updated code

2024-05-28 00:36:47 -05:00 · 2024-05-28 00:36:47 -05:00 · 91ae0f79a5
commit 91ae0f79a5
parent dc6672a96d
10 changed files with 86 additions and 48 deletions
--- a/donutshop_ecommerce/public/cross.png
+++ b/donutshop_ecommerce/public/cross.png
--- a/donutshop_ecommerce/src/app/api/auth/[...nextauth]/route.js
+++ b/donutshop_ecommerce/src/app/api/auth/[...nextauth]/route.js
@ -1,11 +1,12 @@
 import * as mongoose from "mongoose"
-import NextAuth from "next-auth"
+import NextAuth, { getServerSession } from "next-auth"
 import CredentialsProvider from "next-auth/providers/credentials"
 import { User } from "../../models/User"
 import bcrypt from 'bcrypt'
 import GoogleProvider from "next-auth/providers/google";
 import { MongoDBAdapter } from "@auth/mongodb-adapter"
 import clientPromise from "../../../../libs/mongoConnect"
+import { UserInfo } from "../../models/UserInfo"

 export const authOptions = {
    secret: process.env.SECRET,
@ -37,6 +38,21 @@ export const authOptions = {
        }
      }),
    ],
+};
+
+export async function isAdmin(){
+  const session = await getServerSession(authOptions);
+  const userEmail = session?.user?.email;
+  if (!userEmail) {
+    return false;
+  }
+
+  const userInfo = await UserInfo.findOne({email:userEmail});
+  if (!userInfo) {
+    return false;
+  }
+  
+  return userInfo.admin;
 }

 const handler = NextAuth(authOptions);
--- a/donutshop_ecommerce/src/app/api/categories/route.js
+++ b/donutshop_ecommerce/src/app/api/categories/route.js
@ -1,19 +1,24 @@
 import mongoose from "mongoose";
 import { Category } from "../models/Category";
+import { isAdmin } from "../auth/[...nextauth]/route";

 export async function POST(req){
    mongoose.connect(process.env.MONGO_URL)
    const {name} = await req.json();
-    const categoryDoc = await Category.create({name})
-
-    return Response.json(categoryDoc);
+    if(await isAdmin()){
+        const categoryDoc = await Category.create({name})
+        return Response.json(categoryDoc);
+    } else {
+        return Response.json({})
+    }    
 }

 export async function PUT(req){
    mongoose.connect(process.env.MONGO_URL)
    const {_id, name} = await req.json();
-    await Category.updateOne({_id}, {name});
-
+    if(await isAdmin()){
+        await Category.updateOne({_id}, {name});
+    }
    return Response.json(true);
 }

@ -28,7 +33,8 @@ export async function DELETE(req){
    mongoose.connect(process.env.MONGO_URL)
    const url = new URL(req.url);
    const _id = url.searchParams.get('_id');
-    await Category.deleteOne({_id})
-
+    if(await isAdmin()){
+        await Category.deleteOne({_id})
+    }
    return Response.json(true)
 }
--- a/donutshop_ecommerce/src/app/api/menu-items/route.js
+++ b/donutshop_ecommerce/src/app/api/menu-items/route.js
@ -1,18 +1,26 @@
 import mongoose from "mongoose";
 import { MenuItem } from "../models/MenuItem";
+import { isAdmin } from "../auth/[...nextauth]/route";

 export async function POST(req){
    mongoose.connect(process.env.MONGO_URL)
    const data = await req.json();
-    const menuItemDoc = await MenuItem.create(data);
-
-    return Response.json(menuItemDoc)
+    if(await isAdmin()){
+        const menuItemDoc = await MenuItem.create(data);
+        return Response.json(menuItemDoc)
+    } else {
+        return Response.json({});
+    }
+    
 }

 export async function PUT(req){
    mongoose.connect(process.env.MONGO_URL)
-    const {_id, ...data} = await req.json();
-    await MenuItem.findByIdAndUpdate(_id, data);
+    if(await isAdmin()){
+        const {_id, ...data} = await req.json();
+        await MenuItem.findByIdAndUpdate(_id, data);
+    }
+    

