Fix jwt-token

2025-09-23 16:05:34 +02:00
parent 25d910ed3f
commit e41ae5d65b
5 changed files with 262 additions and 10 deletions
--- a/server/routes/dataRetention.js
+++ b/server/routes/dataRetention.js
@@ -375,4 +375,79 @@ router.get('/status', async (req, res) => {
  }
 });

+/**
+ * POST /api/data-retention/cleanup
+ * Trigger manual data retention cleanup
+ * RESTRICTED: Management users only
+ */
+router.post('/cleanup', async (req, res) => {
+  try {
+    // Add security headers
+    res.setHeader('X-Content-Type-Options', 'nosniff');
+    res.setHeader('X-Frame-Options', 'DENY');
+    res.setHeader('X-XSS-Protection', '1; mode=block');
+    
+    // Make HTTP request to data retention service cleanup endpoint
+    const response = await new Promise((resolve, reject) => {
+      const options = {
+        hostname: DATA_RETENTION_HOST,
+        port: DATA_RETENTION_PORT,
+        path: '/cleanup',
+        method: 'POST',
+        headers: {
+          'Content-Type': 'application/json'
+        },
+        timeout: 30000 // 30 second timeout for cleanup operation
+      };
+
+      const req = http.request(options, (res) => {
+        let data = '';
+        res.on('data', (chunk) => data += chunk);
+        res.on('end', () => {
+          try {
+            const parsed = data ? JSON.parse(data) : {};
+            resolve({ status: res.statusCode, data: parsed });
+          } catch (e) {
+            resolve({ status: res.statusCode, data: { message: data } });
+          }
+        });
+      });
+
+      req.on('error', reject);
+      req.on('timeout', () => reject(new Error('Data retention service timeout')));
+      req.end();
+    });
+    
+    if (response.status === 200 || response.status === 202) {
+      // Log successful cleanup trigger
+      await auditLogger.logSuccess(req.managementUser, req, '/cleanup');
+      console.log(`✅ Data retention cleanup triggered by ${req.managementUser.username}`);
+      
+      res.json({
+        success: true,
+        data: response.data,
+        message: 'Data retention cleanup initiated successfully',
+        timestamp: new Date().toISOString(),
+        triggeredBy: {
+          username: req.managementUser.username,
+          role: req.managementUser.role
+        }
+      });
+    } else {
+      res.status(response.status).json({
+        success: false,
+        error: 'Failed to trigger cleanup in data retention service',
+        details: response.data
+      });
+    }
+  } catch (error) {
+    console.error(`❌ Data retention cleanup trigger error for ${req.managementUser.username}:`, error);
+    res.status(503).json({
+      success: false,
+      error: 'Data retention service unavailable',
+      details: error.message
+    });
+  }
+});
+
 module.exports = router;