fix: add JWT middleware to private API routes

feat: get doctors by department
feat: get department by name
2026-04-08 16:44:41 +05:30 · 2026-04-08 16:40:42 +05:30 · 2026-04-08 16:39:29 +05:30 · 2026-03-26 12:33:03 +00:00
9 changed files with 171 additions and 108 deletions
@@ -29,6 +29,53 @@ export const getAllDepartments = async (req, res) => {
 	}
 };
 export const getDepartmentByName = async (req, res) => {
 	try {
 		const {name} = req.query;
 		if (!name) {
 			return res.status(400).json({
 				success: false,
 				message: "Department name is required",
 			});
 		}
 		const department = await prisma.department.findFirst({
 			where: {
 				name: name,
 			},
 		});
 		if (!department) {
 			return res.status(404).json({
 				success: false,
 				message: "Department not found",
 			});
 		}
 		const response = {
 			departmentId: department.departmentId,
 			name: department.name,
 			para1: department.para1 ?? "",
 			para2: department.para2 ?? "",
 			para3: department.para3 ?? "",
 			facilities: department.facilities ?? "",
 			services: department.services ?? "",
 		};
 		return res.status(200).json({
 			success: true,
 			data: [response],
 		});
 	} catch (error) {
 		console.error(error);
 		return res.status(500).json({
 			success: false,
 			message: "Failed to fetch department",
 		});
 	}
 };
 export async function createDepartment(req, res) {
 	try {
 		const {departmentId, name, para1, para2, para3, facilities, services} =
@@ -16,8 +16,7 @@ export const getAllDoctors = async (req, res) => {
 			orderBy: {name: "asc"},
 		});
-		const formatted = doctors.map((doc, index) => {
+		const formatted = doctors.map((doc, index) => ({
 			return {
 			SL_NO: String(index + 1),
 			doctorId: doc.doctorId,
 			name: doc.name,
@@ -42,12 +41,10 @@ export const getAllDoctors = async (req, res) => {
 				return {
 					departmentId: d.department.departmentId,
 					departmentName: d.department.name,
 					timing: timingArray.join(" & "),
 				};
 			}),
-			};
+		}));
 		});
 		res.status(200).json({
 			success: true,
@@ -113,6 +110,54 @@ export const getDoctorByDoctorId = async (req, res) => {
 	}
 };
 // get doctors by department
 export const getDoctorsByDepartmentId = async (req, res) => {
 	try {
 		const {Department_ID} = req.query;
 		if (!Department_ID) {
 			return res.status(400).json({
 				success: false,
 				message: "Department_ID is required",
 			});
 		}
 		const department = await prisma.department.findUnique({
 			where: {departmentId: Department_ID},
 		});
 		if (!department) {
 			return res.status(404).json({
 				success: false,
 				message: "Department not found",
 			});
 		}
 		const doctors = await prisma.doctorDepartment.findMany({
 			where: {departmentId: department.id},
 			include: {
 				doctor: true,
 			},
 		});
 		const result = doctors.map((d) => ({
 			GG_ID: d.doctor.doctorId,
 			Name: d.doctor.name,
 		}));
 		res.status(200).json({
 			success: true,
 			data: result,
 		});
 	} catch (error) {
 		console.error(error);
 		res.status(500).json({
 			success: false,
 			message: "Failed to fetch doctors",
 		});
 	}
 };
 // add doctors
 export const createDoctor = async (req, res) => {
 	try {
@@ -184,20 +229,14 @@ export const updateDoctor = async (req, res) => {
 		});
 		if (!doctor) {
-			return res.status(404).json({
+			return res
-				success: false,
+				.status(404)
-				message: "Doctor not found",
+				.json({success: false, message: "Doctor not found"});
 			});
 		}
 		await prisma.doctor.update({
 			where: {id: doctor.id},
-			data: {
+			data: {name, designation, workingStatus, qualification},
 				name,
 				designation,
 				workingStatus,
 				qualification,
