feat(postgres): migrate all route files from SQLite to pg pool
- All 16 route files now import pool from ../db directly
- Removed db parameter from all factory functions
- All callbacks replaced with async/await pool.query()
- All ? placeholders converted to $1, $2... numbered params
- datetime('now') → NOW(), INSERT OR IGNORE → ON CONFLICT DO NOTHING
- LIKE → ILIKE for case-insensitive searches
- Error detection: err.code === '23505' for unique violations
- server.js no longer passes pool/db/requireAuth to route factories
- Only ivantiFindings.js still receives pool (pending task 8 rewrite)
This commit is contained in:
Jordan Ramos
@@ -1,7 +1,8 @@
|
||||
// Authentication Middleware
|
||||
const pool = require('../db');
|
||||
|
||||
// Require authenticated user
|
||||
function requireAuth(db) {
|
||||
// Require authenticated user — no parameters needed, pool is imported directly
|
||||
function requireAuth() {
|
||||
return async (req, res, next) => {
|
||||
const sessionId = req.cookies?.session_id;
|
||||
|
||||
@@ -10,19 +11,15 @@ function requireAuth(db) {
|
||||
}
|
||||
|
||||
try {
|
||||
const session = await new Promise((resolve, reject) => {
|
||||
db.get(
|
||||
`SELECT s.*, u.id as user_id, u.username, u.email, u.role, u.user_group, u.bu_teams, u.is_active
|
||||
FROM sessions s
|
||||
JOIN users u ON s.user_id = u.id
|
||||
WHERE s.session_id = ? AND s.expires_at > datetime('now')`,
|
||||
[sessionId],
|
||||
(err, row) => {
|
||||
if (err) reject(err);
|
||||
else resolve(row);
|
||||
}
|
||||
);
|
||||
});
|
||||
const { rows } = await pool.query(
|
||||
`SELECT s.*, u.id as user_id, u.username, u.email, u.role, u.user_group, u.bu_teams, u.is_active
|
||||
FROM sessions s
|
||||
JOIN users u ON s.user_id = u.id
|
||||
WHERE s.session_id = $1 AND s.expires_at > NOW()`,
|
||||
[sessionId]
|
||||
);
|
||||
|
||||
const session = rows[0];
|
||||
|
||||
if (!session) {
|
||||
return res.status(401).json({ error: 'Session expired or invalid' });
|
||||
|
||||
Reference in New Issue
Block a user