rohit/spurrin-backend
1
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

ntfs, msg

Browse Source
This commit is contained in:
Ubuntu 2025-08-04 13:55:45 +05:30
parent 1362dd52be
commit b0325d4860
2 changed files with 152 additions and 152 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/controllers/hospitalController.js
View File

@ -1573,7 +1573,7 @@ exports.updatePublicSignup = async (req, res) => {
console.log("req user-----", req.user) console.log("req user-----", req.user)
// Check if user has permission // Check if user has permission
if (!["Spurrinadmin", "Superadmin", 7, 6].includes(req.user.role)) { if (!["Spurrinadmin", "Superadmin","Admin", 7, 6,8].includes(req.user.role)) {
return res.status(403).json({ return res.status(403).json({
error: "You are not authorized to update public signup settings" error: "You are not authorized to update public signup settings"
}); });

302
src/services/secondaryWebsocket.js
View File

@ -8,8 +8,8 @@ const db = require("../config/database");
const base_url = "https://backend.spurrinai.com"; const base_url = "https://backend.spurrinai.com";
const server = https.createServer({ const server = https.createServer({
cert: fs.readFileSync("/home/ubuntu/spurrin-cleaned-node/certificates/fullchain.pem"), cert: fs.readFileSync("/home/ubuntu/spurrin-backend/certificates/fullchain.pem"),
key: fs.readFileSync("/home/ubuntu/spurrin-cleaned-node/certificates/privkey.pem") key: fs.readFileSync("/home/ubuntu/spurrin-backend/certificates/privkey.pem")
}); });
const wss = new WebSocket.Server({ server, perMessageDeflate: false }); const wss = new WebSocket.Server({ server, perMessageDeflate: false });
@ -177,7 +177,7 @@ wss.on("connection", (ws) => {
} }
// This event retrieves all feedback entries submitted by app users (sender_type = 'appuser') to a specific hospital (receiver_type = 'hospital') based on the hospital's hospital_code, which is derived from the JWT token provided by the user. // This event retrieves all feedback entries submitted by app users (sender_type = 'appuser') to a specific hospital (receiver_type = 'hospital') based on the hospital's hospital_code, which is derived from the JWT token provided by the user.
if (data.event === "get-app-user-byhospital-feedback") { if (data.event === "get-app-user-byhospital-feedback") {
if (!data.token) { if (!data.token) {
emitEvent("get-app-user-byhospital-feedback", { error: "Token missing" }, ws.userId); emitEvent("get-app-user-byhospital-feedback", { error: "Token missing" }, ws.userId);
return; return;
@ -187,7 +187,7 @@ wss.on("connection", (ws) => {
const decoded = jwt.verify(data.token, process.env.JWT_ACCESS_TOKEN_SECRET); const decoded = jwt.verify(data.token, process.env.JWT_ACCESS_TOKEN_SECRET);
// Only hospital users (role 7, 8, or 9) are allowed // Only hospital users (role 7, 8, or 9) are allowed
if (!["Superadmin","Admin",7, 8].includes(decoded.role)) { if (!["Superadmin", "Admin", 7, 8].includes(decoded.role)) {
emitEvent("get-app-user-byhospital-feedback", { error: "Unauthorized access" }, ws.userId); emitEvent("get-app-user-byhospital-feedback", { error: "Unauthorized access" }, ws.userId);
return; return;
} }
@ -284,110 +284,110 @@ wss.on("connection", (ws) => {
} }
if (data.event === "app-usersby-hospitalid") { if (data.event === "app-usersby-hospitalid") {
if (!data.token || !data.id) { if (!data.token || !data.id) {
emitEvent("app-usersby-hospitalid", { error: "Token or hospital ID missing" }, ws.userId); emitEvent("app-usersby-hospitalid", { error: "Token or hospital ID missing" }, ws.userId);
return; return;
} }
try { try {
const decoded = jwt.verify(data.token, process.env.JWT_ACCESS_TOKEN_SECRET); const decoded = jwt.verify(data.token, process.env.JWT_ACCESS_TOKEN_SECRET);
const userRole = decoded.role; const userRole = decoded.role;
// Only allowed roles // Only allowed roles
if (!["Superadmin", "Admin", 8, 9].includes(userRole)) { if (!["Superadmin", "Admin", 8, 9].includes(userRole)) {
emitEvent("app-usersby-hospitalid", { error: "Unauthorized to view app users" }, decoded.id); emitEvent("app-usersby-hospitalid", { error: "Unauthorized to view app users" }, decoded.id);
return; return;
} }
// Fetch hospital_code using hospital id // Fetch hospital_code using hospital id
const query1 = `SELECT * FROM hospitals WHERE id = ?`; const query1 = `SELECT * FROM hospitals WHERE id = ?`;
const result1 = await db.query(query1, [data.id]); const result1 = await db.query(query1, [data.id]);
if (!result1 || !result1[0].hospital_code) { if (!result1 || !result1[0].hospital_code) {
