pontus/pontus-front
1
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

adds user accounts, service requests, dashboard, admin panel, better layout, db+altcha+auth support

Browse source
This commit is contained in:
Aidan 2025-07-07 20:01:59 -04:00
parent dfbc3cade9
commit 0043a5bf3c
40 changed files with 3981 additions and 188 deletions
Download patch file Download diff file Expand all files Collapse all files

103
app/api/admin/activity/route.ts Normal file
View file

@ -0,0 +1,103 @@
import { db } from "@/db";
import { serviceRequests, user, userServices, services } from "@/db/schema";
import { auth } from "@/util/auth";
import { eq, gte, desc, sql } from "drizzle-orm";
import { NextRequest } from "next/server";
export async function GET(request: NextRequest) {
try {
const session = await auth.api.getSession({
headers: request.headers
});
if (!session || session.user.role !== 'admin') {
return Response.json({ error: "Unauthorized" }, { status: 401 });
}
const url = new URL(request.url);
const period = url.searchParams.get('period') || '7';
const daysAgo = parseInt(period);
const startDate = new Date();
startDate.setDate(startDate.getDate() - daysAgo);
const requestActivity = await db.select({
date: sql<string>`DATE(${serviceRequests.createdAt})`,
count: sql<number>`COUNT(*)`,
status: serviceRequests.status
})
.from(serviceRequests)
.where(gte(serviceRequests.createdAt, startDate))
.groupBy(sql`DATE(${serviceRequests.createdAt})`, serviceRequests.status)
.orderBy(sql`DATE(${serviceRequests.createdAt})`);
const userActivity = await db.select({
date: sql<string>`DATE(${user.createdAt})`,
count: sql<number>`COUNT(*)`
})
.from(user)
.where(gte(user.createdAt, startDate))
.groupBy(sql`DATE(${user.createdAt})`)
.orderBy(sql`DATE(${user.createdAt})`);
const accessActivity = await db.select({
date: sql<string>`DATE(${userServices.grantedAt})`,
count: sql<number>`COUNT(*)`
})
.from(userServices)
.where(gte(userServices.grantedAt, startDate))
.groupBy(sql`DATE(${userServices.grantedAt})`)
.orderBy(sql`DATE(${userServices.grantedAt})`);
const recentActivity = await db.select({
id: serviceRequests.id,
type: sql<string>`'request'`,
description: sql<string>`CONCAT(${user.name}, ' requested access to ', ${services.name})`,
status: serviceRequests.status,
createdAt: serviceRequests.createdAt,
userName: user.name,
serviceName: services.name
})
.from(serviceRequests)
.innerJoin(user, eq(serviceRequests.userId, user.id))
.innerJoin(services, eq(serviceRequests.serviceId, services.id))
.where(gte(serviceRequests.createdAt, startDate))
.orderBy(desc(serviceRequests.createdAt))
.limit(20);
const servicePopularity = await db.select({
serviceName: services.name,
requestCount: sql<number>`COUNT(${serviceRequests.id})`,
approvedCount: sql<number>`COUNT(CASE WHEN ${serviceRequests.status} = 'approved' THEN 1 END)`
})
.from(services)
.leftJoin(serviceRequests, eq(services.id, serviceRequests.serviceId))
.where(gte(serviceRequests.createdAt, startDate))
.groupBy(services.id, services.name)
.orderBy(sql`COUNT(${serviceRequests.id}) DESC`)
.limit(10);
const totals = await db.select({
totalRequests: sql<number>`COUNT(DISTINCT ${serviceRequests.id})`,
totalUsers: sql<number>`COUNT(DISTINCT ${user.id})`,
totalAccess: sql<number>`COUNT(DISTINCT ${userServices.id})`
})
.from(serviceRequests)
.fullJoin(user, gte(user.createdAt, startDate))
.fullJoin(userServices, gte(userServices.grantedAt, startDate))
.where(gte(serviceRequests.createdAt, startDate));
return Response.json({
requestActivity,
userActivity,
accessActivity,
recentActivity,
servicePopularity,
totals: totals[0] || { totalRequests: 0, totalUsers: 0, totalAccess: 0 },
period: daysAgo
});
} catch (error) {
console.error("Error fetching activity data:", error);
return Response.json({ error: "Internal server error" }, { status: 500 });
}
}

