torsten/harheimertc
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add user management system with approval workflow and role assignment

Browse Source
This commit is contained in:
Torsten Schulz (local)
2025-10-21 11:35:02 +02:00
parent f058516a3d
commit 96ff9e5d44
59 changed files with 1145 additions and 361 deletions
Download Patch File Download Diff File Expand all files Collapse all files

75
server/api/cms/users/approve.post.js Normal file
View File

@@ -0,0 +1,75 @@
import { getUserFromToken, readUsers, writeUsers } from '../../../utils/auth.js'
import nodemailer from 'nodemailer'
export default defineEventHandler(async (event) => {
try {
const token = getCookie(event, 'auth_token')
const currentUser = await getUserFromToken(token)
if (!currentUser || (currentUser.role !== 'admin' && currentUser.role !== 'vorstand')) {
throw createError({
statusCode: 403,
message: 'Zugriff verweigert'
})
}
const body = await readBody(event)
const { userId, role } = body
const users = await readUsers()
const user = users.find(u => u.id === userId)
if (!user) {
throw createError({
statusCode: 404,
message: 'Benutzer nicht gefunden'
})
}
// Activate user and set role
user.active = true
user.role = role || 'mitglied'
const updatedUsers = users.map(u => u.id === userId ? user : u)
await writeUsers(updatedUsers)
// Send approval email
try {
const transporter = nodemailer.createTransporter({
host: process.env.SMTP_HOST || 'smtp.gmail.com',
port: process.env.SMTP_PORT || 587,
secure: false,
auth: {
user: process.env.SMTP_USER,
pass: process.env.SMTP_PASS
}
})
await transporter.sendMail({
from: process.env.SMTP_FROM || 'noreply@harheimertc.de',
to: user.email,
subject: 'Zugang freigeschaltet - Harheimer TC',
html: `
<h2>Zugang freigeschaltet</h2>
<p>Hallo ${user.name},</p>
<p>Ihr Zugang zum Mitgliederbereich wurde freigeschaltet!</p>
<p>Sie können sich jetzt mit Ihrer E-Mail-Adresse und Ihrem Passwort anmelden.</p>
<p><a href="https://harheimertc.tsschulz.de/login">Zum Login</a></p>
<br>
<p>Mit sportlichen Grüßen,<br>Ihr Harheimer TC</p>
`
})
} catch (emailError) {
console.error('E-Mail-Versand fehlgeschlagen:', emailError)
}
return {
success: true,
message: 'Benutzer wurde freigeschaltet'
}
} catch (error) {
console.error('Fehler beim Freischalten:', error)
throw error
}
})

48
server/api/cms/users/deactivate.post.js Normal file
View File

@@ -0,0 +1,48 @@
import { getUserFromToken, readUsers, writeUsers } from '../../../utils/auth.js'
export default defineEventHandler(async (event) => {
try {
const token = getCookie(event, 'auth_token')
const currentUser = await getUserFromToken(token)
if (!currentUser || (currentUser.role !== 'admin' && currentUser.role !== 'vorstand')) {
throw createError({
statusCode: 403,
message: 'Zugriff verweigert'
})
}
const body = await readBody(event)
const { userId } = body
if (userId === currentUser.id) {
throw createError({
statusCode: 400,
message: 'Sie können sich nicht selbst deaktivieren'
})
}
const users = await readUsers()
const user = users.find(u => u.id === userId)
if (!user) {
throw createError({
statusCode: 404,
message: 'Benutzer nicht gefunden'
})
}
user.active = false
const updatedUsers = users.map(u => u.id === userId ? user : u)
await writeUsers(updatedUsers)
return {
success: true,
message: 'Benutzer wurde deaktiviert'
}
} catch (error) {
console.error('Fehler beim Deaktivieren:', error)
throw error
}
})

37
server/api/cms/users/list.get.js Normal file
View File

@@ -0,0 +1,37 @@
import { getUserFromToken, readUsers } from '../../../utils/auth.js'
export default defineEventHandler(async (event) => {
try {
const token = getCookie(event, 'auth_token')
const currentUser = await getUserFromToken(token)
if (!currentUser || (currentUser.role !== 'admin' && currentUser.role !== 'vorstand')) {
throw createError({
statusCode: 403,
message: 'Zugriff verweigert'
})
}
const users = await readUsers()
// Return users without passwords
const safeUsers = users.map(u => ({
id: u.id,
email: u.email,
name: u.name,
role: u.role,
phone: u.phone || '',
active: u.active,
created: u.created,
lastLogin: u.lastLogin
}))
return {
users: safeUsers
}
} catch (error) {
console.error('Fehler beim Laden der Benutzer:', error)
throw error
}
})

32
server/api/cms/users/reject.post.js Normal file
View File

@@ -0,0 +1,32 @@
import { getUserFromToken, readUsers, writeUsers } from '../../../utils/auth.js'
export default defineEventHandler(async (event) => {
try {
const token = getCookie(event, 'auth_token')
const currentUser = await getUserFromToken(token)
if (!currentUser || (currentUser.role !== 'admin' && currentUser.role !== 'vorstand')) {
throw createError({
statusCode: 403,
message: 'Zugriff verweigert'
})
}
const body = await readBody(event)
const { userId } = body
const users = await readUsers()
const updatedUsers = users.filter(u => u.id !== userId)
await writeUsers(updatedUsers)
return {
success: true,
message: 'Registrierung wurde abgelehnt und gelöscht'
}
} catch (error) {
console.error('Fehler beim Ablehnen:', error)
throw error
}
})

48
server/api/cms/users/update-role.post.js Normal file
View File

@@ -0,0 +1,48 @@
import { getUserFromToken, readUsers, writeUsers } from '../../../utils/auth.js'
export default defineEventHandler(async (event) => {
try {
const token = getCookie(event, 'auth_token')
const currentUser = await getUserFromToken(token)
if (!currentUser || (currentUser.role !== 'admin' && currentUser.role !== 'vorstand')) {
throw createError({
statusCode: 403,
message: 'Zugriff verweigert'
})
}
const body = await readBody(event)
const { userId, role } = body
if (!['mitglied', 'vorstand', 'admin'].includes(role)) {
throw createError({
statusCode: 400,
message: 'Ungültige Rolle'
})
}
const users = await readUsers()
const user = users.find(u => u.id === userId)
if (!user) {
throw createError({
statusCode: 404,
message: 'Benutzer nicht gefunden'
})
}
user.role = role
const updatedUsers = users.map(u => u.id === userId ? user : u)
await writeUsers(updatedUsers)
return {
success: true,
message: 'Rolle wurde aktualisiert'
}
} catch (error) {
console.error('Fehler beim Aktualisieren der Rolle:', error)
throw error
}
})