53 lines
1.5 KiB
JavaScript
53 lines
1.5 KiB
JavaScript
const express = require('express');
|
|
const router = express.Router();
|
|
const secrets = require('../secrets');
|
|
const audit = require('../audit');
|
|
const { requireAuth } = require('../auth');
|
|
|
|
router.use(requireAuth);
|
|
|
|
// GET /api/secrets — all secrets with live status
|
|
router.get('/', (req, res) => {
|
|
res.json(secrets.getStatus());
|
|
});
|
|
|
|
// POST /api/secrets
|
|
router.post('/', (req, res) => {
|
|
const { name, type, expires_at } = req.body;
|
|
if (!name) return res.status(400).json({ error: 'Name is required' });
|
|
if (!expires_at) return res.status(400).json({ error: 'Expiry date is required' });
|
|
try {
|
|
const secret = secrets.create(req.body);
|
|
audit.logSecret(req.user, 'add', secret);
|
|
res.status(201).json({ ...secret, daysLeft: null, status: 'ok' });
|
|
} catch (err) {
|
|
res.status(500).json({ error: err.message });
|
|
}
|
|
});
|
|
|
|
// PUT /api/secrets/:id
|
|
router.put('/:id', (req, res) => {
|
|
try {
|
|
const prev = secrets.getById(req.params.id);
|
|
const secret = secrets.update(req.params.id, req.body);
|
|
audit.logSecret(req.user, 'update', secret, prev);
|
|
res.json(secret);
|
|
} catch (err) {
|
|
res.status(404).json({ error: err.message });
|
|
}
|
|
});
|
|
|
|
// DELETE /api/secrets/:id
|
|
router.delete('/:id', (req, res) => {
|
|
try {
|
|
const secret = secrets.getById(req.params.id);
|
|
secrets.remove(req.params.id);
|
|
audit.logSecret(req.user, 'delete', secret);
|
|
res.json({ success: true });
|
|
} catch (err) {
|
|
res.status(404).json({ error: err.message });
|
|
}
|
|
});
|
|
|
|
module.exports = router;
|