update sso keycloak, get all & show hospital area, get area by sales, feature sales

index.js

@@ -17,8 +17,10 @@ const logRoutes = require('./src/routes/superadmin/LogRoute.js')
 const areaRoutes = require('./src/routes/sales/AreaRoute.js')
 const vendorSalesRoutes = require('./src/routes/sales/VendorRoute.js')
 const { port } = require('./config/config.js')
+const keycloak = require('./src/middleware/Keycloak.js');
 
 app.use(cors())
+app.use(keycloak.middleware());
 app.use(express.json())
 app.use('/storage/', express.static(path.join(__dirname, 'storage/')));
 

package-lock.json

@@ -21,6 +21,7 @@
         "dotenv": "^16.5.0",
         "express": "^5.1.0",
         "jsonwebtoken": "^9.0.2",
+        "keycloak-connect": "^26.1.1",
         "multer": "^2.0.1",
         "pg": "^8.16.2",
         "qs": "^6.14.0"
@@ -127,6 +128,40 @@
         "@prisma/debug": "6.10.1"
       }
     },
+    "node_modules/@testim/chrome-version": {
+      "version": "1.1.4",
+      "resolved": "https://registry.npmjs.org/@testim/chrome-version/-/chrome-version-1.1.4.tgz",
+      "integrity": "sha512-kIhULpw9TrGYnHp/8VfdcneIcxKnLixmADtukQRtJUmsVlMg0niMkwV0xZmi8hqa57xqilIHjWFA0GKvEjVU5g==",
+      "license": "MIT",
+      "optional": true
+    },
+    "node_modules/@tootallnate/quickjs-emscripten": {
+      "version": "0.23.0",
+      "resolved": "https://registry.npmjs.org/@tootallnate/quickjs-emscripten/-/quickjs-emscripten-0.23.0.tgz",
+      "integrity": "sha512-C5Mc6rdnsaJDjO3UpGW/CQTHtCKaYlScZTly4JIu97Jxo/odCiH0ITnDXSJPTOrEKk/ycSZ0AOgTmkDtkOsvIA==",
+      "license": "MIT",
+      "optional": true
+    },
+    "node_modules/@types/node": {
+      "version": "24.0.10",
+      "resolved": "https://registry.npmjs.org/@types/node/-/node-24.0.10.tgz",
+      "integrity": "sha512-ENHwaH+JIRTDIEEbDK6QSQntAYGtbvdDXnMXnZaZ6k13Du1dPMmprkEHIL7ok2Wl2aZevetwTAb5S+7yIF+enA==",
+      "license": "MIT",
+      "optional": true,
+      "dependencies": {
+        "undici-types": "~7.8.0"
+      }
+    },
+    "node_modules/@types/yauzl": {
+      "version": "2.10.3",
+      "resolved": "https://registry.npmjs.org/@types/yauzl/-/yauzl-2.10.3.tgz",
+      "integrity": "sha512-oJoftv0LSuaDZE3Le4DbKX+KS9G36NzOeSap90UIK0yMA/NhKJhqlSGtNDORNRaIbQfzjXDrQa0ytJ6mNRGz/Q==",
+      "license": "MIT",
+      "optional": true,
+      "dependencies": {
+        "@types/node": "*"
+      }
+    },
     "node_modules/accepts": {
       "version": "2.0.0",
       "resolved": "https://registry.npmjs.org/accepts/-/accepts-2.0.0.tgz",
@@ -140,12 +175,47 @@
         "node": ">= 0.6"
       }
     },
+    "node_modules/agent-base": {
+      "version": "7.1.3",
+      "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-7.1.3.tgz",
+      "integrity": "sha512-jRR5wdylq8CkOe6hei19GGZnxM6rBGwFl3Bg0YItGDimvjGtAvdZk4Pu6Cl4u4Igsws4a1fd1Vq3ezrhn4KmFw==",
+      "license": "MIT",
+      "optional": true,
+      "engines": {
+        "node": ">= 14"
+      }
+    },
     "node_modules/append-field": {
       "version": "1.0.0",
       "resolved": "https://registry.npmjs.org/append-field/-/append-field-1.0.0.tgz",
       "integrity": "sha512-klpgFSWLW1ZEs8svjfb7g4qWY0YS5imI82dTg+QahUvJ8YqAY0P10Uk8tTyh9ZGuYEZEMaeJYCF5BFuX552hsw==",
       "license": "MIT"
     },
+    "node_modules/asn1.js": {
+      "version": "5.4.1",
+      "resolved": "https://registry.npmjs.org/asn1.js/-/asn1.js-5.4.1.tgz",
+      "integrity": "sha512-+I//4cYPccV8LdmBLiX8CYvf9Sp3vQsrqu2QNXRcrbiWvcx/UdlFiqUJJzxRQxgsZmvhXhn4cSKeSmoFjVdupA==",
+      "license": "MIT",
+      "dependencies": {
+        "bn.js": "^4.0.0",
+        "inherits": "^2.0.1",
+        "minimalistic-assert": "^1.0.0",
+        "safer-buffer": "^2.1.0"
+      }
+    },
+    "node_modules/ast-types": {
+      "version": "0.13.4",
+      "resolved": "https://registry.npmjs.org/ast-types/-/ast-types-0.13.4.tgz",
+      "integrity": "sha512-x1FCFnFifvYDDzTaLII71vG5uvDwgtmDTEVWAxrgeiR8VjMONcCXJx7E+USjDtHlwFmt9MysbqgF9b9Vjr6w+w==",
+      "license": "MIT",
+      "optional": true,
+      "dependencies": {
+        "tslib": "^2.0.1"
+      },
+      "engines": {
+        "node": ">=4"
+      }
+    },
     "node_modules/asynckit": {
       "version": "0.4.0",
       "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz",
@@ -163,6 +233,16 @@
         "proxy-from-env": "^1.1.0"
       }
     },
+    "node_modules/basic-ftp": {
+      "version": "5.0.5",
+      "resolved": "https://registry.npmjs.org/basic-ftp/-/basic-ftp-5.0.5.tgz",
+      "integrity": "sha512-4Bcg1P8xhUuqcii/S0Z9wiHIrQVPMermM1any+MX5GeGD7faD3/msQUDGLol9wOcz4/jbg/WJnGqoJF6LiBdtg==",
+      "license": "MIT",
+      "optional": true,
+      "engines": {
+        "node": ">=10.0.0"
+      }
+    },
     "node_modules/bcrypt": {
       "version": "6.0.0",
       "resolved": "https://registry.npmjs.org/bcrypt/-/bcrypt-6.0.0.tgz",
@@ -177,6 +257,12 @@
         "node": ">= 18"
       }
     },
+    "node_modules/bn.js": {
+      "version": "4.12.2",
+      "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.2.tgz",
+      "integrity": "sha512-n4DSx829VRTRByMRGdjQ9iqsN0Bh4OolPsFnaZBLcbi8iXcB+kJ9s7EnRt4wILZNV3kPLHkRVfOc/HvhC3ovDw==",
+      "license": "MIT"
+    },
     "node_modules/body-parser": {
       "version": "2.2.0",
       "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-2.2.0.tgz",
@@ -197,6 +283,22 @@
         "node": ">=18"
       }
     },
+    "node_modules/brorand": {
+      "version": "1.1.0",
+      "resolved": "https://registry.npmjs.org/brorand/-/brorand-1.1.0.tgz",
+      "integrity": "sha512-cKV8tMCEpQs4hK/ik71d6LrPOnpkpGBR0wzxqr68g2m/LB2GxVYQroAjMJZRVM1Y4BCjCKc3vAamxSzOY2RP+w==",
+      "license": "MIT"
+    },
+    "node_modules/buffer-crc32": {
+      "version": "0.2.13",
+      "resolved": "https://registry.npmjs.org/buffer-crc32/-/buffer-crc32-0.2.13.tgz",
+      "integrity": "sha512-VO9Ht/+p3SN7SKWqcrgEzjGbRSJYTx+Q1pTQC0wrWqHx0vpJraQ6GtHx8tvcg1rlK1byhU5gccxgOgj7B0TDkQ==",
+      "license": "MIT",
+      "optional": true,
+      "engines": {
+        "node": "*"
+      }
+    },
     "node_modules/buffer-equal-constant-time": {
       "version": "1.0.1",
       "resolved": "https://registry.npmjs.org/buffer-equal-constant-time/-/buffer-equal-constant-time-1.0.1.tgz",
@@ -258,6 +360,29 @@
         "url": "https://github.com/sponsors/ljharb"
       }
     },
+    "node_modules/chromedriver": {
+      "version": "138.0.1",
+      "resolved": "https://registry.npmjs.org/chromedriver/-/chromedriver-138.0.1.tgz",
+      "integrity": "sha512-QS/Z1qB2OpKsPUlJjkfKmpf9lGw6ObB0dX5+dP3M0gdtbu80TUnS+EjXbtu6YkbMfr2/Qt8IfOONrawNW1GwhA==",
+      "hasInstallScript": true,
