PTS/SkyArtShop
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
dev
SkyArtShop/backend/routes/admin.js
Local Server f8068ba54c webupdate
2026-01-19 01:17:43 -06:00

1309 lines
34 KiB
JavaScript
Raw Permalink Blame History

const express = require("express");
const { query } = require("../config/database");
const { requireAuth } = require("../middleware/auth");
const { cache } = require("../middleware/cache");
const { apiLimiter } = require("../config/rateLimiter");
const {
invalidateProductCache,
invalidateBlogCache,
invalidatePortfolioCache,
invalidateHomepageCache,
invalidatePagesCache,
} = require("../utils/cacheInvalidation");
const logger = require("../config/logger");
const { asyncHandler } = require("../middleware/errorHandler");
const {
sendSuccess,
sendError,
sendNotFound,
} = require("../utils/responseHelpers");
const {
getById,
deleteById,
countRecords,
batchInsert,
getProductWithImages,
} = require("../utils/queryHelpers");
const { HTTP_STATUS } = require("../config/constants");
const router = express.Router();
// Apply rate limiting to all admin routes
router.use(apiLimiter);
// Dashboard stats API
router.get(
"/dashboard/stats",
requireAuth,
asyncHandler(async (req, res) => {
const [productsCount, projectsCount, blogCount, pagesCount] =
await Promise.all([
countRecords("products"),
countRecords("portfolioprojects"),
countRecords("blogposts"),
countRecords("pages"),
]);
sendSuccess(res, {
stats: {
products: productsCount,
projects: projectsCount,
blog: blogCount,
pages: pagesCount,
},
user: {
name: req.session.name,
email: req.session.email,
role: req.session.role,
},
});
}),
);
// Generic CRUD factory function
const createCRUDRoutes = (config) => {
const { table, resourceName, listFields = "*", requiresAuth = true } = config;
const auth = requiresAuth ? requireAuth : (req, res, next) => next();
// List all
router.get(
`/${resourceName}`,
auth,
asyncHandler(async (req, res) => {
const result = await query(
`SELECT ${listFields} FROM ${table} ORDER BY createdat DESC`,
);
sendSuccess(res, { [resourceName]: result.rows });
}),
);
// Get by ID
router.get(
`/${resourceName}/:id`,
auth,
asyncHandler(async (req, res) => {
const item = await getById(table, req.params.id);
if (!item) {
return sendNotFound(res, resourceName);
}
const responseKey = resourceName.slice(0, -1); // Remove 's' for singular
sendSuccess(res, { [responseKey]: item });
}),
);
// Delete
router.delete(
`/${resourceName}/:id`,
auth,
asyncHandler(async (req, res) => {
const deleted = await deleteById(table, req.params.id);
if (!deleted) {
return sendNotFound(res, resourceName);
}
sendSuccess(res, { message: `${resourceName} deleted successfully` });
}),
);
};
// Helper function to generate slug
const generateSlug = (name) => {
return name
.toLowerCase()
.replace(/[^a-z0-9\s-]/g, "")
.replace(/\s+/g, "-")
.replace(/-+/g, "-")
.trim();
};
// Products CRUD
router.get(
"/products",
requireAuth,
asyncHandler(async (req, res) => {
const result = await query(
`SELECT p.id, p.name, p.price, p.stockquantity, p.isactive, p.isfeatured,
p.isbestseller, p.category, p.createdat,
(SELECT COUNT(*) FROM product_images WHERE product_id = p.id) as image_count
FROM products p
ORDER BY p.createdat DESC`,
);
sendSuccess(res, { products: result.rows });
}),
);
router.get(
"/products/:id",
requireAuth,
asyncHandler(async (req, res) => {
// Get product details
const product = await getById("products", req.params.id);
if (!product) {
return sendNotFound(res, "Product");
}
// Get associated images with color variants
const imagesResult = await query(
