244 lines
9.4 KiB
JavaScript
244 lines
9.4 KiB
JavaScript
const express = require('express');
|
|
const router = express.Router();
|
|
const { body, param, validationResult } = require('express-validator');
|
|
const representativesController = require('../controllers/representatives');
|
|
const emailsController = require('../controllers/emails');
|
|
const campaignsController = require('../controllers/campaigns');
|
|
const responsesController = require('../controllers/responses');
|
|
const rateLimiter = require('../utils/rate-limiter');
|
|
const { requireAdmin, requireAuth, requireNonTemp, optionalAuth } = require('../middleware/auth');
|
|
const upload = require('../middleware/upload');
|
|
|
|
// Import user routes
|
|
const userRoutes = require('./users');
|
|
|
|
// Validation middleware
|
|
const handleValidationErrors = (req, res, next) => {
|
|
const errors = validationResult(req);
|
|
if (!errors.isEmpty()) {
|
|
return res.status(400).json({ errors: errors.array() });
|
|
}
|
|
next();
|
|
};
|
|
|
|
// Test endpoints
|
|
router.get('/health', (req, res) => {
|
|
res.json({ status: 'ok', timestamp: new Date().toISOString() });
|
|
});
|
|
|
|
router.get('/test-represent', representativesController.testConnection);
|
|
router.get('/test-smtp', requireAdmin, emailsController.testSMTPConnection);
|
|
|
|
// Representatives endpoints
|
|
router.get(
|
|
'/representatives/by-postal/:postalCode',
|
|
param('postalCode').matches(/^[A-Za-z]\d[A-Za-z]\s?\d[A-Za-z]\d$/).withMessage('Invalid postal code format'),
|
|
handleValidationErrors,
|
|
rateLimiter.general,
|
|
representativesController.getByPostalCode
|
|
);
|
|
|
|
router.post(
|
|
'/representatives/refresh-postal/:postalCode',
|
|
param('postalCode').matches(/^[A-Za-z]\d[A-Za-z]\s?\d[A-Za-z]\d$/).withMessage('Invalid postal code format'),
|
|
handleValidationErrors,
|
|
representativesController.refreshPostalCode
|
|
);
|
|
|
|
// Email endpoints
|
|
router.post(
|
|
'/emails/preview',
|
|
rateLimiter.general,
|
|
[
|
|
body('recipientEmail').isEmail().withMessage('Valid recipient email is required'),
|
|
body('senderName').notEmpty().withMessage('Sender name is required'),
|
|
body('senderEmail').isEmail().withMessage('Valid sender email is required'),
|
|
body('subject').notEmpty().withMessage('Subject is required'),
|
|
body('message').notEmpty().withMessage('Message is required'),
|
|
body('postalCode').matches(/^[A-Za-z]\d[A-Za-z]\s?\d[A-Za-z]\d$/).withMessage('Invalid postal code format')
|
|
],
|
|
handleValidationErrors,
|
|
emailsController.previewEmail
|
|
);
|
|
|
|
router.post(
|
|
'/emails/send',
|
|
rateLimiter.email, // General hourly rate limit
|
|
rateLimiter.perRecipientEmailLimiter, // Per-recipient 5-minute rate limit
|
|
[
|
|
body('recipientEmail').isEmail().withMessage('Valid email is required'),
|
|
body('senderName').notEmpty().withMessage('Sender name is required'),
|
|
body('senderEmail').isEmail().withMessage('Valid sender email is required'),
|
|
body('subject').notEmpty().withMessage('Subject is required'),
|
|
body('message').notEmpty().withMessage('Message is required'),
|
|
body('postalCode').matches(/^[A-Za-z]\d[A-Za-z]\s?\d[A-Za-z]\d$/).withMessage('Invalid postal code format')
|
|
],
|
|
handleValidationErrors,
|
|
emailsController.sendEmail
|
|
);
|
|
|
|
// Email testing endpoints
|
|
router.post(
|
|
'/emails/test',
|
|
requireAdmin,
|
|
rateLimiter.general,
|
|