 			},
 		});
 		const oldRelations = await prisma.doctorDepartment.findMany({
@@ -229,25 +268,24 @@ export const updateDoctor = async (req, res) => {
 			});
 			if (dep.timing) {
 				const {id, doctorDepartmentId, createdAt, updatedAt, ...cleanTiming} =
 					dep.timing;
 				await prisma.doctorTiming.create({
 					data: {
 						doctorDepartmentId: doctorDepartment.id,
-						...dep.timing,
+						...cleanTiming,
 					},
 				});
 			}
 		}
-		res.status(200).json({
+		res
-			success: true,
+			.status(200)
-			message: "Doctor updated successfully",
+			.json({success: true, message: "Doctor updated successfully"});
 		});
 	} catch (error) {
-		console.error(error);
+		console.error("Update Error:", error);
-		res.status(500).json({
+		res.status(500).json({success: false, message: "Failed to update doctor"});
 			success: false,
 			message: "Failed to update doctor",
 		});
 	}
 };
 //delete doctor
@@ -256,13 +294,6 @@ export const deleteDoctor = async (req, res) => {
 	try {
 		const {doctorId} = req.params;
 		if (!doctorId) {
 			return res.status(400).json({
 				success: false,
 				message: "Doctor ID is required",
 			});
 		}
 		const doctor = await prisma.doctor.findUnique({
 			where: {doctorId},
 		});
@@ -270,7 +301,7 @@ export const deleteDoctor = async (req, res) => {
 		if (!doctor) {
 			return res.status(404).json({
 				success: false,
-				message: `Doctor with ID ${doctorId} not found`,
+				message: "Doctor not found",
 			});
 		}
@@ -294,7 +325,7 @@ export const deleteDoctor = async (req, res) => {
 		res.status(200).json({
 			success: true,
-			message: `Doctor ${doctorId} deleted successfully`,
+			message: "Doctor deleted successfully",
 		});
 	} catch (error) {
 		console.error(error);
@@ -320,23 +351,19 @@ export const getDoctorTimings = async (req, res) => {
 		});
 		const result = doctors.map((doc) => {
-			let timing = {};
+			const timing = doc.departments[0]?.timing || {};
 			if (doc.departments.length > 0) {
 				timing = doc.departments[0].timing ?? {};
 			}
 			return {
 				Doctor_ID: doc.doctorId,
 				Doctor: doc.name,
-				Monday: timing?.monday ?? "",
+				Monday: timing.monday || "",
-				Tuesday: timing?.tuesday ?? "",
+				Tuesday: timing.tuesday || "",
-				Wednesday: timing?.wednesday ?? "",
+				Wednesday: timing.wednesday || "",
-				Thursday: timing?.thursday ?? "",
+				Thursday: timing.thursday || "",
-				Friday: timing?.friday ?? "",
+				Friday: timing.friday || "",
-				Saturday: timing?.saturday ?? "",
+				Saturday: timing.saturday || "",
-				Sunday: timing?.sunday ?? "",
+				Sunday: timing.sunday || "",
-				Additional: timing?.additional ?? "",
+				Additional: timing.additional || "",
 			};
 		});
@@ -380,26 +407,11 @@ export const getDoctorTimingById = async (req, res) => {
 		const result = {
 			doctorId: doctor.doctorId,
 			doctorName: doctor.name,
-
+			departments: doctor.departments.map((d) => ({
 			departments: doctor.departments.map((d) => {
 				const t = d.timing || {};
 				return {
 				departmentId: d.department.departmentId,
 				departmentName: d.department.name,
-
+				timing: d.timing || {},
-					timing: {
+			})),
 						monday: t.monday || "",
 						tuesday: t.tuesday || "",
 						wednesday: t.wednesday || "",
 						thursday: t.thursday || "",
 						friday: t.friday || "",
 						saturday: t.saturday || "",
 						sunday: t.sunday || "",
 						additional: t.additional || "",
 					},
 				};
 			}),
 		};
 		res.status(200).json({
@@ -11,8 +11,8 @@ import jwtAuthMiddleware from "../middleware/auth.js";
 const router = express.Router();
 router.post("/", createAcademicsResearch);
-router.get("/getAll", getAcademicsResearch);