+      "license": "Apache-2.0",
+      "optional": true,
+      "dependencies": {
+        "@testim/chrome-version": "^1.1.4",
+        "axios": "^1.7.4",
+        "compare-versions": "^6.1.0",
+        "extract-zip": "^2.0.1",
+        "proxy-agent": "^6.4.0",
+        "proxy-from-env": "^1.1.0",
+        "tcp-port-used": "^1.0.2"
+      },
+      "bin": {
+        "chromedriver": "bin/chromedriver"
+      },
+      "engines": {
+        "node": ">=20"
+      }
+    },
     "node_modules/combined-stream": {
       "version": "1.0.8",
       "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz",
@@ -270,6 +395,13 @@
         "node": ">= 0.8"
       }
     },
+    "node_modules/compare-versions": {
+      "version": "6.1.1",
+      "resolved": "https://registry.npmjs.org/compare-versions/-/compare-versions-6.1.1.tgz",
+      "integrity": "sha512-4hm4VPpIecmlg59CHXnRDnqGplJFrbLG4aFEl5vl6cK1u76ws3LLvX7ikFnTDl5vo39sjWD6AaDPYodJp/NNHg==",
+      "license": "MIT",
+      "optional": true
+    },
     "node_modules/concat-stream": {
       "version": "2.0.0",
       "resolved": "https://registry.npmjs.org/concat-stream/-/concat-stream-2.0.0.tgz",
@@ -337,6 +469,16 @@
         "node": ">= 0.10"
       }
     },
+    "node_modules/data-uri-to-buffer": {
+      "version": "6.0.2",
+      "resolved": "https://registry.npmjs.org/data-uri-to-buffer/-/data-uri-to-buffer-6.0.2.tgz",
+      "integrity": "sha512-7hvf7/GW8e86rW0ptuwS3OcBGDjIi6SZva7hCyWC0yYry2cOPmLIjXAUHI6DK2HsnwJd9ifmt57i8eV2n4YNpw==",
+      "license": "MIT",
+      "optional": true,
+      "engines": {
+        "node": ">= 14"
+      }
+    },
     "node_modules/date-fns": {
       "version": "4.1.0",
       "resolved": "https://registry.npmjs.org/date-fns/-/date-fns-4.1.0.tgz",
@@ -385,6 +527,28 @@
         }
       }
     },
+    "node_modules/deep-is": {
+      "version": "0.1.4",
+      "resolved": "https://registry.npmjs.org/deep-is/-/deep-is-0.1.4.tgz",
+      "integrity": "sha512-oIPzksmTg4/MriiaYGO+okXDT7ztn/w3Eptv/+gSIdMdKsJo0u4CfYNFJPy+4SKMuCqGw2wxnA+URMg3t8a/bQ==",
+      "license": "MIT",
+      "optional": true
+    },
+    "node_modules/degenerator": {
+      "version": "5.0.1",
+      "resolved": "https://registry.npmjs.org/degenerator/-/degenerator-5.0.1.tgz",
+      "integrity": "sha512-TllpMR/t0M5sqCXfj85i4XaAzxmS5tVA16dqvdkMwGmzI+dXLXnw3J+3Vdv7VKw+ThlTMboK6i9rnZ6Nntj5CQ==",
+      "license": "MIT",
+      "optional": true,
+      "dependencies": {
+        "ast-types": "^0.13.4",
+        "escodegen": "^2.1.0",
+        "esprima": "^4.0.1"
+      },
+      "engines": {
+        "node": ">= 14"
+      }
+    },
     "node_modules/delayed-stream": {
       "version": "1.0.0",
       "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz",
@@ -444,6 +608,21 @@
       "integrity": "sha512-WMwm9LhRUo+WUaRN+vRuETqG89IgZphVSNkdFgeb6sS/E4OrDIN7t48CAewSHXc6C8lefD8KKfr5vY61brQlow==",
       "license": "MIT"
     },
+    "node_modules/elliptic": {
+      "version": "6.6.1",
+      "resolved": "https://registry.npmjs.org/elliptic/-/elliptic-6.6.1.tgz",
+      "integrity": "sha512-RaddvvMatK2LJHqFJ+YA4WysVN5Ita9E35botqIYspQ4TkRAlCicdzKOjlyv/1Za5RyTNn7di//eEV0uTAfe3g==",
+      "license": "MIT",
+      "dependencies": {
+        "bn.js": "^4.11.9",
+        "brorand": "^1.1.0",
+        "hash.js": "^1.0.0",
+        "hmac-drbg": "^1.0.1",
+        "inherits": "^2.0.4",
+        "minimalistic-assert": "^1.0.1",
+        "minimalistic-crypto-utils": "^1.0.1"
+      }
+    },
     "node_modules/encodeurl": {
       "version": "2.0.0",
       "resolved": "https://registry.npmjs.org/encodeurl/-/encodeurl-2.0.0.tgz",
@@ -453,6 +632,16 @@
         "node": ">= 0.8"
       }
     },
+    "node_modules/end-of-stream": {
+      "version": "1.4.5",
+      "resolved": "https://registry.npmjs.org/end-of-stream/-/end-of-stream-1.4.5.tgz",
+      "integrity": "sha512-ooEGc6HP26xXq/N+GCGOT0JKCLDGrq2bQUZrQ7gyrJiZANJ/8YDTxTpQBXGMn+WbIQXNVpyWymm7KYVICQnyOg==",
+      "license": "MIT",
+      "optional": true,
+      "dependencies": {
+        "once": "^1.4.0"
+      }
+    },
     "node_modules/es-define-property": {
       "version": "1.0.1",
       "resolved": "https://registry.npmjs.org/es-define-property/-/es-define-property-1.0.1.tgz",
@@ -504,6 +693,62 @@
       "integrity": "sha512-NiSupZ4OeuGwr68lGIeym/ksIZMJodUGOSCZ/FSnTxcrekbvqrgdUxlJOMpijaKZVjAJrWrGs/6Jy8OMuyj9ow==",
       "license": "MIT"
     },
+    "node_modules/escodegen": {
+      "version": "2.1.0",
+      "resolved": "https://registry.npmjs.org/escodegen/-/escodegen-2.1.0.tgz",
+      "integrity": "sha512-2NlIDTwUWJN0mRPQOdtQBzbUHvdGY2P1VXSyU83Q3xKxM7WHX2Ql8dKq782Q9TgQUNOLEzEYu9bzLNj1q88I5w==",
+      "license": "BSD-2-Clause",
+      "optional": true,
+      "dependencies": {
+        "esprima": "^4.0.1",
+        "estraverse": "^5.2.0",
+        "esutils": "^2.0.2"
+      },
+      "bin": {
+        "escodegen": "bin/escodegen.js",
+        "esgenerate": "bin/esgenerate.js"
+      },
+      "engines": {
+        "node": ">=6.0"
+      },
+      "optionalDependencies": {
+        "source-map": "~0.6.1"
+      }
+    },
+    "node_modules/esprima": {
+      "version": "4.0.1",
+      "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz",
+      "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==",
+      "license": "BSD-2-Clause",
+      "optional": true,
+      "bin": {
+        "esparse": "bin/esparse.js",
+        "esvalidate": "bin/esvalidate.js"
+      },
+      "engines": {
+        "node": ">=4"
+      }
+    },
+    "node_modules/estraverse": {
+      "version": "5.3.0",
+      "resolved": "https://registry.npmjs.org/estraverse/-/estraverse-5.3.0.tgz",
+      "integrity": "sha512-MMdARuVEQziNTeJD8DgMqmhwR11BRQ/cBP+pLtYdSTnf3MIO8fFeiINEbX36ZdNlfU/7A9f3gUw49B3oQsvwBA==",
+      "license": "BSD-2-Clause",
+      "optional": true,
+      "engines": {
+        "node": ">=4.0"
+      }
+    },
+    "node_modules/esutils": {
+      "version": "2.0.3",
+      "resolved": "https://registry.npmjs.org/esutils/-/esutils-2.0.3.tgz",
+      "integrity": "sha512-kVscqXk4OCp68SZ0dkgEKVi6/8ij300KBWTJq32P/dYeWTSwK41WyTxalN1eRmA5Z9UU/LX9D7FWSmV9SAYx6g==",
+      "license": "BSD-2-Clause",
+      "optional": true,
+      "engines": {
+        "node": ">=0.10.0"
+      }
+    },
     "node_modules/etag": {
       "version": "1.8.1",
       "resolved": "https://registry.npmjs.org/etag/-/etag-1.8.1.tgz",
@@ -555,6 +800,37 @@
         "url": "https://opencollective.com/express"
       }
     },
+    "node_modules/extract-zip": {
+      "version": "2.0.1",
+      "resolved": "https://registry.npmjs.org/extract-zip/-/extract-zip-2.0.1.tgz",
