20 lines
962 B
JavaScript
20 lines
962 B
JavaScript
const express = require('express');
|
|
const router = express.Router();
|
|
const { drohnenfuehrerLogin, setDrohnenfuehrerPassword, generateInviteToken, updateDrohnenfuehrerSelf, getDrohnenfuehrerSelf } = require('../controllers/drohnenfuehrerController');
|
|
const { authenticateToken } = require('../middleware/auth');
|
|
const { authenticateDrohnenfuehrer } = require('../middleware/drohnenfuehrerAuth');
|
|
const { inviteLimiter } = require('../middleware/rateLimiter');
|
|
|
|
// Public
|
|
router.post('/login', drohnenfuehrerLogin);
|
|
router.post('/set-password', inviteLimiter, setDrohnenfuehrerPassword);
|
|
|
|
// Admin only — generate a one-time invite token so a Drohnenführer can set their password
|
|
router.post('/:id/invite-token', authenticateToken, generateInviteToken);
|
|
|
|
// Authenticated Drohnenführer only
|
|
router.get('/me', authenticateDrohnenfuehrer, getDrohnenfuehrerSelf);
|
|
router.put('/me', authenticateDrohnenfuehrer, updateDrohnenfuehrerSelf);
|
|
|
|
module.exports = router;
|