`SELECT id, image_url, color_variant, color_code, alt_text, display_order, is_primary, variant_price, variant_stock
FROM product_images
WHERE product_id = $1
ORDER BY display_order ASC, created_at ASC`,
[req.params.id],
);
product.images = imagesResult.rows;
sendSuccess(res, { product });
}),
);
router.post(
"/products",
requireAuth,
asyncHandler(async (req, res) => {
const {
name,
shortdescription,
description,
price,
stockquantity,
category,
sku,
weight,
dimensions,
material,
isactive,
isfeatured,
isbestseller,
images,
} = req.body;
// Generate unique ID and slug from name
const productId =
"prod-" + Date.now() + "-" + Math.random().toString(36).substr(2, 9);
const slug = generateSlug(name);
// Insert product
const productResult = await query(
`INSERT INTO products (
id, name, slug, shortdescription, description, price, stockquantity,
category, sku, weight, dimensions, material, isactive, isfeatured,
isbestseller, createdat
) VALUES ($1, $2, $3, $4, $5, $6, $7, $8, $9, $10, $11, $12, $13, $14, $15, NOW())
RETURNING *`,
[
productId,
name,
slug,
shortdescription,
description,
price,
stockquantity || 0,
category,
sku,
weight,
dimensions,
material,
isactive !== false,
isfeatured || false,
isbestseller || false,
],
);
const product = productResult.rows[0];
// Insert images with color variants if provided (batch insert for performance)
if (images && Array.isArray(images) && images.length > 0) {
const imageRecords = images.map((img, i) => ({
product_id: product.id,
image_url: img.image_url,
color_variant: img.color_variant || null,
color_code: img.color_code || null,
alt_text: img.alt_text || name,
display_order: img.display_order !== undefined ? img.display_order : i,
is_primary: img.is_primary !== undefined ? img.is_primary : i === 0,
variant_price: img.variant_price || null,
variant_stock: img.variant_stock || 0,
}));
await batchInsert("product_images", imageRecords, [
"product_id",
"image_url",
"color_variant",
"color_code",
"alt_text",
"display_order",
"is_primary",
"variant_price",
"variant_stock",
]);
}
// Fetch complete product with images using helper
const completeProduct = await getProductWithImages(product.id);
// Invalidate product cache so new product appears immediately
invalidateProductCache();
sendSuccess(
res,
{
product: completeProduct,
message: "Product created successfully",
},
HTTP_STATUS.CREATED,
);
}),
);
router.put(
"/products/:id",
requireAuth,
asyncHandler(async (req, res) => {
console.log("=== UPDATE PRODUCT API CALLED ===");
console.log("Product ID:", req.params.id);
console.log("Request body:", JSON.stringify(req.body, null, 2));
const {
name,
shortdescription,
description,
price,
stockquantity,
category,
sku,
weight,
dimensions,
material,
isactive,
isfeatured,
isbestseller,
images,
} = req.body;
console.log("Images to save:", images);
// Generate slug if name is provided
const slug = name ? generateSlug(name) : null;
// Build dynamic update query
const updates = [];
const values = [];
let paramIndex = 1;
if (name !== undefined) {
updates.push(`name = $${paramIndex++}`);
values.push(name);
updates.push(`slug = $${paramIndex++}`);
values.push(slug);
}
if (shortdescription !== undefined) {
updates.push(`shortdescription = $${paramIndex++}`);
values.push(shortdescription);
}
if (description !== undefined) {
updates.push(`description = $${paramIndex++}`);
values.push(description);
}
if (price !== undefined) {
updates.push(`price = $${paramIndex++}`);
values.push(price);
}
if (stockquantity !== undefined) {
updates.push(`stockquantity = $${paramIndex++}`);
values.push(stockquantity);
}
if (category !== undefined) {
updates.push(`category = $${paramIndex++}`);
values.push(category);