+      "integrity": "sha512-GDhU9ntwuKyGXdZBUgTIe+vXnWj0fppUEtMDL0+idd5Sta8TGpHssn/eusA9mrPr9qNDym6SxAYZjNvCn/9RBg==",
+      "license": "BSD-2-Clause",
+      "optional": true,
+      "dependencies": {
+        "debug": "^4.1.1",
+        "get-stream": "^5.1.0",
+        "yauzl": "^2.10.0"
+      },
+      "bin": {
+        "extract-zip": "cli.js"
+      },
+      "engines": {
+        "node": ">= 10.17.0"
+      },
+      "optionalDependencies": {
+        "@types/yauzl": "^2.9.1"
+      }
+    },
+    "node_modules/fd-slicer": {
+      "version": "1.1.0",
+      "resolved": "https://registry.npmjs.org/fd-slicer/-/fd-slicer-1.1.0.tgz",
+      "integrity": "sha512-cE1qsB/VwyQozZ+q1dGxR8LBYNZeofhEdUNGSMbQD3Gw2lAzX9Zb3uIU6Ebc/Fmyjo9AWWfnn0AUCHqtevs/8g==",
+      "license": "MIT",
+      "optional": true,
+      "dependencies": {
+        "pend": "~1.2.0"
+      }
+    },
     "node_modules/finalhandler": {
       "version": "2.1.0",
       "resolved": "https://registry.npmjs.org/finalhandler/-/finalhandler-2.1.0.tgz",
@@ -693,6 +969,37 @@
         "node": ">= 0.4"
       }
     },
+    "node_modules/get-stream": {
+      "version": "5.2.0",
+      "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-5.2.0.tgz",
+      "integrity": "sha512-nBF+F1rAZVCu/p7rjzgA+Yb4lfYXrpl7a6VmJrU8wF9I1CKvP/QwPNZHnOlwbTkY6dvtFIzFMSyQXbLoTQPRpA==",
+      "license": "MIT",
+      "optional": true,
+      "dependencies": {
+        "pump": "^3.0.0"
+      },
+      "engines": {
+        "node": ">=8"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/sindresorhus"
+      }
+    },
+    "node_modules/get-uri": {
+      "version": "6.0.4",
+      "resolved": "https://registry.npmjs.org/get-uri/-/get-uri-6.0.4.tgz",
+      "integrity": "sha512-E1b1lFFLvLgak2whF2xDBcOy6NLVGZBqqjJjsIhvopKfWWEi64pLVTWWehV8KlLerZkfNTA95sTe2OdJKm1OzQ==",
+      "license": "MIT",
+      "optional": true,
+      "dependencies": {
+        "basic-ftp": "^5.0.2",
+        "data-uri-to-buffer": "^6.0.2",
+        "debug": "^4.3.4"
+      },
+      "engines": {
+        "node": ">= 14"
+      }
+    },
     "node_modules/gopd": {
       "version": "1.2.0",
       "resolved": "https://registry.npmjs.org/gopd/-/gopd-1.2.0.tgz",
@@ -732,6 +1039,16 @@
         "url": "https://github.com/sponsors/ljharb"
       }
     },
+    "node_modules/hash.js": {
+      "version": "1.1.7",
+      "resolved": "https://registry.npmjs.org/hash.js/-/hash.js-1.1.7.tgz",
+      "integrity": "sha512-taOaskGt4z4SOANNseOviYDvjEJinIkRgmp7LbKP2YTTmVxWBl87s/uzK9r+44BclBSp2X7K1hqeNfz9JbBeXA==",
+      "license": "MIT",
+      "dependencies": {
+        "inherits": "^2.0.3",
+        "minimalistic-assert": "^1.0.1"
+      }
+    },
     "node_modules/hasown": {
       "version": "2.0.2",
       "resolved": "https://registry.npmjs.org/hasown/-/hasown-2.0.2.tgz",
@@ -744,6 +1061,17 @@
         "node": ">= 0.4"
       }
     },
+    "node_modules/hmac-drbg": {
+      "version": "1.0.1",
+      "resolved": "https://registry.npmjs.org/hmac-drbg/-/hmac-drbg-1.0.1.tgz",
+      "integrity": "sha512-Tti3gMqLdZfhOQY1Mzf/AanLiqh1WTiJgEj26ZuYQ9fbkLomzGchCws4FyrSd4VkpBfiNhaE1On+lOz894jvXg==",
+      "license": "MIT",
+      "dependencies": {
+        "hash.js": "^1.0.3",
+        "minimalistic-assert": "^1.0.0",
+        "minimalistic-crypto-utils": "^1.0.1"
+      }
+    },
     "node_modules/http-errors": {
       "version": "2.0.0",
       "resolved": "https://registry.npmjs.org/http-errors/-/http-errors-2.0.0.tgz",
@@ -769,6 +1097,34 @@
         "node": ">= 0.8"
       }
     },
+    "node_modules/http-proxy-agent": {
+      "version": "7.0.2",
+      "resolved": "https://registry.npmjs.org/http-proxy-agent/-/http-proxy-agent-7.0.2.tgz",
+      "integrity": "sha512-T1gkAiYYDWYx3V5Bmyu7HcfcvL7mUrTWiM6yOfa3PIphViJ/gFPbvidQ+veqSOHci/PxBcDabeUNCzpOODJZig==",
+      "license": "MIT",
+      "optional": true,
+      "dependencies": {
+        "agent-base": "^7.1.0",
+        "debug": "^4.3.4"
+      },
+      "engines": {
+        "node": ">= 14"
+      }
+    },
+    "node_modules/https-proxy-agent": {
+      "version": "7.0.6",
+      "resolved": "https://registry.npmjs.org/https-proxy-agent/-/https-proxy-agent-7.0.6.tgz",
+      "integrity": "sha512-vK9P5/iUfdl95AI+JVyUuIcVtd4ofvtrOr3HNtM2yxC9bnMbEdp3x01OhQNnjb8IJYi38VlTE3mBXwcfvywuSw==",
+      "license": "MIT",
+      "optional": true,
+      "dependencies": {
+        "agent-base": "^7.1.2",
+        "debug": "4"
+      },
+      "engines": {
+        "node": ">= 14"
+      }
+    },
     "node_modules/iconv-lite": {
       "version": "0.6.3",
       "resolved": "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.6.3.tgz",
@@ -787,6 +1143,30 @@
       "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==",
       "license": "ISC"
     },
+    "node_modules/ip-address": {
+      "version": "9.0.5",
+      "resolved": "https://registry.npmjs.org/ip-address/-/ip-address-9.0.5.tgz",
+      "integrity": "sha512-zHtQzGojZXTwZTHQqra+ETKd4Sn3vgi7uBmlPoXVWZqYvuKmtI0l/VZTjqGmJY9x88GGOaZ9+G9ES8hC4T4X8g==",
+      "license": "MIT",
+      "optional": true,
+      "dependencies": {
+        "jsbn": "1.1.0",
+        "sprintf-js": "^1.1.3"
+      },
+      "engines": {
+        "node": ">= 12"
+      }
+    },
+    "node_modules/ip-regex": {
+      "version": "4.3.0",
+      "resolved": "https://registry.npmjs.org/ip-regex/-/ip-regex-4.3.0.tgz",
+      "integrity": "sha512-B9ZWJxHHOHUhUjCPrMpLD4xEq35bUTClHM1S6CBU5ixQnkZmwipwgc96vAd7AAGM9TGHvJR+Uss+/Ak6UphK+Q==",
+      "license": "MIT",
+      "optional": true,
+      "engines": {
+        "node": ">=8"
+      }
+    },
     "node_modules/ipaddr.js": {
       "version": "1.9.1",
       "resolved": "https://registry.npmjs.org/ipaddr.js/-/ipaddr.js-1.9.1.tgz",
@@ -802,6 +1182,28 @@
       "integrity": "sha512-hvpoI6korhJMnej285dSg6nu1+e6uxs7zG3BYAm5byqDsgJNWwxzM6z6iZiAgQR4TJ30JmBTOwqZUw3WlyH3AQ==",
       "license": "MIT"
     },
+    "node_modules/is-url": {
+      "version": "1.2.4",
+      "resolved": "https://registry.npmjs.org/is-url/-/is-url-1.2.4.tgz",
+      "integrity": "sha512-ITvGim8FhRiYe4IQ5uHSkj7pVaPDrCTkNd3yq3cV7iZAcJdHTUMPMEHcqSOy9xZ9qFenQCvi+2wjH9a1nXqHww==",
+      "license": "MIT",
+      "optional": true
+    },
+    "node_modules/is2": {
+      "version": "2.0.9",
+      "resolved": "https://registry.npmjs.org/is2/-/is2-2.0.9.tgz",
+      "integrity": "sha512-rZkHeBn9Zzq52sd9IUIV3a5mfwBY+o2HePMh0wkGBM4z4qjvy2GwVxQ6nNXSfw6MmVP6gf1QIlWjiOavhM3x5g==",
+      "license": "MIT",
+      "optional": true,
+      "dependencies": {
+        "deep-is": "^0.1.3",
+        "ip-regex": "^4.1.0",
