improved Database & Models

2025-12-06 20:04:11 +01:00 · 2025-12-06 20:04:11 +01:00 · 0bbe91bec3
commit 0bbe91bec3
18 changed files with 956 additions and 0 deletions
--- a/routes/api/v1/routes.mjs
+++ b/routes/api/v1/routes.mjs
@ -0,0 +1,54 @@
+import models from "../../../lib/models.mjs";
+
+
+export default async function (fastify, opts) {
+    fastify.register(async function secureApiContext(secureApiScope) {
+        // check API token
+        secureApiScope.addHook('onRequest', async (request, reply) => {
+            if (!request.headers.authorization) {
+                reply.code(401).send({ error: 'Unauthorized: missing Authorization header' });
+                return;
+            }
+
+            const token = Object.values(await models.apiToken.getAll()).find(t => t.token === request.headers.authorization.replace('Bearer ', ''));
+
+            if (!token) {
+                reply.code(403).send({ error: 'Forbidden: invalid Token' });
+                return;
+            }
+        });
+
+        // check requested Model Type
+        secureApiScope.addHook('onRequest', async (request, reply) => {
+            if (!request.params.modelType) {
+                reply.code(400).send({ error: 'Bad Request: missing Model Type' });
+            }
+            if (!models[request.params.modelType]) {
+                reply.code(404).send({ error: 'Unavailable: requested Model is not available' });
+            }
+        });
+
+        secureApiScope.get("/:modelType", async function (request, reply) {
+            const objects = await models[request.params.modelType].getAll();
+            reply.send(objects);
+        });
+        secureApiScope.post("/:modelType", async function (request, reply) {
+            try {
+                const newObject = await models[request.params.modelType].create(request.body);
+                reply.send(newObject);
+            } catch (error) {
+                reply.code(500).send({ error: error.message });
+            }
+        });
+        secureApiScope.get("/:modelType/:resourceId", async function (request, reply) {
+            const object = await models[request.params.modelType].getById(request.params.resourceId);
+            if (object) {
+                reply.send(object);
+            } else {
+                reply.code(404).send({ error: 'Unavailable: requested Object is not available' });
+            }
+        });
+        secureApiScope.patch("/:modelType/:resourceId", async function (request, reply) { });
+        secureApiScope.delete("/:modelType/:resourceId", async function (request, reply) { });
+    });
+}