}
if (sku !== undefined) {
updates.push(`sku = $${paramIndex++}`);
values.push(sku);
}
if (weight !== undefined) {
updates.push(`weight = $${paramIndex++}`);
values.push(weight);
}
if (dimensions !== undefined) {
updates.push(`dimensions = $${paramIndex++}`);
values.push(dimensions);
}
if (material !== undefined) {
updates.push(`material = $${paramIndex++}`);
values.push(material);
}
if (isactive !== undefined) {
updates.push(`isactive = $${paramIndex++}`);
values.push(isactive);
}
if (isfeatured !== undefined) {
updates.push(`isfeatured = $${paramIndex++}`);
values.push(isfeatured);
}
if (isbestseller !== undefined) {
updates.push(`isbestseller = $${paramIndex++}`);
values.push(isbestseller);
}
updates.push(`updatedat = NOW()`);
values.push(req.params.id);
const updateQuery = `UPDATE products SET ${updates.join(
", ",
)} WHERE id = $${paramIndex} RETURNING *`;
const result = await query(updateQuery, values);
if (result.rows.length === 0) {
return sendNotFound(res, "Product");
}
console.log("Product updated in database:", result.rows[0].id);
// Update images if provided
if (images && Array.isArray(images)) {
console.log("Updating images, count:", images.length);
// Delete existing images for this product
const deleteResult = await query(
"DELETE FROM product_images WHERE product_id = $1",
[req.params.id],
);
console.log("Deleted existing images, count:", deleteResult.rowCount);
// Insert new images (batch insert for performance)
const imageRecords = images.map((img, i) => ({
product_id: req.params.id,
image_url: img.image_url,
color_variant: img.color_variant || null,
color_code: img.color_code || null,
alt_text: img.alt_text || result.rows[0].name,
display_order: img.display_order !== undefined ? img.display_order : i,
is_primary: img.is_primary !== undefined ? img.is_primary : i === 0,
variant_price: img.variant_price || null,
variant_stock: img.variant_stock || 0,
}));
await batchInsert("product_images", imageRecords, [
"product_id",
"image_url",
"color_variant",
"color_code",
"alt_text",
"display_order",
"is_primary",
"variant_price",
"variant_stock",
]);
console.log("All images inserted successfully (batch)");
} else {
console.log("No images to update");
}
// Fetch complete product with images using helper
const completeProduct = await getProductWithImages(req.params.id);
console.log("Final product with images:", completeProduct);
console.log("=== PRODUCT UPDATE COMPLETE ===");
// Invalidate product cache
invalidateProductCache();
sendSuccess(res, {
product: completeProduct,
message: "Product updated successfully",
});
}),
);
router.delete(
"/products/:id",
requireAuth,
asyncHandler(async (req, res) => {
const productId = req.params.id;
console.log(`[DELETE] Attempting to delete product with ID: ${productId}`);
// First, check if product exists
const existingProduct = await getById("products", productId);
if (!existingProduct) {
console.log(`[DELETE] Product not found with ID: ${productId}`);
return sendNotFound(res, "Product");
}
console.log(`[DELETE] Found product: ${existingProduct.name}`);
// Product images will be deleted automatically via CASCADE
const deleted = await deleteById("products", productId);
console.log(`[DELETE] Delete result: ${deleted}`);
if (!deleted) {
console.log(`[DELETE] Failed to delete product: ${productId}`);
return sendNotFound(res, "Product");
}
// Invalidate product cache so deletion reflects immediately
invalidateProductCache();
console.log(`[DELETE] Product deleted successfully: ${productId}`);
sendSuccess(res, { message: "Product deleted successfully" });
}),
);
// Portfolio Projects CRUD
router.get(
"/portfolio/projects",
