mirror of
https://github.com/mauriceboe/TREK.git
synced 2026-06-19 13:21:46 +00:00
jubnl
959015928f
Encrypted webhook URLs are no longer returned to the frontend. Both user and admin webhook fields now show '••••••••' as a placeholder when a URL is already saved, and the sentinel value is skipped on save/test so the stored secret is never exposed or accidentally overwritten.
37 lines
1.4 KiB
TypeScript
37 lines
1.4 KiB
TypeScript
import express, { Request, Response } from 'express';
|
|
import { authenticate } from '../middleware/auth';
|
|
import { AuthRequest } from '../types';
|
|
import * as settingsService from '../services/settingsService';
|
|
|
|
const router = express.Router();
|
|
|
|
router.get('/', authenticate, (req: Request, res: Response) => {
|
|
const authReq = req as AuthRequest;
|
|
res.json({ settings: settingsService.getUserSettings(authReq.user.id) });
|
|
});
|
|
|
|
router.put('/', authenticate, (req: Request, res: Response) => {
|
|
const authReq = req as AuthRequest;
|
|
const { key, value } = req.body;
|
|
if (!key) return res.status(400).json({ error: 'Key is required' });
|
|
if (value === '••••••••') return res.json({ success: true, key, unchanged: true });
|
|
settingsService.upsertSetting(authReq.user.id, key, value);
|
|
res.json({ success: true, key, value });
|
|
});
|
|
|
|
router.post('/bulk', authenticate, (req: Request, res: Response) => {
|
|
const authReq = req as AuthRequest;
|
|
const { settings } = req.body;
|
|
if (!settings || typeof settings !== 'object')
|
|
return res.status(400).json({ error: 'Settings object is required' });
|
|
try {
|
|
const updated = settingsService.bulkUpsertSettings(authReq.user.id, settings);
|
|
res.json({ success: true, updated });
|
|
} catch (err) {
|
|
console.error('Error saving settings:', err);
|
|
res.status(500).json({ error: 'Error saving settings' });
|
|
}
|
|
});
|
|
|
|
export default router;
|