+        "is-url": "^1.2.4"
+      },
+      "engines": {
+        "node": ">=v0.10.0"
+      }
+    },
     "node_modules/jiti": {
       "version": "2.4.2",
       "resolved": "https://registry.npmjs.org/jiti/-/jiti-2.4.2.tgz",
@@ -812,6 +1214,13 @@
         "jiti": "lib/jiti-cli.mjs"
       }
     },
+    "node_modules/jsbn": {
+      "version": "1.1.0",
+      "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-1.1.0.tgz",
+      "integrity": "sha512-4bYVV3aAMtDTTu4+xsDYa6sy9GyJ69/amsu9sYF2zqjiEoZA5xJi3BrfX3uY+/IekIu7MwdObdbDWpoZdBv3/A==",
+      "license": "MIT",
+      "optional": true
+    },
     "node_modules/jsonwebtoken": {
       "version": "9.0.2",
       "resolved": "https://registry.npmjs.org/jsonwebtoken/-/jsonwebtoken-9.0.2.tgz",
@@ -845,6 +1254,17 @@
         "safe-buffer": "^5.0.1"
       }
     },
+    "node_modules/jwk-to-pem": {
+      "version": "2.0.7",
+      "resolved": "https://registry.npmjs.org/jwk-to-pem/-/jwk-to-pem-2.0.7.tgz",
+      "integrity": "sha512-cSVphrmWr6reVchuKQZdfSs4U9c5Y4hwZggPoz6cbVnTpAVgGRpEuQng86IyqLeGZlhTh+c4MAreB6KbdQDKHQ==",
+      "license": "Apache-2.0",
+      "dependencies": {
+        "asn1.js": "^5.3.0",
+        "elliptic": "^6.6.1",
+        "safe-buffer": "^5.0.1"
+      }
+    },
     "node_modules/jws": {
       "version": "3.2.2",
       "resolved": "https://registry.npmjs.org/jws/-/jws-3.2.2.tgz",
@@ -855,6 +1275,21 @@
         "safe-buffer": "^5.0.1"
       }
     },
+    "node_modules/keycloak-connect": {
+      "version": "26.1.1",
+      "resolved": "https://registry.npmjs.org/keycloak-connect/-/keycloak-connect-26.1.1.tgz",
+      "integrity": "sha512-2wvNJXldB9Em+mp6liJ+AnftcJovFEvNhUgv3hblNDmVihBoBqn4zFlwLIN41lo0H8CicB2T86xZ5U2MiQ9FFA==",
+      "license": "Apache-2.0",
+      "dependencies": {
+        "jwk-to-pem": "^2.0.0"
+      },
+      "engines": {
+        "node": ">=14"
+      },
+      "optionalDependencies": {
+        "chromedriver": "latest"
+      }
+    },
     "node_modules/lodash.includes": {
       "version": "4.3.0",
       "resolved": "https://registry.npmjs.org/lodash.includes/-/lodash.includes-4.3.0.tgz",
@@ -897,6 +1332,16 @@
       "integrity": "sha512-Sb487aTOCr9drQVL8pIxOzVhafOjZN9UU54hiN8PU3uAiSV7lx1yYNpbNmex2PK6dSJoNTSJUUswT651yww3Mg==",
       "license": "MIT"
     },
+    "node_modules/lru-cache": {
+      "version": "7.18.3",
+      "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-7.18.3.tgz",
+      "integrity": "sha512-jumlc0BIUrS3qJGgIkWZsyfAM7NCWiBcCDhnd+3NNM5KbBmLTgHVfWBcg6W+rLUsIpzpERPsvwUP7CckAQSOoA==",
+      "license": "ISC",
+      "optional": true,
+      "engines": {
+        "node": ">=12"
+      }
+    },
     "node_modules/math-intrinsics": {
       "version": "1.1.0",
       "resolved": "https://registry.npmjs.org/math-intrinsics/-/math-intrinsics-1.1.0.tgz",
@@ -948,6 +1393,18 @@
         "node": ">= 0.6"
       }
     },
+    "node_modules/minimalistic-assert": {
+      "version": "1.0.1",
+      "resolved": "https://registry.npmjs.org/minimalistic-assert/-/minimalistic-assert-1.0.1.tgz",
+      "integrity": "sha512-UtJcAD4yEaGtjPezWuO9wC4nwUnVH/8/Im3yEHQP4b67cXlD/Qr9hdITCU1xDbSEXg2XKNaP8jsReV7vQd00/A==",
+      "license": "ISC"
+    },
+    "node_modules/minimalistic-crypto-utils": {
+      "version": "1.0.1",
+      "resolved": "https://registry.npmjs.org/minimalistic-crypto-utils/-/minimalistic-crypto-utils-1.0.1.tgz",
+      "integrity": "sha512-JIYlbt6g8i5jKfJ3xz7rF0LXmv2TkDxBLUkiBeZ7bAx4GnnNMr8xFpGnOxn6GhTEHx3SjRrZEoU+j04prX1ktg==",
+      "license": "MIT"
+    },
     "node_modules/minimist": {
       "version": "1.2.8",
       "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.8.tgz",
@@ -1045,6 +1502,16 @@
         "node": ">= 0.6"
       }
     },
+    "node_modules/netmask": {
+      "version": "2.0.2",
+      "resolved": "https://registry.npmjs.org/netmask/-/netmask-2.0.2.tgz",
+      "integrity": "sha512-dBpDMdxv9Irdq66304OLfEmQ9tbNRFnFTuZiLo+bD+r332bBmMJ8GBLXklIXXgxd3+v9+KUnZaUR5PJMa75Gsg==",
+      "license": "MIT",
+      "optional": true,
+      "engines": {
+        "node": ">= 0.4.0"
+      }
+    },
     "node_modules/node-addon-api": {
       "version": "8.4.0",
       "resolved": "https://registry.npmjs.org/node-addon-api/-/node-addon-api-8.4.0.tgz",
@@ -1107,6 +1574,40 @@
         "wrappy": "1"
       }
     },
+    "node_modules/pac-proxy-agent": {
+      "version": "7.2.0",
+      "resolved": "https://registry.npmjs.org/pac-proxy-agent/-/pac-proxy-agent-7.2.0.tgz",
+      "integrity": "sha512-TEB8ESquiLMc0lV8vcd5Ql/JAKAoyzHFXaStwjkzpOpC5Yv+pIzLfHvjTSdf3vpa2bMiUQrg9i6276yn8666aA==",
+      "license": "MIT",
+      "optional": true,
+      "dependencies": {
+        "@tootallnate/quickjs-emscripten": "^0.23.0",
+        "agent-base": "^7.1.2",
+        "debug": "^4.3.4",
+        "get-uri": "^6.0.1",
+        "http-proxy-agent": "^7.0.0",
+        "https-proxy-agent": "^7.0.6",
+        "pac-resolver": "^7.0.1",
+        "socks-proxy-agent": "^8.0.5"
+      },
+      "engines": {
+        "node": ">= 14"
+      }
+    },
+    "node_modules/pac-resolver": {
+      "version": "7.0.1",
+      "resolved": "https://registry.npmjs.org/pac-resolver/-/pac-resolver-7.0.1.tgz",
+      "integrity": "sha512-5NPgf87AT2STgwa2ntRMr45jTKrYBGkVU36yT0ig/n/GMAa3oPqhZfIQ2kMEimReg0+t9kZViDVZ83qfVUlckg==",
+      "license": "MIT",
+      "optional": true,
+      "dependencies": {
+        "degenerator": "^5.0.0",
+        "netmask": "^2.0.2"
+      },
+      "engines": {
+        "node": ">= 14"
+      }
+    },
     "node_modules/parseurl": {
       "version": "1.3.3",
       "resolved": "https://registry.npmjs.org/parseurl/-/parseurl-1.3.3.tgz",
@@ -1125,6 +1626,13 @@
         "node": ">=16"
       }
     },
+    "node_modules/pend": {
+      "version": "1.2.0",
+      "resolved": "https://registry.npmjs.org/pend/-/pend-1.2.0.tgz",
+      "integrity": "sha512-F3asv42UuXchdzt+xXqfW1OGlVBe+mxa2mqI0pg5yAHZPvFmY3Y6drSf/GQ1A86WgWEN9Kzh/WrgKa6iGcHXLg==",
+      "license": "MIT",
+      "optional": true
+    },
     "node_modules/pg": {
       "version": "8.16.2",
       "resolved": "https://registry.npmjs.org/pg/-/pg-8.16.2.tgz",
@@ -1292,12 +1800,43 @@
         "node": ">= 0.10"
       }
     },
+    "node_modules/proxy-agent": {
+      "version": "6.5.0",
+      "resolved": "https://registry.npmjs.org/proxy-agent/-/proxy-agent-6.5.0.tgz",
+      "integrity": "sha512-TmatMXdr2KlRiA2CyDu8GqR8EjahTG3aY3nXjdzFyoZbmB8hrBsTyMezhULIXKnC0jpfjlmiZ3+EaCzoInSu/A==",
+      "license": "MIT",
+      "optional": true,
+      "dependencies": {
+        "agent-base": "^7.1.2",
+        "debug": "^4.3.4",