requireAuth,
asyncHandler(async (req, res) => {
const result = await query(
"SELECT id, title, description, imageurl, category, isactive, createdat FROM portfolioprojects ORDER BY createdat DESC",
);
sendSuccess(res, { projects: result.rows });
}),
);
router.get(
"/portfolio/projects/:id",
requireAuth,
asyncHandler(async (req, res) => {
const project = await getById("portfolioprojects", req.params.id);
if (!project) {
return sendNotFound(res, "Project");
}
sendSuccess(res, { project });
}),
);
router.post(
"/portfolio/projects",
requireAuth,
asyncHandler(async (req, res) => {
const { title, description, category, isactive, imageurl, images } =
req.body;
const imagesJson =
images && images.length > 0 ? JSON.stringify(images) : "[]";
const result = await query(
`INSERT INTO portfolioprojects (id, title, description, category, isactive, imageurl, images, createdat)
VALUES ('portfolio-' || gen_random_uuid()::text, $1, $2, $3, $4, $5, $6, NOW()) RETURNING *`,
[
title,
description,
category,
isactive !== false,
imageurl || null,
imagesJson,
],
);
// Invalidate portfolio cache
invalidatePortfolioCache();
sendSuccess(
res,
{
project: result.rows[0],
message: "Project created successfully",
},
HTTP_STATUS.CREATED,
);
}),
);
router.put(
"/portfolio/projects/:id",
requireAuth,
asyncHandler(async (req, res) => {
const { title, description, category, isactive, imageurl, images } =
req.body;
const imagesJson =
images && images.length > 0 ? JSON.stringify(images) : "[]";
const result = await query(
`UPDATE portfolioprojects
SET title = $1, description = $2, category = $3, isactive = $4, imageurl = $5, images = $6, updatedat = NOW()
WHERE id = $7 RETURNING *`,
[
title,
description,
category,
isactive !== false,
imageurl || null,
imagesJson,
req.params.id,
],
);
if (result.rows.length === 0) {
return sendNotFound(res, "Project");
}
// Invalidate portfolio cache
invalidatePortfolioCache();
sendSuccess(res, {
project: result.rows[0],
message: "Project updated successfully",
});
}),
);
router.delete(
"/portfolio/projects/:id",
requireAuth,
asyncHandler(async (req, res) => {
const deleted = await deleteById("portfolioprojects", req.params.id);
if (!deleted) {
return sendNotFound(res, "Project");
}
// Invalidate portfolio cache
invalidatePortfolioCache();
sendSuccess(res, { message: "Project deleted successfully" });
}),
);
// Blog Posts CRUD
router.get(
"/blog",
requireAuth,
asyncHandler(async (req, res) => {
const result = await query(
"SELECT id, title, slug, excerpt, ispublished, createdat FROM blogposts ORDER BY createdat DESC",
);
sendSuccess(res, { posts: result.rows });
}),
);
router.get(
"/blog/:id",
requireAuth,
asyncHandler(async (req, res) => {
const post = await getById("blogposts", req.params.id);
if (!post) {
return sendNotFound(res, "Blog post");
}
sendSuccess(res, { post });
}),
);
router.post(
"/blog",
requireAuth,
asyncHandler(async (req, res) => {
const {
title,
slug,
excerpt,
content,
featuredimage,
images,
videourl,
poll,
metatitle,
metadescription,
ispublished,
} = req.body;
const result = await query(
`INSERT INTO blogposts (id, title, slug, excerpt, content, featuredimage, imageurl, images, videourl, poll, metatitle, metadescription, ispublished, createdat)
VALUES ('blog-' || gen_random_uuid()::text, $1, $2, $3, $4, $5, $5, $6, $7, $8, $9, $10, $11, NOW()) RETURNING *`,
[
title,
slug,
excerpt,
content,
featuredimage || null,
images || "[]",
videourl || null,
poll || null,
metatitle,
metadescription,
ispublished || false,
],
);
// Invalidate blog cache
invalidateBlogCache();
sendSuccess(
res,
{
post: result.rows[0],
message: "Blog post created successfully",
