fosrl.pangolin/server/routers/external.ts

import { Router } from "express";
import * as site from "./site";
import * as org from "./org";
import * as resource from "./resource";
import * as target from "./target";
import * as user from "./user";
import * as auth from "./auth";
import HttpCode from "@server/types/HttpCode";
import {
    rateLimitMiddleware,
    verifySessionMiddleware,
    verifySessionUserMiddleware,
} from "@server/middlewares";
import {
    verifyOrgAccess,
    getUserOrgs,
    verifySiteAccess,
    verifyResourceAccess,
    verifyTargetAccess,
} from "./auth";

// Root routes
export const unauthenticated = Router();

unauthenticated.get("/", (_, res) => {
    res.status(HttpCode.OK).json({ message: "Healthy" });
});

// Authenticated Root routes
export const authenticated = Router();
authenticated.use(verifySessionUserMiddleware);

authenticated.put("/org", getUserOrgs, org.createOrg);
authenticated.get("/orgs", getUserOrgs, org.listOrgs); // TODO we need to check the orgs here
authenticated.get("/org/:orgId", verifyOrgAccess, org.getOrg);
authenticated.post("/org/:orgId", verifyOrgAccess, org.updateOrg);
authenticated.delete("/org/:orgId", verifyOrgAccess, org.deleteOrg);

authenticated.put("/org/:orgId/site", verifyOrgAccess, site.createSite);
authenticated.get("/org/:orgId/sites", verifyOrgAccess, site.listSites);
authenticated.get("/site/:siteId", verifySiteAccess, site.getSite);
authenticated.post("/site/:siteId", verifySiteAccess, site.updateSite);
authenticated.delete("/site/:siteId", verifySiteAccess, site.deleteSite);

authenticated.put(
    "/org/:orgId/site/:siteId/resource",
    verifyOrgAccess,
    resource.createResource,
);
authenticated.get("/site/:siteId/resources", resource.listResources);
authenticated.get(
    "/org/:orgId/resources",
    verifyOrgAccess,
    resource.listResources,
);
authenticated.get(
    "/resource/:resourceId",
    verifyResourceAccess,
    resource.getResource,
);
authenticated.post(
    "/resource/:resourceId",
    verifyResourceAccess,
    resource.updateResource,
);
authenticated.delete(
    "/resource/:resourceId",
    verifyResourceAccess,
    resource.deleteResource,
);

authenticated.put(
    "/resource/:resourceId/target",
    verifyResourceAccess,
    target.createTarget,
);
authenticated.get(
    "/resource/:resourceId/targets",
    verifyResourceAccess,
    target.listTargets,
);
authenticated.get("/target/:targetId", verifyTargetAccess, target.getTarget);
authenticated.post(
    "/target/:targetId",
    verifyTargetAccess,
    target.updateTarget,
);
authenticated.delete(
    "/target/:targetId",
    verifyTargetAccess,
    target.deleteTarget,
);

authenticated.get("/users", user.listUsers);
// authenticated.get("/org/:orgId/users", user.???); // TODO: Implement this
authenticated.get("/user/:userId", user.getUser);
authenticated.delete("/user/:userId", user.deleteUser);

// Auth routes
export const authRouter = Router();
unauthenticated.use("/auth", authRouter);
authRouter.use(
    rateLimitMiddleware({
        windowMin: 10,
        max: 15,
        type: "IP_AND_PATH",
    }),
);

authRouter.put("/signup", auth.signup);
authRouter.post("/login", auth.login);
authRouter.post("/logout", auth.logout);
authRouter.post(
    "/2fa/verify-code",
    verifySessionUserMiddleware,
    auth.verifyTotp,
);
authRouter.post(
    "/2fa/request-secret",
    verifySessionUserMiddleware,
    auth.requestTotpSecret,
);
authRouter.post("/2fa/disable", verifySessionUserMiddleware, auth.disable2fa);
authRouter.post("/verify-email", verifySessionMiddleware, auth.verifyEmail);
authRouter.post(
    "/request-email-code",
    verifySessionMiddleware,
    auth.requestEmailVerificationCode,
);
authRouter.post(
    "/change-password",
    verifySessionUserMiddleware,
    auth.changePassword,
);
bootstrapped 2024-09-27 21:39:03 -04:00			`import { Router } from "express";`
organized routes and routes and added rate limiter 2024-10-02 00:04:40 -04:00			`import * as site from "./site";`
			`import * as org from "./org";`
			`import * as resource from "./resource";`
			`import * as target from "./target";`
			`import * as user from "./user";`
			`import * as auth from "./auth";`
			`import HttpCode from "@server/types/HttpCode";`
verify email workflow working 2024-10-04 23:14:40 -04:00			`import {`
			`rateLimitMiddleware,`
			`verifySessionMiddleware,`
			`verifySessionUserMiddleware,`
			`} from "@server/middlewares";`
			`import {`
			`verifyOrgAccess,`
			`getUserOrgs,`
			`verifySiteAccess,`
			`verifyResourceAccess,`
			`verifyTargetAccess,`
			`} from "./auth";`
bootstrapped 2024-09-27 21:39:03 -04:00
organized routes and routes and added rate limiter 2024-10-02 00:04:40 -04:00			`// Root routes`
			`export const unauthenticated = Router();`
bootstrapped 2024-09-27 21:39:03 -04:00
organized routes and routes and added rate limiter 2024-10-02 00:04:40 -04:00			`unauthenticated.get("/", (_, res) => {`
			`res.status(HttpCode.OK).json({ message: "Healthy" });`
bootstrapped 2024-09-27 21:39:03 -04:00			`});`