+        "http-proxy-agent": "^7.0.1",
+        "https-proxy-agent": "^7.0.6",
+        "lru-cache": "^7.14.1",
+        "pac-proxy-agent": "^7.1.0",
+        "proxy-from-env": "^1.1.0",
+        "socks-proxy-agent": "^8.0.5"
+      },
+      "engines": {
+        "node": ">= 14"
+      }
+    },
     "node_modules/proxy-from-env": {
       "version": "1.1.0",
       "resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz",
       "integrity": "sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg==",
       "license": "MIT"
     },
+    "node_modules/pump": {
+      "version": "3.0.3",
+      "resolved": "https://registry.npmjs.org/pump/-/pump-3.0.3.tgz",
+      "integrity": "sha512-todwxLMY7/heScKmntwQG8CXVkWUOdYxIvY2s0VWAAMh/nd8SoYiRaKjlr7+iCs984f2P8zvrfWcDDYVb73NfA==",
+      "license": "MIT",
+      "optional": true,
+      "dependencies": {
+        "end-of-stream": "^1.1.0",
+        "once": "^1.3.1"
+      }
+    },
     "node_modules/qs": {
       "version": "6.14.0",
       "resolved": "https://registry.npmjs.org/qs/-/qs-6.14.0.tgz",
@@ -1520,6 +2059,57 @@
         "url": "https://github.com/sponsors/ljharb"
       }
     },
+    "node_modules/smart-buffer": {
+      "version": "4.2.0",
+      "resolved": "https://registry.npmjs.org/smart-buffer/-/smart-buffer-4.2.0.tgz",
+      "integrity": "sha512-94hK0Hh8rPqQl2xXc3HsaBoOXKV20MToPkcXvwbISWLEs+64sBq5kFgn2kJDHb1Pry9yrP0dxrCI9RRci7RXKg==",
+      "license": "MIT",
+      "optional": true,
+      "engines": {
+        "node": ">= 6.0.0",
+        "npm": ">= 3.0.0"
+      }
+    },
+    "node_modules/socks": {
+      "version": "2.8.5",
+      "resolved": "https://registry.npmjs.org/socks/-/socks-2.8.5.tgz",
+      "integrity": "sha512-iF+tNDQla22geJdTyJB1wM/qrX9DMRwWrciEPwWLPRWAUEM8sQiyxgckLxWT1f7+9VabJS0jTGGr4QgBuvi6Ww==",
+      "license": "MIT",
+      "optional": true,
+      "dependencies": {
+        "ip-address": "^9.0.5",
+        "smart-buffer": "^4.2.0"
+      },
+      "engines": {
+        "node": ">= 10.0.0",
+        "npm": ">= 3.0.0"
+      }
+    },
+    "node_modules/socks-proxy-agent": {
+      "version": "8.0.5",
+      "resolved": "https://registry.npmjs.org/socks-proxy-agent/-/socks-proxy-agent-8.0.5.tgz",
+      "integrity": "sha512-HehCEsotFqbPW9sJ8WVYB6UbmIMv7kUUORIF2Nncq4VQvBfNBLibW9YZR5dlYCSUhwcD628pRllm7n+E+YTzJw==",
+      "license": "MIT",
+      "optional": true,
+      "dependencies": {
+        "agent-base": "^7.1.2",
+        "debug": "^4.3.4",
+        "socks": "^2.8.3"
+      },
+      "engines": {
+        "node": ">= 14"
+      }
+    },
+    "node_modules/source-map": {
+      "version": "0.6.1",
+      "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz",
+      "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==",
+      "license": "BSD-3-Clause",
+      "optional": true,
+      "engines": {
+        "node": ">=0.10.0"
+      }
+    },
     "node_modules/split2": {
       "version": "4.2.0",
       "resolved": "https://registry.npmjs.org/split2/-/split2-4.2.0.tgz",
@@ -1529,6 +2119,13 @@
         "node": ">= 10.x"
       }
     },
+    "node_modules/sprintf-js": {
+      "version": "1.1.3",
+      "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.1.3.tgz",
+      "integrity": "sha512-Oo+0REFV59/rz3gfJNKQiBlwfHaSESl1pcGyABQsnnIfWOFt6JNj5gCog2U6MLZ//IGYD+nA8nI+mTShREReaA==",
+      "license": "BSD-3-Clause",
+      "optional": true
+    },
     "node_modules/statuses": {
       "version": "2.0.2",
       "resolved": "https://registry.npmjs.org/statuses/-/statuses-2.0.2.tgz",
@@ -1555,6 +2152,42 @@
         "safe-buffer": "~5.2.0"
       }
     },
+    "node_modules/tcp-port-used": {
+      "version": "1.0.2",
+      "resolved": "https://registry.npmjs.org/tcp-port-used/-/tcp-port-used-1.0.2.tgz",
+      "integrity": "sha512-l7ar8lLUD3XS1V2lfoJlCBaeoaWo/2xfYt81hM7VlvR4RrMVFqfmzfhLVk40hAb368uitje5gPtBRL1m/DGvLA==",
+      "license": "MIT",
+      "optional": true,
+      "dependencies": {
+        "debug": "4.3.1",
+        "is2": "^2.0.6"
+      }
+    },
+    "node_modules/tcp-port-used/node_modules/debug": {
+      "version": "4.3.1",
+      "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.1.tgz",
+      "integrity": "sha512-doEwdvm4PCeK4K3RQN2ZC2BYUBaxwLARCqZmMjtF8a51J2Rb0xpVloFRnCODwqjpwnAoao4pelN8l3RJdv3gRQ==",
+      "license": "MIT",
+      "optional": true,
+      "dependencies": {
+        "ms": "2.1.2"
+      },
+      "engines": {
+        "node": ">=6.0"
+      },
+      "peerDependenciesMeta": {
+        "supports-color": {
+          "optional": true
+        }
+      }
+    },
+    "node_modules/tcp-port-used/node_modules/ms": {
+      "version": "2.1.2",
+      "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz",
+      "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==",
+      "license": "MIT",
+      "optional": true
+    },
     "node_modules/toidentifier": {
       "version": "1.0.1",
       "resolved": "https://registry.npmjs.org/toidentifier/-/toidentifier-1.0.1.tgz",
@@ -1564,6 +2197,13 @@
         "node": ">=0.6"
       }
     },
+    "node_modules/tslib": {
+      "version": "2.8.1",
+      "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.8.1.tgz",
+      "integrity": "sha512-oJFu94HQb+KVduSUQL7wnpmqnfmLsOA/nAh6b6EH0wCEoK0/mPeXU6c3wKDV83MkOuHPRHtSXKKU99IBazS/2w==",
+      "license": "0BSD",
+      "optional": true
+    },
     "node_modules/type-is": {
       "version": "2.0.1",
       "resolved": "https://registry.npmjs.org/type-is/-/type-is-2.0.1.tgz",
@@ -1584,6 +2224,13 @@
       "integrity": "sha512-/aCDEGatGvZ2BIk+HmLf4ifCJFwvKFNb9/JeZPMulfgFracn9QFcAf5GO8B/mweUjSoblS5In0cWhqpfs/5PQA==",
       "license": "MIT"
     },
+    "node_modules/undici-types": {
+      "version": "7.8.0",
+      "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-7.8.0.tgz",
+      "integrity": "sha512-9UJ2xGDvQ43tYyVMpuHlsgApydB8ZKfVYTsLDhXkFL/6gfkp+U8xTGdh8pMJv1SpZna0zxG1DwsKZsreLbXBxw==",
+      "license": "MIT",
+      "optional": true
+    },
     "node_modules/unpipe": {
       "version": "1.0.0",
       "resolved": "https://registry.npmjs.org/unpipe/-/unpipe-1.0.0.tgz",
@@ -1622,6 +2269,17 @@
       "engines": {
         "node": ">=0.4"
       }
+    },
+    "node_modules/yauzl": {
+      "version": "2.10.0",
+      "resolved": "https://registry.npmjs.org/yauzl/-/yauzl-2.10.0.tgz",
+      "integrity": "sha512-p4a9I6X6nu6IhoGmBqAcbJy1mlC4j27vEPZX9F4L4/vZT3Lyq1VkFHw/V/PUcB9Buo+DG3iHkT0x3Qya58zc3g==",
+      "license": "MIT",
+      "optional": true,
+      "dependencies": {
+        "buffer-crc32": "~0.2.3",
+        "fd-slicer": "~1.1.0"
+      }
     }
   }
 }

