47de1efe86
Backend:
- 3 migrations: system_users (citext email único, password_hash, active),
system_sessions (UUID + expires_at + revoked_at), ALTER audit_log con
actor_user_id/actor_email/actor_ip/action_path/summary y entity_id NULL.
- src/modules/auth/: usersRepo, sessionsRepo, passwords (bcrypt cost 10),
auth (login/logout), bootstrap (crea admin desde ADMIN_EMAIL/PASSWORD si
la tabla está vacía). 4 tests passwords (hash distinto cada vez, verify
rechaza, longitud mínima 8).
- middleware/requireAuth: lee cookie bot_session, busca sesión activa,
popula req.user. Whitelist: /styles, /components, /lib, /login, /, /home
y SPA paths (HTML carga sin auth, el JS gatea con /api/auth/me).
- middleware/auditWriter: registra cada POST/PUT/DELETE 2xx en audit_log
con req.user, IP, body redactado (passwords/tokens/secrets). Handlers
pueden enriquecer summary via res.locals.audit.
- routes: /api/auth/{login,logout,me} (cookie httpOnly + DB session),
/api/system-users (ABM con guards: cant_delete_self, cant_deactivate_self,
email único, password ≥ 8), /api/audit-log + /api/audit-log/actors.
- src/app.js: orden estricto — webhooks (sin auth) → auth routes (sin auth)
→ /login HTML → static → SPA HTML → requireAuth + auditWriter → API admin.
Bootstrap del primer admin se ejecuta en index.js antes de listen. Usa
ADMIN_EMAIL/ADMIN_PASSWORD/ADMIN_NAME del .env. Si no están seteados y la
tabla está vacía, warn y exit (nadie puede loguearse).
Frontend:
- /login.html + /login.js: form simple, POST a /api/auth/login con
credentials:include, redirect a ?next=... o /home. Si ya hay sesión
activa, va directo a /home.
- public/app.js gate: chequea /api/auth/me antes de initRouter; sin sesión
redirige a /login?next=<path>. window.__USER__ disponible para shell.
- ops-shell: nav agrega "Operadores" + "Actividad". Header derecha muestra
email del user + botón Salir (POST /api/auth/logout + redirect /login).
- system-users-crud: CRUD lista/form (estilo settings). Crear/editar/
cambiar password/eliminar. UI muestra badge "Vos" + bloquea eliminarse
ni desactivarse a uno mismo.
- audit-log: tabla read-only con filtros (actor, entity_type, since,
search), paginación 50, badges por acción, modal de detalles con
changes JSON. /api/audit-log/actors pobla el dropdown de operadores.
Smoke E2E: login OK + cookie set, /me 200; logout → /me 401; settings POST
genera fila en audit_log con actor_email + action_path; ABM crea/borra
operadores con guards; intentar borrarse devuelve 400 cant_delete_self.
161/161 tests verde (pre-existentes 157 + 4 passwords nuevos).
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
72 lines
2.8 KiB
JavaScript
72 lines
2.8 KiB
JavaScript
import express from "express";
|
|
import cors from "cors";
|
|
import cookieParser from "cookie-parser";
|
|
import path from "path";
|
|
import { fileURLToPath } from "url";
|
|
|
|
import { createSimulatorRouter } from "./modules/1-intake/routes/simulator.js";
|
|
import { createEvolutionRouter } from "./modules/1-intake/routes/evolution.js";
|
|
import { createWooWebhooksRouter } from "./modules/2-identity/routes/wooWebhooks.js";
|
|
import { createAuthRouter } from "./modules/auth/controllers/authRoutes.js";
|
|
import { createSystemUsersRouter } from "./modules/auth/controllers/usersRoutes.js";
|
|
import { createAuditLogRouter } from "./modules/auth/controllers/auditRoutes.js";
|
|
import { requireAuth } from "./modules/auth/middleware/requireAuth.js";
|
|
import { auditWriter } from "./modules/auth/middleware/auditWriter.js";
|
|
|
|
export function createApp({ tenantId }) {
|
|
const app = express();
|
|
app.set("trust proxy", true);
|
|
|
|
app.use(cors({ origin: true, credentials: true }));
|
|
app.use(express.json({ limit: "1mb" }));
|
|
app.use(cookieParser());
|
|
|
|
const __filename = fileURLToPath(import.meta.url);
|
|
const __dirname = path.dirname(__filename);
|
|
const publicDir = path.join(__dirname, "..", "public");
|
|
|
|
// Webhooks externos (Evolution, Woo) NO llevan auth ni se trazan en el log
|
|
// de operadores: se montan antes del requireAuth.
|
|
app.use(createEvolutionRouter());
|
|
app.use(createWooWebhooksRouter());
|
|
|
|
// Auth endpoints (login/logout/me) van también antes del requireAuth.
|
|
app.use(createAuthRouter());
|
|
|
|
// Login HTML (sin auth).
|
|
app.get("/login", (req, res) => {
|
|
res.sendFile(path.join(publicDir, "login.html"));
|
|
});
|
|
|
|
// Static assets — SIN auth (assets del shell, login, fonts, etc.)
|
|
app.use(express.static(publicDir));
|
|
|
|
// SPA shell HTML — sin auth en el HTML; el JS gatea con /api/auth/me.
|
|
app.get("/", (req, res) => {
|
|
res.sendFile(path.join(publicDir, "index.html"));
|
|
});
|
|
const spaRoutes = [
|
|
"/home", "/chat", "/conversaciones", "/usuarios", "/productos",
|
|
"/equivalencias", "/crosssell", "/cantidades", "/pedidos",
|
|
"/config-prompts", "/atencion-humana", "/configuracion",
|
|
"/operadores", "/actividad",
|
|
];
|
|
app.get(spaRoutes, (req, res) => {
|
|
res.sendFile(path.join(publicDir, "index.html"));
|
|
});
|
|
app.get("/usuarios/:id", (req, res) => res.sendFile(path.join(publicDir, "index.html")));
|
|
app.get("/productos/:id", (req, res) => res.sendFile(path.join(publicDir, "index.html")));
|
|
app.get("/crosssell/:id", (req, res) => res.sendFile(path.join(publicDir, "index.html")));
|
|
app.get("/pedidos/:id", (req, res) => res.sendFile(path.join(publicDir, "index.html")));
|
|
|
|
// Todas las rutas de admin (data API) requieren login + se trazan.
|
|
app.use(requireAuth);
|
|
app.use(auditWriter);
|
|
|
|
app.use(createSimulatorRouter({ tenantId }));
|
|
app.use(createSystemUsersRouter());
|
|
app.use(createAuditLogRouter());
|
|
|
|
return app;
|
|
}
|