multiple shi

Author: SuryaKTiwari11

backend/middlewares/idempotency.middleware.js

@@ -4,7 +4,7 @@ import { getCache, setCache } from "../utils/redisClient.js";
  * Idempotency middleware to prevent duplicate requests
  * Clients should send an `Idempotency-Key` header with a unique UUID
  * If the same key is used within the TTL window, returns the cached response
- * 
+ *
  * @param {number} ttlSeconds - Time to live for the cached response (default: 86400 = 24 hours)
  * @param {boolean} strict - If true, requires Idempotency-Key header (default: false)
  */
@@ -19,9 +19,9 @@ export const idempotencyMiddleware = (ttlSeconds = 86400, strict = false) => {
 
     // If strict mode is enabled and no idempotency key is provided, reject the request
     if (strict && !idempotencyKey) {
-      return res.status(400).json({ 
+      return res.status(400).json({
         message: "Idempotency-Key header is required for this operation",
-        hint: "Include a unique UUID in the 'Idempotency-Key' header to prevent duplicate requests"
+        hint: "Include a unique UUID in the 'Idempotency-Key' header to prevent duplicate requests",
       });
     }
 

backend/routes/report.routes.js

@@ -34,12 +34,28 @@ router.get("/user/:userId", isAuthenticated, adminOnly, getReportsByUserId);
 router.get("/:id", isAuthenticated, getReportById);
 
 // Update a report (with idempotency)
-router.patch("/:id", isAuthenticated, idempotencyMiddleware(3600), updateReport);
+router.patch(
+  "/:id",
+  isAuthenticated,
+  idempotencyMiddleware(3600),
+  updateReport,
+);
 
 // Delete a report (with idempotency)
-router.delete("/:id", isAuthenticated, idempotencyMiddleware(3600), deleteReport);
+router.delete(
+  "/:id",
+  isAuthenticated,
+  idempotencyMiddleware(3600),
+  deleteReport,
+);
 
 // Update report status (admin only, with idempotency)
-router.patch("/:id/status", isAuthenticated, adminOnly, idempotencyMiddleware(3600), updateReportStatus);
+router.patch(
+  "/:id/status",
+  isAuthenticated,
+  adminOnly,
+  idempotencyMiddleware(3600),
+  updateReportStatus,
+);
 
 export default router;

backend/routes/user.routes.js

@@ -29,7 +29,12 @@ router.post(
   claimItem,
 );
 router.get("/my-claims", isAuthenticated, myClaims);
-router.delete("/my-claims/:claimId", isAuthenticated, idempotencyMiddleware(3600), deleteClaim);
+router.delete(
+  "/my-claims/:claimId",
+  isAuthenticated,
+  idempotencyMiddleware(3600),
+  deleteClaim,
+);
 router.get("/profile", isAuthenticated, getProfile);
 router.patch(
   "/profile",

frontend/src/pages/admin.jsx

@@ -59,6 +59,7 @@ const Admin = () => {
   });
 
   const [remarkText, setRemarkText] = useState('');
+  const [submitting, setSubmitting] = useState(false);
 
   useEffect(() => {
     if (activeTab === 'items') {
@@ -160,47 +161,62 @@ const Admin = () => {
 
   const handleCreateItem = async (e) => {
     e.preventDefault();
+    if (submitting) return; // Prevent double submission
+    
+    setSubmitting(true);
     try {
       // Don't send itemId - it's auto-generated by backend
       // eslint-disable-next-line no-unused-vars
       const { itemId, ...itemData } = formData;
       await adminApi.createItem(itemData);
-      toast.success('Item created successfully');
+      toast.success('✅ Item created successfully!');
       setShowModal(false);
       resetForm();
       fetchItems();
     } catch (error) {
       toast.error(error.response?.data?.message || 'Failed to create item');
+    } finally {
+      setSubmitting(false);
     }
   };
 
   const handleUpdateItem = async (e) => {
     e.preventDefault();
+    if (submitting) return; // Prevent double submission
+    
+    setSubmitting(true);
     try {
       await adminApi.updateItem(selectedItem._id, formData);
-      toast.success('Item updated successfully');
+      toast.success('✅ Item updated successfully!');
       setShowModal(false);
       resetForm();
       fetchItems();
     } catch (error) {
       toast.error(error.response?.data?.message || 'Failed to update item');
+    } finally {
+      setSubmitting(false);
     }
   };
 
   const handleDeleteItem = async () => {
+    if (submitting) return; // Prevent double submission
+    
+    setSubmitting(true);
     try {
       await adminApi.deleteItem(selectedItem._id);
-      toast.success('Item deleted successfully');
+      toast.success('✅ Item deleted successfully!');
       setShowModal(false);
       fetchItems();
     } catch (error) {
       toast.error(error.response?.data?.message || 'Failed to delete item');
+    } finally {
+      setSubmitting(false);
     }
   };
 
   const handleApproveClaim = async (claimId) => {
     try {
-      const response = await adminApi.approveClaim(claimId, remarkText);
+      await adminApi.approveClaim(claimId, remarkText);
       toast.success('✅ Claim approved successfully!');
       setShowModal(false);
       setRemarkText('');
@@ -223,7 +239,7 @@ const Admin = () => {
 
