From 3fbd440fe39a2677a12c234f06aaa1bae6a197a4 Mon Sep 17 00:00:00 2001
From: Mateja <mail@matejamaric.com>
Date: Sun, 11 Jul 2021 13:32:43 +0200
Subject: Added Product routes, model and boilerplate controller.

---
 server/routes/api.js | 18 +++++++++++++++---
 1 file changed, 15 insertions(+), 3 deletions(-)

(limited to 'server/routes')

diff --git a/server/routes/api.js b/server/routes/api.js
index a0890a7..3e9c068 100644
--- a/server/routes/api.js
+++ b/server/routes/api.js
@@ -2,12 +2,24 @@ const express = require('express');
 const router = express.Router();
 const passport = require('passport');
 
-const exampleController = require('../controllers/example');
 const userController = require('../controllers/user');
+const productsController = require('../controllers/products');
+
+const isAuth = passport.authenticate('jwt', {session: false});
+const isAdmin = (req, res, next) => {
+  if (!req.user.admin)
+    res.status(401).json({status: "You need to be an administrator!"});
+  else next();
+}
 
-router.get('/', exampleController.index);
-router.get('/protected', passport.authenticate('jwt', {session: false}), exampleController.index);
 router.post('/register', userController.register);
 router.post('/login', userController.login);
 
+router.get('/products', productsController.index);
+router.get('/products/:id', productsController.show);
+
+router.post('/products', isAuth, isAdmin, productsController.store);
+router.patch('/products/:id', isAuth, isAdmin, productsController.update);
+router.delete('/products/:id', isAuth, isAdmin, productsController.destroy);
+
 module.exports = router;
-- 
cgit v1.2.3