[
|
|
body('subject').notEmpty().withMessage('Subject is required'),
|
|
body('message').notEmpty().withMessage('Message is required')
|
|
],
|
|
handleValidationErrors,
|
|
emailsController.sendTestEmail
|
|
);
|
|
|
|
router.get(
|
|
'/emails/logs',
|
|
requireAdmin,
|
|
rateLimiter.general,
|
|
emailsController.getEmailLogs
|
|
);
|
|
|
|
// Campaign endpoints (Admin) - Protected
|
|
router.get('/admin/campaigns', requireAdmin, rateLimiter.general, campaignsController.getAllCampaigns);
|
|
router.get('/admin/campaigns/:id', requireAdmin, rateLimiter.general, campaignsController.getCampaignById);
|
|
router.post(
|
|
'/admin/campaigns',
|
|
requireAdmin,
|
|
campaignsController.upload.single('cover_photo'),
|
|
rateLimiter.general,
|
|
[
|
|
body('title').notEmpty().withMessage('Campaign title is required'),
|
|
body('email_subject').notEmpty().withMessage('Email subject is required'),
|
|
body('email_body').notEmpty().withMessage('Email body is required')
|
|
],
|
|
handleValidationErrors,
|
|
campaignsController.createCampaign
|
|
);
|
|
router.put('/admin/campaigns/:id', requireAdmin, campaignsController.upload.single('cover_photo'), rateLimiter.general, campaignsController.updateCampaign);
|
|
router.delete('/admin/campaigns/:id', requireAdmin, rateLimiter.general, campaignsController.deleteCampaign);
|
|
router.get('/admin/campaigns/:id/analytics', requireAdmin, rateLimiter.general, campaignsController.getCampaignAnalytics);
|
|
|
|
// Campaign endpoints (Authenticated users)
|
|
router.get('/campaigns', requireAuth, rateLimiter.general, campaignsController.getAllCampaigns);
|
|
router.post(
|
|
'/campaigns',
|
|
requireNonTemp,
|
|
campaignsController.upload.single('cover_photo'),
|
|
rateLimiter.general,
|
|
[
|
|
body('title').notEmpty().withMessage('Campaign title is required'),
|
|
body('email_subject').notEmpty().withMessage('Email subject is required'),
|
|
body('email_body').notEmpty().withMessage('Email body is required')
|
|
],
|
|
handleValidationErrors,
|
|
campaignsController.createCampaign
|
|
);
|
|
router.put(
|
|
'/campaigns/:id',
|
|
requireNonTemp,
|
|
campaignsController.upload.single('cover_photo'),
|
|
rateLimiter.general,
|
|
campaignsController.updateCampaign
|
|
);
|
|
router.get('/campaigns/:id/analytics', requireAuth, rateLimiter.general, campaignsController.getCampaignAnalytics);
|
|
|
|
// Campaign endpoints (Public)
|
|
router.get('/public/campaigns', rateLimiter.general, campaignsController.getPublicCampaigns);
|
|
router.get('/campaigns/:slug', rateLimiter.general, campaignsController.getCampaignBySlug);
|
|
router.get('/campaigns/:slug/representatives/:postalCode', rateLimiter.representAPI, campaignsController.getRepresentativesForCampaign);
|
|
router.post(
|
|
'/campaigns/:slug/track-user',
|
|
rateLimiter.general,
|
|
[
|
|
body('postalCode').matches(/^[A-Za-z]\d[A-Za-z]\s?\d[A-Za-z]\d$/).withMessage('Invalid postal code format')
|
|
],
|
|
handleValidationErrors,
|
|
campaignsController.trackUserInfo
|
|
);
|
|
router.post(
|
|
'/campaigns/:slug/send-email',
|
|
rateLimiter.email, // General hourly rate limit
|
|
rateLimiter.perRecipientEmailLimiter, // Per-recipient 5-minute rate limit
|
|
[
|
|
body('recipientEmail').isEmail().withMessage('Valid recipient email is required'),
|
|
body('postalCode').matches(/^[A-Za-z]\d[A-Za-z]\s?\d[A-Za-z]\d$/).withMessage('Invalid postal code format'),
|
|
