Torben Sorensen
b4306a6092
Some checks failed
Deploy to Test Environment / deploy-to-test (push) Failing after 50s
172 lines
5.5 KiB
TypeScript
172 lines
5.5 KiB
TypeScript
// src/routes/flyer.routes.ts
|
|
import { Router } from 'express';
|
|
import * as db from '../services/db/index.db';
|
|
import { z } from 'zod';
|
|
import { validateRequest } from '../middleware/validation.middleware';
|
|
import { optionalNumeric } from '../utils/zodUtils';
|
|
import {
|
|
publicReadLimiter,
|
|
batchLimiter,
|
|
trackingLimiter,
|
|
} from '../config/rateLimiters';
|
|
|
|
const router = Router();
|
|
|
|
// --- Zod Schemas for Flyer Routes ---
|
|
|
|
const getFlyersSchema = z.object({
|
|
query: z.object({
|
|
limit: optionalNumeric({ default: 20, integer: true, positive: true }),
|
|
offset: optionalNumeric({ default: 0, integer: true, nonnegative: true }),
|
|
}),
|
|
});
|
|
|
|
const flyerIdParamSchema = z.object({
|
|
params: z.object({
|
|
id: z.coerce.number().int('Invalid flyer ID provided.').positive('Invalid flyer ID provided.'),
|
|
}),
|
|
});
|
|
|
|
const batchFetchSchema = z.object({
|
|
body: z.object({
|
|
flyerIds: z.array(z.number().int().positive()).min(1, 'flyerIds must be a non-empty array.'),
|
|
}),
|
|
});
|
|
|
|
const batchCountSchema = z.object({
|
|
body: z.object({
|
|
flyerIds: z.array(z.number().int().positive()),
|
|
}),
|
|
});
|
|
|
|
const trackItemSchema = z.object({
|
|
params: z.object({
|
|
itemId: z.coerce.number().int().positive('Invalid item ID provided.'),
|
|
}),
|
|
body: z.object({
|
|
type: z.enum(['view', 'click'], {
|
|
message: 'A valid interaction type ("view" or "click") is required.',
|
|
}),
|
|
}),
|
|
});
|
|
|
|
/**
|
|
* GET /api/flyers - Get a paginated list of all flyers.
|
|
*/
|
|
router.get('/', publicReadLimiter, validateRequest(getFlyersSchema), async (req, res, next): Promise<void> => {
|
|
try {
|
|
// The `validateRequest` middleware ensures `req.query` is valid.
|
|
// We parse it here to apply Zod's coercions (string to number) and defaults.
|
|
const { limit, offset } = getFlyersSchema.shape.query.parse(req.query);
|
|
|
|
const flyers = await db.flyerRepo.getFlyers(req.log, limit, offset);
|
|
res.json(flyers);
|
|
} catch (error) {
|
|
req.log.error({ error }, 'Error fetching flyers in /api/flyers:');
|
|
next(error);
|
|
}
|
|
});
|
|
|
|
/**
|
|
* GET /api/flyers/:id - Get a single flyer by its ID.
|
|
*/
|
|
router.get('/:id', publicReadLimiter, validateRequest(flyerIdParamSchema), async (req, res, next): Promise<void> => {
|
|
try {
|
|
// Explicitly parse to get the coerced number type for `id`.
|
|
const { id } = flyerIdParamSchema.shape.params.parse(req.params);
|
|
const flyer = await db.flyerRepo.getFlyerById(id);
|
|
res.json(flyer);
|
|
} catch (error) {
|
|
req.log.error({ error, flyerId: req.params.id }, 'Error fetching flyer by ID:');
|
|
next(error);
|
|
}
|
|
});
|
|
|
|
/**
|
|
* GET /api/flyers/:id/items - Get all items for a specific flyer.
|
|
*/
|
|
router.get(
|
|
'/:id/items',
|
|
publicReadLimiter,
|
|
validateRequest(flyerIdParamSchema),
|
|
async (req, res, next): Promise<void> => {
|
|
type GetFlyerByIdRequest = z.infer<typeof flyerIdParamSchema>;
|
|
try {
|
|
// Explicitly parse to get the coerced number type for `id`.
|
|
const { id } = flyerIdParamSchema.shape.params.parse(req.params);
|
|
const items = await db.flyerRepo.getFlyerItems(id, req.log);
|
|
res.json(items);
|
|
} catch (error) {
|
|
req.log.error({ error, flyerId: req.params.id }, 'Error fetching flyer items in /api/flyers/:id/items:');
|
|
next(error);
|
|
}
|
|
},
|
|
);
|
|
|
|
/**
|
|
* POST /api/flyers/items/batch-fetch - Get all items for multiple flyers at once.
|
|
*/
|
|
type BatchFetchRequest = z.infer<typeof batchFetchSchema>;
|
|
router.post(
|
|
'/items/batch-fetch',
|
|
batchLimiter,
|
|
validateRequest(batchFetchSchema),
|
|
async (req, res, next): Promise<void> => {
|
|
const { body } = req as unknown as BatchFetchRequest;
|
|
try {
|
|
// No re-parsing needed here as `validateRequest` has already ensured the body shape,
|
|
// and `express.json()` has parsed it. There's no type coercion to apply.
|
|
const items = await db.flyerRepo.getFlyerItemsForFlyers(body.flyerIds, req.log);
|
|
res.json(items);
|
|
} catch (error) {
|
|
req.log.error({ error }, 'Error fetching batch flyer items');
|
|
next(error);
|
|
}
|
|
},
|
|
);
|
|
|
|
/**
|
|
* POST /api/flyers/items/batch-count - Get the total number of items for multiple flyers.
|
|
*/
|
|
type BatchCountRequest = z.infer<typeof batchCountSchema>;
|
|
router.post(
|
|
'/items/batch-count',
|
|
batchLimiter,
|
|
validateRequest(batchCountSchema),
|
|
async (req, res, next): Promise<void> => {
|
|
const { body } = req as unknown as BatchCountRequest;
|
|
try {
|
|
// The schema ensures flyerIds is an array of numbers.
|
|
// The `?? []` was redundant as `validateRequest` would have already caught a missing `flyerIds`.
|
|
const count = await db.flyerRepo.countFlyerItemsForFlyers(body.flyerIds, req.log);
|
|
res.json({ count });
|
|
} catch (error) {
|
|
req.log.error({ error }, 'Error counting batch flyer items');
|
|
next(error);
|
|
}
|
|
},
|
|
);
|
|
|
|
/**
|
|
* POST /api/flyers/items/:itemId/track - Tracks a user interaction with a flyer item.
|
|
*/
|
|
router.post('/items/:itemId/track', trackingLimiter, validateRequest(trackItemSchema), (req, res, next): void => {
|
|
try {
|
|
// Explicitly parse to get coerced types.
|
|
const { params, body } = trackItemSchema.parse({ params: req.params, body: req.body });
|
|
|
|
// Fire-and-forget: we don't await the tracking call to avoid delaying the response.
|
|
// We add a .catch to log any potential errors without crashing the server process.
|
|
db.flyerRepo.trackFlyerItemInteraction(params.itemId, body.type, req.log).catch((error) => {
|
|
req.log.error({ error, itemId: params.itemId }, 'Flyer item interaction tracking failed');
|
|
});
|
|
|
|
res.status(202).send();
|
|
} catch (error) {
|
|
// This will catch Zod parsing errors if they occur.
|
|
next(error);
|
|
}
|
|
});
|
|
|
|
export default router;
|