emitEvent("app-usersby-hospitalid", { error: "Hospital not found" }, decoded.id); emitEvent("app-usersby-hospitalid", { error: "Hospital not found" }, decoded.id);
return; return;
} }
const hospitalCode = result1[0].hospital_code; const hospitalCode = result1[0].hospital_code;
// Fetch app users for that hospital_code // Fetch app users for that hospital_code
const query2 = `SELECT * FROM app_users WHERE hospital_code = ?`; const query2 = `SELECT * FROM app_users WHERE hospital_code = ?`;
const users = await db.query(query2, [hospitalCode]); const users = await db.query(query2, [hospitalCode]);
if (users.length === 0) { if (users.length === 0) {
emitEvent("app-usersby-hospitalid", { message: "No app users found" }, decoded.id); emitEvent("app-usersby-hospitalid", { message: "No app users found" }, decoded.id);
return; return;
} }
emitEvent("app-usersby-hospitalid", { emitEvent("app-usersby-hospitalid", {
message: "App users fetched successfully", message: "App users fetched successfully",
data: users data: users
}, decoded.id); }, decoded.id);
} catch (error) { } catch (error) {
emitEvent("app-usersby-hospitalid", { error: error.message }, ws.userId); emitEvent("app-usersby-hospitalid", { error: error.message }, ws.userId);
} }
} }
if (data.event === "get-signup-notifications") { if (data.event === "get-signup-notifications") {
if (!data.token) { if (!data.token) {
emitEvent("get-signup-notifications", { error: "Token missing" }, ws.userId); emitEvent("get-signup-notifications", { error: "Token missing" }, ws.userId);
return; return;
} }
try { try {
const decoded = jwt.verify(data.token, process.env.JWT_ACCESS_TOKEN_SECRET); const decoded = jwt.verify(data.token, process.env.JWT_ACCESS_TOKEN_SECRET);
const allowedRoles = ['Admin', 'Superadmin', 8, 7]; const allowedRoles = ['Admin', 'Superadmin', 8, 7];
// Role-based access check // Role-based access check
if (!allowedRoles.includes(decoded.role)) { if (!allowedRoles.includes(decoded.role)) {
emitEvent("get-signup-notifications", { error: "You are not authorized!" }, decoded.id); emitEvent("get-signup-notifications", { error: "You are not authorized!" }, decoded.id);
return; return;
}
// Fetch hospital_code from the DB
const result = await db.query(
"SELECT hospital_code FROM hospital_users WHERE id = ?",
[decoded.id]
);
// Validate result
if (!result || result.length === 0 || !result[0].hospital_code) {
emitEvent("get-signup-notifications", { error: "Hospital code not found." }, decoded.id);
return;
}
const hospital_code = result[0].hospital_code;
// Fetch signup notifications
const notifications = await db.query(
"SELECT * FROM app_users WHERE hospital_code = ? AND checked = 0",
[hospital_code]
);
emitEvent("get-signup-notifications", {
message: "Notifications fetched successfully.",
notifications
}, decoded.id);
} catch (error) {
console.error("Error fetching signup notifications:", error);
emitEvent("get-signup-notifications", { error: error.message }, ws.userId);
}
} }
// Fetch hospital_code from the DB
const result = await db.query(
"SELECT hospital_code FROM hospitals WHERE id = ?",
[decoded.id]
);
// Validate result if (data.event === "get-app-queries") {
if (!result || result.length === 0 || !result[0].hospital_code) {
emitEvent("get-signup-notifications", { error: "Hospital code not found." }, decoded.id);
return;
}
const hospital_code = result[0].hospital_code; if (!data.token || (!data.hospital_code || !data.app_user_id)) {
// Fetch signup notifications
const notifications = await db.query(
"SELECT * FROM hospitals WHERE hospital_code = ? AND checked = 0",
[hospital_code]
);
emitEvent("get-signup-notifications", {
message: "Notifications fetched successfully.",
notifications
}, decoded.id);
} catch (error) {
console.error("Error fetching signup notifications:", error);
emitEvent("get-signup-notifications", { error: error.message }, ws.userId);
}
}
if(data.event === "get-app-queries"){
if (!data.token || (!data.hospital_code || !data.app_user_id) ) {
emitEvent("get-app-queries", { error: "Token missing or hospital_code or app_user_id missing" }, ws.userId); emitEvent("get-app-queries", { error: "Token missing or hospital_code or app_user_id missing" }, ws.userId);
return; return;
} }
try { try {
const decoded = jwt.verify(data.token, process.env.JWT_ACCESS_TOKEN_SECRET); const decoded = jwt.verify(data.token, process.env.JWT_ACCESS_TOKEN_SECRET);
const allowedRoles = ['Admin','Superadmin',8,7]; const allowedRoles = ['Admin', 'Superadmin', 8, 7];
// Role-based access check // Role-based access check
if (!allowedRoles.includes(decoded.role)) { if (!allowedRoles.includes(decoded.role)) {
@ -395,24 +395,24 @@ if (data.event === "get-signup-notifications") {
return; return;
} }
