feat: added endpoint for single report

2025-08-01 03:33:06 +02:00 · 2025-08-01 03:33:06 +02:00 · 3fed754570
commit 3fed754570
parent 89d58d047e
2 changed files with 54 additions and 26 deletions
--- a/backend/routes/auth.js
+++ b/backend/routes/auth.js
@ -9,6 +9,7 @@ const router = express.Router();
 const JWT_SECRET = process.env.JWT_SECRET || "your-secret-key";

 // Login endpoint
+// LOGIN endpoint with today's reports for non-admin
 router.post(
  "/login",
  [
@ -31,18 +32,14 @@ router.post(
        "SELECT * FROM users WHERE username = ?",
        [username],
        async (err, user) => {
-          if (err) {
-            return res.status(500).json({ error: "Database error" });
-          }
+          if (err) return res.status(500).json({ error: "Database error" });

-          if (!user) {
+          if (!user)
            return res.status(401).json({ error: "Invalid credentials" });
-          }

          const validPassword = await bcrypt.compare(password, user.password);
-          if (!validPassword) {
+          if (!validPassword)
            return res.status(401).json({ error: "Invalid credentials" });
-          }

          const token = jwt.sign(
            { userId: user.id, username: user.username, role: user.role },
@ -50,15 +47,13 @@ router.post(
            { expiresIn: "24h" }
          );

-          // === Return all stores for admin, only assigned for employee/manager ===
          if (user.role === "admin") {
            db.all(
              "SELECT id, name, address FROM stores",
              [],
              (err, stores) => {
-                if (err) {
+                if (err)
                  return res.status(500).json({ error: "Database error" });
-                }
                res.json({
                  token,
                  user: {
@ -74,28 +69,39 @@ router.post(
          } else {
            db.all(
              `SELECT stores.id, stores.name, stores.address
-               FROM stores
-               JOIN user_store_access ON stores.id = user_store_access.storeId
-               WHERE user_store_access.userId = ?`,
+             FROM stores
+             JOIN user_store_access ON stores.id = user_store_access.storeId
+             WHERE user_store_access.userId = ?`,
              [user.id],
              (err, stores) => {
-                if (err) {
+                if (err)
                  return res.status(500).json({ error: "Database error" });
-                }
-                res.json({
-                  token,
-                  user: {
-                    id: user.id,
-                    username: user.username,
-                    fullName: user.fullName,
-                    role: user.role,
-                    stores: stores,
-                  },
-                });
+
+                // === Add: Fetch today's reports for this user ===
+                const today = new Date().toISOString().split("T")[0];
+                db.all(
+                  `SELECT * FROM reports WHERE userId = ? AND reportDate = ?`,
+                  [user.id, today],
+                  (err, todaysReports) => {
+                    if (err)
+                      return res.status(500).json({ error: "Database error" });
+
+                    res.json({
+                      token,
+                      user: {
+                        id: user.id,
+                        username: user.username,
+                        fullName: user.fullName,
+                        role: user.role,
+                        stores: stores,
+                      },
+                      todaysReports: todaysReports || [],
+                    });
+                  }
+                );
              }
            );
          }
-          // ===
        }
      );
    } catch (error) {
@ -105,6 +111,8 @@ router.post(
  }
 );

+module.exports = router;
+
 router.get("/me", verifyToken, (req, res) => {
  db.get(
    "SELECT id, username, fullName, role FROM users WHERE id = ?",
--- a/backend/routes/reports.js
+++ b/backend/routes/reports.js
@ -130,6 +130,26 @@ router.get(
  }
 );

+// GET /api/reports/:id - get single report by ID
+router.get("/:id", verifyToken, [param("id").isInt()], (req, res) => {
+  const reportId = req.params.id;
+  db.get(
+    `
+    SELECT reports.*, stores.name AS storeName, users.username AS username, users.fullName AS fullName
+    FROM reports
+    JOIN stores ON reports.storeId = stores.id
+    JOIN users ON reports.userId = users.id
+    WHERE reports.id = ?
+    `,
+    [reportId],
+    (err, report) => {
+      if (err) return res.status(500).json({ error: "Database error" });
+      if (!report) return res.status(404).json({ error: "Report not found" });
+      res.json({ report });
+    }
+  );
+});
+
 // PUT /api/reports/:id - update a report
 router.put(
  "/:id",