121
app/api/admin/requests/route.ts Normal file
View file

@ -0,0 +1,121 @@
import { db } from "@/db";
import { serviceRequests, services, user, userServices } from "@/db/schema";
import { auth } from "@/util/auth";
import { eq, and } from "drizzle-orm";
import { NextRequest } from "next/server";
import { nanoid } from "nanoid";
export async function GET(request: NextRequest) {
try {
const session = await auth.api.getSession({
headers: request.headers
});
if (!session || session.user.role !== 'admin') {
return Response.json({ error: "Unauthorized" }, { status: 401 });
}
const allRequests = await db.select({
id: serviceRequests.id,
reason: serviceRequests.reason,
status: serviceRequests.status,
adminNotes: serviceRequests.adminNotes,
reviewedAt: serviceRequests.reviewedAt,
createdAt: serviceRequests.createdAt,
updatedAt: serviceRequests.updatedAt,
userId: serviceRequests.userId,
userName: user.name,
userEmail: user.email,
serviceName: services.name,
serviceDescription: services.description
})
.from(serviceRequests)
.innerJoin(services, eq(serviceRequests.serviceId, services.id))
.innerJoin(user, eq(serviceRequests.userId, user.id))
.orderBy(serviceRequests.createdAt);
return Response.json({ requests: allRequests });
} catch (error) {
console.error("Error fetching admin requests:", error);
return Response.json({ error: "Internal server error" }, { status: 500 });
}
}
export async function PUT(request: NextRequest) {
try {
const session = await auth.api.getSession({
headers: request.headers
});
if (!session || session.user.role !== 'admin') {
return Response.json({ error: "Unauthorized" }, { status: 401 });
}
const { requestId, status, adminNotes } = await request.json();
if (!requestId || !status) {
return Response.json({ error: "Request ID and status are required" }, { status: 400 });
}
if (!['pending', 'approved', 'denied'].includes(status)) {
return Response.json({ error: "Invalid status" }, { status: 400 });
}
const serviceRequest = await db.select({
userId: serviceRequests.userId,
serviceId: serviceRequests.serviceId,
currentStatus: serviceRequests.status
})
.from(serviceRequests)
.where(eq(serviceRequests.id, requestId))
.limit(1);
if (serviceRequest.length === 0) {
return Response.json({ error: "Request not found" }, { status: 404 });
}
await db.update(serviceRequests)
.set({
status,
adminNotes,
reviewedBy: session.user.id,
reviewedAt: new Date(),
updatedAt: new Date()
})
.where(eq(serviceRequests.id, requestId));
if (status === 'approved' && serviceRequest[0].currentStatus !== 'approved') {
const existingAccess = await db.select()
.from(userServices)
.where(and(
eq(userServices.userId, serviceRequest[0].userId),
eq(userServices.serviceId, serviceRequest[0].serviceId)
))
.limit(1);
if (existingAccess.length === 0) {
await db.insert(userServices).values({
id: nanoid(),
userId: serviceRequest[0].userId,
serviceId: serviceRequest[0].serviceId,
grantedBy: session.user.id,
grantedAt: new Date(),
createdAt: new Date()
});
}
}
if (status === 'denied' && serviceRequest[0].currentStatus === 'approved') {
await db.delete(userServices)
.where(and(
eq(userServices.userId, serviceRequest[0].userId),
eq(userServices.serviceId, serviceRequest[0].serviceId)
));
}
return Response.json({ success: true });
} catch (error) {
console.error("Error updating request:", error);
return Response.json({ error: "Internal server error" }, { status: 500 });
}
}

