-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathserver.ts
98 lines (82 loc) · 2.57 KB
/
server.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
const express = require("express");
const { Pool } = require("pg");
const dotenv = require("dotenv");
dotenv.config();
const app = express();
app.use(express.json());
// Database connection pool
const pool = new Pool({
user: process.env.DB_USER || "app_user",
password: process.env.DB_PASSWORD || "your_password_here",
host: process.env.DB_HOST || "localhost",
database: process.env.DB_NAME || "your_database",
port: parseInt(process.env.DB_PORT || "5432"),
});
// Register a new user
app.post("/register", async (req, res) => {
const { username, password } = req.body;
if (!username || !password) {
return res
.status(400)
.json({ error: "Username and password are required" });
}
const client = await pool.connect();
try {
await client.query("BEGIN");
// Create a database role for the user
await client.query(
`CREATE ROLE "${username}" WITH LOGIN PASSWORD '${password}'`
);
// Grant necessary permissions
await client.query(`GRANT USAGE ON SCHEMA public TO "${username}"`);
await client.query(
`GRANT SELECT, INSERT, UPDATE, DELETE ON key_value TO "${username}"`
);
await client.query(
`GRANT USAGE, SELECT ON SEQUENCE key_value_id_seq TO "${username}"`
);
await client.query("COMMIT");
res.json({ message: "User registered successfully" });
} catch (err) {
await client.query("ROLLBACK");
const error = err as Error;
res.status(500).json({ error: error.message });
} finally {
client.release();
}
});
// Execute a query
app.post("/query", async (req, res) => {
const authHeader = req.headers.authorization;
const { query, params } = req.body;
if (!authHeader || !query) {
return res.status(400).json({ error: "Missing required fields" });
}
// Parse Basic Auth header
const credentials = Buffer.from(authHeader.split(" ")[1], "base64")
.toString()
.split(":");
const username = credentials[0];
const password = credentials[1];
// Create a new pool for this specific user
const userPool = new Pool({
user: username,
password: password,
host: process.env.DB_HOST || "localhost",
database: process.env.DB_NAME || "your_database",
port: parseInt(process.env.DB_PORT || "5432"),
});
try {
const result = await userPool.query(query, params);
res.json(result.rows);
} catch (err) {
const error = err as Error;
res.status(500).json({ error: error.message });
} finally {
await userPool.end();
}
});
const PORT = process.env.PORT || 3000;
app.listen(PORT, () => {
console.log(`Server running on port ${PORT}`);
});