},
HTTP_STATUS.CREATED,
);
}),
);
router.put(
"/blog/:id",
requireAuth,
asyncHandler(async (req, res) => {
const {
title,
slug,
excerpt,
content,
featuredimage,
images,
videourl,
poll,
metatitle,
metadescription,
ispublished,
} = req.body;
const result = await query(
`UPDATE blogposts
SET title = $1, slug = $2, excerpt = $3, content = $4, featuredimage = $5, imageurl = $5,
images = $6, videourl = $7, poll = $8, metatitle = $9, metadescription = $10,
ispublished = $11, updatedat = NOW()
WHERE id = $12 RETURNING *`,
[
title,
slug,
excerpt,
content,
featuredimage || null,
images || "[]",
videourl || null,
poll || null,
metatitle,
metadescription,
ispublished || false,
req.params.id,
],
);
if (result.rows.length === 0) {
return sendNotFound(res, "Blog post");
}
// Invalidate blog cache
invalidateBlogCache();
sendSuccess(res, {
post: result.rows[0],
message: "Blog post updated successfully",
});
}),
);
router.delete(
"/blog/:id",
requireAuth,
asyncHandler(async (req, res) => {
const deleted = await deleteById("blogposts", req.params.id);
if (!deleted) {
return sendNotFound(res, "Blog post");
}
// Invalidate blog cache
invalidateBlogCache();
sendSuccess(res, { message: "Blog post deleted successfully" });
}),
);
// Custom Pages CRUD
router.get(
"/pages",
requireAuth,
asyncHandler(async (req, res) => {
const result = await query(
"SELECT id, title, slug, ispublished, createdat FROM pages ORDER BY createdat DESC",
);
sendSuccess(res, { pages: result.rows });
}),
);
router.get(
"/pages/:id",
requireAuth,
asyncHandler(async (req, res) => {
const page = await getById("pages", req.params.id);
if (!page) {
return sendNotFound(res, "Page");
}
sendSuccess(res, { page });
}),
);
router.post(
"/pages",
requireAuth,
asyncHandler(async (req, res) => {
const {
title,
slug,
content,
contenthtml,
metatitle,
metadescription,
ispublished,
pagedata,
} = req.body;
// Generate readable ID from slug
const pageId = `page-${slug}`;
const result = await query(
`INSERT INTO pages (id, title, slug, content, pagecontent, metatitle, metadescription, ispublished, isactive, pagedata, createdat)
VALUES ($1, $2, $3, $4, $5, $6, $7, $8, $9, $10, NOW()) RETURNING *`,
[
pageId,
title,
slug,
content,
contenthtml || content,
metatitle,
metadescription,
ispublished !== false,
ispublished !== false,
pagedata ? JSON.stringify(pagedata) : null,
],
);
// Invalidate pages cache
invalidatePagesCache();
sendSuccess(
res,
{
page: result.rows[0],
message: "Page created successfully",
},
HTTP_STATUS.CREATED,
);
}),
);
router.put(
"/pages/:id",
requireAuth,
asyncHandler(async (req, res) => {
const {
title,
slug,
content,
contenthtml,
metatitle,
metadescription,
ispublished,
pagedata,
} = req.body;
console.log("=== PAGE UPDATE REQUEST ===");
console.log("Page ID:", req.params.id);
console.log("Slug:", slug);
console.log("Title:", title);
console.log(
"PageData:",
pagedata ? JSON.stringify(pagedata).substring(0, 200) + "..." : "null",
);
const result = await query(
`UPDATE pages
SET title = $1, slug = $2, content = $3, pagecontent = $4, metatitle = $5,
metadescription = $6, ispublished = $7, isactive = $8, pagedata = $9, updatedat = NOW()
WHERE id = $10 RETURNING *`,
[
title,
slug,
content,
contenthtml || content,
metatitle,
metadescription,
ispublished !== false,
ispublished !== false,
pagedata ? JSON.stringify(pagedata) : null,
req.params.id,
],
);
if (result.rows.length === 0) {
return sendNotFound(res, "Page");
}
console.log("=== PAGE UPDATED SUCCESSFULLY ===");
console.log(
"Updated pagedata:",
result.rows[0].pagedata
? JSON.stringify(result.rows[0].pagedata).substring(0, 200) + "..."
