Intento de Creador

backend/src/index.js

@@ -23,21 +23,41 @@ app.get('/', (req, res) => {
   res.send('ALPR Backend Running');
 });
 
+const authRoutes = require('./routes/auth');
+const { authenticateToken, isAdmin } = require('./middleware/auth');
+
+app.use('/api/auth', authRoutes);
+
 // Plates CRUD
-app.get('/api/plates', async (req, res) => {
+app.get('/api/plates', authenticateToken, async (req, res) => {
   try {
-    const plates = await prisma.plate.findMany();
+    // Users see their own plates? Or all? 
+    // Requirement: "usuarios al agregar nuevas patentes, deberan ser permitidas por el administrador"
+    // Let's users see all but maybe status distinguishes them.
+    // For now, let's return all.
+    const plates = await prisma.plate.findMany({
+      include: { addedBy: { select: { username: true } } }
+    });
     res.json(plates);
   } catch (err) {
     res.status(500).json({ error: err.message });
   }
 });
 
-app.post('/api/plates', async (req, res) => {
-  const { number, owner, status } = req.body;
+app.post('/api/plates', authenticateToken, async (req, res) => {
+  const { number, owner } = req.body;
+  const isAdm = req.user.role === 'ADMIN';
+  // Admin -> ALLOWED, User -> PENDING
+  const status = isAdm ? 'ALLOWED' : 'PENDING';
+
   try {
     const plate = await prisma.plate.create({
-      data: { number, owner, status: status || 'ALLOWED' }
+      data: {
+        number,
+        owner,
+        status,
+        addedById: req.user.id
+      }
     });
     res.json(plate);
   } catch (err) {
@@ -45,6 +65,37 @@ app.post('/api/plates', async (req, res) => {
   }
 });
 
+// Admin: Approve/Reject Plate
+app.put('/api/plates/:id/approve', authenticateToken, isAdmin, async (req, res) => {
+  const { id } = req.params;
+  const { status } = req.body; // ALLOWED or DENIED
+
+  if (!['ALLOWED', 'DENIED'].includes(status)) {
+    return res.status(400).json({ error: 'Invalid status' });
+  }
+
+  try {
+    const plate = await prisma.plate.update({
+      where: { id: parseInt(id) },
+      data: { status }
+    });
+    res.json(plate);
+  } catch (err) {
+    res.status(500).json({ error: err.message });
+  }
+});
+
+// Admin: Delete Plate (Optional but good to have)
+app.delete('/api/plates/:id', authenticateToken, isAdmin, async (req, res) => {
+  const { id } = req.params;
+  try {
+    await prisma.plate.delete({ where: { id: parseInt(id) } });
+    res.json({ message: 'Plate deleted' });
+  } catch (err) {
+    res.status(500).json({ error: err.message });
+  }
+});
+
 // History Endpoint
 app.get('/api/history', async (req, res) => {
   const { date } = req.query; // Format: YYYY-MM-DD
@@ -159,7 +210,28 @@ app.post('/api/detect', async (req, res) => {
   }
 });
 
+const bcrypt = require('bcryptjs');
+
 const PORT = process.env.PORT || 3000;
-server.listen(PORT, () => {
+server.listen(PORT, async () => {
   console.log(`Server running on port ${PORT}`);
+
+  // Seed Admin User if none exists
+  try {
+    const userCount = await prisma.user.count();
+    if (userCount === 0) {
+      console.log('No users found. Creating default admin user...');
+      const hashedPassword = await bcrypt.hash('admin123', 10);
+      await prisma.user.create({
+        data: {
+          username: 'admin',
+          password: hashedPassword,
+          role: 'ADMIN'
+        }
+      });
+      console.log('Default admin created: admin / admin123');
+    }
+  } catch (err) {
+    console.error('Error seeding admin user:', err);
+  }
 });