feat(backend): multi-tenant refactor + Geraete + Kundenbilder
Middleware:
- requireTenant prueft tenant_id, Status und Demo-Ablauf (autom. Status-Update)
- requireSuperAdmin fuer cross-tenant Endpoints
- JWT enthaelt jetzt tenant_id
Auth:
- Login: SuperAdmin (tenant_id=NULL) ODER tenant-scoped User
- Demo-Ablaufs-Check beim Login
Neue Routes:
- /api/tenants (SuperAdmin: Demo-Accounts anlegen mit 30-Tage-Default,
Mail-Invite via Resend, Sample-Daten-Seed automatisch,
verlaengern, deaktivieren)
- /api/geraete (Seriennummern-Verwaltung mit Kunde-Zuordnung)
- /api/kunden-bilder/:kunde_id (Foto-Upload, max 5/Kunde)
Bestehende Routes:
- alle tenant_id-scoped (SELECT/UPDATE/DELETE)
- kunden: anlieferungshinweis + lieferzeit_bis Felder
- Cross-tenant-Refs (kunde_id/artikel_id) werden gegen Tenant validiert
Lib:
- lib/mail.js (Resend, mit Dev-Fallback)
- lib/seed.js (5 Kunden, 3 Artikel, 6 Lieferungen, 2 Geraete)
- scripts/bootstrap.js (legt SuperAdmin aus env-Vars beim Start an)
server.js: neue Routes + bootstrap-Call
This commit is contained in:
@@ -4,13 +4,17 @@ import dotenv from 'dotenv';
|
||||
import path from 'path';
|
||||
import { fileURLToPath } from 'url';
|
||||
|
||||
// Routes
|
||||
import authRoutes from './routes/auth.js';
|
||||
import tenantRoutes from './routes/tenants.js';
|
||||
import kundenRoutes from './routes/kunden.js';
|
||||
import kundenBilderRoutes from './routes/kunden-bilder.js';
|
||||
import artikelRoutes from './routes/artikel.js';
|
||||
import lieferungenRoutes from './routes/lieferungen.js';
|
||||
import ruecknahmenRoutes from './routes/ruecknahmen.js';
|
||||
import mitarbeiterRoutes from './routes/mitarbeiter.js';
|
||||
import geraeteRoutes from './routes/geraete.js';
|
||||
|
||||
import { bootstrapSuperAdmin } from './scripts/bootstrap.js';
|
||||
|
||||
dotenv.config();
|
||||
|
||||
@@ -20,53 +24,41 @@ const __dirname = path.dirname(__filename);
|
||||
const app = express();
|
||||
const PORT = process.env.PORT || 3001;
|
||||
|
||||
// Middleware
|
||||
app.use(cors());
|
||||
app.use(express.json());
|
||||
app.use(express.urlencoded({ extended: true }));
|
||||
app.use('/uploads', express.static(process.env.UPLOAD_DIR || path.join(__dirname, 'uploads')));
|
||||
|
||||
// Statische Dateien (Uploads)
|
||||
app.use('/uploads', express.static(path.join(__dirname, 'uploads')));
|
||||
app.get('/health', (req, res) => res.json({ status: 'OK', timestamp: new Date().toISOString() }));
|
||||
|
||||
// Health Check
|
||||
app.get('/health', (req, res) => {
|
||||
res.json({ status: 'OK', timestamp: new Date().toISOString() });
|
||||
});
|
||||
|
||||
// API Routes
|
||||
app.use('/api/auth', authRoutes);
|
||||
app.use('/api/tenants', tenantRoutes);
|
||||
app.use('/api/kunden', kundenRoutes);
|
||||
app.use('/api/kunden-bilder', kundenBilderRoutes);
|
||||
app.use('/api/artikel', artikelRoutes);
|
||||
app.use('/api/lieferungen', lieferungenRoutes);
|
||||
app.use('/api/ruecknahmen', ruecknahmenRoutes);
|
||||
app.use('/api/mitarbeiter', mitarbeiterRoutes);
|
||||
app.use('/api/geraete', geraeteRoutes);
|
||||
|
||||
// Error Handler
|
||||
app.use((err, req, res, next) => {
|
||||
console.error('Fehler:', err);
|
||||
|
||||
if (err.name === 'MulterError') {
|
||||
if (err.code === 'LIMIT_FILE_SIZE') {
|
||||
return res.status(400).json({ error: 'Datei zu groß (max. 10MB)' });
|
||||
}
|
||||
if (err.code === 'LIMIT_FILE_SIZE') return res.status(400).json({ error: 'Datei zu gross (max. 10MB)' });
|
||||
return res.status(400).json({ error: err.message });
|
||||
}
|
||||
|
||||
res.status(err.status || 500).json({
|
||||
error: err.message || 'Interner Serverfehler'
|
||||
res.status(err.status || 500).json({ error: err.message || 'Interner Serverfehler' });
|
||||
});
|
||||
|
||||
app.use((req, res) => res.status(404).json({ error: 'Route nicht gefunden' }));
|
||||
|
||||
// Bootstrap SuperAdmin beim Start, dann Server starten
|
||||
bootstrapSuperAdmin()
|
||||
.catch(err => console.error('Bootstrap-Fehler:', err))
|
||||
.finally(() => {
|
||||
app.listen(PORT, '0.0.0.0', () => {
|
||||
console.log(`Backend laeuft auf Port ${PORT}`);
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
// 404 Handler
|
||||
app.use((req, res) => {
|
||||
res.status(404).json({ error: 'Route nicht gefunden' });
|
||||
});
|
||||
|
||||
// Server starten
|
||||
app.listen(PORT, '0.0.0.0', () => {
|
||||
console.log(`🚀 Backend-Server läuft auf Port ${PORT}`);
|
||||
console.log(`📊 Health Check: http://localhost:${PORT}/health`);
|
||||
console.log(`🔐 API Base URL: http://localhost:${PORT}/api`);
|
||||
});
|
||||
|
||||
export default app;
|
||||
|
||||
Reference in New Issue
Block a user