ryan/lunarfront-app
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
da4b765b14b59c187e6f9beb02bcd41e4bebd028
lunarfront-app/packages/backend/src/routes/v1/store.ts
ryan da4b765b14
Some checks failed
CI / ci (pull_request) Failing after 20s
Details
CI / e2e (pull_request) Has been skipped
Details
feat: show customer branding on login page 
Adds public /v1/store/branding and /v1/store/logo endpoints so the
login page can display the customer's name and logo without auth,
with "Powered by LunarFront" underneath — matching the sidebar style.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-05 16:14:07 +00:00

111 lines
5.5 KiB
TypeScript
Raw Blame History

import type { FastifyPluginAsync } from 'fastify'
import { eq } from 'drizzle-orm'
import { companies, locations } from '../../db/schema/stores.js'
import { files } from '../../db/schema/files.js'
import { ValidationError } from '../../lib/errors.js'
export const storeRoutes: FastifyPluginAsync = async (app) => {
// --- Public branding (no auth — used on login page) ---
app.get('/store/branding', async (_request, reply) => {
const [store] = await app.db.select({
name: companies.name,
logoFileId: companies.logoFileId,
}).from(companies).limit(1)
if (!store) return reply.send({ name: null, hasLogo: false })
return reply.send({ name: store.name, hasLogo: !!store.logoFileId })
})
app.get('/store/logo', async (_request, reply) => {
const [store] = await app.db.select({ logoFileId: companies.logoFileId }).from(companies).limit(1)
if (!store?.logoFileId) return reply.status(404).send({ error: { message: 'No logo configured', statusCode: 404 } })
const [file] = await app.db.select().from(files).where(eq(files.id, store.logoFileId)).limit(1)
if (!file) return reply.status(404).send({ error: { message: 'Logo file not found', statusCode: 404 } })
try {
const data = await app.storage.get(file.path)
const ext = file.path.split('.').pop()?.toLowerCase()
const contentTypeMap: Record<string, string> = {
jpg: 'image/jpeg', jpeg: 'image/jpeg', png: 'image/png', webp: 'image/webp', svg: 'image/svg+xml',
}
return reply
.header('Content-Type', contentTypeMap[ext ?? ''] ?? 'application/octet-stream')
.header('Cache-Control', 'public, max-age=3600')
.send(data)
} catch {
return reply.status(404).send({ error: { message: 'Logo file not readable', statusCode: 404 } })
}
})
// --- Company / Store Settings ---
app.get('/store', { preHandler: [app.authenticate, app.requirePermission('settings.view')] }, async (request, reply) => {
const [store] = await app.db.select().from(companies).limit(1)
if (!store) return reply.status(404).send({ error: { message: 'No store configured', statusCode: 404 } })
return reply.send(store)
})
app.patch('/store', { preHandler: [app.authenticate, app.requirePermission('settings.edit')] }, async (request, reply) => {
const input = request.body as Record<string, unknown>
const [store] = await app.db.select({ id: companies.id }).from(companies).limit(1)
if (!store) return reply.status(404).send({ error: { message: 'No store configured', statusCode: 404 } })
const updates: Record<string, unknown> = { updatedAt: new Date() }
if (input.name !== undefined) updates.name = input.name
if (input.phone !== undefined) updates.phone = input.phone
if (input.email !== undefined) updates.email = input.email
if (input.address !== undefined) updates.address = input.address
if (input.timezone !== undefined) updates.timezone = input.timezone
if (input.logoFileId !== undefined) updates.logoFileId = input.logoFileId
if (input.notes !== undefined) updates.notes = input.notes
const [updated] = await app.db.update(companies).set(updates).where(eq(companies.id, store.id)).returning()
return reply.send(updated)
})
// --- Locations (Stores) ---
app.get('/locations', { preHandler: [app.authenticate, app.requirePermission('settings.view')] }, async (request, reply) => {
const data = await app.db.select().from(locations).where(eq(locations.isActive, true)).orderBy(locations.name)
return reply.send({ data })
})
app.post('/locations', { preHandler: [app.authenticate, app.requirePermission('settings.edit')] }, async (request, reply) => {
const input = request.body as { name?: string; address?: Record<string, string>; phone?: string; email?: string; timezone?: string }
if (!input.name?.trim()) throw new ValidationError('Location name is required')
const [location] = await app.db.insert(locations).values({
name: input.name.trim(),
address: input.address,
phone: input.phone,
email: input.email,
timezone: input.timezone,
}).returning()
return reply.status(201).send(location)
})
app.patch('/locations/:id', { preHandler: [app.authenticate, app.requirePermission('settings.edit')] }, async (request, reply) => {
const { id } = request.params as { id: string }
const input = request.body as Record<string, unknown>
const updates: Record<string, unknown> = { updatedAt: new Date() }
if (input.name !== undefined) updates.name = input.name
if (input.phone !== undefined) updates.phone = input.phone
if (input.email !== undefined) updates.email = input.email
if (input.address !== undefined) updates.address = input.address
if (input.timezone !== undefined) updates.timezone = input.timezone
const [location] = await app.db.update(locations).set(updates).where(eq(locations.id, id)).returning()
if (!location) return reply.status(404).send({ error: { message: 'Location not found', statusCode: 404 } })
return reply.send(location)
})
app.delete('/locations/:id', { preHandler: [app.authenticate, app.requirePermission('settings.edit')] }, async (request, reply) => {
const { id } = request.params as { id: string }
const [location] = await app.db.update(locations).set({ isActive: false, updatedAt: new Date() }).where(eq(locations.id, id)).returning()
if (!location) return reply.status(404).send({ error: { message: 'Location not found', statusCode: 404 } })
return reply.send(location)
})
}
Reference in New Issue View Git Blame Copy Permalink