add refresh token endpoints

code/backend/src/routes/postRoutes.ts

@@ -8,7 +8,6 @@ import { upload } from "../middleware/fileUpload";
 
 import { validateData } from "../middleware/validationMiddleware";
 import { uploadPostSchema } from "../schemas/postSchemas";
-import { get } from "http";
 const router = express.Router();
 
 /**
@@ -80,27 +79,20 @@ router.post("/upload", upload, validateData(uploadPostSchema), uploadPost);
  *       401:
  *         description: not authenticated
  */
-router.get("/getPost/:userId", getPost);
+router.get("/getPost/:postId", getPost);
 /**
  * @swagger
- * /api/posts/getUserPosts/{userId}:
+ * /api/posts/getUserPosts/:
  *   get:
  *     summary: Get Post
  *     tags: [posts]
  *     security:
  *       - bearerAuth: []
- *     parameters:
- *       - in: query
- *         name: postId
- *         required: true
- *         schema:
- *           type: string
- *         description: The user id
  *     responses:
  *       200:
  *         description:  Ok
  *       401:
  *         description: not authenticated
  */
-router.get("/getuserposts/:userId", getUserPosts);
+router.get("/getuserposts/", getUserPosts);
 export default router;

code/backend/src/routes/userRoutes.ts

@@ -6,7 +6,7 @@ import {
   userLoginSchema,
 } from "../schemas/userSchemas";
 import { authenticateToken } from "../middleware/authenticateToken";
-
+import { logout, refreshToken } from "../controllers/userController";
 const userRouter = express.Router();
 
 import {
@@ -50,7 +50,7 @@ import {
  * /api/user/register:
  *   post:
  *     summary: Register a new user
- *     tags: [User]
+ *     tags: [Auth]
  *     requestBody:
  *       required: true
  *       content:
@@ -73,7 +73,7 @@ userRouter.post(
  * /api/user/login:
  *   post:
  *     summary: Log in a user
- *     tags: [User]
+ *     tags: [Auth]
  *     requestBody:
  *       required: true
  *       content:
@@ -109,5 +109,57 @@ userRouter.post("/login", validateData(userLoginSchema), loginUser);
  *         description: Ungültige Anmeldedaten
  */
 userRouter.get("/getUser/:username", authenticateToken(), getUser);
+/**
+ * @swagger
+ * /api/user/refreshToken:
+ *   get:
+ *     summary: Refresh JWT tokens
+ *     description: |
+ *       Verifiziert einen bereitgestellten Refresh-Token (im Header) und gibt neue Tokens im Header zurück.
+ *     tags:
+ *       - Auth
+ *     parameters:
+ *       - in: header
+ *         name: Refresh-Token
+ *         required: true
+ *         schema:
+ *           type: string
+ *         description: Der gültige JWT-Refresh-Token
+ *     responses:
+ *       200:
+ *         description: Tokens erfolgreich erneuert
+ *         headers:
+ *           Authorization:
+ *             description: Neuer Access-Token im Bearer-Format
+ *             schema:
+ *               type: string
+ *           Refresh-Token:
+ *             description: Neuer Refresh-Token
+ *             schema:
+ *               type: string
+ *       401:
+ *         description: Ungültiger oder abgelaufener Refresh-Token
+ *       403:
+ *         description: Fehlerhafte Signatur oder ungültiger Token
+ *       500:
+ *         description: Serverfehler
+ */
 
+userRouter.get("/refreshToken", refreshToken);
+
+/**
+ * @swagger
+ * /api/user/logout/:
+ *   delete:
+ *     summary: logout
+ *     tags: [Auth]
+ *     security:
+ *       - bearerAuth: []
+ *     responses:
+ *       204:
+ *         description:  logged out
+ *       401:
+ *         description: not authenticated
+ */
+userRouter.delete("/logout", authenticateToken(), logout);
 export default userRouter;