init

2025-06-28 16:01:31 +02:00 · 2025-06-28 16:01:31 +02:00 · 04267b3886
commit 04267b3886
100 changed files with 16495 additions and 0 deletions
--- a/backend/src/index.ts
+++ b/backend/src/index.ts
@ -0,0 +1,28 @@
+import express from 'express';
+import mongoose from 'mongoose';
+import cors from 'cors';
+import dotenv from 'dotenv';
+dotenv.config();
+
+import authRoutes from './routes/auth.js';
+import tagRoutes  from './routes/tags.js';
+import itemRoutes from './routes/items.js';
+import authMiddleware from './middleware/auth.js';
+
+const app  = express();
+const PORT = process.env.PORT || 3000;
+
+app.use(cors());
+app.use(express.json());
+
+app.use('/api/auth', authRoutes);
+
+app.use('/api/tags', tagRoutes);
+app.use('/api/items', itemRoutes);
+
+mongoose
+  .connect(process.env.MONGODB_URI!)
+  .then(() => {
+    app.listen(PORT, () => console.log(`✅ Server avviato su http://localhost:${PORT}`));
+  })
+  .catch(err => console.error('❌ Connessione MongoDB fallita:', err.message));
--- a/backend/src/middleware/auth.ts
+++ b/backend/src/middleware/auth.ts
@ -0,0 +1,31 @@
+import { RequestHandler } from 'express';
+import jwt from 'jsonwebtoken';
+import dotenv from 'dotenv';
+dotenv.config();
+
+export interface JwtPayload { id: string; email: string; }
+
+declare module 'express-serve-static-core' {
+  interface Request {
+    user?: JwtPayload;
+  }
+}
+
+const auth: RequestHandler = (req, res, next) => {
+  const header = req.headers.authorization;
+  const token  = header?.split(' ')[1];
+
+  if (!token) {
+    res.status(401).json({ message: 'Token mancante' });
+    return;                    // ← niente valore
+  }
+
+  try {
+    req.user = jwt.verify(token, process.env.JWT_SECRET!) as JwtPayload;
+    next();                    // anche qui il valore è void
+  } catch {
+    res.status(401).json({ message: 'Token non valido' });
+  }
+};
+
+export default auth;
--- a/backend/src/models/Item.ts
+++ b/backend/src/models/Item.ts
@ -0,0 +1,20 @@
+import { Schema, model, Document, Types } from 'mongoose';
+import { ITag } from './Tag.js';
+
+export interface IItem extends Document {
+  name:        string;
+  description: string;
+  tags:        Types.Array<ITag['_id']>;
+  dateAdded:   Date;
+  addedBy:     string;
+}
+
+const itemSchema = new Schema<IItem>({
+  name:        { type: String, required: true },
+  description: { type: String, required: true },
+  tags:        [{ type: Schema.Types.ObjectId, ref: 'Tag' }],
+  dateAdded:   { type: Date, default: Date.now },
+  addedBy:     { type: String }
+});
+
+export default model<IItem>('Item', itemSchema);
--- a/backend/src/models/Tag.ts
+++ b/backend/src/models/Tag.ts
@ -0,0 +1,13 @@
+import { Schema, model, Document } from 'mongoose';
+
+export interface ITag extends Document {
+  name: string;
+  color: string;
+}
+
+const tagSchema = new Schema<ITag>({
+  name:  { type: String, required: true },
+  color: { type: String, required: true }
+});
+
+export default model<ITag>('Tag', tagSchema);
--- a/backend/src/models/User.ts
+++ b/backend/src/models/User.ts
@ -0,0 +1,26 @@
+import { Schema, model, Document } from 'mongoose';
+import bcrypt from 'bcrypt';
+
+export interface IUser extends Document {
+  email: string;
+  name: string;
+  password: string;
+  comparePassword(candidate: string): Promise<boolean>;
+}
+
+const userSchema = new Schema<IUser>({
+  email:    { type: String, required: true, unique: true },
+  name:     { type: String, required: true },
+  password: { type: String, required: true }
+});
+
+userSchema.pre('save', async function () {
+  if (!this.isModified('password')) return;
+  this.password = await bcrypt.hash(this.password, 12);
+});
+
+userSchema.methods.comparePassword = function (candidate: string) {
+  return bcrypt.compare(candidate, this.password);
+};
+
+export default model<IUser>('User', userSchema);
--- a/backend/src/routes/auth.ts
+++ b/backend/src/routes/auth.ts
@ -0,0 +1,29 @@
+import { Router } from 'express';
+import jwt from 'jsonwebtoken';
+import User, { IUser } from '../models/User.js';