   const handleRejectClaim = async (claimId) => {
     try {
-      const response = await adminApi.rejectClaim(claimId, remarkText);
+      await adminApi.rejectClaim(claimId, remarkText);
       toast.success('❌ Claim rejected successfully!');
       setShowModal(false);
       setRemarkText('');
@@ -243,12 +259,14 @@ const Admin = () => {
 
   const openCreateModal = () => {
     resetForm();
+    setSubmitting(false);
     setModalType('create');
     setShowModal(true);
   };
 
   const openEditModal = (item) => {
     setSelectedItem(item);
+    setSubmitting(false);
     setFormData({
       itemId: item.itemId,
       name: item.name,
@@ -263,6 +281,7 @@ const Admin = () => {
 
   const openDeleteModal = (item) => {
     setSelectedItem(item);
+    setSubmitting(false);
     setModalType('delete');
     setShowModal(true);
   };
@@ -299,6 +318,7 @@ const Admin = () => {
       description: ''
     });
     setSelectedItem(null);
+    setSubmitting(false);
     if (formControls && typeof formControls.clear === 'function') formControls.clear();
   };
 
@@ -1145,14 +1165,26 @@ const Admin = () => {
                   <div className="flex gap-3 mt-6">
                     <button
                       type="submit"
-                      className="flex-1 px-4 py-2 bg-indigo-600 text-white rounded-lg hover:bg-indigo-700 transition-colors"
+                      disabled={submitting}
+                      className={`flex-1 px-4 py-2 bg-indigo-600 text-white rounded-lg transition-colors flex items-center justify-center gap-2 ${
+                        submitting ? 'opacity-70 cursor-not-allowed' : 'hover:bg-indigo-700'
+                      }`}
                     >
-                      {modalType === 'create' ? 'Create Item' : 'Update Item'}
+                      {submitting && (
+                        <svg className="animate-spin h-5 w-5 text-white" xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24">
+                          <circle className="opacity-25" cx="12" cy="12" r="10" stroke="currentColor" strokeWidth="4"></circle>
+                          <path className="opacity-75" fill="currentColor" d="M4 12a8 8 0 018-8V0C5.373 0 0 5.373 0 12h4zm2 5.291A7.962 7.962 0 014 12H0c0 3.042 1.135 5.824 3 7.938l3-2.647z"></path>
+                        </svg>
+                      )}
+                      {submitting ? 'Submitting...' : (modalType === 'create' ? 'Create Item' : 'Update Item')}
                     </button>
                     <button
                       type="button"
                       onClick={() => setShowModal(false)}
+                      disabled={submitting}
                       className={`px-4 py-2 border rounded-lg transition-colors ${
+                        submitting ? 'opacity-50 cursor-not-allowed' : ''
+                      } ${
                         darkMode ? 'border-gray-600 text-gray-300 hover:bg-gray-700' : 'border-gray-300 text-gray-700 hover:bg-gray-50'
                       }`}
                     >
@@ -1172,13 +1204,25 @@ const Admin = () => {
                   <div className="flex gap-3">
                     <button
                       onClick={handleDeleteItem}
-                      className="flex-1 px-4 py-2 bg-red-600 text-white rounded-lg hover:bg-red-700 transition-colors"
+                      disabled={submitting}
+                      className={`flex-1 px-4 py-2 bg-red-600 text-white rounded-lg transition-colors flex items-center justify-center gap-2 ${
+                        submitting ? 'opacity-70 cursor-not-allowed' : 'hover:bg-red-700'
+                      }`}
                     >
-                      Delete
+                      {submitting && (
+                        <svg className="animate-spin h-5 w-5 text-white" xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24">
+                          <circle className="opacity-25" cx="12" cy="12" r="10" stroke="currentColor" strokeWidth="4"></circle>
+                          <path className="opacity-75" fill="currentColor" d="M4 12a8 8 0 018-8V0C5.373 0 0 5.373 0 12h4zm2 5.291A7.962 7.962 0 014 12H0c0 3.042 1.135 5.824 3 7.938l3-2.647z"></path>
+                        </svg>
+                      )}
+                      {submitting ? 'Deleting...' : 'Delete'}
                     </button>
                     <button
                       onClick={() => setShowModal(false)}
-                      className="px-4 py-2 border border-gray-300 text-gray-700 rounded-lg hover:bg-gray-50 transition-colors"
+                      disabled={submitting}
+                      className={`px-4 py-2 border border-gray-300 text-gray-700 rounded-lg transition-colors ${
+                        submitting ? 'opacity-50 cursor-not-allowed' : 'hover:bg-gray-50'
+                      }`}
                     >
                       Cancel
                     </button>

frontend/src/utils/api.js

@@ -35,8 +35,10 @@ api.interceptors.request.use(
       config.headers.Authorization = `Bearer ${token}`;
     }
 
-    // Add idempotency key for POST, PUT, PATCH requests
-    if (["post", "put", "patch"].includes(config.method?.toLowerCase())) {
+    // Add idempotency key for POST, PUT, PATCH, DELETE requests
+    if (
+      ["post", "put", "patch", "delete"].includes(config.method?.toLowerCase())
+    ) {
       config.headers["Idempotency-Key"] = generateUUID();
     }