feat: add dashboard API with metrics and recent activity endpoints

- Implemented `/dashboard` endpoint to retrieve dashboard metrics and recent data.
- Added `/dashboard/metrics` endpoint for lightweight metrics retrieval.
- Created Swagger documentation for both endpoints.

feat: add leads metadata endpoint

- Introduced `/leads/metadata` endpoint to provide lead statuses, sources, ratings, and industries.
- Updated Swagger documentation for leads metadata.

feat: create tasks API with CRUD operations and comments

- Added `/tasks` endpoint for retrieving and creating tasks with filtering options.
- Implemented task detail retrieval, updating, and deletion endpoints.
- Introduced comments functionality for tasks with associated endpoints.
- Updated Swagger documentation for tasks API.

feat: add JwtToken model to Prisma schema

- Created `JwtToken` model to store JWT tokens with relevant fields.
- Added necessary migrations for the new model.

chore: update server to include new routes

- Integrated dashboard and tasks routes into the main server file.
- Set trust proxy for rate limiting.

Author: ashwin31

api/middleware/auth.js

@@ -11,28 +11,65 @@ export const verifyToken = async (req, res, next) => {
       return res.status(401).json({ error: 'Access denied. No token provided.' });
     }
 
+    // First verify JWT signature and decode
     const decoded = jwt.verify(token, process.env.JWT_SECRET);
 
-    const user = await prisma.user.findUnique({
-      where: { id: decoded.userId },
+    // Check if token exists in database and is not revoked
+    const dbToken = await prisma.jwtToken.findUnique({
+      where: { token },
       include: {
-        userOrganizations: {
+        user: {
           include: {
-            organization: true
+            organizations: {
+              include: {
+                organization: true
+              }
+            }
           }
         }
       }
     });
 
-    if (!user) {
+    if (!dbToken) {
+      return res.status(401).json({ error: 'Invalid token. Token not found.' });
+    }
+
+    if (dbToken.isRevoked) {
+      return res.status(401).json({ error: 'Token has been revoked.' });
+    }
+
+    if (dbToken.expiresAt < new Date()) {
+      // Mark token as expired in database
+      await prisma.jwtToken.update({
+        where: { id: dbToken.id },
+        data: { isRevoked: true }
+      });
+      return res.status(401).json({ error: 'Token has expired.' });
+    }
+
+    if (!dbToken.user) {
       return res.status(401).json({ error: 'Invalid token. User not found.' });
     }
 
-    req.user = user;
-    req.userId = user.id;
+    // Update last used timestamp
+    await prisma.jwtToken.update({
+      where: { id: dbToken.id },
+      data: { lastUsedAt: new Date() }
+    });
+
+    req.user = dbToken.user;
+    req.userId = dbToken.user.id;
+    req.tokenId = dbToken.id;
     next();
   } catch (error) {
-    return res.status(401).json({ error: 'Invalid token.' });
+    if (error.name === 'JsonWebTokenError') {
+      return res.status(401).json({ error: 'Invalid token format.' });
+    }
+    if (error.name === 'TokenExpiredError') {
+      return res.status(401).json({ error: 'Token has expired.' });
+    }
+    console.error('Token verification error:', error);
+    return res.status(401).json({ error: 'Token validation failed.' });
   }
 };
 
@@ -44,7 +81,7 @@ export const requireOrganization = async (req, res, next) => {
       return res.status(400).json({ error: 'Organization ID is required in X-Organization-ID header.' });
     }
 
-    const userOrg = req.user.userOrganizations.find(
+    const userOrg = req.user.organizations.find(
       uo => uo.organizationId === organizationId
     );
 

api/routes/auth.js

@@ -183,6 +183,22 @@ router.post('/google', async (req, res) => {
       { expiresIn: process.env.JWT_EXPIRES_IN || '24h' }
     );
 
+    // Calculate expiration date
+    const expiresIn = process.env.JWT_EXPIRES_IN || '24h';
+    const expirationHours = expiresIn.includes('h') ? parseInt(expiresIn) : 24;
+    const expiresAt = new Date(Date.now() + expirationHours * 60 * 60 * 1000);
+
+    // Store JWT token in database
+    await prisma.jwtToken.create({
+      data: {
+        token: JWTtoken,
+        userId: user.id,
+        expiresAt: expiresAt,
+        deviceInfo: req.get('User-Agent'),
+        ipAddress: req.ip || req.socket.remoteAddress
+      }
+    });
+
     // Format response to match SvelteKit patterns
     const userResponse = {
       id: user.id,
@@ -210,4 +226,98 @@ router.post('/google', async (req, res) => {
   }
 });
 
+/**
+ * @swagger
+ * /auth/logout:
+ *   post:
+ *     summary: Logout and revoke current JWT token
+ *     tags: [Authentication]
+ *     security:
+ *       - bearerAuth: []
+ *     responses:
+ *       200:
+ *         description: Successfully logged out
+ *         content:
+ *           application/json:
+ *             schema:
+ *               type: object
+ *               properties:
+ *                 success:
+ *                   type: boolean
+ *                 message:
+ *                   type: string
+ *       401:
+ *         description: Unauthorized
+ */
+router.post('/logout', verifyToken, async (req, res) => {
+  try {
+    // Revoke the current token
+    await prisma.jwtToken.update({
+      where: { id: req.tokenId },
+      data: { 
+        isRevoked: true,
+        updatedAt: new Date()
+      }
+    });
+
+    res.json({ 
+      success: true,
+      message: 'Successfully logged out' 
+    });
+  } catch (error) {
+    console.error('Logout error:', error);
+    res.status(500).json({ error: 'Internal server error' });
+  }
+});
+
+/**
+ * @swagger
+ * /auth/revoke-all:
+ *   post:
+ *     summary: Revoke all JWT tokens for current user
+ *     tags: [Authentication]
+ *     security:
+ *       - bearerAuth: []
+ *     responses:
+ *       200:
+ *         description: Successfully revoked all tokens
+ *         content:
+ *           application/json:
+ *             schema:
+ *               type: object
+ *               properties:
+ *                 success:
+ *                   type: boolean
+ *                 message:
+ *                   type: string
+ *                 revokedCount:
+ *                   type: integer
+ *       401:
+ *         description: Unauthorized
+ */
+router.post('/revoke-all', verifyToken, async (req, res) => {
+  try {
+    // Revoke all tokens for the user
+    const result = await prisma.jwtToken.updateMany({
+      where: { 
+        userId: req.userId,
+        isRevoked: false
+      },
+      data: { 
+        isRevoked: true,
+        updatedAt: new Date()
+      }
+    });
+
+    res.json({ 
+      success: true,
+      message: 'Successfully revoked all tokens',
+      revokedCount: result.count
+    });
+  } catch (error) {
+    console.error('Revoke all tokens error:', error);
+    res.status(500).json({ error: 'Internal server error' });
+  }
+});
+
 export default router;