let interaction_logs; let interaction_logs;
// Fetch notifications of new signup // Fetch notifications of new signup
if(data.hospital_code.length == 0){ if (data.hospital_code.length == 0) {
interaction_logs = await db.query( interaction_logs = await db.query(
"SELECT * FROM interaction_logs WHERE app_user_id = ?", "SELECT * FROM interaction_logs WHERE app_user_id = ?",
[data.app_user_id] [data.app_user_id]
); );
} }
else if(data.app_user_id.length == 0){ else if (data.app_user_id.length == 0) {
interaction_logs = await db.query( interaction_logs = await db.query(
"SELECT * FROM interaction_logs WHERE app_user_id = ?", "SELECT * FROM interaction_logs WHERE app_user_id = ?",
[ data.app_user_id] [data.app_user_id]
); );
} }
emitEvent("get-app-queries", { emitEvent("get-app-queries", {
message: "interaction logs fetched successfully.", message: "interaction logs fetched successfully.",
@ -426,53 +426,52 @@ if (data.event === "get-signup-notifications") {
if (data.event === "get-signup-notifications") { if (data.event === "get-signup-notifications") {
if (!data.token) { if (!data.token) {
emitEvent("get-signup-notifications", { error: "Token missing" }, ws.userId); emitEvent("get-signup-notifications", { error: "Token missing" }, ws.userId);
return; return;
} }
try { try {
const decoded = jwt.verify(data.token, process.env.JWT_ACCESS_TOKEN_SECRET); const decoded = jwt.verify(data.token, process.env.JWT_ACCESS_TOKEN_SECRET);
const allowedRoles = ['Admin', 'Superadmin', 8, 7]; const allowedRoles = ['Admin', 'Superadmin', 8, 7];
// Role-based access check // Role-based access check
if (!allowedRoles.includes(decoded.role)) { if (!allowedRoles.includes(decoded.role)) {
emitEvent("get-signup-notifications", { error: "You are not authorized!" }, decoded.id); emitEvent("get-signup-notifications", { error: "You are not authorized!" }, decoded.id);
return; return;
}
console.log("decoded token ----", decoded)
// Fetch hospital_code from hospitals table
const result = await db.query(
"SELECT hospital_code FROM hospital_users WHERE id = ?",
[decoded.id]
);
if (!result || result.length === 0 || !result[0].hospital_code) {
emitEvent("get-signup-notifications", { error: "Hospital code not found" }, decoded.id);
return;
}
const hospital_code = result[0].hospital_code;
// Fetch notifications of new signups
const notifications = await db.query(
"SELECT * FROM app_users WHERE hospital_code = ? AND checked = 0",
[hospital_code]
);
emitEvent("get-signup-notifications", {
message: "Notifications fetched successfully.",
notifications
}, decoded.id);
} catch (error) {
emitEvent("get-signup-notifications", { error: error.message }, ws.userId);
}
} }
console.log("decoded token ----",decoded)
// Fetch hospital_code from hospitals table
const result = await db.query(
"SELECT hospital_code FROM hospitals WHERE id = ?",
[decoded.id]
);
if (!result || result.length === 0 || !result[0].hospital_code) {
emitEvent("get-signup-notifications", { error: "Hospital code not found" }, decoded.id);
return;
}
const hospital_code = result[0].hospital_code;
// Fetch notifications of new signups
const notifications = await db.query(
"SELECT * FROM hospitals WHERE hospital_code = ? AND checked = 0",
[hospital_code]
);
emitEvent("get-signup-notifications", {
message: "Notifications fetched successfully.",
notifications
}, decoded.id);
} catch (error) {
emitEvent("get-signup-notifications", { error: error.message }, ws.userId);
}
}
@ -488,23 +487,24 @@ if (data.event === "get-signup-notifications") {
}); });
}); });
// function emitEvent(event, data, userId = null) { // Add this function before the server.listen() call
// if (userId && userSockets.has(userId)) { function emitEvent(event, data, userId = null) {
// const client = userSockets.get(userId); if (userId && userSockets.has(userId)) {
// if (client.readyState === WebSocket.OPEN) { const client = userSockets.get(userId);
// client.send(JSON.stringify({ event, data })); if (client.readyState === WebSocket.OPEN) {
// } client.send(JSON.stringify({ event, data }));
// } else { }
// wss.clients.forEach((client) => { } else {
// if (client.readyState === WebSocket.OPEN) { wss.clients.forEach((client) => {
// client.send(JSON.stringify({ event, data })); if (client.readyState === WebSocket.OPEN) {
// } client.send(JSON.stringify({ event, data }));
// }); }
// } });
// } }
}
server.listen(40520, () => { server.listen(40520, () => {
console.log("📡 Secure WebSocket server listening on wss://backend.spurrinai.com:40520"); console.log("📡 Secure WebSocket server listening on wss://backend.spurrinai.com:40520");
}); });
module.exports = { wss }; module.exports = { wss };