Add config controller in server

server/src/routes/config.rs

@@ -0,0 +1,113 @@
+use crate::utils::{auth::*, config::ConfigManager, error::*, DbPool};
+use axum::{extract::State, response::Json};
+use serde::{Deserialize, Serialize};
+
+#[derive(Debug, Serialize, Deserialize)]
+pub struct ConfigRequest {
+    pub key: String,
+    pub value: String,
+}
+
+#[derive(Debug, Serialize, Deserialize)]
+pub struct ConfigResponse {
+    pub key: String,
+    pub value: String,
+}
+
+#[derive(Debug, Serialize, Deserialize)]
+pub struct ConfigDefinition {
+    pub key: String,
+    pub description: String,
+    pub value: Option<String>,
+    pub default_value: Option<String>,
+    pub required: bool,
+}
+
+#[derive(Debug, Serialize, Deserialize)]
+pub struct ConfigListResponse {
+    pub configs: Vec<ConfigDefinition>,
+}
+
+pub async fn get_all_configs(
+    auth_user: AuthUser,
+    State(pool): State<DbPool>,
+) -> Result<Json<ConfigListResponse>, AppError> {
+    if auth_user.user.role != crate::utils::models::UserRole::Admin {
+        return Err(forbidden_error("Admin access required"));
+    }
+
+    let allowed_configs = vec![
+        ConfigDefinition {
+            key: "EXTERNAL_URL".to_string(),
+            description: "The external URL used for provisioning codes. This should be the public URL where this server can be reached.".to_string(),
+            value: ConfigManager::get_config(&pool, "EXTERNAL_URL").await?,
+            default_value: Some("https://your-domain.com".to_string()),
+            required: true,
+        },
+        ConfigDefinition {
+            key: "SESSION_TIMEOUT_HOURS".to_string(),
+            description: "Number of hours before user sessions expire and require re-authentication.".to_string(),
+            value: ConfigManager::get_config(&pool, "SESSION_TIMEOUT_HOURS").await?,
+            default_value: Some("24".to_string()),
+            required: false,
+        },
+    ];
+
+    Ok(success_response(ConfigListResponse {
+        configs: allowed_configs,
+    }))
+}
+
+pub async fn set_config(
+    auth_user: AuthUser,
+    State(pool): State<DbPool>,
+    Json(request): Json<ConfigRequest>,
+) -> Result<Json<serde_json::Value>, AppError> {
+    if auth_user.user.role != crate::utils::models::UserRole::Admin {
+        return Err(forbidden_error("Admin access required"));
+    }
+
+    let allowed_keys = vec!["EXTERNAL_URL", "SESSION_TIMEOUT_HOURS"];
+
+    if !allowed_keys.contains(&request.key.as_str()) {
+        return Err(validation_error("Invalid configuration key"));
+    }
+
+    match request.key.as_str() {
+        "EXTERNAL_URL" => {
+            if request.value.trim().is_empty() {
+                return Err(validation_error("External URL cannot be empty"));
+            }
+            if !request.value.starts_with("http://") && !request.value.starts_with("https://") {
+                return Err(validation_error(
+                    "External URL must start with http:// or https://",
+                ));
+            }
+        }
+        "SESSION_TIMEOUT_HOURS" => {
+            if request.value.parse::<i32>().is_err() || request.value.parse::<i32>().unwrap() <= 0 {
+                return Err(validation_error("Value must be a positive number"));
+            }
+        }
+        _ => {}
+    }
+
+    ConfigManager::set_config(&pool, &request.key, &request.value).await?;
+    Ok(success_message("Configuration updated successfully"))
+}
+
+pub async fn get_config(
+    auth_user: AuthUser,
+    State(pool): State<DbPool>,
+    axum::extract::Path(key): axum::extract::Path<String>,
+) -> Result<Json<ConfigResponse>, AppError> {
+    if auth_user.user.role != crate::utils::models::UserRole::Admin {
+        return Err(forbidden_error("Admin access required"));
+    }
+
+    let value = ConfigManager::get_config(&pool, &key)
+        .await?
+        .ok_or_else(|| not_found_error("Configuration key not found"))?;
+
+    Ok(success_response(ConfigResponse { key, value }))
+}