: "null",
);
// Invalidate pages cache
invalidatePagesCache();
sendSuccess(res, {
page: result.rows[0],
message: "Page updated successfully",
});
}),
);
router.delete(
"/pages/:id",
requireAuth,
asyncHandler(async (req, res) => {
const deleted = await deleteById("pages", req.params.id);
if (!deleted) {
return sendNotFound(res, "Page");
}
// Invalidate pages cache
invalidatePagesCache();
sendSuccess(res, { message: "Page deleted successfully" });
}),
);
// Homepage Settings - custom handler with cache invalidation
router.get(
"/homepage/settings",
requireAuth,
asyncHandler(async (req, res) => {
const result = await query(
"SELECT settings FROM site_settings WHERE key = $1",
["homepage"],
);
const settings = result.rows.length > 0 ? result.rows[0].settings : {};
sendSuccess(res, { settings });
}),
);
router.post(
"/homepage/settings",
requireAuth,
asyncHandler(async (req, res) => {
const settings = req.body;
await query(
`INSERT INTO site_settings (key, settings, updatedat)
VALUES ($1, $2, NOW())
ON CONFLICT (key) DO UPDATE SET settings = $2, updatedat = NOW()`,
["homepage", JSON.stringify(settings)],
);
// Invalidate homepage cache
invalidateHomepageCache();
sendSuccess(res, { message: "Homepage settings saved successfully" });
}),
);
// General Settings
const settingsHandler = (key) => ({
get: asyncHandler(async (req, res) => {
const result = await query(
"SELECT settings FROM site_settings WHERE key = $1",
[key],
);
const settings = result.rows.length > 0 ? result.rows[0].settings : {};
sendSuccess(res, { settings });
}),
post: asyncHandler(async (req, res) => {
const newSettings = req.body;
// Get existing settings first and merge
const existingResult = await query(
"SELECT settings FROM site_settings WHERE key = $1",
[key],
);
const existingSettings =
existingResult.rows.length > 0 ? existingResult.rows[0].settings : {};
// Merge new settings with existing (new settings overwrite existing for same keys)
const mergedSettings = { ...existingSettings, ...newSettings };
await query(
`INSERT INTO site_settings (key, settings, updatedat)
VALUES ($1, $2, NOW())
ON CONFLICT (key) DO UPDATE SET settings = $2, updatedat = NOW()`,
[key, JSON.stringify(mergedSettings)],
);
sendSuccess(res, { message: `${key} settings saved successfully` });
}),
});
const generalSettings = settingsHandler("general");
router.get("/settings", requireAuth, generalSettings.get);
router.post("/settings", requireAuth, generalSettings.post);
// Menu Management
router.get(
"/menu",
requireAuth,
asyncHandler(async (req, res) => {
const result = await query(
"SELECT settings FROM site_settings WHERE key = 'menu'",
);
const items =
result.rows.length > 0 ? result.rows[0].settings.items || [] : [];
sendSuccess(res, { items });
}),
);
router.post(
"/menu",
requireAuth,
asyncHandler(async (req, res) => {
const { items } = req.body;
await query(
`INSERT INTO site_settings (key, settings, updatedat)
VALUES ('menu', $1, NOW())
ON CONFLICT (key) DO UPDATE SET settings = $1, updatedat = NOW()`,
[JSON.stringify({ items })],
);
sendSuccess(res, { message: "Menu saved successfully" });
}),
);
// ==================== TEAM MEMBERS CRUD ====================
// Get all team members
router.get(
"/team-members",
requireAuth,
asyncHandler(async (req, res) => {
const result = await query(
"SELECT * FROM team_members ORDER BY display_order ASC, created_at DESC",
);
sendSuccess(res, { teamMembers: result.rows });
}),
);
// Get single team member
router.get(
"/team-members/:id",
requireAuth,
asyncHandler(async (req, res) => {
const result = await query("SELECT * FROM team_members WHERE id = $1", [
req.params.id,
]);
if (result.rows.length === 0) {
return sendNotFound(res, "Team member");
}
sendSuccess(res, { teamMember: result.rows[0] });
}),
);
// Create team member