package.json

@@ -25,6 +25,7 @@
     "dotenv": "^16.5.0",
     "express": "^5.1.0",
     "jsonwebtoken": "^9.0.2",
+    "keycloak-connect": "^26.1.1",
     "multer": "^2.0.1",
     "pg": "^8.16.2",
     "qs": "^6.14.0"

prisma/migrations/20250705091358_update_field_user_area/migration.sql

@@ -0,0 +1,2 @@
+-- DropForeignKey
+ALTER TABLE "user_areas" DROP CONSTRAINT "user_areas_user_id_fkey";

prisma/schema.prisma

@@ -55,7 +55,6 @@ model User {
   updatedAt  DateTime   @updatedAt
   deletedAt  DateTime?
   hospitals  Hospital[]
-  user_areas UserArea[]
   vendors    Vendor[]
 
   @@map("users")
@@ -136,7 +135,6 @@ model UserArea {
   id          String    @id @default(uuid())
   user_id     String
   province_id String
-  user        User      @relation(fields: [user_id], references: [id])
   province    Province  @relation(fields: [province_id], references: [id])
   createdAt   DateTime  @default(now())
   updatedAt   DateTime  @updatedAt

src/controllers/sales/AreaController.js

@@ -9,7 +9,7 @@ exports.getAllAreaByUser = async (req, res) => {
 
         const { areas, total } = await getAllAreaByUserService({ page, limit, search, sortBy, orderBy }, req);
 
-        return UserAreaCollection(req, res, areas, total, page, limit, 'Area data successfully retrieved');
+        return UserAreaCollection({ req, res, data: areas, total, page, limit, message: 'Area data successfully retrieved' });
     } catch (err) {
         return errorResponse(res, err);
     }

src/controllers/sales/HospitalController.js

@@ -11,7 +11,7 @@ exports.getAllHospitalByArea = async (req, res) => {
 
         const { hospitals, total } = await getAllHospitalByAreaService({ page, limit, search, sortBy, orderBy, province, city, type, ownership, progress_status }, req);
 
-        return HospitalCollection(req, res, hospitals, total, page, limit, 'Hospital data successfully retrieved');
+        return HospitalCollection({ req, res, data: hospitals, total, page, limit, message: 'Hospital data successfully retrieved' });
     } catch (err) {
         return errorResponse(res, err);
     }
@@ -41,8 +41,8 @@ exports.updateHospital = async (req, res) => {
 exports.showHospital = async (req, res) => {
     try {
         const id = req.params.id;
-        const data = await showHospitalService(id);
-        return HospitalResource(res, data, 'Success show hospital');
+        const { hospital, userName } = await showHospitalService(id);
+        return HospitalResource(res, hospital, userName, 'Success show hospital');
     } catch (err) {
         return errorResponse(res, err);
     }

src/middleware/CheckRoles.js

@@ -0,0 +1,21 @@
+module.exports = (allowedRoles = []) => {
+    return async (req, res, next) => {
+        try {
+            const tokenData = req.tokenData;
+            const roles = tokenData.realm_access?.roles || [];
+
+            const hasAccess = allowedRoles.some(role => roles.includes(role));
+
+            if (hasAccess) {
+                return next();
+            }
+
+            const error = new Error('Access Denied');
+            // const error = new Error(`Access Denied: You need one of the following roles: ${allowedRoles.join(", ")}`);
+            error.statusCode = 403;
+            throw error;
+        } catch (error) {
+            next(error);
+        }
+    };
+};

src/middleware/ExtractToken.js

@@ -0,0 +1,22 @@
+const jwt = require("jsonwebtoken");
+
+module.exports = async (req, res, next) => {
+    try {
+        // Decode access token
+        const bearerToken = req.headers.authorization;
+        // bearerToken would return "Bearer <access_token>"
+
+        const token = bearerToken.split(" ");
+        // token would return ["Bearer", "<access_token>"]
+
+        const tokenData = jwt.decode(token[1]);
+        // tokenData would return user's data
+
+        // Store decoded token data in request
+        req.tokenData = tokenData;
+
+        next();
+    } catch (error) {
+        next(error);
+    }
+}

src/middleware/Keycloak.js

@@ -0,0 +1,12 @@
+const Keycloak = require("keycloak-connect");
+require('dotenv').config();
+
+const config = {
+  "realm": process.env.KEYCLOAK_REALM,
+  "auth-server-url": `${process.env.KEYCLOAK_URL}`,
+  "ssl-required": "external",
+  "resource": process.env.KEYCLOAK_CLIENT,
+  "bearer-only": true
+}
+
+module.exports = new Keycloak({}, config);

src/repository/sales/AreaRepository.js

@@ -9,12 +9,7 @@ const AreaRepository = {
             orderBy,
             select: {
                 id: true,
-                user: {
-                    select: {
-                        id: true,
-                        username: true
-                    }
-                },
+                user_id: true,
                 province: {
                     select: {
                         id: true,

src/repository/sales/HospitalRepository.js

@@ -21,7 +21,8 @@ const HospitalRepository = {
                 image: true,
                 progress_status: true,
                 note: true,
-                user: { select: { id: true, username: true } },
+                // user: { select: { id: true, username: true } },
+                created_by: true,
                 createdAt: true,
                 updatedAt: true,
             }
@@ -56,7 +57,8 @@ const HospitalRepository = {
                 image: true,
                 progress_status: true,
                 note: true,
-                user: { select: { id: true, username: true } },
+                // user: { select: { id: true, username: true } },
+                created_by: true,
                 createdAt: true,
                 updatedAt: true,
             }

src/resources/sales/area/UserAreaCollection.js

@@ -1,13 +1,22 @@
+const { getUserNameById } = require("../../../utils/CheckUserKeycloak");
 const { ListResponse } = require("../../../utils/ListResponse");
 
-exports.UserAreaCollection = (req, res, data = [], total = null, page = 1, limit = 10, message = 'Success') => {
-    if (typeof total !== 'number') {
-        return res.status(200).json({
-            success: true,
-            message,
-            data: Array.isArray(data)
-        });
-    }
+const transformArea = async (data = []) => {
+    return Promise.all(data.map(async ({ user_id, ...rest }) => {
+        const name = await getUserNameById(user_id);
 
-    return ListResponse({ req, res, data, total, page, limit, message });
+        return {
+            ...rest,
+            user: {
+                id: user_id,
+                name: name
+            },
+        };
+    }));
+};
+
+exports.UserAreaCollection = async ({ req, res, data = [], total = 0, page = 1, limit = 10, message = 'Success' }) => {
+    const formatted = await transformArea(data);
+
+    return ListResponse({ req, res, data: formatted, total, page, limit, message });
 };

src/resources/sales/hospital/HospitalCollection.js

@@ -1,22 +1,27 @@
 const { ListResponse } = require("../../../utils/ListResponse");
 const { formatISOWithoutTimezone } = require("../../../utils/FormatDate.js");
+const { getUserNameById } = require("../../../utils/CheckUserKeycloak.js");
 
-const formatItem = (item) => ({
-    ...item,
-    createdAt: formatISOWithoutTimezone(item.createdAt),
-    updatedAt: formatISOWithoutTimezone(item.updatedAt)
-});
+// Fungsi transform per item
+const transformHospitalList = async (data = []) => {
+    return Promise.all(data.map(async ({ created_by, ...rest }) => {
+        const name = await getUserNameById(created_by);
 
