init

backend/.env.example

@@ -0,0 +1,3 @@
+MONGODB_URI=mongodb://mongo:27017/inventory
+JWT_SECRET=Example
+PORT=6789

backend/.gitignore

@@ -0,0 +1,3 @@
+.env
+node_modules/
+dist/

backend/Dockerfile

@@ -0,0 +1,26 @@
+# -------- fase build --------
+FROM node:20-alpine AS builder
+WORKDIR /app
+
+COPY package*.json ./
+RUN npm ci
+
+COPY tsconfig.json ./tsconfig.json
+COPY src ./src
+RUN npm run build            # genera /app/dist
+
+# -------- fase runtime ------
+FROM node:20-alpine
+WORKDIR /app
+ENV NODE_ENV=production
+
+# installa solo dipendenze runtime
+COPY --from=builder /app/package*.json ./
+RUN npm ci --omit=dev
+
+# copia codice compilato e variabili
+COPY --from=builder /app/dist ./dist
+COPY .env .env
+
+EXPOSE 6789
+CMD ["node", "dist/index.js"]

backend/package.json

@@ -0,0 +1,27 @@
+{
+    "name": "inventory-backend-ts",
+    "version": "1.0.0",
+    "type": "module",
+    "scripts": {
+        "dev": "ts-node-dev --respawn src/index.ts",
+        "build": "tsc",
+        "start": "node dist/index.js"
+    },
+    "dependencies": {
+        "bcrypt": "^6.0.0",
+        "cors": "^2.8.5",
+        "dotenv": "^17.0.0",
+        "express": "^5.1.0",
+        "jsonwebtoken": "^9.0.2",
+        "mongoose": "^8.16.1"
+    },
+    "devDependencies": {
+        "@types/bcrypt": "^5.0.2",
+        "@types/cors": "^2.8.19",
+        "@types/express": "^5.0.3",
+        "@types/jsonwebtoken": "^9.0.10",
+        "@types/node": "^24.0.7",
+        "ts-node-dev": "^2.0.0",
+        "typescript": "^5.8.3"
+    }
+}

backend/src/index.ts

@@ -0,0 +1,28 @@
+import express from 'express';
+import mongoose from 'mongoose';
+import cors from 'cors';
+import dotenv from 'dotenv';
+dotenv.config();
+
+import authRoutes from './routes/auth.js';
+import tagRoutes  from './routes/tags.js';
+import itemRoutes from './routes/items.js';
+import authMiddleware from './middleware/auth.js';
+
+const app  = express();
+const PORT = process.env.PORT || 3000;
+
+app.use(cors());
+app.use(express.json());
+
+app.use('/api/auth', authRoutes);
+
+app.use('/api/tags', tagRoutes);
+app.use('/api/items', itemRoutes);
+
+mongoose
+  .connect(process.env.MONGODB_URI!)
+  .then(() => {
+    app.listen(PORT, () => console.log(`✅ Server avviato su http://localhost:${PORT}`));
+  })
+  .catch(err => console.error('❌ Connessione MongoDB fallita:', err.message));

backend/src/middleware/auth.ts

@@ -0,0 +1,31 @@
+import { RequestHandler } from 'express';
+import jwt from 'jsonwebtoken';
+import dotenv from 'dotenv';
+dotenv.config();
+
+export interface JwtPayload { id: string; email: string; }
+
+declare module 'express-serve-static-core' {
+  interface Request {
+    user?: JwtPayload;
+  }
+}
+
+const auth: RequestHandler = (req, res, next) => {
+  const header = req.headers.authorization;
+  const token  = header?.split(' ')[1];
+
+  if (!token) {
+    res.status(401).json({ message: 'Token mancante' });
+    return;                    // ← niente valore
+  }
+
+  try {
+    req.user = jwt.verify(token, process.env.JWT_SECRET!) as JwtPayload;
+    next();                    // anche qui il valore è void
+  } catch {
+    res.status(401).json({ message: 'Token non valido' });
+  }
+};
+
+export default auth;

backend/src/models/Item.ts

@@ -0,0 +1,20 @@
+import { Schema, model, Document, Types } from 'mongoose';
+import { ITag } from './Tag.js';
+
+export interface IItem extends Document {
+  name:        string;
+  description: string;
+  tags:        Types.Array<ITag['_id']>;
+  dateAdded:   Date;
+  addedBy:     string;
+}
+
+const itemSchema = new Schema<IItem>({
+  name:        { type: String, required: true },
+  description: { type: String, required: true },
+  tags:        [{ type: Schema.Types.ObjectId, ref: 'Tag' }],
+  dateAdded:   { type: Date, default: Date.now },
+  addedBy:     { type: String }
+});
+
+export default model<IItem>('Item', itemSchema);

backend/src/models/Tag.ts

@@ -0,0 +1,13 @@
+import { Schema, model, Document } from 'mongoose';
+
+export interface ITag extends Document {
+  name: string;
+  color: string;
+}
+
+const tagSchema = new Schema<ITag>({
+  name:  { type: String, required: true },
+  color: { type: String, required: true }
+});
+
+export default model<ITag>('Tag', tagSchema);

