Fix jwt-token
This commit is contained in:
@@ -1,14 +1,18 @@
|
||||
const express = require('express');
|
||||
const router = express.Router();
|
||||
const Joi = require('joi');
|
||||
const { Device, DroneDetection, Heartbeat } = require('../models');
|
||||
const { Device, DroneDetection, Heartbeat, Tenant } = require('../models');
|
||||
const { validateRequest } = require('../middleware/validation');
|
||||
const { authenticateToken } = require('../middleware/auth');
|
||||
const MultiTenantAuth = require('../middleware/multi-tenant-auth');
|
||||
const { Op } = require('sequelize');
|
||||
|
||||
// Initialize multi-tenant auth
|
||||
const multiAuth = new MultiTenantAuth();
|
||||
|
||||
// Validation schema for device
|
||||
const deviceSchema = Joi.object({
|
||||
id: Joi.number().integer().required(),
|
||||
id: Joi.number().integer().required().min(1).max(999999999), // Device ID is required for manual registration
|
||||
name: Joi.string().max(255).allow('').optional(),
|
||||
geo_lat: Joi.number().min(-90).max(90).optional(),
|
||||
geo_lon: Joi.number().min(-180).max(180).optional(),
|
||||
@@ -34,6 +38,23 @@ const updateDeviceSchema = Joi.object({
|
||||
// GET /api/devices - Get all devices
|
||||
router.get('/', authenticateToken, async (req, res) => {
|
||||
try {
|
||||
// Determine tenant from request
|
||||
const tenantId = await multiAuth.determineTenant(req);
|
||||
if (!tenantId) {
|
||||
return res.status(400).json({
|
||||
success: false,
|
||||
message: 'Unable to determine tenant'
|
||||
});
|
||||
}
|
||||
|
||||
const tenant = await Tenant.findOne({ where: { slug: tenantId } });
|
||||
if (!tenant) {
|
||||
return res.status(404).json({
|
||||
success: false,
|
||||
message: 'Tenant not found'
|
||||
});
|
||||
}
|
||||
|
||||
const {
|
||||
include_stats = false,
|
||||
active_only = false,
|
||||
@@ -41,7 +62,7 @@ router.get('/', authenticateToken, async (req, res) => {
|
||||
offset = 0
|
||||
} = req.query;
|
||||
|
||||
const whereClause = {};
|
||||
const whereClause = { tenant_id: tenant.id };
|
||||
if (active_only === 'true') {
|
||||
whereClause.is_active = true;
|
||||
}
|
||||
@@ -201,7 +222,28 @@ router.get('/map', authenticateToken, async (req, res) => {
|
||||
// GET /api/devices/:id - Get specific device
|
||||
router.get('/:id', authenticateToken, async (req, res) => {
|
||||
try {
|
||||
const device = await Device.findByPk(req.params.id, {
|
||||
// Determine tenant from request
|
||||
const tenantId = await multiAuth.determineTenant(req);
|
||||
if (!tenantId) {
|
||||
return res.status(400).json({
|
||||
success: false,
|
||||
message: 'Unable to determine tenant'
|
||||
});
|
||||
}
|
||||
|
||||
const tenant = await Tenant.findOne({ where: { slug: tenantId } });
|
||||
if (!tenant) {
|
||||
return res.status(404).json({
|
||||
success: false,
|
||||
message: 'Tenant not found'
|
||||
});
|
||||
}
|
||||
|
||||
const device = await Device.findOne({
|
||||
where: {
|
||||
id: req.params.id,
|
||||
tenant_id: tenant.id
|
||||
},
|
||||
include: [
|
||||
{
|
||||
model: Heartbeat,
|
||||
@@ -221,7 +263,7 @@ router.get('/:id', authenticateToken, async (req, res) => {
|
||||
if (!device) {
|
||||
return res.status(404).json({
|
||||
success: false,
|
||||
message: 'Device not found'
|
||||
message: 'Device not found in your tenant'
|
||||
});
|
||||
}
|
||||
|
||||
@@ -243,7 +285,49 @@ router.get('/:id', authenticateToken, async (req, res) => {
|
||||
// POST /api/devices - Create new device (admin only)
|
||||
router.post('/', authenticateToken, validateRequest(deviceSchema), async (req, res) => {
|
||||
try {
|
||||
const device = await Device.create(req.body);
|
||||
// Determine tenant from request
|
||||
const tenantId = await multiAuth.determineTenant(req);
|
||||
if (!tenantId) {
|
||||
return res.status(400).json({
|
||||
success: false,
|
||||
message: 'Unable to determine tenant'
|
||||
});
|
||||
}
|
||||
|
||||
const tenant = await Tenant.findOne({ where: { slug: tenantId } });
|
||||
if (!tenant) {
|
||||
return res.status(404).json({
|
||||
success: false,
|
||||
message: 'Tenant not found'
|
||||
});
|
||||
}
|
||||
|
||||
// Check if device ID already exists in this tenant
|
||||
const existingDevice = await Device.findOne({
|
||||
where: {
|
||||
id: req.body.id,
|
||||
tenant_id: tenant.id
|
||||
}
|
||||
});
|
||||
|
||||
if (existingDevice) {
|
||||
return res.status(409).json({
|
||||
success: false,
|
||||
message: 'Device with this ID already exists in your tenant'
|
||||
});
|
||||
}
|
||||
|
||||
// Create device with tenant association
|
||||
const deviceData = {
|
||||
...req.body,
|
||||
tenant_id: tenant.id,
|
||||
is_approved: true, // Manually created devices are automatically approved
|
||||
is_active: true
|
||||
};
|
||||
|
||||
const device = await Device.create(deviceData);
|
||||
|
||||
console.log(`✅ Device ${device.id} created in tenant "${tenantId}" by user "${req.user.username}"`);
|
||||
|
||||
res.status(201).json({
|
||||
success: true,
|
||||
|
||||
Reference in New Issue
Block a user