-exports.HospitalCollection = (req, res, data = [], total = null, page = 1, limit = 10, message = 'Success') => {
-    const formattedData = data.map(formatItem);
+        return {
+            ...rest,
+            user: {
+                id: created_by,
+                name: name
+            },
+            createdAt: formatISOWithoutTimezone(rest.createdAt),
+            updatedAt: formatISOWithoutTimezone(rest.updatedAt)
+        };
+    }));
+};
 
-    if (typeof total !== 'number') {
-        return res.status(200).json({
-            success: true,
-            message,
-            data: Array.isArray(formattedData)
-        });
-    }
+// Collection yang async
+exports.HospitalCollection = async ({ req, res, data = [], total = 0, page = 1, limit = 10, message = 'Success' }) => {
+    const formatted = await transformHospitalList(data);
 
-    return ListResponse({ req, res, data: formattedData, total, page, limit, message });
+    return ListResponse({ req, res, data: formatted, total, page, limit, message });
 };

src/resources/sales/hospital/HospitalResource.js

@@ -1,17 +1,25 @@
 const { formatISOWithoutTimezone } = require("../../../utils/FormatDate");
 
-const formatItem = (item) => ({
-    ...item,
-    createdAt: formatISOWithoutTimezone(item.createdAt),
-    updatedAt: formatISOWithoutTimezone(item.updatedAt)
-});
+const formatItem = ({ item, userName }) => {
+    const { created_by, ...rest } = item;
 
-exports.HospitalResource = (res, data, message = 'Success') => {
-    const formattedData = formatItem(data);
+    return {
+        ...rest,
+        user: {
+            id: created_by,
+            name: userName
+        },
+        createdAt: formatISOWithoutTimezone(item.createdAt),
+        updatedAt: formatISOWithoutTimezone(item.updatedAt)
+    };
+};
+
+exports.HospitalResource = (res, item, userName, message = 'Success') => {
+    const formattedData = formatItem({ item, userName });
 
     return res.status(200).json({
         success: true,
         message,
         data: formattedData
     });
-};
+};

src/routes/admin/CityRoute.js

@@ -1,13 +1,22 @@
 const express = require('express')
 const router = express.Router()
 const cityController = require('../../controllers/admin/CityController.js')
-const verifyJWT = require('../../middleware/VerifyJWT.js');
-const checkRole = require('../../middleware/CheckRole.js');
+// const verifyJWT = require('../../middleware/VerifyJWT.js');
+// const checkRole = require('../../middleware/CheckRole.js');
+const keycloak = require('../../middleware/Keycloak.js');
+const extractToken = require('../../middleware/ExtractToken.js');
+const checkRoles = require('../../middleware/CheckRoles.js');
 
-router.get('/', verifyJWT, checkRole(['admin', 'sales']), cityController.getAllCity);
-router.post('/', verifyJWT, checkRole(['admin']), cityController.storeCity);
-router.get('/:id', verifyJWT, checkRole(['admin', 'sales']), cityController.showCity);
-router.patch('/:id', verifyJWT, checkRole(['admin']), cityController.updateCity);
-router.delete('/:id', verifyJWT, checkRole(['admin']), cityController.deleteCity);
+// router.get('/', verifyJWT, checkRole(['admin', 'sales']), cityController.getAllCity);
+// router.post('/', verifyJWT, checkRole(['admin']), cityController.storeCity);
+// router.get('/:id', verifyJWT, checkRole(['admin', 'sales']), cityController.showCity);
+// router.patch('/:id', verifyJWT, checkRole(['admin']), cityController.updateCity);
+// router.delete('/:id', verifyJWT, checkRole(['admin']), cityController.deleteCity);
+
+router.get('/', [keycloak.protect(), extractToken, checkRoles(["admin", "sales"])], cityController.getAllCity);
+router.post('/', [keycloak.protect(), extractToken, checkRoles(['admin'])], cityController.storeCity);
+router.get('/:id', [keycloak.protect(), extractToken, checkRoles(["admin", "sales"])], cityController.showCity);
+router.patch('/:id', [keycloak.protect(), extractToken, checkRoles(['admin'])], cityController.updateCity);
+router.delete('/:id', [keycloak.protect(), extractToken, checkRoles(['admin'])], cityController.deleteCity);
 
 module.exports = router;

src/routes/admin/HospitalRoute.js

@@ -3,28 +3,52 @@ const router = express.Router()
 const hospitalController = require('../../controllers/admin/HospitalController.js')
 const vendorHistoryController = require('../../controllers/admin/VendorHistoryController.js')
 const executivesHistoryController = require('../../controllers/admin/ExecutivesHistoryController.js')
-const verifyJWT = require('../../middleware/VerifyJWT.js');
-const checkRole = require('../../middleware/CheckRole.js');
+// const verifyJWT = require('../../middleware/VerifyJWT.js');
+// const checkRole = require('../../middleware/CheckRole.js');
 const upload = require('../../middleware/UploadImage.js');
 
-router.get('/', verifyJWT, checkRole(['admin']), hospitalController.getAllHospital);
-router.post('/', verifyJWT, upload.single('image'), checkRole(['admin']), hospitalController.storeHospital);
-router.get('/:id', verifyJWT, checkRole(['admin']), hospitalController.showHospital);
-router.patch('/:id', verifyJWT, upload.single('image'), checkRole(['admin']), hospitalController.updateHospital);
-router.delete('/:id', verifyJWT, checkRole(['admin']), hospitalController.deleteHospital);
+const keycloak = require('../../middleware/Keycloak.js');
+const extractToken = require('../../middleware/ExtractToken.js');
+const checkRoles = require('../../middleware/CheckRoles.js');
+
+// router.get('/', verifyJWT, checkRole(['admin']), hospitalController.getAllHospital);
+// router.post('/', verifyJWT, upload.single('image'), checkRole(['admin']), hospitalController.storeHospital);
+// router.get('/:id', verifyJWT, checkRole(['admin']), hospitalController.showHospital);
+// router.patch('/:id', verifyJWT, upload.single('image'), checkRole(['admin']), hospitalController.updateHospital);
+// router.delete('/:id', verifyJWT, checkRole(['admin']), hospitalController.deleteHospital);
+
+// // Vendor History
+// router.get('/:id/vendor-history', verifyJWT, checkRole(['admin']), vendorHistoryController.getAllVendorHistory);
+// router.post('/:id/vendor-history', verifyJWT, checkRole(['admin']), vendorHistoryController.storeVendorHistory);
+// router.get('/:id/vendor-history/:id_vendor_history', verifyJWT, checkRole(['admin']), vendorHistoryController.showVendorHistory);
+// router.patch('/:id/vendor-history/:id_vendor_history', verifyJWT, checkRole(['admin']), vendorHistoryController.updateVendorHistory);
+// router.delete('/:id/vendor-history/:id_vendor_history', verifyJWT, checkRole(['admin']), vendorHistoryController.deleteVendorHistory);
+
+// // Executives History
+// router.get('/:id/executives-history', verifyJWT, checkRole(['admin']), executivesHistoryController.getAllExecutivesHistory);
+// router.post('/:id/executives-history', verifyJWT, checkRole(['admin']), executivesHistoryController.storeExecutivesHistory);
+// router.get('/:id/executives-history/:id_executives_history', verifyJWT, checkRole(['admin']), executivesHistoryController.showExecutivesHistory);
+// router.patch('/:id/executives-history/:id_executives_history', verifyJWT, checkRole(['admin']), executivesHistoryController.updateExecutivesHistory);
+// router.delete('/:id/executives-history/:id_executives_history', verifyJWT, checkRole(['admin']), executivesHistoryController.deleteExecutivesHistory);
+
+router.get('/', [keycloak.protect(), extractToken, checkRoles(["admin"])], hospitalController.getAllHospital);
+router.post('/', [keycloak.protect(), extractToken, checkRoles(["admin", "admin"])], upload.single('image'), hospitalController.storeHospital);
+router.get('/:id', [keycloak.protect(), extractToken, checkRoles(["admin"])], hospitalController.showHospital);
+router.patch('/:id', [keycloak.protect(), extractToken, checkRoles(["admin", "admin"])], upload.single('image'), hospitalController.updateHospital);
+router.delete('/:id', [keycloak.protect(), extractToken, checkRoles(["admin"])], hospitalController.deleteHospital);
 