router.post(
"/team-members",
requireAuth,
asyncHandler(async (req, res) => {
const { name, position, bio, image_url, display_order } = req.body;
if (!name || !position) {
return sendError(
res,
"Name and position are required",
HTTP_STATUS.BAD_REQUEST,
);
}
const result = await query(
`INSERT INTO team_members (name, position, bio, image_url, display_order, updated_at)
VALUES ($1, $2, $3, $4, $5, CURRENT_TIMESTAMP)
RETURNING *`,
[name, position, bio || null, image_url || null, display_order || 0],
);
sendSuccess(
res,
{
teamMember: result.rows[0],
message: "Team member created successfully",
},
HTTP_STATUS.CREATED,
);
}),
);
// Update team member
router.put(
"/team-members/:id",
requireAuth,
asyncHandler(async (req, res) => {
const { name, position, bio, image_url, display_order } = req.body;
if (!name || !position) {
return sendError(
res,
"Name and position are required",
HTTP_STATUS.BAD_REQUEST,
);
}
const result = await query(
`UPDATE team_members
SET name = $1, position = $2, bio = $3, image_url = $4, display_order = $5, updated_at = CURRENT_TIMESTAMP
WHERE id = $6
RETURNING *`,
[name, position, bio, image_url, display_order || 0, req.params.id],
);
if (result.rows.length === 0) {
return sendNotFound(res, "Team member");
}
sendSuccess(res, {
teamMember: result.rows[0],
message: "Team member updated successfully",
});
}),
);
// Delete team member
router.delete(
"/team-members/:id",
requireAuth,
asyncHandler(async (req, res) => {
const result = await query(
"DELETE FROM team_members WHERE id = $1 RETURNING *",
[req.params.id],
);
if (result.rows.length === 0) {
return sendNotFound(res, "Team member");
}
sendSuccess(res, { message: "Team member deleted successfully" });
}),
);
// ===========================
// CUSTOMERS MANAGEMENT
// ===========================
// Get all customers (for newsletter management)
router.get(
"/customers",
requireAuth,
asyncHandler(async (req, res) => {
const {
page = 1,
limit = 50,
newsletter = "all",
search = "",
status = "all",
} = req.query;
const offset = (parseInt(page) - 1) * parseInt(limit);
let whereClause = "WHERE 1=1";
const params = [];
let paramIndex = 1;
// Filter by verification status
if (status === "verified") {
whereClause += " AND email_verified = TRUE";
} else if (status === "unverified") {
whereClause += " AND email_verified = FALSE";
}
// 'all' shows everyone
// Filter by newsletter subscription
if (newsletter === "subscribed") {
whereClause += " AND newsletter_subscribed = TRUE";
} else if (newsletter === "unsubscribed") {
whereClause += " AND newsletter_subscribed = FALSE";
}
// Search by name or email
if (search) {
whereClause += ` AND (
LOWER(first_name) LIKE $${paramIndex} OR
LOWER(last_name) LIKE $${paramIndex} OR
LOWER(email) LIKE $${paramIndex}
)`;
params.push(`%${search.toLowerCase()}%`);
paramIndex++;
}
// Get total count
const countResult = await query(
`SELECT COUNT(*) FROM customers ${whereClause}`,
params,
);
const total = parseInt(countResult.rows[0].count);
// Get customers with cart and wishlist counts
params.push(parseInt(limit), offset);
const result = await query(
`SELECT c.id, c.first_name, c.last_name, c.email, c.newsletter_subscribed,
c.last_login, c.login_count, c.created_at, c.is_active, c.email_verified,
COALESCE((SELECT SUM(quantity) FROM customer_cart WHERE customer_id = c.id), 0) as cart_count,
COALESCE((SELECT COUNT(*) FROM customer_wishlist WHERE customer_id = c.id), 0) as wishlist_count
FROM customers c
${whereClause.replace(/customers/g, "c")}
ORDER BY c.created_at DESC
LIMIT $${paramIndex} OFFSET $${paramIndex + 1}`,
params,
);
sendSuccess(res, {
customers: result.rows,
pagination: {
total,
page: parseInt(page),
limit: parseInt(limit),
totalPages: Math.ceil(total / parseInt(limit)),
},
});
}),
);
// Get single customer details