backend/src/models/User.ts

@@ -0,0 +1,26 @@
+import { Schema, model, Document } from 'mongoose';
+import bcrypt from 'bcrypt';
+
+export interface IUser extends Document {
+  email: string;
+  name: string;
+  password: string;
+  comparePassword(candidate: string): Promise<boolean>;
+}
+
+const userSchema = new Schema<IUser>({
+  email:    { type: String, required: true, unique: true },
+  name:     { type: String, required: true },
+  password: { type: String, required: true }
+});
+
+userSchema.pre('save', async function () {
+  if (!this.isModified('password')) return;
+  this.password = await bcrypt.hash(this.password, 12);
+});
+
+userSchema.methods.comparePassword = function (candidate: string) {
+  return bcrypt.compare(candidate, this.password);
+};
+
+export default model<IUser>('User', userSchema);

backend/src/routes/auth.ts

@@ -0,0 +1,29 @@
+import { Router } from 'express';
+import jwt from 'jsonwebtoken';
+import User, { IUser } from '../models/User.js';
+const router = Router();
+
+router.post('/register', async (req, res) => {
+  try {
+    const { email, password, name } = req.body as IUser;
+    const user = await User.create({ email, password, name });
+    const token = jwt.sign({ id: user.id, email }, process.env.JWT_SECRET!);
+    res.json({ token, user: { id: user.id, email, name } });
+  } catch (err: any) {
+    res.status(400).json({ message: 'Registrazione fallita', error: err.message });
+  }
+});
+
+router.post('/login', async (req, res) => {
+  const { email, password } = req.body as IUser;
+  const user = await User.findOne({ email });
+
+  if (!user || !(await user.comparePassword(password))) {
+    res.status(401).json({ message: 'Credenziali non valide' });
+    return;               // ← esce senza value → tipo void
+  }
+
+  const token = jwt.sign({ id: user.id, email }, process.env.JWT_SECRET!);
+  res.json({ token, user: { id: user.id, email, name: user.name } });
+});
+export default router;

backend/src/routes/items.ts

@@ -0,0 +1,66 @@
+import { Router } from 'express';
+import Item from '../models/Item.js';
+import Tag from '../models/Tag.js';
+import auth from '../middleware/auth.js';
+
+const router = Router();
+
+/* ──────────── GET: lista completa ──────────── */
+router.get('/', async (_req, res) => {
+  const items = await Item.find().populate('tags');
+  res.json(items);
+});
+
+/* ──────────── GET: ricerca ──────────── */
+router.get('/search', async (req, res) => {
+  const { query = '', tagIds = '' } = req.query as {
+    query?: string;
+    tagIds?: string;
+  };
+
+  const regex  = new RegExp(query, 'i');
+  const filter: any = {
+    $and: [
+      { $or: [{ name: regex }, { description: regex }] },
+      tagIds ? { tags: { $in: tagIds.split(',') } } : {},
+    ],
+  };
+
+  const items = await Item.find(filter).populate('tags');
+  res.json(items);
+});
+
+/* ──────────── POST: crea item (protetto) ──────────── */
+router.post('/', auth, async (req, res) => {
+  const { name, description, tagIds } = req.body as {
+    name: string;
+    description: string;
+    tagIds: string[];
+  };
+
+  const tags = await Tag.find({ _id: { $in: tagIds } });
+  const item = await Item.create({
+    name,
+    description,
+    tags,
+    addedBy: req.user!.email,
+  });
+
+  res.status(201).json(await item.populate('tags'));
+});
+
+/* ──────────── DELETE: elimina item (protetto) ──────────── */
+router.delete('/:id', auth, async (req, res) => {
+  const { id } = req.params;
+
+  const deleted = await Item.findByIdAndDelete(id);
+  if (!deleted) {
+    res.status(404).json({ message: 'Item non trovato' });
+    return;
+  }
+
+  // 204 No Content: operazione riuscita, nessun body
+  res.status(204).end();
+});
+
+export default router;

backend/src/routes/tags.ts

@@ -0,0 +1,40 @@
+import { Router } from 'express';
+import Tag from '../models/Tag.js';
+import Item from '../models/Item.js';
+import auth from '../middleware/auth.js';
+
+const router = Router();
+
+/* ──────────── GET: tutti i tag ──────────── */
+router.get('/', async (_req, res) => {
+  res.json(await Tag.find());
+});
+
+/* ──────────── POST: crea tag (protetto) ──────────── */
+router.post('/', auth, async (req, res) => {
+  const { name, color } = req.body as { name: string; color: string };
+  const tag = await Tag.create({ name, color });
+  res.status(201).json(tag);
+});
+
+/* ──────────── DELETE: elimina tag (protetto) ──────────── */
+router.delete('/:id', auth, async (req, res) => {
+  const { id } = req.params;
+
+  // opzionale: blocca l’eliminazione se il tag è ancora assegnato a qualche item
+  const inUse = await Item.exists({ tags: id });
+  if (inUse) {
+    res.status(409).json({ message: 'Tag in uso: rimuovilo dagli item prima di cancellarlo' });
+    return;
+  }
+
+  const deleted = await Tag.findByIdAndDelete(id);
+  if (!deleted) {
+    res.status(404).json({ message: 'Tag non trovato' });
+    return;
+  }
+
+  res.status(204).end();
+});
+
+export default router;

backend/tsconfig.json

@@ -0,0 +1,14 @@
+{
+  "compilerOptions": {
+    "target": "ES2020",
+    "module": "ESNext",
+    "moduleResolution": "Node",
+    "esModuleInterop": true,
+    "forceConsistentCasingInFileNames": true,
+    "strict": true,
+    "skipLibCheck": true,
+    "outDir": "dist",
+    "rootDir": "src"
+  },
+  "include": ["src/**/*.ts"]
+}