", (req, res) => authController.logout(req, res));
|
|
router.get("/auth/me", authMiddleware, (req, res) =>
|
|
authController.me(req, res)
|
|
);
|
|
router.get("/me", authMiddleware, async (req, res) => {
|
|
const authHeader =
|
|
req.header("Authorization") || req.header("authorization");
|
|
const token = authHeader ? authHeader.slice("Bearer ".length).trim() : null;
|
|
if (!token) {
|
|
return res.status(401).json({ error: "missing token" });
|
|
}
|
|
const u = await getUserFromToken(token);
|
|
if (!u) throw new Error("invalid token");
|
|
const users = await db.users.findFirst({
|
|
select: {
|
|
user_id: true,
|
|
username: true,
|
|
},
|
|
where: { user_id: u.user.user_id },
|
|
});
|
|
return res.json({ result: users });
|
|
});
|
|
router.post("/test-db", async (req, res) => {
|
|
try {
|
|
const { name, query } = req.body;
|
|
if (!name || !query)
|
|
return res.status(400).json({ error: "name and query are required" });
|
|
|
|
// find database metadata by name (or code)
|
|
const dbRec = await (
|
|
await import("../prisma")
|
|
).default.database.findFirst({ where: { name: name } });
|
|
if (!dbRec) return res.status(404).json({ error: "database not found" });
|
|
|
|
const pool = await getPoolForDbId(dbRec.db_id);
|
|
const result = await pool.query(query);
|
|
return res.json({ rows: result.rows, rowCount: result.rowCount });
|
|
} catch (err) {
|
|
console.error("Test endpoint error", err);
|
|
return res.status(500).json({
|
|
status: "error",
|
|
detail: err instanceof Error ? err.message : String(err),
|
|
});
|
|
}
|
|
});
|
|
router.post("/api/transfer", authMiddleware, async (req, res) =>
|
|
transferController.MidsuitPayment(req, res)
|
|
);
|
|
// Payment status lookup by c_invoice_id (optionally limit by startdate/enddate)
|
|
router.get("/api/va/status", authMiddleware, async (req, res) =>
|
|
transferController.paymentStatus(req, res)
|
|
);
|
|
// Signature generation for testing (uses PRIVATE_KEY_PATH file)
|
|
router.post("/generate-signature", (req, res) =>
|
|
signController.generateSignature(req, res)
|
|
);
|
|
// Signature generation for testing (uses PRIVATE_KEY_PATH file)
|
|
router.post("/generate-signature-bank", (req, res) =>
|
|
signController.generateSignature(req, res)
|
|
);
|
|
// Verify signature using public cert (default: public/mandiri/midsuit.cer)
|
|
router.post("/verify-signature", (req, res) =>
|
|
signController.verifySignature(req, res)
|
|
);
|
|
router.post("/db", (req, res) => dbController.handle(req, res));
|
|
// File uploads (protected)
|
|
router.post(
|
|
"/upload",
|
|
authMiddleware,
|
|
(req, res, next) => singleUploadHandler(req, res, next),
|
|
(req, res) => uploadController.single(req, res)
|
|
);
|
|
router.post(
|
|
"/upload/multiple",
|
|
authMiddleware,
|
|
(req, res, next) => multiUploadHandler(req, res, next),
|
|
(req, res) => uploadController.multiple(req, res)
|
|
);
|
|
// Public access to uploaded files. All paths under /uploads/* are served by preview.
|
|
router.get("/uploads/*", (req, res) => uploadController.preview(req, res));
|
|
router.get("/sequence", async (req, res) => {
|
|
try {
|
|
const seqName = req.query.name as string;
|
|
if (!seqName) {
|
|
return res.status(400).json({ error: "Sequence name is required" });
|
|
}
|
|
const seqValue = await sequence(seqName);
|
|
return res.json({ result: seqValue });
|
|
} catch (err) {
|
|
console.error("Get sequence error", err);
|
|
return res.status(500).json({
|
|
error: "internal error",
|
|
detail: err instanceof Error ? err.message : String(err),
|
|
});
|
|
}
|
|
});
|
|
// versioned API group (/:version)
|
|
const versionRouter = Router({ mergeParams: true });
|
|
versionRouter.post("/transfer-va/inquiry", vaMiddleware, (req, res) =>
|
|
transferController.inquiry(req, res)
|
|
);
|
|
versionRouter.post("/transfer-va/payment", vaMiddleware, (req, res) =>
|
|
paymentVAController.payment(req, res)
|
|
);
|
|
versionRouter.post("/transfer-va/status", vaMiddleware, (req, res) =>
|
|
paymentVAController.status(req, res)
|
|
);
|
|
versionRouter.post("/access-token/b2b", (req, res) =>
|
|
tokenController.b2bAccessToken(req, res)
|
|
);
|
|
versionRouter.post("/utilities/signature-service", (req, res) =>
|
|
tokenController.signatureBank(req, res)
|
|
);
|
|
router.use("/:version", versionRouter);
|
|
|
|
// Sync endpoints group
|
|
const syncRouter = Router();
|
|
syncRouter.post("/rv_openitem", (req, res) =>
|
|
SyncController.syncRvOpenitem(req, res)
|
|
);
|
|
router.use("/sync", syncRouter);
|
|
// Add more routes here as needed
|
|
return router;
|
|
};
|