Initial commit: TicketingSystem

Internal ticketing app with CTI routing, severity levels, and n8n integration. Stack: Express + TypeScript + Prisma + PostgreSQL / React + Vite + Tailwind - JWT auth for users, API key auth for service accounts (Goddard/n8n) - CTI hierarchy (Category > Type > Item) for ticket routing - Severity 1-5, auto-close resolved tickets after 14 days - Gitea Actions CI/CD building separate server/client images - Production docker-compose.yml with Traefik integration Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-30 19:38:32 -04:00
commit 21894fad7a
50 changed files with 3293 additions and 0 deletions
@@ -0,0 +1,57 @@
+import { Request, Response, NextFunction } from 'express'
+import jwt from 'jsonwebtoken'
+import prisma from '../lib/prisma'
+
+export interface AuthRequest extends Request {
+  user?: {
+    id: string
+    role: string
+    username: string
+  }
+}
+
+export const authenticate = async (
+  req: AuthRequest,
+  res: Response,
+  next: NextFunction
+) => {
+  const apiKey = req.headers['x-api-key'] as string | undefined
+
+  if (apiKey) {
+    const user = await prisma.user.findUnique({ where: { apiKey } })
+    if (!user || user.role !== 'SERVICE') {
+      return res.status(401).json({ error: 'Invalid API key' })
+    }
+    req.user = { id: user.id, role: user.role, username: user.username }
+    return next()
+  }
+
+  const authHeader = req.headers.authorization
+  if (!authHeader?.startsWith('Bearer ')) {
+    return res.status(401).json({ error: 'Unauthorized' })
+  }
+
+  const token = authHeader.split(' ')[1]
+  try {
+    const payload = jwt.verify(token, process.env.JWT_SECRET!) as {
+      id: string
+      role: string
+      username: string
+    }
+    req.user = payload
+    next()
+  } catch {
+    return res.status(401).json({ error: 'Invalid or expired token' })
+  }
+}
+
+export const requireAdmin = (
+  req: AuthRequest,
+  res: Response,
+  next: NextFunction
+) => {
+  if (req.user?.role !== 'ADMIN') {
+    return res.status(403).json({ error: 'Admin access required' })
+  }
+  next()
+}
@@ -0,0 +1,29 @@
+import { Request, Response, NextFunction } from 'express'
+import { ZodError } from 'zod'
+
+export function errorHandler(
+  err: any,
+  req: Request,
+  res: Response,
+  next: NextFunction
+) {
+  console.error(err)
+
+  if (err instanceof ZodError) {
+    return res.status(400).json({ error: 'Validation error', details: err.flatten() })
+  }
+
+  // Prisma unique constraint violation
+  if (err.code === 'P2002') {
+    return res.status(409).json({ error: 'A record with that value already exists' })
+  }
+
+  // Prisma record not found
+  if (err.code === 'P2025') {
+    return res.status(404).json({ error: 'Record not found' })
+  }
+
+  const status = err.status || err.statusCode || 500
+  const message = err.message || 'Internal server error'
+  res.status(status).json({ error: message })
+}