+const router = Router();
+
+router.post('/register', async (req, res) => {
+  try {
+    const { email, password, name } = req.body as IUser;
+    const user = await User.create({ email, password, name });
+    const token = jwt.sign({ id: user.id, email }, process.env.JWT_SECRET!);
+    res.json({ token, user: { id: user.id, email, name } });
+  } catch (err: any) {
+    res.status(400).json({ message: 'Registrazione fallita', error: err.message });
+  }
+});
+
+router.post('/login', async (req, res) => {
+  const { email, password } = req.body as IUser;
+  const user = await User.findOne({ email });
+
+  if (!user || !(await user.comparePassword(password))) {
+    res.status(401).json({ message: 'Credenziali non valide' });
+    return;               // ← esce senza value → tipo void
+  }
+
+  const token = jwt.sign({ id: user.id, email }, process.env.JWT_SECRET!);
+  res.json({ token, user: { id: user.id, email, name: user.name } });
+});
+export default router;
--- a/backend/src/routes/items.ts
+++ b/backend/src/routes/items.ts
@ -0,0 +1,66 @@
+import { Router } from 'express';
+import Item from '../models/Item.js';
+import Tag from '../models/Tag.js';
+import auth from '../middleware/auth.js';
+
+const router = Router();
+
+/* ──────────── GET: lista completa ──────────── */
+router.get('/', async (_req, res) => {
+  const items = await Item.find().populate('tags');
+  res.json(items);
+});
+
+/* ──────────── GET: ricerca ──────────── */
+router.get('/search', async (req, res) => {
+  const { query = '', tagIds = '' } = req.query as {
+    query?: string;
+    tagIds?: string;
+  };
+
+  const regex  = new RegExp(query, 'i');
+  const filter: any = {
+    $and: [
+      { $or: [{ name: regex }, { description: regex }] },
+      tagIds ? { tags: { $in: tagIds.split(',') } } : {},
+    ],
+  };
+
+  const items = await Item.find(filter).populate('tags');
+  res.json(items);
+});
+
+/* ──────────── POST: crea item (protetto) ──────────── */
+router.post('/', auth, async (req, res) => {
+  const { name, description, tagIds } = req.body as {
+    name: string;
+    description: string;
+    tagIds: string[];
+  };
+
+  const tags = await Tag.find({ _id: { $in: tagIds } });
+  const item = await Item.create({
+    name,
+    description,
+    tags,
+    addedBy: req.user!.email,
+  });
+
+  res.status(201).json(await item.populate('tags'));
+});
+
+/* ──────────── DELETE: elimina item (protetto) ──────────── */
+router.delete('/:id', auth, async (req, res) => {
+  const { id } = req.params;
+
+  const deleted = await Item.findByIdAndDelete(id);
+  if (!deleted) {
+    res.status(404).json({ message: 'Item non trovato' });
+    return;
+  }
+
+  // 204 No Content: operazione riuscita, nessun body
+  res.status(204).end();
+});
+
+export default router;
--- a/backend/src/routes/tags.ts
+++ b/backend/src/routes/tags.ts
@ -0,0 +1,40 @@
+import { Router } from 'express';
+import Tag from '../models/Tag.js';
+import Item from '../models/Item.js';
+import auth from '../middleware/auth.js';
+
+const router = Router();
+
+/* ──────────── GET: tutti i tag ──────────── */
+router.get('/', async (_req, res) => {
+  res.json(await Tag.find());
+});
+
+/* ──────────── POST: crea tag (protetto) ──────────── */
+router.post('/', auth, async (req, res) => {
+  const { name, color } = req.body as { name: string; color: string };
+  const tag = await Tag.create({ name, color });
+  res.status(201).json(tag);
+});
+
+/* ──────────── DELETE: elimina tag (protetto) ──────────── */
+router.delete('/:id', auth, async (req, res) => {
+  const { id } = req.params;
+
+  // opzionale: blocca l’eliminazione se il tag è ancora assegnato a qualche item
+  const inUse = await Item.exists({ tags: id });
+  if (inUse) {
+    res.status(409).json({ message: 'Tag in uso: rimuovilo dagli item prima di cancellarlo' });
+    return;
+  }
+
+  const deleted = await Tag.findByIdAndDelete(id);
+  if (!deleted) {
+    res.status(404).json({ message: 'Tag non trovato' });
+    return;
+  }
+
+  res.status(204).end();
+});
+
+export default router;