router.get(
"/customers/:id",
requireAuth,
asyncHandler(async (req, res) => {
const result = await query(
`SELECT id, first_name, last_name, email, newsletter_subscribed,
email_verified, last_login, login_count, created_at, updated_at, is_active
FROM customers WHERE id = $1`,
[req.params.id],
);
if (result.rows.length === 0) {
return sendNotFound(res, "Customer");
}
sendSuccess(res, { customer: result.rows[0] });
}),
);
// Update customer status (activate/deactivate)
router.patch(
"/customers/:id/status",
requireAuth,
asyncHandler(async (req, res) => {
const { is_active } = req.body;
const result = await query(
`UPDATE customers SET is_active = $1, updated_at = CURRENT_TIMESTAMP
WHERE id = $2 RETURNING id, first_name, last_name, email, is_active`,
[is_active, req.params.id],
);
if (result.rows.length === 0) {
return sendNotFound(res, "Customer");
}
sendSuccess(res, {
message: `Customer ${
is_active ? "activated" : "deactivated"
} successfully`,
customer: result.rows[0],
});
}),
);
// Export customers for newsletter (CSV format data)
router.get(
"/customers/export/newsletter",
requireAuth,
asyncHandler(async (req, res) => {
const result = await query(
`SELECT first_name, last_name, email
FROM customers
WHERE email_verified = TRUE AND newsletter_subscribed = TRUE AND is_active = TRUE
ORDER BY created_at DESC`,
);
// Return as JSON array - frontend can convert to CSV if needed
sendSuccess(res, {
customers: result.rows,
count: result.rows.length,
});
}),
);
// Get customer statistics
router.get(
"/customers/stats/overview",
requireAuth,
asyncHandler(async (req, res) => {
const [totalResult, verifiedResult, newsletterResult, activeResult] =
await Promise.all([
query("SELECT COUNT(*) FROM customers"),
query("SELECT COUNT(*) FROM customers WHERE email_verified = TRUE"),
query(
"SELECT COUNT(*) FROM customers WHERE newsletter_subscribed = TRUE AND email_verified = TRUE",
),
query(
"SELECT COUNT(*) FROM customers WHERE is_active = TRUE AND email_verified = TRUE",
),
]);
sendSuccess(res, {
stats: {
total: parseInt(totalResult.rows[0].count),
verified: parseInt(verifiedResult.rows[0].count),
newsletterSubscribed: parseInt(newsletterResult.rows[0].count),
active: parseInt(activeResult.rows[0].count),
},
});
}),
);
// Get customer's cart items (admin view)
router.get(
"/customers/:id/cart",
requireAuth,
asyncHandler(async (req, res) => {
const result = await query(
`SELECT cc.id, cc.product_id, cc.quantity, cc.variant_color, cc.variant_size, cc.added_at,
p.name, p.price, p.imageurl
FROM customer_cart cc
JOIN products p ON p.id = cc.product_id
WHERE cc.customer_id = $1
ORDER BY cc.added_at DESC`,
[req.params.id],
);
const items = result.rows.map((row) => ({
id: row.id,
productId: row.product_id,
name: row.name,
price: parseFloat(row.price),
image: row.imageurl,
quantity: row.quantity,
variantColor: row.variant_color,
variantSize: row.variant_size,
addedAt: row.added_at,
}));
const total = items.reduce(
(sum, item) => sum + item.price * item.quantity,
0,
);
sendSuccess(res, {
items,
itemCount: items.length,
total: total.toFixed(2),
});
}),
);
// Get customer's wishlist items (admin view)
router.get(
"/customers/:id/wishlist",
requireAuth,
asyncHandler(async (req, res) => {
const result = await query(
`SELECT cw.id, cw.product_id, cw.added_at,
p.name, p.price, p.imageurl
FROM customer_wishlist cw
JOIN products p ON p.id = cw.product_id
WHERE cw.customer_id = $1
ORDER BY cw.added_at DESC`,
[req.params.id],
);
const items = result.rows.map((row) => ({
id: row.id,
productId: row.product_id,
name: row.name,
price: parseFloat(row.price),
image: row.imageurl,
addedAt: row.added_at,
}));
sendSuccess(res, {
items,
itemCount: items.length,
});
}),
);
module.exports = router;
Reference in New Issue View Git Blame Copy Permalink