    return Response.json(true)
 }
@ -21,14 +29,16 @@ export async function GET(){
    mongoose.connect(process.env.MONGO_URL)
    return Response.json(
        await MenuItem.find()
-    )
+    )   
 }

 export async function DELETE(req){
    mongoose.connect(process.env.MONGO_URL)
    const url = new URL(req.url);
    const _id = url.searchParams.get('_id');
-    await MenuItem.deleteOne({_id})
-
+    if(await isAdmin()){
+        await MenuItem.deleteOne({_id})
+    }
+    
    return Response.json(true)
 }
--- a/donutshop_ecommerce/src/app/api/orders/route.js
+++ b/donutshop_ecommerce/src/app/api/orders/route.js
@ -1,31 +1,23 @@
 import mongoose from "mongoose";
 import { getServerSession } from "next-auth"
-import { authOptions } from "../auth/[...nextauth]/route"
-import { UserInfo } from "../models/UserInfo"
+import { authOptions, isAdmin } from "../auth/[...nextauth]/route"
 import { Order } from "../models/Order"

 export async function GET(req){
    mongoose.connect(process.env.MONGO_URL);
    const session = await getServerSession(authOptions);
    const userEmail = session?.user?.email;
-    
+    const admin = isAdmin();
    const url = new URL(req.url);
    const _id = url.searchParams.get('_id')
    if(_id){
        return Response.json( await Order.findById(_id));
    }

-    let isAdmin = false;
-
-    if(userEmail){
-        const userInfo = await UserInfo.findOne({email:userEmail});
-        if(userInfo){
-            const isAdmin = userInfo.admin;
-        }
-    }
-    if(isAdmin){
+    if(admin){
        return Response.json( await Order.find() )
    }
+
    if(userEmail){
        return Response.json( await Order.find({userEmail}) )
    }
--- a/donutshop_ecommerce/src/app/api/users/route.js
+++ b/donutshop_ecommerce/src/app/api/users/route.js
@ -1,9 +1,14 @@
 import mongoose from "mongoose";
 import { User } from "../models/User";
+import { isAdmin } from "../auth/[...nextauth]/route";

 export async function GET(){
    mongoose.connect(process.env.MONGO_URL);
-    const users = await User.find();
-
-    return Response.json(users);
+    if(await isAdmin()) {
+        const users = await User.find();
+        return Response.json(users);
+    } else {
+        return Response.json([]);
+    }
+    
 }
--- a/donutshop_ecommerce/src/app/orders/[id]/page.js
+++ b/donutshop_ecommerce/src/app/orders/[id]/page.js
@ -6,7 +6,7 @@ import { useParams } from 'next/navigation'
 import AddressInfo from '../../../components/layout/AddressInfo'

 const OrdersPage = () => {
-    const {clearCart, cartProducts} = useContext(CartContext);
+    const {clearCart} = useContext(CartContext);
    const {id} = useParams();
    const [order, setOrder] = useState();