body('emailMethod').isIn(['smtp', 'mailto']).withMessage('Email method must be smtp or mailto')
|
|
],
|
|
handleValidationErrors,
|
|
campaignsController.sendCampaignEmail
|
|
);
|
|
|
|
// Campaign call tracking endpoint
|
|
router.post(
|
|
'/campaigns/:slug/track-call',
|
|
rateLimiter.general,
|
|
[
|
|
body('representativeName').notEmpty().withMessage('Representative name is required'),
|
|
body('phoneNumber').notEmpty().withMessage('Phone number is required')
|
|
],
|
|
handleValidationErrors,
|
|
campaignsController.trackCampaignCall
|
|
);
|
|
|
|
// General call tracking endpoint (non-campaign)
|
|
router.post(
|
|
'/track-call',
|
|
rateLimiter.general,
|
|
[
|
|
body('representativeName').notEmpty().withMessage('Representative name is required'),
|
|
body('phoneNumber').notEmpty().withMessage('Phone number is required')
|
|
],
|
|
handleValidationErrors,
|
|
representativesController.trackCall
|
|
);
|
|
|
|
// User management routes (admin only)
|
|
router.use('/admin/users', userRoutes);
|
|
|
|
// Response Wall Routes
|
|
router.get('/campaigns/:slug/responses', rateLimiter.general, responsesController.getCampaignResponses);
|
|
router.get('/campaigns/:slug/response-stats', rateLimiter.general, responsesController.getResponseStats);
|
|
router.post(
|
|
'/campaigns/:slug/responses',
|
|
optionalAuth,
|
|
upload.single('screenshot'),
|
|
rateLimiter.general,
|
|
[
|
|
body('representative_name').notEmpty().withMessage('Representative name is required'),
|
|
body('representative_level').isIn(['Federal', 'Provincial', 'Municipal', 'School Board']).withMessage('Invalid representative level'),
|
|
body('response_type').isIn(['Email', 'Letter', 'Phone Call', 'Meeting', 'Social Media', 'Other']).withMessage('Invalid response type'),
|
|
body('response_text').notEmpty().withMessage('Response text is required')
|
|
],
|
|
handleValidationErrors,
|
|
responsesController.submitResponse
|
|
);
|
|
router.post('/responses/:id/upvote', optionalAuth, rateLimiter.general, responsesController.upvoteResponse);
|
|
router.delete('/responses/:id/upvote', optionalAuth, rateLimiter.general, responsesController.removeUpvote);
|
|
|
|
// Admin Response Management Routes
|
|
router.get('/admin/responses', requireAdmin, rateLimiter.general, responsesController.getAdminResponses);
|
|
router.patch('/admin/responses/:id/status', requireAdmin, rateLimiter.general,
|
|
[body('status').isIn(['pending', 'approved', 'rejected']).withMessage('Invalid status')],
|
|
handleValidationErrors,
|
|
responsesController.updateResponseStatus
|
|
);
|
|
router.patch('/admin/responses/:id', requireAdmin, rateLimiter.general, responsesController.updateResponse);
|
|
router.delete('/admin/responses/:id', requireAdmin, rateLimiter.general, responsesController.deleteResponse);
|
|
|
|
// Debug endpoint to check raw NocoDB data
|
|
router.get('/debug/responses', requireAdmin, async (req, res) => {
|
|
try {
|
|
const nocodbService = require('../services/nocodb');
|
|
// Get raw data without normalization
|
|
const rawResult = await nocodbService.getAll(nocodbService.tableIds.representativeResponses, {});
|
|
res.json({
|
|
success: true,
|
|
count: rawResult.list?.length || 0,
|
|
rawResponses: rawResult.list || [],
|
|
normalized: await nocodbService.getRepresentativeResponses({})
|
|
});
|
|
} catch (error) {
|
|
res.status(500).json({ error: error.message, stack: error.stack });
|
|
}
|
|
});
|
|
|
|
module.exports = router; |