started backend inplementation

Author: Viktoriia Shevchenko

backend/.env

@@ -0,0 +1,7 @@
+DB_NAME=your_database_name
+DB_USER=your_database_user
+DB_PASS=your_database_password
+DB_HOST=localhost
+DB_DIALECT=postgres
+PORT=5000
+JWT_SECRET=your_secret_key

backend/middlewares/authMiddleware.ts

@@ -0,0 +1,24 @@
+const jwt = require("jsonwebtoken");
+
+exports.authenticateUser = (req, res, next) => {
+    const token = req.header("Authorization");
+    if (!token) return res.status(401).json({ message: "Access Denied: No Token Provided" });
+
+    try {
+        const decoded = jwt.verify(token, process.env.JWT_SECRET);
+        req.user = decoded; // Attach user data to request
+        next();
+    } catch (error) {
+        res.status(400).json({ message: "Invalid Token" });
+    }
+};
+
+// Role-based authorization
+exports.authorizeRoles = (...roles) => {
+    return (req, res, next) => {
+        if (!roles.includes(req.user.role)) {
+            return res.status(403).json({ message: "Access Denied: Insufficient Permissions" });
+        }
+        next();
+    };
+};

backend/routes/authRoutes.ts

@@ -0,0 +1,8 @@
+import { Router } from "express";
+const router = Router();
+
+router.post("/login", (req, res) => {
+  res.send("Login route");
+});
+
+export default router;

backend/routes/protectedRoutes.ts

@@ -0,0 +1,20 @@
+const express = require("express");
+const { authenticateUser, authorizeRoles } = require("../middlewares/authMiddleware");
+const router = express.Router();
+
+// Admin-only route
+router.get("/admin", authenticateUser, authorizeRoles("admin"), (req, res) => {
+    res.json({ message: "Welcome, Admin!" });
+});
+
+// Beauty master-only route
+router.get("/beauty_master", authenticateUser, authorizeRoles("beauty_master"), (req, res) => {
+    res.json({ message: "Welcome, Beauty Master!" });
+});
+
+// Customer-only route
+router.get("/customer", authenticateUser, authorizeRoles("customer"), (req, res) => {
+    res.json({ message: "Welcome, Customer!" });
+});
+
+module.exports = router;

backend/server.ts

@@ -0,0 +1,35 @@
+import bodyParser = require("body-parser");
+import authRoutes from "./routes/authRoutes";
+import { Sequelize } from "sequelize";
+const dotenv = require("dotenv");
+
+
+
+dotenv.config();
+
+const sequelize = new Sequelize(process.env.DATABASE_URL || '', {
+  dialect: 'postgres',
+  protocol: 'postgres',
+  dialectOptions: {
+    ssl: {
+      require: true,
+      rejectUnauthorized: false,
+    },
+  },
+  logging: false,
+});
+
+const app = express();
+app.use(bodyParser.json());
+
+// Routes
+app.use("/api/auth", authRoutes);
+
+
+// Database Sync and Server Start
+sequelize
+  .sync()
+  .then(() => {
+    app.listen(5000, () => console.log("Server running on port 5000"));
+  })
+  .catch((err) => console.log(err));

backend/tsconfig.json

@@ -0,0 +1,10 @@
+{
+    "compilerOptions": {
+        "target": "ES6",
+        "module": "CommonJS",
+        "outDir": "./dist",
+        "rootDir": "./src",
+        "strict": true,
+        "esModuleInterop": true
+    }
+}