noxious_server/src/utilities/Http.ts

/**
 * Resources:
 * https://stackoverflow.com/questions/76131891/what-is-the-best-method-for-socket-io-authentication
 */
import { Application, Request, Response } from 'express'
import UserService from '../services/UserService'
import jwt from 'jsonwebtoken'
import config from './Config'
import { loginAccountSchema, registerAccountSchema } from './ZodTypes'
import path from 'path'
import { TAsset } from './Types'
import tileRepository from '../repositories/TileRepository'
import objectRepository from '../repositories/ObjectRepository'
import spriteRepository from '../repositories/SpriteRepository'

async function addHttpRoutes(app: Application) {
  app.get('/assets', async (req: Request, res: Response) => {
    let assets: TAsset[] = []
    const tiles = await tileRepository.getAll()
    tiles.forEach((tile) => {
      assets.push({
        key: tile.id,
        value: '/assets/tiles/' + tile.id + '.png',
        group: 'tiles',
        type: 'link'
      })
    })

    const objects = await objectRepository.getAll()
    objects.forEach((object) => {
      assets.push({
        key: object.id,
        value: '/assets/objects/' + object.id + '.png',
        group: 'objects',
        type: 'link'
      })
    })

    res.json(assets)
  })
  app.get('/assets/:type/:file', (req: Request, res: Response) => {
    const assetName = req.params.file

    // if (!isValidAsset(assetName)) {
    //     return res.status(400).send('Invalid asset name');
    // }

    const options = {
      root: path.join(process.cwd(), 'public', req.params.type)
    }

    res.sendFile(assetName, options, (err) => {
      if (err) {
        console.error('Error sending file:', err)
        res.status(500).send('Error downloading the asset')
      }
    })
  })

  app.post('/login', async (req: Request, res: Response) => {
    const { username, password } = req.body

    try {
      loginAccountSchema.parse({ username, password })
    } catch (error: any) {
      return res.status(400).json({ message: error.errors[0]?.message })
    }

    const userService = new UserService()
    const user = await userService.login(username, password)

    if (user) {
      //test
      const token = jwt.sign({ id: user.id }, config.JWT_SECRET, { expiresIn: '4h' })
      return res.status(200).json({ token })
    }

    return res.status(400).json({ message: 'Failed to login' })
  })

  app.post('/register', async (req: Request, res: Response) => {
    const { username, password } = req.body

    try {
      registerAccountSchema.parse({ username, password })
    } catch (error: any) {
      return res.status(400).json({ message: error.errors[0]?.message })
    }

    const userService = new UserService()
    const user = await userService.register(username, password)

    if (user) {
      const token = jwt.sign({ id: user.id }, config.JWT_SECRET, { expiresIn: '4h' })
      return res.status(200).json({ token })
    }

    return res.status(400).json({ message: 'Failed to register user' })
  })

  console.log('[✅] Web routes added')
}

export { addHttpRoutes }