feat: basic api setup and boilerplate

backend/src/app.js

@@ -0,0 +1,42 @@
+import express from "express";
+import dotenv from "dotenv";
+import cors from "cors";
+
+import departmentRoutes from "./routes/department.routes.js";
+import authRoutes from "./routes/auth.routes.js";
+import blogRoutes from "./routes/blog.routes.js";
+import uploadRoutes from "./routes/upload.routes.js";
+
+dotenv.config();
+
+const app = express();
+
+const allowedOrigins = process.env.CORS_ALLOWED_ORIGINS
+	? process.env.CORS_ALLOWED_ORIGINS.split(" ")
+	: ["http://localhost:3001"];
+
+const corsOptions = {
+	origin: function (origin, callback) {
+		if (!origin || allowedOrigins.includes(origin)) {
+			callback(null, true);
+		} else {
+			callback(new Error("Not allowed by CORS"));
+		}
+	},
+	methods: ["GET", "POST", "PUT", "DELETE", "PATCH"],
+	allowedHeaders: "*",
+};
+
+app.use(express.json());
+app.use(cors(corsOptions));
+
+app.use("/api/departments", departmentRoutes);
+app.use("/api/auth", authRoutes);
+app.use("/api/blogs", blogRoutes);
+app.use("/uploads", express.static("uploads"));
+app.use("/api/upload", uploadRoutes);
+
+const PORT = process.env.PORT || 3000;
+app.listen(PORT, () => {
+	console.log(`Server running on port ${PORT}`);
+});

backend/src/controllers/auth.controller.js

@@ -0,0 +1,76 @@
+import prisma from "../prisma/client.js";
+import {generateToken} from "../utils/jwt.js";
+import {hashPassword, comparePassword} from "../utils/password.js";
+
+/**
+ * REGISTER
+ * POST /api/auth/register
+ */
+export async function register(req, res) {
+	const {username, password, role} = req.body;
+
+	if (!username || !password) {
+		return res.status(400).json({error: "Username and password required"});
+	}
+
+	const existingUser = await prisma.user.findUnique({
+		where: {username},
+	});
+
+	if (existingUser) {
+		return res.status(409).json({error: "Username already exists"});
+	}
+
+	const hashedPassword = await hashPassword(password);
+
+	const user = await prisma.user.create({
+		data: {
+			username,
+			password: hashedPassword,
+			role: role || "admin",
+		},
+	});
+
+	res.status(201).json({
+		message: "User registered successfully",
+		user: {
+			id: user.id,
+			username: user.username,
+			role: user.role,
+		},
+	});
+}
+
+/**
+ * LOGIN
+ * POST /api/auth/login
+ */
+export async function login(req, res) {
+	const {username, password} = req.body;
+
+	if (!username || !password) {
+		return res.status(400).json({error: "Username and password required"});
+	}
+
+	const user = await prisma.user.findUnique({
+		where: {username},
+	});
+
+	if (!user) {
+		return res.status(401).json({error: "Invalid credentials"});
+	}
+
+	const isValid = await comparePassword(password, user.password);
+
+	if (!isValid) {
+		return res.status(401).json({error: "Invalid credentials"});
+	}
+
+	const token = generateToken({
+		userId: user.id,
+		username: user.username,
+		role: user.role,
+	});
+
+	res.json({token});
+}

backend/src/controllers/blog.controller.js

@@ -0,0 +1,110 @@
+import prisma from "../prisma/client.js";
+
+/* CREATE BLOG */
+
+export async function createBlog(req, res) {
+	const {title, writer, image, content, isActive} = req.body;
+
+	try {
+		const blog = await prisma.blog.create({
+			data: {
+				title,
+				writer,
+				image,
+				content,
+				isActive,
+			},
+		});
+
+		res.json(blog);
+	} catch (error) {
+		res.status(500).json({error: "Blog creation failed"});
+	}
+}
+
+/* GET ALL BLOGS (Public) */
+
+export async function getBlogs(req, res) {
+	try {
+		const blogs = await prisma.blog.findMany({
+			where: {isActive: true},
+			orderBy: {createdAt: "desc"},
+		});
+
+		res.json(blogs);
+	} catch (error) {
+		res.status(500).json({error: error.message});
+	}
+}
+
+/* GET ALL BLOGS (Admin) */
+
+export async function getAllBlogs(req, res) {
+	try {
+		const blogs = await prisma.blog.findMany({
+			orderBy: {createdAt: "desc"},
+		});
+
+		res.json(blogs);
+	} catch (error) {
+		res.status(500).json({error: error.message});
+	}
+}
+
+/* GET SINGLE BLOG */
+
+export async function getBlog(req, res) {
+	try {
+		const id = Number(req.params.id);
+
+		const blog = await prisma.blog.findUnique({
+			where: {id},
+		});
+
+		if (!blog) {
+			return res.status(404).json({error: "Blog not found"});
+		}
+
+		res.json(blog);
+	} catch (error) {
+		res.status(500).json({error: error.message});
+	}
+}
+
+/* UPDATE BLOG */
+
+export async function updateBlog(req, res) {
+	try {
+		const {title, writer, image, content} = req.body;
+
+		const blog = await prisma.blog.update({
+			where: {id: Number(req.params.id)},
+			data: {
+				title,
+				writer,
+				image,
+				content,
+			},
+		});
+
+		res.json(blog);
+	} catch (error) {
+		res.status(500).json({error: error.message});
+	}
+}
+
+/* DELETE BLOG */
+
+export async function deleteBlog(req, res) {
+	try {
+		const id = Number(req.params.id);
+
+		await prisma.blog.delete({
+			where: {id},
+		});
+
+		res.json({message: "Blog deleted successfully"});
+	} catch (error) {
+		res.status(500).json({error: error.message});
+	}
+}

