first commit: Complete phishing test management panel with Node.js backend and React frontend

backend/src/routes/auth.routes.js

@@ -0,0 +1,17 @@
+const express = require('express');
+const router = express.Router();
+const authController = require('../controllers/auth.controller');
+const { validateLogin } = require('../validators/auth.validator');
+const { requireAuth } = require('../middlewares/auth');
+const { authLimiter } = require('../middlewares/rateLimiter');
+
+// Public routes
+router.post('/login', authLimiter, validateLogin, authController.login);
+router.get('/check', authController.checkAuth);
+
+// Protected routes
+router.post('/logout', requireAuth, authController.logout);
+router.get('/me', requireAuth, authController.me);
+
+module.exports = router;
+

backend/src/routes/company.routes.js

@@ -0,0 +1,22 @@
+const express = require('express');
+const router = express.Router();
+const companyController = require('../controllers/company.controller');
+const { validateCreateCompany, validateUpdateCompany } = require('../validators/company.validator');
+const { requireAuth } = require('../middlewares/auth');
+
+// All company routes require authentication
+router.use(requireAuth);
+
+// Company CRUD
+router.get('/', companyController.getAllCompanies);
+router.post('/', validateCreateCompany, companyController.createCompany);
+router.get('/:id', companyController.getCompanyById);
+router.put('/:id', validateUpdateCompany, companyController.updateCompany);
+router.delete('/:id', companyController.deleteCompany);
+
+// Company-specific endpoints
+router.get('/:id/tokens', companyController.getCompanyTokens);
+router.get('/:id/stats', companyController.getCompanyStats);
+
+module.exports = router;
+

backend/src/routes/settings.routes.js

@@ -0,0 +1,16 @@
+const express = require('express');
+const router = express.Router();
+const settingsController = require('../controllers/settings.controller');
+const { requireAuth } = require('../middlewares/auth');
+
+// All settings routes require authentication
+router.use(requireAuth);
+
+router.get('/', settingsController.getAllSettings);
+router.put('/gmail', settingsController.updateGmailSettings);
+router.put('/telegram', settingsController.updateTelegramSettings);
+router.post('/test-gmail', settingsController.testGmail);
+router.post('/test-telegram', settingsController.testTelegram);
+
+module.exports = router;
+

backend/src/routes/stats.routes.js

@@ -0,0 +1,14 @@
+const express = require('express');
+const router = express.Router();
+const statsController = require('../controllers/stats.controller');
+const { requireAuth } = require('../middlewares/auth');
+
+// All stats routes require authentication
+router.use(requireAuth);
+
+router.get('/dashboard', statsController.getDashboardStats);
+router.get('/recent-clicks', statsController.getRecentClicks);
+router.get('/by-company', statsController.getCompanyBasedStats);
+
+module.exports = router;
+

backend/src/routes/template.routes.js

@@ -0,0 +1,14 @@
+const express = require('express');
+const router = express.Router();
+const templateController = require('../controllers/template.controller');
+const { requireAuth } = require('../middlewares/auth');
+
+// All template routes require authentication
+router.use(requireAuth);
+
+router.get('/', templateController.getAllTemplates);
+router.get('/:type', templateController.getTemplateByType);
+router.post('/preview', templateController.previewTemplate);
+
+module.exports = router;
+

backend/src/routes/token.routes.js

@@ -0,0 +1,23 @@
+const express = require('express');
+const router = express.Router();
+const tokenController = require('../controllers/token.controller');
+const { validateCreateToken, validateUpdateToken } = require('../validators/token.validator');
+const { requireAuth } = require('../middlewares/auth');
+
+// All token routes require authentication
+router.use(requireAuth);
+
+// Token CRUD
+router.get('/', tokenController.getAllTokens);
+router.post('/create', validateCreateToken, tokenController.createToken);
+router.post('/create-and-send', validateCreateToken, tokenController.createAndSendToken);
+router.get('/:id', tokenController.getTokenById);
+router.put('/:id', validateUpdateToken, tokenController.updateToken);
+router.delete('/:id', tokenController.deleteToken);
+
+// Token-specific endpoints
+router.post('/:id/send', tokenController.sendTokenMail);
+router.get('/:id/clicks', tokenController.getTokenClicks);
+
+module.exports = router;
+

backend/src/routes/tracking.routes.js

@@ -0,0 +1,10 @@
+const express = require('express');
+const router = express.Router();
+const trackingController = require('../controllers/tracking.controller');
+const { trackingLimiter } = require('../middlewares/rateLimiter');
+
+// Public tracking endpoint (no authentication required)
+router.get('/:token', trackingLimiter, trackingController.trackClick);
+
+module.exports = router;
+