165
app/api/admin/services/route.ts Normal file
View file

@ -0,0 +1,165 @@
import { db } from "@/db";
import { services, userServices, user } from "@/db/schema";
import { auth } from "@/util/auth";
import { eq, and } from "drizzle-orm";
import { NextRequest } from "next/server";
import { nanoid } from "nanoid";
export async function GET(request: NextRequest) {
try {
const session = await auth.api.getSession({
headers: request.headers
});
if (!session || session.user.role !== 'admin') {
return Response.json({ error: "Unauthorized" }, { status: 401 });
}
const allServices = await db.select({
id: services.id,
name: services.name,
description: services.description,
priceStatus: services.priceStatus,
joinLink: services.joinLink,
enabled: services.enabled,
createdAt: services.createdAt,
updatedAt: services.updatedAt
})
.from(services)
.orderBy(services.name);
const serviceAssignments = await db.select({
serviceId: userServices.serviceId,
userId: userServices.userId,
userName: user.name,
userEmail: user.email,
grantedAt: userServices.grantedAt
})
.from(userServices)
.innerJoin(user, eq(userServices.userId, user.id))
.orderBy(user.name);
const servicesWithUsers = allServices.map(service => ({
...service,
users: serviceAssignments.filter(assignment => assignment.serviceId === service.id)
}));
return Response.json({ services: servicesWithUsers });
} catch (error) {
console.error("Error fetching services:", error);
return Response.json({ error: "Internal server error" }, { status: 500 });
}
}
export async function POST(request: NextRequest) {
try {
const session = await auth.api.getSession({
headers: request.headers
});
if (!session || session.user.role !== 'admin') {
return Response.json({ error: "Unauthorized" }, { status: 401 });
}
const { action, userId, serviceId } = await request.json();
if (!action || !userId || !serviceId) {
return Response.json({ error: "Action, user ID, and service ID are required" }, { status: 400 });
}
if (action === 'grant') {
const existingAccess = await db.select()
.from(userServices)
.where(and(
eq(userServices.userId, userId),
eq(userServices.serviceId, serviceId)
))
.limit(1);
if (existingAccess.length > 0) {
return Response.json({ error: "User already has access to this service" }, { status: 400 });
}
await db.insert(userServices).values({
id: nanoid(),
userId,
serviceId,
grantedBy: session.user.id,
grantedAt: new Date(),
createdAt: new Date()
});
return Response.json({ success: true, message: "Access granted" });
} else if (action === 'revoke') {
await db.delete(userServices)
.where(and(
eq(userServices.userId, userId),
eq(userServices.serviceId, serviceId)
));
return Response.json({ success: true, message: "Access revoked" });
} else {
return Response.json({ error: "Invalid action. Use 'grant' or 'revoke'" }, { status: 400 });
}
} catch (error) {
console.error("Error managing service access:", error);
return Response.json({ error: "Internal server error" }, { status: 500 });
}
}
export async function PUT(request: NextRequest) {
try {
const session = await auth.api.getSession({
headers: request.headers
});
if (!session || session.user.role !== 'admin') {
return Response.json({ error: "Unauthorized" }, { status: 401 });
}
const { serviceId, enabled, priceStatus, description, joinLink } = await request.json();
if (!serviceId) {
return Response.json({ error: "Service ID is required" }, { status: 400 });
}
const updates: {
updatedAt: Date;
enabled?: boolean;
priceStatus?: string;
description?: string;
joinLink?: string | null;
} = {
updatedAt: new Date()
};
if (typeof enabled === 'boolean') {
updates.enabled = enabled;
}
if (priceStatus && ['open', 'invite-only', 'by-request'].includes(priceStatus)) {
updates.priceStatus = priceStatus;
}
if (description !== undefined) {
updates.description = description;
}
if (joinLink !== undefined) {
updates.joinLink = joinLink || null;
}
await db.update(services)
.set(updates)
.where(eq(services.id, serviceId));
return Response.json({ success: true, message: "Service updated successfully" });
} catch (error) {
console.error("Error updating service:", error);
return Response.json({ error: "Internal server error" }, { status: 500 });
}
}