+router.get("/getAll", jwtAuthMiddleware, getAcademicsResearch);
-router.get("/:id", getSingleAcademicsResearch);
+router.get("/:id", jwtAuthMiddleware, getSingleAcademicsResearch);
 router.delete("/:id", jwtAuthMiddleware, deleteAcademicsResearch);
 export default router;
@@ -13,11 +13,11 @@ const router = express.Router();
 /* PUBLIC */
-router.get("/getall", getAppointments);
+router.get("/getall", jwtAuthMiddleware, getAppointments);
 router.post("/", createAppointment);
-router.get("/:id", getAppointment);
+router.get("/:id", jwtAuthMiddleware, getAppointment);
-router.patch("/:id", updateAppointment);
+router.patch("/:id", jwtAuthMiddleware, updateAppointment);
 router.delete("/:id", jwtAuthMiddleware, deleteAppointment);
 export default router;
@@ -13,13 +13,13 @@ import jwtAuthMiddleware from "../middleware/auth.js";
 const router = express.Router();
 /* PUBLIC */
 router.get("/getAll", getCandidates);
 router.get("/:id", getCandidate);
 router.get("/career/:careerId", getCandidatesByCareer);
 router.post("/", createCandidate);
-router.patch("/:id", updateCandidate);
+
 router.get("/getAll", jwtAuthMiddleware, getCandidates);
 router.get("/:id", jwtAuthMiddleware, getCandidate);
 router.get("/career/:careerId", jwtAuthMiddleware, getCandidatesByCareer);
 router.patch("/:id", jwtAuthMiddleware, updateCandidate);
 router.delete("/:id", jwtAuthMiddleware, deleteCandidate);
 export default router;
@@ -10,8 +10,8 @@ const router = express.Router();
 router.get("/getAll", getAllCareers);
-router.post("/", createCareer);
+router.post("/", jwtAuthMiddleware, createCareer);
-router.patch("/:id", updateCareer);
+router.patch("/:id", jwtAuthMiddleware, updateCareer);
-router.delete("/:id", deleteCareer);
+router.delete("/:id", jwtAuthMiddleware, deleteCareer);
 export default router;
@@ -1,6 +1,7 @@
 import express from "express";
 import {
 	getAllDepartments,
 	getDepartmentByName,
 	createDepartment,
 	updateDepartment,
 	deleteDepartment,
@@ -11,6 +12,7 @@ const router = express.Router();
 // Public
 router.get("/getAll", getAllDepartments);
 router.get("/search", getDepartmentByName);
 // Protected
 router.post("/", jwtAuthMiddleware, createDepartment);
@@ -7,6 +7,7 @@ import {
 	getDoctorTimings,
 	getDoctorTimingById,
 	getDoctorByDoctorId,
 	getDoctorsByDepartmentId,
 } from "../controllers/doctor.controller.js";
 import jwtAuthMiddleware from "../middleware/auth.js";
@@ -14,9 +15,10 @@ import jwtAuthMiddleware from "../middleware/auth.js";
 const router = express.Router();
 router.get("/getAll", getAllDoctors);
-router.get("/:doctorId", getDoctorByDoctorId);
+router.get("/search", getDoctorsByDepartmentId);
 router.get("/getTimings", getDoctorTimings);
 router.get("/getTimings/:doctorId", getDoctorTimingById);
 router.get("/:doctorId", getDoctorByDoctorId);
 router.post("/", jwtAuthMiddleware, createDoctor);
 router.patch("/:doctorId", jwtAuthMiddleware, updateDoctor);
@@ -12,8 +12,8 @@ const router = express.Router();
 router.post("/", createInquiry);
-router.get("/getAll", getInquiries);
+router.get("/getAll", jwtAuthMiddleware, getInquiries);
-router.get("/:id", getInquiry);
+router.get("/:id", jwtAuthMiddleware, getInquiry);
 router.delete("/:id", jwtAuthMiddleware, deleteInquiry);
 export default router;
Author	SHA1	Message	Date
Kailasdevdas	fb298cb846	fix: add JWT middleware to private API routes	2026-04-08 16:44:41 +05:30
Kailasdevdas	9c44c66b22	feat: get doctors by department	2026-04-08 16:40:42 +05:30
Kailasdevdas	29d2ed6b96	feat: get department by name	2026-04-08 16:39:29 +05:30
arjunsthampi	661bf7a77f	Merge pull request 'fix-department-ui' (#5 ) from fix-department-ui into dev Reviewed-on: #5	2026-03-26 12:33:03 +00:00