initial commit

backend/src/routes/secrets.js

@@ -0,0 +1,52 @@
+const express = require('express');
+const router  = express.Router();
+const secrets = require('../secrets');
+const audit   = require('../audit');
+const { requireAuth } = require('../auth');
+
+router.use(requireAuth);
+
+// GET /api/secrets — all secrets with live status
+router.get('/', (req, res) => {
+  res.json(secrets.getStatus());
+});
+
+// POST /api/secrets
+router.post('/', (req, res) => {
+  const { name, type, expires_at } = req.body;
+  if (!name)       return res.status(400).json({ error: 'Name is required' });
+  if (!expires_at) return res.status(400).json({ error: 'Expiry date is required' });
+  try {
+    const secret = secrets.create(req.body);
+    audit.logSecret(req.user, 'add', secret);
+    res.status(201).json({ ...secret, daysLeft: null, status: 'ok' });
+  } catch (err) {
+    res.status(500).json({ error: err.message });
+  }
+});
+
+// PUT /api/secrets/:id
+router.put('/:id', (req, res) => {
+  try {
+    const prev   = secrets.getById(req.params.id);
+    const secret = secrets.update(req.params.id, req.body);
+    audit.logSecret(req.user, 'update', secret, prev);
+    res.json(secret);
+  } catch (err) {
+    res.status(404).json({ error: err.message });
+  }
+});
+
+// DELETE /api/secrets/:id
+router.delete('/:id', (req, res) => {
+  try {
+    const secret = secrets.getById(req.params.id);
+    secrets.remove(req.params.id);
+    audit.logSecret(req.user, 'delete', secret);
+    res.json({ success: true });
+  } catch (err) {
+    res.status(404).json({ error: err.message });
+  }
+});
+
+module.exports = router;