Improvement of logout. Added Sacrital Service. Added website link for event places and direct link to other websites in worship overview

controllers/authController.js

@@ -1,18 +1,16 @@
 const bcrypt = require('bcryptjs');
 const { User } = require('../models');
 const jwt = require('jsonwebtoken');
+const { addTokenToBlacklist } = require('../utils/blacklist');
 
 exports.register = async (req, res) => {
   const { name, email, password } = req.body;
-
   if (!name || !email || !password) {
     return res.status(400).json({ message: 'Alle Felder sind erforderlich' });
   }
-
   try {
     const hashedPassword = await bcrypt.hash(password, 10);
     const user = await User.create({ name, email, password: hashedPassword, active: true });
-
     res.status(201).json({ message: 'Benutzer erfolgreich registriert', user });
   } catch (error) {
     if (error.name === 'SequelizeUniqueConstraintError') {
@@ -27,28 +25,36 @@ exports.login = async (req, res) => {
   if (!email || !password) {
     return res.status(400).json({ message: 'Email und Passwort sind erforderlich' });
   }
-
   try {
     const user = await User.findOne({ where: { email } });
-
     if (!user) {
       return res.status(401).json({ message: 'Ungültige Anmeldedaten' });
     }
-
     const validPassword = await bcrypt.compare(password, user.password);
-
     if (!validPassword) {
       return res.status(401).json({ message: 'Ungültige Anmeldedaten' });
     }
-
     if (!user.active) {
       return res.status(403).json({ message: 'Benutzerkonto ist nicht aktiv' });
     }
-
     const token = jwt.sign({ id: user.id, name: user.name, email: user.email }, 'zTxVgptmPl9!_dr%xxx9999(dd)', { expiresIn: '1h' });
-
     res.status(200).json({ message: 'Login erfolgreich', token, 'user': user });
   } catch (error) {
     res.status(500).json({ message: 'Ein Fehler ist aufgetreten' });
   }
 };
+
+exports.logout = async (req, res) => {
+  const authHeader = req.header('Authorization');
+  if (!authHeader) {
+    return res.status(400).json({ message: 'Kein Token bereitgestellt' });
+  }
+  const token = authHeader.replace('Bearer ', '');
+  try {
+    addTokenToBlacklist(token);
+    res.status(200).json({ message: 'Logout erfolgreich' });
+  } catch (error) {
+    console.log(error);
+    res.status(500).json({ message: 'Ein Fehler ist beim Logout aufgetreten' });
+  }
+};

controllers/worshipController.js

@@ -1,14 +1,40 @@
-const { Worship, EventPlace, Sequelize } = require('../models');
-const { Op, fn, literal } = require('sequelize'); // Importieren Sie die Operatoren von Sequelize
+const { Worship, EventPlace, Sequelize, sequelize } = require('../models');
+const { Op, fn, literal } = require('sequelize');
+const jwt = require('jsonwebtoken');
+const { isTokenBlacklisted, addTokenToBlacklist } = require('../utils/blacklist');
+
+function isAuthorized(req) {
+  const authHeader = req.header('Authorization');
+  if (!authHeader) {
+    return false;
+  }
+  const token = authHeader.replace('Bearer ', '');
+  if (isTokenBlacklisted(token)) {
+    console.log('Token is blacklisted');
+    return false;
+  }
+  try {
+    const decoded = jwt.verify(token, 'zTxVgptmPl9!_dr%xxx9999(dd)');
+    req.user = decoded;
+    return true;
+  } catch (err) {
+    console.log('Token verification failed, adding to blacklist:', err.message);
+    addTokenToBlacklist(token);
+    return false;
+  }
+}
+
 
 exports.getAllWorships = async (req, res) => {
   try {
+    const authorized = isAuthorized(req);
     const worships = await Worship.findAll({
       where: {
         date: {
           [Op.gt]: literal("DATE_SUB(NOW(), INTERVAL 4 WEEK)")
         },
       },
+      attributes: authorized ? undefined : { exclude: ['sacristanService'] },
       order: [
         ['date', 'DESC']
       ],
@@ -69,14 +95,15 @@ exports.getFilteredWorships = async (req, res) => {
         [Sequelize.Op.in]: locations
       }
   }
-
   where.date = {
     [Op.gte]: fn('CURDATE'), 
   };
-
   try {
+    const authorized = isAuthorized(req);
+    console.log(authorized);
     const worships = await Worship.findAll({
       where,
+      attributes: authorized ? undefined : { exclude: ['sacristanService'] },
       include: {
         model: EventPlace,
         as: 'eventPlace',