68
app/api/admin/users/route.ts Normal file
View file

@ -0,0 +1,68 @@
import { db } from "@/db";
import { user } from "@/db/schema";
import { auth } from "@/util/auth";
import { eq } from "drizzle-orm";
import { NextRequest } from "next/server";
export async function GET(request: NextRequest) {
try {
const session = await auth.api.getSession({
headers: request.headers
});
if (!session || session.user.role !== 'admin') {
return Response.json({ error: "Unauthorized" }, { status: 401 });
}
const allUsers = await db.select({
id: user.id,
name: user.name,
email: user.email,
emailVerified: user.emailVerified,
role: user.role,
createdAt: user.createdAt,
updatedAt: user.updatedAt
})
.from(user)
.orderBy(user.createdAt);
return Response.json({ users: allUsers });
} catch (error) {
console.error("Error fetching users:", error);
return Response.json({ error: "Internal server error" }, { status: 500 });
}
}
export async function PUT(request: NextRequest) {
try {
const session = await auth.api.getSession({
headers: request.headers
});
if (!session || session.user.role !== 'admin') {
return Response.json({ error: "Unauthorized" }, { status: 401 });
}
const { userId, role } = await request.json();
if (!userId || !role) {
return Response.json({ error: "User ID and role are required" }, { status: 400 });
}
if (!['user', 'admin'].includes(role)) {
return Response.json({ error: "Invalid role" }, { status: 400 });
}
await db.update(user)
.set({
role,
updatedAt: new Date()
})
.where(eq(user.id, userId));
return Response.json({ success: true });
} catch (error) {
console.error("Error updating user:", error);
return Response.json({ error: "Internal server error" }, { status: 500 });
}
}

4
app/api/auth/[...all]/route.ts Normal file
View file

@ -0,0 +1,4 @@
import { auth } from "@/util/auth";
import { toNextJsHandler } from "better-auth/next-js";
export const { POST, GET } = toNextJsHandler(auth);

22
app/api/captcha/route.ts Normal file
View file

@ -0,0 +1,22 @@
import { createChallenge } from "altcha-lib";
import { NextResponse } from "next/server";
const hmacKey = process.env.ALTCHA_SECRET;
async function getChallenge() {
if (!hmacKey) {
console.error("ALTCHA_SECRET is not set")
return NextResponse.json({ error: "Internal server error" }, { status: 500 })
}
const challenge = await createChallenge({
hmacKey,
maxNumber: 1400000,
})
return NextResponse.json(challenge)
}
export async function GET() {
return getChallenge()
}

71
app/api/login/route.ts Normal file
View file

@ -0,0 +1,71 @@
import { auth } from "@/util/auth";
import { verifyCaptcha } from "@/util/captcha";
import { NextRequest, NextResponse } from "next/server";
export async function POST(request: NextRequest) {
try {
const body = await request.json();
const { email, password, token } = body;
if (!email || !password || !token) {
return NextResponse.json(
{ error: "Missing required fields" },
{ status: 400 }
);
}
const emailRegex = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;
if (!emailRegex.test(email)) {
return NextResponse.json(
{ error: "Invalid email format" },
{ status: 400 }
);
}
const isCaptchaValid = await verifyCaptcha(token);
if (!isCaptchaValid) {
return NextResponse.json(
{ error: "Invalid captcha" },
{ status: 400 }
);
}
const signInResponse = await auth.api.signInEmail({
body: {
email,
password,
},
});
if (!signInResponse) {
return NextResponse.json(
{ error: "Failed to sign in" },
{ status: 500 }
);
}
if ('error' in signInResponse) {
const errorMessage = signInResponse.error && typeof signInResponse.error === 'object' && 'message' in signInResponse.error
? String(signInResponse.error.message)
: "Invalid credentials";
return NextResponse.json(
{ error: errorMessage },
{ status: 401 }
);
}
return NextResponse.json({
success: true,
message: "Signed in successfully",
user: signInResponse.user,
});
} catch (error: unknown) {
console.error("Login error:", error);
return NextResponse.json(
{ error: "Internal server error" },
{ status: 500 }
);
}
}

23
app/api/logout/route.ts Normal file
View file

@ -0,0 +1,23 @@
import { auth } from "@/util/auth";
import { NextRequest, NextResponse } from "next/server";
export async function POST(request: NextRequest) {
try {
await auth.api.signOut({
headers: request.headers,
});
return NextResponse.json({
success: true,
message: "Signed out successfully",
});
} catch (error: unknown) {
console.error("Logout error:", error);
return NextResponse.json(
{ error: "Internal server error" },
{ status: 500 }
);
}
}