organized routes and routes and added rate limiter 2024-10-02 00:04:40 -04:00			`// Authenticated Root routes`
			`export const authenticated = Router();`
verify email workflow working 2024-10-04 23:14:40 -04:00			`authenticated.use(verifySessionUserMiddleware);`
Add routes 2024-09-28 12:14:44 -04:00
Add verify middleware 2024-10-03 22:31:20 -04:00			`authenticated.put("/org", getUserOrgs, org.createOrg);`
			`authenticated.get("/orgs", getUserOrgs, org.listOrgs); // TODO we need to check the orgs here`
			`authenticated.get("/org/:orgId", verifyOrgAccess, org.getOrg);`
			`authenticated.post("/org/:orgId", verifyOrgAccess, org.updateOrg);`
			`authenticated.delete("/org/:orgId", verifyOrgAccess, org.deleteOrg);`
organized routes and routes and added rate limiter 2024-10-02 00:04:40 -04:00
Add verify middleware 2024-10-03 22:31:20 -04:00			`authenticated.put("/org/:orgId/site", verifyOrgAccess, site.createSite);`
			`authenticated.get("/org/:orgId/sites", verifyOrgAccess, site.listSites);`
			`authenticated.get("/site/:siteId", verifySiteAccess, site.getSite);`
			`authenticated.post("/site/:siteId", verifySiteAccess, site.updateSite);`
			`authenticated.delete("/site/:siteId", verifySiteAccess, site.deleteSite);`
Move nessicary info to url params 2024-10-02 22:05:21 -04:00
verify email workflow working 2024-10-04 23:14:40 -04:00			`authenticated.put(`
			`"/org/:orgId/site/:siteId/resource",`
			`verifyOrgAccess,`
			`resource.createResource,`
			`);`
Move nessicary info to url params 2024-10-02 22:05:21 -04:00			`authenticated.get("/site/:siteId/resources", resource.listResources);`
verify email workflow working 2024-10-04 23:14:40 -04:00			`authenticated.get(`
			`"/org/:orgId/resources",`
			`verifyOrgAccess,`
			`resource.listResources,`
			`);`
			`authenticated.get(`
			`"/resource/:resourceId",`
			`verifyResourceAccess,`
			`resource.getResource,`
			`);`
			`authenticated.post(`
			`"/resource/:resourceId",`
			`verifyResourceAccess,`
			`resource.updateResource,`
			`);`
			`authenticated.delete(`
			`"/resource/:resourceId",`
			`verifyResourceAccess,`
			`resource.deleteResource,`
			`);`
Add verify middleware 2024-10-03 22:31:20 -04:00
verify email workflow working 2024-10-04 23:14:40 -04:00			`authenticated.put(`
			`"/resource/:resourceId/target",`
			`verifyResourceAccess,`
			`target.createTarget,`
			`);`
			`authenticated.get(`
			`"/resource/:resourceId/targets",`
			`verifyResourceAccess,`
			`target.listTargets,`
			`);`
Add verify middleware 2024-10-03 22:31:20 -04:00			`authenticated.get("/target/:targetId", verifyTargetAccess, target.getTarget);`
verify email workflow working 2024-10-04 23:14:40 -04:00			`authenticated.post(`
			`"/target/:targetId",`
			`verifyTargetAccess,`
			`target.updateTarget,`
			`);`
			`authenticated.delete(`
			`"/target/:targetId",`
			`verifyTargetAccess,`
			`target.deleteTarget,`
			`);`
organized routes and routes and added rate limiter 2024-10-02 00:04:40 -04:00
Add list endpoints to routers 2024-10-02 21:22:17 -04:00			`authenticated.get("/users", user.listUsers);`
Tested list endpoints 2024-10-02 22:17:43 -04:00			`// authenticated.get("/org/:orgId/users", user.???); // TODO: Implement this`
Move nessicary info to url params 2024-10-02 22:05:21 -04:00			`authenticated.get("/user/:userId", user.getUser);`
organized routes and routes and added rate limiter 2024-10-02 00:04:40 -04:00			`authenticated.delete("/user/:userId", user.deleteUser);`

			`// Auth routes`
added change password endpoint 2024-10-05 15:11:51 -04:00			`export const authRouter = Router();`
			`unauthenticated.use("/auth", authRouter);`
			`authRouter.use(`
			`rateLimitMiddleware({`
			`windowMin: 10,`
			`max: 15,`
			`type: "IP_AND_PATH",`
			`}),`
			`);`

			`authRouter.put("/signup", auth.signup);`
			`authRouter.post("/login", auth.login);`
			`authRouter.post("/logout", auth.logout);`
			`authRouter.post(`
rename 2fa routes 2024-10-05 15:48:19 -04:00			`"/2fa/verify-code",`
			`verifySessionUserMiddleware,`
			`auth.verifyTotp,`
			`);`
			`authRouter.post(`
			`"/2fa/request-secret",`
added change password endpoint 2024-10-05 15:11:51 -04:00			`verifySessionUserMiddleware,`
			`auth.requestTotpSecret,`
verify email workflow working 2024-10-04 23:14:40 -04:00			`);`
rename 2fa routes 2024-10-05 15:48:19 -04:00			`authRouter.post("/2fa/disable", verifySessionUserMiddleware, auth.disable2fa);`
added change password endpoint 2024-10-05 15:11:51 -04:00			`authRouter.post("/verify-email", verifySessionMiddleware, auth.verifyEmail);`
			`authRouter.post(`
			`"/request-email-code",`
verify email workflow working 2024-10-04 23:14:40 -04:00			`verifySessionMiddleware,`
			`auth.requestEmailVerificationCode,`
			`);`
added change password endpoint 2024-10-05 15:11:51 -04:00			`authRouter.post(`
			`"/change-password",`
			`verifySessionUserMiddleware,`
			`auth.changePassword,`
			`);`