Did more stuff than I even wanna write. Notably:

- Auth/account management
- Navigation system
- Admin views for LOA stuff

api/routes/auth.js

@@ -0,0 +1,110 @@
+const passport = require('passport');
+const OpenIDConnectStrategy = require('passport-openidconnect');
+const dotenv = require('dotenv');
+dotenv.config();
+
+const express = require('express');
+const { param } = require('./applications');
+const router = express.Router();
+const pool = require('../db')
+
+passport.use(new OpenIDConnectStrategy({
+    issuer: process.env.AUTH_ISSUER,
+    authorizationURL: 'https://sso.iceberg-gaming.com/application/o/authorize/',
+    tokenURL: 'https://sso.iceberg-gaming.com/application/o/token/',
+    userInfoURL: 'https://sso.iceberg-gaming.com/application/o/userinfo/',
+    clientID: process.env.AUTH_CLIENT_ID,
+    clientSecret: process.env.AUTH_CLIENT_SECRET,
+    callbackURL: process.env.AUTH_REDIRECT_URI,
+    scope: ['openid', 'profile']
+}, async function verify(issuer, sub, profile, jwtClaims, accessToken, refreshToken, params, cb) {
+
+    console.log('--- OIDC verify() called ---');
+    console.log('issuer:', issuer);
+    console.log('sub:', sub);
+    console.log('profile:', JSON.stringify(profile, null, 2));
+    console.log('id_token claims:', JSON.stringify(jwtClaims, null, 2));
+    console.log('preferred_username:', jwtClaims?.preferred_username);
+
+    const con = await pool.getConnection();
+    try {
+        await con.beginTransaction();
+
+        //lookup existing user
+        const existing = await con.query(`SELECT id FROM members WHERE authentik_issuer = ? AND authentik_sub = ? LIMIT 1;`, [issuer, sub]);
+        console.log(existing)
+        let memberId;
+        //if member exists
+        if (existing.length > 0) {
+            console.log('member exists');
+            memberId = existing[0].id;
+        } else {
+            console.log("creating member")
+            //otherwise: create account
+            const username = sub.username;
+
+            const result = await con.query(
+                `INSERT INTO members (name, authentik_sub, authentik_issuer) VALUES (?, ?, ?)`,
+                [username, sub, issuer]
+            )
+            memberId = result.insertId;
+        }
+
+        console.log("hello world" + memberId);
+        await con.commit();
+        return cb(null, { memberId });
+    } catch (error) {
+        await con.rollback();
+        return cb(error);
+    } finally {
+        con.release();
+    }
+}));
+
+router.get('/login', passport.authenticate('openidconnect'))
+router.get('/callback', passport.authenticate('openidconnect', {
+    successRedirect: 'https://aj17thdev.nexuszone.net/',
+    failureRedirect: 'https://aj17thdev.nexuszone.net/'
+}));
+
+router.post('/logout', function (req, res, next) {
+    req.logout(function (err) {
+        if (err) { return next(err); }
+        var params = {
+            client_id: process.env.AUTH_CLIENT_ID,
+            returnTo: 'https://aj17thdev.nexuszone.net/'
+        };
+        res.redirect(process.env.AUTH_DOMAIN + '/v2/logout?' + qs.stringify(params));
+    });
+});
+
+passport.serializeUser(function (user, cb) {
+    process.nextTick(function () {
+        console.log(`serialize: ${user.memberId}`);
+        cb(null, user);
+    });
+});
+
+passport.deserializeUser(function (user, cb) {
+    process.nextTick(async function () {
+        const memberID = user.memberId;
+
+        const con = await pool.getConnection();
+
+        var userData;
+        try {
+            userResults = await con.query(`SELECT id, name FROM members WHERE id = ?;`, [memberID])
+            console.log(userResults)
+            userData = userResults[0];
+
+        } catch (error) {
+            console.error(error)
+        } finally {
+            con.release();
+        }
+        return cb(null, userData);
+    });
+});
+
+
+module.exports = router;

api/routes/loa.js

@@ -40,4 +40,18 @@ router.get("/me", async (req, res) => {
     }
 })
 
+router.get('/all', async (req, res) => {
+    try {
+        const result = await pool.query(
+            `SELECT loa.*, members.name
+            FROM leave_of_absences AS loa
+            INNER JOIN members ON loa.member_id = members.id;
+            `);
+        res.status(200).json(result)
+    } catch (error) {
+        console.error(error);
+        res.status(500).send(error);
+    }
+})
+
 module.exports = router;

api/routes/statuses.js

@@ -0,0 +1,46 @@
+const express = require('express');
+const status = express.Router();
+const memberStatus = express.Router();
+
+const pool = require('../db');
+
+//insert a new latest rank for a user
+memberStatus.post('/', async (req, res) => {
+    // try {
+    //     const App = req.body?.App || {};
+
+    //     // TODO: replace with current user ID
+    //     const memberId = 1;
+
+    //     const sql = `INSERT INTO applications (member_id, app_version, app_data) VALUES (?, ?, ?);`;
+    //     const appVersion = 1;
+
+    //     const params = [memberId, appVersion, JSON.stringify(App)]
+
+    //     console.log(params)
+
+    //     await pool.query(sql, params);
+
+    //     res.sendStatus(201);
+    // } catch (err) {
+    //     console.error('Insert failed:', err);
+    //     res.status(500).json({ error: 'Failed to save application' });
+    // }
+    res.status(501).json({ error: 'Not implemented' });
+});
+
+//get all statuses
+status.get('/', async (req, res) => {
+    try {
+        const result = await pool.query('SELECT * FROM statuses;');
+        res.json(result);
+    } catch (err) {
+        console.error(err);
+        res.status(500).json({ error: 'Internal server error' });
+    }
+});
+
+module.exports.status = status;
+module.exports.memberStatus = memberStatus;
+
+// TODO, implement get all ranks route with SQL stirng SELECT id, name, short_name, category, sort_id FROM ranks;

api/routes/users.js

@@ -1,44 +0,0 @@
-const express = require('express');
-const router = express.Router();
-
-// DB pool (same as used in api/index.js)
-const pool = require('../db');
-
-//create a new user?
-router.post('/', async (req, res) => {
-
-});
-
-//get all users
-router.get('/', async (req, res) => {
-    try {
-        const result = await pool.query('SELECT * FROM view_member_rank_status_all;');
-        return res.status(200).json(result);
-    } catch (err) {
-        console.error('Error fetching users:', err);
-        return res.status(500).json({ error: 'Failed to fetch users' });
-    }
-});
-
-router.get('/:id', async (req, res) => {
-    try {
-        const userId = req.params.id;
-        const result = await pool.query('SELECT * FROM view_member_rank_status_all WHERE id = $1;', [userId]);
-        if (result.rows.length === 0) {
-            return res.status(404).json({ error: 'User not found' });
-        }
-        return res.status(200).json(result.rows[0]);
-    } catch (err) {
-        console.error('Error fetching user:', err);
-        return res.status(500).json({ error: 'Failed to fetch user' });
-    }
-});
-
-//update a user's display name (stub)
-router.put('/:id/displayname', async (req, res) => {
-    // Stub: not implemented yet
-    return res.status(501).json({ error: 'Update display name not implemented' });
-});
-
-
-module.exports = router;