routes.js 2.4 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778
  1. // Modified part of routes.js file
  2. import passport from "passport";
  3. import { authenticateSuper, authenticateUsers } from "./common/passport.js";
  4. import accountRouter from "./api/accounts/account.router.js";
  5. import authRouter from "./api/auth/auth.router.js";
  6. import subscriptionRouter from "./api/subscriptions/subscription.router.js";
  7. import teamRouter from "./api/teams/team.router.js";
  8. import userRouter from "./api/users/user.router.js";
  9. import webhookRouter from "./api/webhooks/webhook.router.js";
  10. import workspaceRouter from "./api/workspaces/workspace.router.js";
  11. import publicRouter from "./api/public/public.router.js";
  12. import leadsRouter from "./api/leads/leads.router.js";
  13. import tokensRouter from "./api/tokens/tokens.router.js";
  14. import ROLE from "./api/users/role.model.js";
  15. import authorizeRequest from "./middlewares/authorizeRequest.middleware.js";
  16. import { setLang } from "./middlewares/lang.middleware.js";
  17. import authorizeSubscription from "./middlewares/authorizeSubscription.middleware.js";
  18. // APP ROUTES
  19. export default function routes(app) {
  20. // API ROUTES
  21. app.use("/api/v1/auth", authRouter);
  22. app.use(
  23. "/api/v1/users",
  24. authenticateUsers(), // Now accepts both regular and super admin JWT
  25. setLang(),
  26. userRouter
  27. );
  28. // Modified to use Super Admin authentication for workspaces
  29. app.use(
  30. "/api/v1/workspaces",
  31. authenticateSuper(), // Using Super Admin authentication here
  32. setLang(),
  33. workspaceRouter
  34. );
  35. app.use(
  36. "/api/v1/accounts",
  37. authenticateUsers(), // Now accepts both regular and super admin JWT
  38. setLang(),
  39. authorizeRequest([ROLE.ADMIN, ROLE.SUPER_ADMIN]), // Modified to include SUPER_ADMIN
  40. accountRouter
  41. );
  42. app.use("/api/v1/stripe/webhook", webhookRouter);
  43. app.use("/api/v1/stripe", subscriptionRouter);
  44. app.use(
  45. "/api/v1/teams",
  46. authenticateUsers(), // Now accepts both regular and super admin JWT
  47. setLang(),
  48. authorizeRequest([ROLE.ADMIN]),
  49. teamRouter
  50. );
  51. // Leads and tokens routes with subscription check
  52. app.use(
  53. "/api/v1/leads",
  54. authenticateUsers(), // Now accepts both regular and super admin JWT
  55. setLang(),
  56. authorizeSubscription(),
  57. leadsRouter
  58. );
  59. app.use(
  60. "/api/v1/tokens",
  61. authenticateUsers(), // Now accepts both regular and super admin JWT
  62. setLang(),
  63. authorizeSubscription(),
  64. tokensRouter
  65. );
  66. // Public API routes - no authentication required
  67. app.use("/api/v1/public", setLang(), publicRouter);
  68. }