110
app/api/service-requests/route.ts Normal file
View file

@ -0,0 +1,110 @@
import { db } from "@/db";
import { serviceRequests, services, userServices } from "@/db/schema";
import { auth } from "@/util/auth";
import { verifyCaptcha } from "@/util/captcha";
import { eq, and } from "drizzle-orm";
import { NextRequest } from "next/server";
import { nanoid } from "nanoid";
export async function POST(request: NextRequest) {
try {
const session = await auth.api.getSession({
headers: request.headers
});
if (!session) {
return Response.json({ error: "Unauthorized" }, { status: 401 });
}
const { serviceId, reason, captchaToken } = await request.json();
if (!serviceId || !reason) {
return Response.json({ error: "Service ID and reason are required" }, { status: 400 });
}
const isValidCaptcha = await verifyCaptcha(captchaToken);
if (!isValidCaptcha) {
return Response.json({ error: "Invalid captcha" }, { status: 400 });
}
const service = await db.select().from(services).where(eq(services.name, serviceId)).limit(1);
if (service.length === 0) {
return Response.json({ error: "Service not found" }, { status: 404 });
}
if (!service[0].enabled) {
return Response.json({ error: "This service is currently unavailable" }, { status: 400 });
}
const existingAccess = await db.select()
.from(userServices)
.where(and(
eq(userServices.userId, session.user.id),
eq(userServices.serviceId, service[0].id)
))
.limit(1);
if (existingAccess.length > 0) {
return Response.json({ error: "You already have access to this service" }, { status: 400 });
}
const existingRequest = await db.select()
.from(serviceRequests)
.where(and(
eq(serviceRequests.userId, session.user.id),
eq(serviceRequests.serviceId, service[0].id),
eq(serviceRequests.status, 'pending')
))
.limit(1);
if (existingRequest.length > 0) {
return Response.json({ error: "You already have a pending request for this service" }, { status: 400 });
}
const requestId = nanoid();
await db.insert(serviceRequests).values({
id: requestId,
userId: session.user.id,
serviceId: service[0].id,
reason,
status: 'pending'
});
return Response.json({ success: true, requestId });
} catch (error) {
console.error("Error creating service request:", error);
return Response.json({ error: "Internal server error" }, { status: 500 });
}
}
export async function GET(request: NextRequest) {
try {
const session = await auth.api.getSession({
headers: request.headers
});
if (!session) {
return Response.json({ error: "Unauthorized" }, { status: 401 });
}
const userRequests = await db.select({
id: serviceRequests.id,
reason: serviceRequests.reason,
status: serviceRequests.status,
adminNotes: serviceRequests.adminNotes,
reviewedAt: serviceRequests.reviewedAt,
createdAt: serviceRequests.createdAt,
serviceName: services.name,
serviceDescription: services.description
})
.from(serviceRequests)
.innerJoin(services, eq(serviceRequests.serviceId, services.id))
.where(eq(serviceRequests.userId, session.user.id))
.orderBy(serviceRequests.createdAt);
return Response.json({ requests: userRequests });
} catch (error) {
console.error("Error fetching service requests:", error);
return Response.json({ error: "Internal server error" }, { status: 500 });
}
}

24
app/api/services/route.ts Normal file
View file

@ -0,0 +1,24 @@
import { db } from "@/db";
import { services } from "@/db/schema";
import { eq } from "drizzle-orm";
export async function GET() {
try {
const publicServices = await db.select({
id: services.id,
name: services.name,
description: services.description,
priceStatus: services.priceStatus,
joinLink: services.joinLink,
enabled: services.enabled
})
.from(services)
.where(eq(services.enabled, true))
.orderBy(services.name);
return Response.json({ services: publicServices });
} catch (error) {
console.error("Error fetching public services:", error);
return Response.json({ error: "Internal server error" }, { status: 500 });
}
}