backend/src/controllers/department.controller.js

@@ -0,0 +1,66 @@
+import prisma from "../prisma/client.js";
+
+export const getAllDepartments = async (req, res) => {
+	try {
+		const departments = await prisma.department.findMany({
+			orderBy: {name: "asc"},
+		});
+
+		const response = departments.map((dep) => ({
+			departmentId: dep.departmentId,
+			Department: dep.name,
+			para1: dep.para1 ?? "",
+			para2: dep.para2 ?? "",
+			para3: dep.para3 ?? "",
+			facilities: dep.facilities ?? "",
+			services: dep.services ?? "",
+		}));
+
+		return res.status(200).json({
+			success: true,
+			data: response,
+		});
+	} catch (error) {
+		console.error(error);
+		return res.status(500).json({
+			success: false,
+			message: "Failed to fetch departments",
+		});
+	}
+};
+
+export async function createDepartment(req, res) {
+	try {
+		const {departmentId, name, para1, para2, para3, facilities, services} =
+			req.body;
+
+		if (!departmentId || !name) {
+			return res
+				.status(400)
+				.json({error: "departmentId and name are required"});
+		}
+
+		const department = await prisma.department.create({
+			data: {
+				departmentId,
+				name,
+				para1,
+				para2,
+				para3,
+				facilities,
+				services,
+			},
+		});
+
+		res.status(201).json({
+			message: "Department created successfully",
+			data: department,
+		});
+	} catch (error) {
+		if (error.code === "P2002") {
+			return res.status(409).json({error: "Department already exists"});
+		}
+
+		res.status(500).json({error: "Failed to create department"});
+	}
+}

backend/src/controllers/upload.controller.js

@@ -0,0 +1,15 @@
+import multer from "multer";
+import path from "path";
+
+const storage = multer.diskStorage({
+	destination: function (req, file, cb) {
+		cb(null, "uploads/blog");
+	},
+
+	filename: function (req, file, cb) {
+		const fileName = Date.now() + path.extname(file.originalname);
+		cb(null, fileName);
+	},
+});
+
+export const upload = multer({storage});

backend/src/middleware/auth.js

@@ -0,0 +1,19 @@
+import {verifyToken} from "../utils/jwt.js";
+
+export default function jwtAuthMiddleware(req, res, next) {
+	const authHeader = req.headers.authorization;
+
+	if (!authHeader || !authHeader.startsWith("Bearer ")) {
+		return res.status(401).json({error: "No token provided"});
+	}
+
+	const token = authHeader.split(" ")[1];
+
+	try {
+		const user = verifyToken(token);
+		req.user = user;
+		next();
+	} catch (err) {
+		return res.status(401).json({error: "Invalid or expired token"});
+	}
+}

backend/src/prisma/client.js

@@ -0,0 +1,5 @@
+import {PrismaClient} from "@prisma/client";
+
+const prisma = new PrismaClient();
+
+export default prisma;

backend/src/routes/auth.routes.js

@@ -0,0 +1,9 @@
+import express from "express";
+import {register, login} from "../controllers/auth.controller.js";
+
+const router = express.Router();
+
+router.post("/register", register);
+router.post("/login", login);
+
+export default router;

backend/src/routes/blog.routes.js

@@ -0,0 +1,27 @@
+import express from "express";
+import {
+	createBlog,
+	getBlogs,
+	getBlog,
+	updateBlog,
+	deleteBlog,
+	getAllBlogs,
+} from "../controllers/blog.controller.js";
+
+import jwtAuthMiddleware from "../middleware/auth.js";
+
+const router = express.Router();
+
+/* PUBLIC */
+
+router.get("/", getBlogs);
+router.get("/:id", getBlog);
+
+// Protected
+
+router.get("/admin/all", jwtAuthMiddleware, getAllBlogs);
+router.post("/", jwtAuthMiddleware, createBlog);
+router.put("/:id", jwtAuthMiddleware, updateBlog);
+router.delete("/:id", jwtAuthMiddleware, deleteBlog);
+
+export default router;

backend/src/routes/department.routes.js

@@ -0,0 +1,16 @@
+import express from "express";
+import {
+	getAllDepartments,
+	createDepartment,
+} from "../controllers/department.controller.js";
+import jwtAuthMiddleware from "../middleware/auth.js";
+
+const router = express.Router();
+
+// Public
+router.get("/getAll", getAllDepartments);
+
+// Protected
+router.post("/", jwtAuthMiddleware, createDepartment);
+
+export default router;

backend/src/routes/upload.routes.js

@@ -0,0 +1,15 @@
+import express from "express";
+import {upload} from "../controllers/upload.controller.js";
+
+const router = express.Router();
+
+router.post("/image", upload.single("image"), (req, res) => {
+	res.json({
+		success: 1,
+		file: {
+			url: `http://localhost:3000/uploads/blog/${req.file.filename}`,
+		},
+	});
+});
+
+export default router;

backend/src/utils/jwt.js

@@ -0,0 +1,12 @@
+import jwt from "jsonwebtoken";
+import "dotenv/config";
+
+const SECRET = process.env.JWT_SECRET;
+
+export function generateToken(payload) {
+	return jwt.sign(payload, SECRET, {expiresIn: "24h"});
+}
+
+export function verifyToken(token) {
+	return jwt.verify(token, SECRET);
+}

backend/src/utils/password.js

@@ -0,0 +1,9 @@
+import bcrypt from "bcryptjs";
+
+export async function hashPassword(password) {
+	return bcrypt.hash(password, 10);
+}
+
+export async function comparePassword(password, hash) {
+	return bcrypt.compare(password, hash);
+}