37df062f3b
Some checks are pending
Docker Test / test (push) Waiting to run
This commit implements the role-based access control system as outlined in the project documentation. It includes: - A requireRole middleware for protecting routes - Auth routes for registration, login, profile management - Audit logging for sensitive actions - Role management endpoints - Updated app.js to include audit logging middleware
37 lines
No EOL
886 B
JavaScript
37 lines
No EOL
886 B
JavaScript
const express = require('express');
|
|
const cors = require('cors');
|
|
const helmet = require('helmet');
|
|
const db = require('./db');
|
|
const authRoutes = require('./routes/auth');
|
|
const rolesRoutes = require('./routes/roles');
|
|
const auditLogger = require('./middleware/auditLogger');
|
|
|
|
const app = express();
|
|
|
|
// Middleware
|
|
app.use(helmet());
|
|
app.use(cors());
|
|
app.use(express.json());
|
|
app.use(auditLogger);
|
|
|
|
// Routes
|
|
app.use('/auth', authRoutes);
|
|
app.use('/roles', rolesRoutes);
|
|
|
|
// Health check endpoint
|
|
app.get('/health', (req, res) => {
|
|
res.json({ status: 'OK', timestamp: new Date().toISOString() });
|
|
});
|
|
|
|
// Error handling middleware
|
|
app.use((err, req, res, next) => {
|
|
console.error(err.stack);
|
|
res.status(500).json({ error: 'Something went wrong!' });
|
|
});
|
|
|
|
// 404 handler
|
|
app.use('*', (req, res) => {
|
|
res.status(404).json({ error: 'Route not found' });
|
|
});
|
|
|
|
module.exports = app; |