102
app/api/signup/route.ts Normal file
View file

@ -0,0 +1,102 @@
import { auth } from "@/util/auth";
import { verifyCaptcha } from "@/util/captcha";
import { db } from "@/db";
import { user } from "@/db/schema";
import { sql } from "drizzle-orm";
import { NextRequest, NextResponse } from "next/server";
export async function POST(request: NextRequest) {
try {
const body = await request.json();
const { email, password, confirmPassword, token, name } = body;
if (!email || !password || !confirmPassword || !token) {
return NextResponse.json(
{ error: "Missing required fields" },
{ status: 400 }
);
}
const emailRegex = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;
if (!emailRegex.test(email)) {
return NextResponse.json(
{ error: "Invalid email format" },
{ status: 400 }
);
}
if (password.length < 8) {
return NextResponse.json(
{ error: "Password must be at least 8 characters long" },
{ status: 400 }
);
}
if (password !== confirmPassword) {
return NextResponse.json(
{ error: "Passwords do not match" },
{ status: 400 }
);
}
const isCaptchaValid = await verifyCaptcha(token);
if (!isCaptchaValid) {
return NextResponse.json(
{ error: "Invalid captcha" },
{ status: 400 }
);
}
const userCount = await db.select({ count: sql<number>`count(*)` }).from(user);
const isFirstUser = userCount[0]?.count === 0;
const signUpResponse = await auth.api.signUpEmail({
body: {
email,
password,
name: name || email.split('@')[0],
role: isFirstUser ? 'admin' : 'user',
},
});
if (!signUpResponse) {
return NextResponse.json(
{ error: "Failed to create user" },
{ status: 500 }
);
}
if ('error' in signUpResponse) {
const errorMessage = signUpResponse.error && typeof signUpResponse.error === 'object' && 'message' in signUpResponse.error
? String(signUpResponse.error.message)
: "Failed to create user";
return NextResponse.json(
{ error: errorMessage },
{ status: 400 }
);
}
return NextResponse.json({
success: true,
message: "User created successfully",
user: signUpResponse.user,
isFirstUser,
});
} catch (error: unknown) {
console.error("Signup error:", error);
const errorMessage = error instanceof Error ? error.message : String(error);
if (errorMessage.includes('duplicate key') || errorMessage.includes('already exists')) {
return NextResponse.json(
{ error: "An account with this email already exists" },
{ status: 409 }
);
}
return NextResponse.json(
{ error: "Internal server error" },
{ status: 500 }
);
}
}

52
app/api/user-services/route.ts Normal file
View file

@ -0,0 +1,52 @@
import { db } from "@/db";
import { userServices, services } from "@/db/schema";
import { auth } from "@/util/auth";
import { eq, sql } from "drizzle-orm";
import { NextRequest } from "next/server";
export async function GET(request: NextRequest) {
try {
const session = await auth.api.getSession({
headers: request.headers
});
if (!session) {
return Response.json({ error: "Unauthorized" }, { status: 401 });
}
const grantedServices = await db.select({
serviceId: services.id,
serviceName: services.name,
serviceDescription: services.description,
priceStatus: services.priceStatus,
joinLink: services.joinLink,
grantedAt: userServices.grantedAt,
isOpen: sql<boolean>`false`
})
.from(userServices)
.innerJoin(services, eq(userServices.serviceId, services.id))
.where(eq(userServices.userId, session.user.id));
const openServices = await db.select({
serviceId: services.id,
serviceName: services.name,
serviceDescription: services.description,
priceStatus: services.priceStatus,
joinLink: services.joinLink,
grantedAt: sql<Date | null>`null`,
isOpen: sql<boolean>`true`
})
.from(services)
.where(eq(services.priceStatus, "open"));
const grantedServiceIds = new Set(grantedServices.map(s => s.serviceId));
const uniqueOpenServices = openServices.filter(s => !grantedServiceIds.has(s.serviceId));
const allAccessibleServices = [...grantedServices, ...uniqueOpenServices];
return Response.json({ services: allAccessibleServices });
} catch (error) {
console.error("Error fetching user services:", error);
return Response.json({ error: "Internal server error" }, { status: 500 });
}
}