99 lines
3.5 KiB
JavaScript
99 lines
3.5 KiB
JavaScript
const express = require('express');
|
|
const router = express.Router();
|
|
const db = require('../database');
|
|
const crypto = require('crypto');
|
|
const bcrypt = require('bcrypt');
|
|
|
|
// Middleware para verificar se é admin
|
|
const requireAdmin = (req, res, next) => {
|
|
if (req.user && req.user.is_admin) {
|
|
return next();
|
|
}
|
|
return res.status(403).json({ success: false, message: 'Acesso negado' });
|
|
};
|
|
|
|
// ==============================================================
|
|
// 1. LISTAR CLÍNICAS (ADMIN)
|
|
// ==============================================================
|
|
router.get('/', requireAdmin, async (req, res) => {
|
|
try {
|
|
const clinics = await db.all(`
|
|
SELECT id, clinic_name, email, pc_name, machine_token, last_ip, is_active, created_at
|
|
FROM clinics_devices
|
|
ORDER BY created_at DESC
|
|
`);
|
|
res.json({ success: true, clinics });
|
|
} catch (error) {
|
|
console.error('Erro ao listar clínicas:', error);
|
|
res.status(500).json({ success: false, message: 'Erro interno do servidor' });
|
|
}
|
|
});
|
|
|
|
// ==============================================================
|
|
// 2. CADASTRAR CLÍNICA E GERAR TOKEN (ADMIN)
|
|
// ==============================================================
|
|
router.post('/', requireAdmin, async (req, res) => {
|
|
const { clinic_name, email, password, pc_name } = req.body;
|
|
|
|
if (!clinic_name || !email || !password || !pc_name) {
|
|
return res.status(400).json({ success: false, message: 'Preencha todos os campos obrigatórios' });
|
|
}
|
|
|
|
try {
|
|
// Verificar se email já existe
|
|
const existing = await db.get(`SELECT id FROM clinics_devices WHERE email = $1`, [email]);
|
|
if (existing) {
|
|
return res.status(400).json({ success: false, message: 'Email já cadastrado para outra clínica' });
|
|
}
|
|
|
|
// Gerar hash da senha e token UUID da máquina
|
|
const password_hash = bcrypt.hashSync(password, 10);
|
|
const machine_token = crypto.randomUUID();
|
|
|
|
await db.run(`
|
|
INSERT INTO clinics_devices (clinic_name, email, password_hash, pc_name, machine_token)
|
|
VALUES ($1, $2, $3, $4, $5) RETURNING id
|
|
`, [clinic_name, email, password_hash, pc_name, machine_token]);
|
|
|
|
res.json({
|
|
success: true,
|
|
message: 'Clínica cadastrada com sucesso!',
|
|
machine_token
|
|
});
|
|
} catch (error) {
|
|
console.error('Erro ao cadastrar clínica:', error);
|
|
res.status(500).json({ success: false, message: 'Erro interno ao cadastrar' });
|
|
}
|
|
});
|
|
|
|
// ==============================================================
|
|
// 3. ALTERAR STATUS DA CLÍNICA (ATIVAR/DESATIVAR) (ADMIN)
|
|
// ==============================================================
|
|
router.put('/:id/status', requireAdmin, async (req, res) => {
|
|
const { id } = req.params;
|
|
const { is_active } = req.body;
|
|
|
|
try {
|
|
await db.run(`UPDATE clinics_devices SET is_active = $1 WHERE id = $2`, [is_active ? 1 : 0, id]);
|
|
res.json({ success: true, message: 'Status atualizado com sucesso' });
|
|
} catch (error) {
|
|
res.status(500).json({ success: false, message: 'Erro interno' });
|
|
}
|
|
});
|
|
|
|
// ==============================================================
|
|
// 4. EXCLUIR CLÍNICA (ADMIN)
|
|
// ==============================================================
|
|
router.delete('/:id', requireAdmin, async (req, res) => {
|
|
const { id } = req.params;
|
|
|
|
try {
|
|
await db.run(`DELETE FROM clinics_devices WHERE id = $1`, [id]);
|
|
res.json({ success: true, message: 'Clínica excluída com sucesso' });
|
|
} catch (error) {
|
|
res.status(500).json({ success: false, message: 'Erro interno' });
|
|
}
|
|
});
|
|
|
|
module.exports = router;
|