@ -37,13 +37,23 @@ const OrdersPage = () => {
  return (
    <div className='pb-20 md:pb-40'>
        <div className='px-5 md:px-10 py-5 sm:py-10 max-w-xl mx-auto'>
+            {order?.paid ? (
            <div className='flex flex-col gap-4 items-center justify-center text-center mb-10'>
                <Image src='/check.png' width={100} height={100} alt='checked' className='mb-5'/>
                <p className='uppercase'>Thank you</p>
                <p className='uppercase text-xl'>Your order is confirmed</p>
                <button type='button' className='p-2 bg-pink-500 rounded-md text-xs text-white hover:opacity-80 uppercase'>Track your order</button>
            </div>
-            {order && (
+            ) : (
+            <div className='flex flex-col gap-4 items-center justify-center text-center mb-10'>
+                <Image src='/cross.png' width={100} height={100} alt='checked' className='mb-5'/>
+                <p className='uppercase text-red-600'>Action needed</p>
+                <p className='uppercase text-xl text-red-600'>Payment is required</p>
+            </div>
+            )
+        }
+            
+            {order&& (
                <div className='flex flex-col gap-5 py-5 px-5 border rounded-md shadow-md'>
                    <div className='border-b pb-5'>
                        <p className='mb-5 text-pink-500 font-semibold text-center'>Order Summary</p>
--- a/donutshop_ecommerce/src/app/orders/page.js
+++ b/donutshop_ecommerce/src/app/orders/page.js
@ -41,7 +41,12 @@ const OrderPage = () => {
                    <div className='flex flex-col gap-2'>
                        <div className='text-gray-700 font-semibold'>{order.userEmail}</div>
                        <div className='mb-2'>
-                            <Link href={'/orders/'+order._id} className='bg-gray-200 text-gray-700 p-2 text-xs font-semibold'>Order info</Link>
+                            {order.paid? (
+                                <Link href={'/orders/'+order._id} className='bg-gray-200 text-gray-700 p-2 text-xs font-semibold'>Receipt info</Link>
+                            ): (
+                                <Link href={'/orders/'+order._id} className='bg-gray-200 text-gray-700 p-2 text-xs font-semibold'>Order info</Link>
+                            )
+                        }
                        </div>
                        <div className='text-xs text-gray-500'>{dateTime(order.createdAt)}</div>
                    </div>
--- a/donutshop_ecommerce/src/components/layout/HomeMenu.js
+++ b/donutshop_ecommerce/src/components/layout/HomeMenu.js
@ -14,7 +14,7 @@ const HomeDrink = () => {
  useEffect(() => {
    fetch('/api/menu-items').then(res => {
      res.json().then(menuItems => {
-        setBestSeller(menuItems.slice(-5))
+        setBestSeller(menuItems.slice(5, 10))
      })
    })
  }, [])
--- a/donutshop_ecommerce/src/components/menu/MenuItem.js
+++ b/donutshop_ecommerce/src/components/menu/MenuItem.js
@ -18,20 +18,14 @@ const MenuItem = (menuItem) => {
  }
  
  return (
-    <>
-    {showPopup && (
-      <div className='fixed inset-0 bg-black/80'>
+    <div className='py-1 sm:py-5 flex flex-col gap-2 sm:gap-4 justify-center items-center text-center rounded-xl bg-white h-[350px] sm:h-[450px]'>
+      <Image src={menuImg} width={300} height={300} alt='menu-donut' className='w-[200px] sm:w-[250px]'/>
+      <p className='text-sm sm:text-base font-semibold capitalize text-[#95743D] px-2'>{itemName}</p>
+      <p className='text-xs sm:text-sm px-2 line-clamp-2 text-[#95743D]'>{description}</p>
+      <p className='text-[#95743D] text-sm'>${basePrice}</p>
+      <button type='button' onClick={handleAddToCartButtonClick} className='px-2 py-1 sm:px-4 sm:py-2 rounded-full text-xs sm:text-sm border border-[#E78895] text-[#95743D] font-semibold hover:bg-[#E78895] hover:text-[#FDE2DE] duration-300'>Add to cart</button>
+    </div>

-      </div>
-    )}
-      <div className='py-1 sm:py-5 flex flex-col gap-2 sm:gap-4 justify-center items-center text-center rounded-xl bg-white h-[350px] sm:h-[450px]'>
-        <Image src={menuImg} width={300} height={300} alt='menu-donut' className='w-[200px] sm:w-[250px]'/>
-        <p className='text-sm sm:text-base font-semibold capitalize text-[#95743D] px-2'>{itemName}</p>
-        <p className='text-xs sm:text-sm px-2 line-clamp-2 text-[#95743D]'>{description}</p>
-        <p className='text-[#95743D] text-sm'>${basePrice}</p>
-        <button type='button' onClick={handleAddToCartButtonClick} className='px-2 py-1 sm:px-4 sm:py-2 rounded-full text-xs sm:text-sm border border-[#E78895] text-[#95743D] font-semibold hover:bg-[#E78895] hover:text-[#FDE2DE] duration-300'>Add to cart</button>
-      </div>
-    </>
  )
 }