feat: add QR code event check-in system

Backend: - Add event_checkin_tokens table with unique tokens per event - Implement GET /api/events/:slug/details endpoint (on-demand token generation) - Implement POST /api/events/checkin/:token endpoint (date validation only in production) - Implement DELETE /api/events/:slug/leave endpoint - Add comprehensive test suite for check-in endpoints Frontend: - Add EventDetailsPage with QR code display, participant list, and stats - Add EventCheckinPage with success/error screens - Add "Leave Event" button with confirmation modal to EventChatPage - Install qrcode.react library for QR code generation - Update routing and API client with new endpoints Features: - QR codes valid from (startDate-1d) to (endDate+1d) - Development mode bypasses date validation for testing - Automatic participant count tracking - Duplicate check-in prevention - Token reuse for same event (generated once, cached)
2025-11-14 14:11:24 +01:00
parent 5bea2ad133
commit 71cba01db3
11 changed files with 1095 additions and 1 deletions
--- a/backend/src/routes/events.js
+++ b/backend/src/routes/events.js
@@ -179,4 +179,269 @@ router.get('/:slug/messages', authenticate, async (req, res, next) => {
  }
 });

+// POST /api/events/checkin/:token - Check-in to event using QR code token
+router.post('/checkin/:token', authenticate, async (req, res, next) => {
+  try {
+    const { token } = req.params;
+    const userId = req.user.id;
+
+    // Find check-in token
+    const checkinToken = await prisma.eventCheckinToken.findUnique({
+      where: { token },
+      include: {
+        event: true,
+      },
+    });
+
+    if (!checkinToken) {
+      return res.status(404).json({
+        success: false,
+        error: 'Invalid check-in token',
+      });
+    }
+
+    const event = checkinToken.event;
+
+    // Validate dates (only in production)
+    const isProduction = process.env.NODE_ENV === 'production';
+    if (isProduction) {
+      const now = new Date();
+      const validFrom = new Date(event.startDate);
+      validFrom.setDate(validFrom.getDate() - 1);
+      const validUntil = new Date(event.endDate);
+      validUntil.setDate(validUntil.getDate() + 1);
+
+      if (now < validFrom || now > validUntil) {
+        return res.status(400).json({
+          success: false,
+          error: 'Check-in is not available for this event at this time',
+        });
+      }
+    }
+
+    // Check if user is already participating
+    const existingParticipant = await prisma.eventParticipant.findUnique({
+      where: {
+        userId_eventId: {
+          userId,
+          eventId: event.id,
+        },
+      },
+    });
+
+    if (existingParticipant) {
+      // User already checked in - return event info
+      return res.json({
+        success: true,
+        alreadyCheckedIn: true,
+        data: {
+          event: {
+            id: event.id,
+            slug: event.slug,
+            name: event.name,
+            location: event.location,
+            startDate: event.startDate,
+            endDate: event.endDate,
+          },
+          joinedAt: existingParticipant.joinedAt,
+        },
+      });
+    }
+
+    // Add user to event participants
+    const participant = await prisma.eventParticipant.create({
+      data: {
+        userId,
+        eventId: event.id,
+      },
+    });
+
+    // Update participants count
+    await prisma.event.update({
+      where: { id: event.id },
+      data: {
+        participantsCount: {
+          increment: 1,
+        },
+      },
+    });
+
+    res.json({
+      success: true,
+      alreadyCheckedIn: false,
+      data: {
+        event: {
+          id: event.id,
+          slug: event.slug,
+          name: event.name,
+          location: event.location,
+          startDate: event.startDate,
+          endDate: event.endDate,
+        },
+        joinedAt: participant.joinedAt,
+      },
+    });
+  } catch (error) {
+    next(error);
+  }
+});
+
+// GET /api/events/:slug/details - Get event details with check-in token and participants
+router.get('/:slug/details', authenticate, async (req, res, next) => {
+  try {
+    const { slug } = req.params;
+
+    // Find event by slug with participants
+    const event = await prisma.event.findUnique({
+      where: { slug },
+      include: {
+        participants: {
+          include: {
+            user: {
+              select: {
+                id: true,
+                username: true,
+                avatar: true,
+                firstName: true,
+                lastName: true,
+              },
+            },
+          },
+          orderBy: {
+            joinedAt: 'desc',
+          },
+        },
+      },
+    });
+
+    if (!event) {
+      return res.status(404).json({
+        success: false,
+        error: 'Event not found',
+      });
+    }
+
+    // Find or create check-in token (on-demand generation)
+    let checkinToken = await prisma.eventCheckinToken.findUnique({
+      where: { eventId: event.id },
+    });
+
+    if (!checkinToken) {
+      checkinToken = await prisma.eventCheckinToken.create({
+        data: {
+          eventId: event.id,
+        },
+      });
+    }
+
+    // Calculate valid dates (startDate - 1 day to endDate + 1 day)
+    const validFrom = new Date(event.startDate);
+    validFrom.setDate(validFrom.getDate() - 1);
+    const validUntil = new Date(event.endDate);
+    validUntil.setDate(validUntil.getDate() + 1);
+
+    // Build check-in URL
+    const baseUrl = process.env.FRONTEND_URL || 'http://localhost:8080';
+    const checkinUrl = `${baseUrl}/events/checkin/${checkinToken.token}`;
+
+    res.json({
+      success: true,
+      data: {
+        event: {
+          id: event.id,
+          slug: event.slug,
+          name: event.name,
+          location: event.location,
+          startDate: event.startDate,
+          endDate: event.endDate,
+          description: event.description,
+        },
+        checkin: {
+          token: checkinToken.token,
+          url: checkinUrl,
+          validFrom,
+          validUntil,
+        },
+        participants: event.participants.map(p => ({
+          userId: p.user.id,
+          username: p.user.username,
+          avatar: p.user.avatar,
+          firstName: p.user.firstName,
+          lastName: p.user.lastName,
+          joinedAt: p.joinedAt,
+        })),
+        stats: {
+          totalParticipants: event.participants.length,
+        },
+      },
+    });
+  } catch (error) {
+    next(error);
+  }
+});
+
+// DELETE /api/events/:slug/leave - Leave an event (remove from participants)
+router.delete('/:slug/leave', authenticate, async (req, res, next) => {
+  try {
+    const { slug } = req.params;
+    const userId = req.user.id;
+
+    // Find event by slug
+    const event = await prisma.event.findUnique({
+      where: { slug },
+    });
+
+    if (!event) {
+      return res.status(404).json({
+        success: false,
+        error: 'Event not found',
+      });
+    }
+
+    // Check if user is participating
+    const participant = await prisma.eventParticipant.findUnique({
+      where: {
+        userId_eventId: {
+          userId,
+          eventId: event.id,
+        },
+      },
+    });
+
+    if (!participant) {
+      return res.status(400).json({
+        success: false,
+        error: 'You are not a participant of this event',
+      });
+    }
+
+    // Remove from participants
+    await prisma.eventParticipant.delete({
+      where: {
+        userId_eventId: {
+          userId,
+          eventId: event.id,
+        },
+      },
+    });
+
+    // Update participants count
+    await prisma.event.update({
+      where: { id: event.id },
+      data: {
+        participantsCount: {
+          decrement: 1,
+        },
+      },
+    });
+
+    res.json({
+      success: true,
+      message: 'Successfully left the event',
+    });
+  } catch (error) {
+    next(error);
+  }
+});
+
 module.exports = router;