 // Vendor History
-router.get('/:id/vendor-history', verifyJWT, checkRole(['admin']), vendorHistoryController.getAllVendorHistory);
-router.post('/:id/vendor-history', verifyJWT, checkRole(['admin']), vendorHistoryController.storeVendorHistory);
-router.get('/:id/vendor-history/:id_vendor_history', verifyJWT, checkRole(['admin']), vendorHistoryController.showVendorHistory);
-router.patch('/:id/vendor-history/:id_vendor_history', verifyJWT, checkRole(['admin']), vendorHistoryController.updateVendorHistory);
-router.delete('/:id/vendor-history/:id_vendor_history', verifyJWT, checkRole(['admin']), vendorHistoryController.deleteVendorHistory);
+router.get('/:id/vendor-history', [keycloak.protect(), extractToken, checkRoles(["admin"])], vendorHistoryController.getAllVendorHistory);
+router.post('/:id/vendor-history', [keycloak.protect(), extractToken, checkRoles(["admin"])], vendorHistoryController.storeVendorHistory);
+router.get('/:id/vendor-history/:id_vendor_history', [keycloak.protect(), extractToken, checkRoles(["admin"])], vendorHistoryController.showVendorHistory);
+router.patch('/:id/vendor-history/:id_vendor_history', [keycloak.protect(), extractToken, checkRoles(["admin"])], vendorHistoryController.updateVendorHistory);
+router.delete('/:id/vendor-history/:id_vendor_history', [keycloak.protect(), extractToken, checkRoles(["admin"])], vendorHistoryController.deleteVendorHistory);
 
 // Executives History
-router.get('/:id/executives-history', verifyJWT, checkRole(['admin']), executivesHistoryController.getAllExecutivesHistory);
-router.post('/:id/executives-history', verifyJWT, checkRole(['admin']), executivesHistoryController.storeExecutivesHistory);
-router.get('/:id/executives-history/:id_executives_history', verifyJWT, checkRole(['admin']), executivesHistoryController.showExecutivesHistory);
-router.patch('/:id/executives-history/:id_executives_history', verifyJWT, checkRole(['admin']), executivesHistoryController.updateExecutivesHistory);
-router.delete('/:id/executives-history/:id_executives_history', verifyJWT, checkRole(['admin']), executivesHistoryController.deleteExecutivesHistory);
+router.get('/:id/executives-history', [keycloak.protect(), extractToken, checkRoles(["admin"])], executivesHistoryController.getAllExecutivesHistory);
+router.post('/:id/executives-history', [keycloak.protect(), extractToken, checkRoles(["admin"])], executivesHistoryController.storeExecutivesHistory);
+router.get('/:id/executives-history/:id_executives_history', [keycloak.protect(), extractToken, checkRoles(["admin"])], executivesHistoryController.showExecutivesHistory);
+router.patch('/:id/executives-history/:id_executives_history', [keycloak.protect(), extractToken, checkRoles(["admin"])], executivesHistoryController.updateExecutivesHistory);
+router.delete('/:id/executives-history/:id_executives_history', [keycloak.protect(), extractToken, checkRoles(["admin"])], executivesHistoryController.deleteExecutivesHistory);
 
 module.exports = router;

src/routes/admin/ProvinceRoute.js

@@ -1,19 +1,24 @@
 const express = require('express')
 const router = express.Router()
 const provinceController = require('../../controllers/admin/ProvinceController.js')
-const verifyJWT = require('../../middleware/VerifyJWT.js');
-const checkRole = require('../../middleware/CheckRole.js');
+// const verifyJWT = require('../../middleware/VerifyJWT.js');
+// const checkRole = require('../../middleware/CheckRole.js');
+
+const keycloak = require('../../middleware/Keycloak.js');
+const extractToken = require('../../middleware/ExtractToken.js');
+const checkRoles = require('../../middleware/CheckRoles.js');
 
 // router.get('/', verifyJWT, checkRole(['admin', 'sales']), provinceController.getAllProvince);
+// router.get('/', verifyJWT, checkRole(['admin']), provinceController.getAllProvince);
 // router.post('/', verifyJWT, checkRole(['admin']), provinceController.storeProvince);
 // router.get('/:id', verifyJWT, checkRole(['admin']), provinceController.showProvince);
 // router.patch('/:id', verifyJWT, checkRole(['admin']), provinceController.updateProvince);
 // router.delete('/:id', verifyJWT, checkRole(['admin']), provinceController.deleteProvince);
 
-router.get('/', verifyJWT, checkRole(['admin']), provinceController.getAllProvince);
-router.post('/', verifyJWT, checkRole(['admin']), provinceController.storeProvince);
-router.get('/:id', verifyJWT, checkRole(['admin']), provinceController.showProvince);
-router.patch('/:id', verifyJWT, checkRole(['admin']), provinceController.updateProvince);
-router.delete('/:id', verifyJWT, checkRole(['admin']), provinceController.deleteProvince);
+router.get('/', [keycloak.protect(), extractToken, checkRoles(['admin'])], provinceController.getAllProvince);
+router.post('/', [keycloak.protect(), extractToken, checkRoles(['admin'])], provinceController.storeProvince);
+router.get('/:id', [keycloak.protect(), extractToken, checkRoles(['admin'])], provinceController.showProvince);
+router.patch('/:id', [keycloak.protect(), extractToken, checkRoles(['admin'])], provinceController.updateProvince);
+router.delete('/:id', [keycloak.protect(), extractToken, checkRoles(['admin'])], provinceController.deleteProvince);
 
 module.exports = router;

src/routes/admin/SalesRoute.js

@@ -1,14 +1,24 @@
 const express = require('express');
 const salesControllers = require('../../controllers/admin/SalesController.js');
-const verifyJWT = require('../../middleware/VerifyJWT.js');
-const checkRole = require('../../middleware/CheckRole.js');
+// const verifyJWT = require('../../middleware/VerifyJWT.js');
+// const checkRole = require('../../middleware/CheckRole.js');
+
+const keycloak = require('../../middleware/Keycloak.js');
+const extractToken = require('../../middleware/ExtractToken.js');
+const checkRoles = require('../../middleware/CheckRoles.js');
 
 const router = express.Router();
 
-router.post('/', verifyJWT, checkRole(['admin']), salesControllers.storeSales);
-router.get('/', verifyJWT, checkRole(['admin']), salesControllers.getAllSales);
-router.get('/:id', verifyJWT, checkRole(['admin']), salesControllers.showSales);
-router.patch('/:id', verifyJWT, checkRole(['admin']), salesControllers.updateSales);
-router.delete('/:id', verifyJWT, checkRole(['admin']), salesControllers.deleteSales);
+// router.post('/', verifyJWT, checkRole(['admin']), salesControllers.storeSales);
+// router.get('/', verifyJWT, checkRole(['admin']), salesControllers.getAllSales);
+// router.get('/:id', verifyJWT, checkRole(['admin']), salesControllers.showSales);
+// router.patch('/:id', verifyJWT, checkRole(['admin']), salesControllers.updateSales);
+// router.delete('/:id', verifyJWT, checkRole(['admin']), salesControllers.deleteSales);
+
+router.post('/', [keycloak.protect(), extractToken, checkRoles(['admin'])], salesControllers.storeSales);
+router.get('/', [keycloak.protect(), extractToken, checkRoles(['admin'])], salesControllers.getAllSales);
+router.get('/:id', [keycloak.protect(), extractToken, checkRoles(['admin'])], salesControllers.showSales);
+router.patch('/:id', [keycloak.protect(), extractToken, checkRoles(['admin'])], salesControllers.updateSales);
+router.delete('/:id', [keycloak.protect(), extractToken, checkRoles(['admin'])], salesControllers.deleteSales);
 
 module.exports = router;

src/routes/admin/VendorRoute.js

@@ -1,13 +1,23 @@
 const express = require('express')
 const router = express.Router()
 const vendorController = require('../../controllers/admin/VendorController.js')
-const verifyJWT = require('../../middleware/VerifyJWT.js');
-const checkRole = require('../../middleware/CheckRole.js');
-
-router.get('/', verifyJWT, checkRole(['admin', 'sales']), vendorController.getAllVendor);
-router.post('/', verifyJWT, checkRole(['admin', 'sales']), vendorController.storeVendor);
-router.get('/:id', verifyJWT, checkRole(['admin', 'sales']), vendorController.showVendor);
-router.patch('/:id', verifyJWT, checkRole(['admin', 'sales']), vendorController.updateVendor);
-router.delete('/:id', verifyJWT, checkRole(['admin']), vendorController.deleteVendor);
+// const verifyJWT = require('../../middleware/VerifyJWT.js');
+// const checkRole = require('../../middleware/CheckRole.js');
+
+const keycloak = require('../../middleware/Keycloak.js');
+const extractToken = require('../../middleware/ExtractToken.js');
+const checkRoles = require('../../middleware/CheckRoles.js');
+
+// router.get('/', verifyJWT, checkRole(['admin', 'sales']), vendorController.getAllVendor);
+// router.post('/', verifyJWT, checkRole(['admin', 'sales']), vendorController.storeVendor);
+// router.get('/:id', verifyJWT, checkRole(['admin', 'sales']), vendorController.showVendor);
+// router.patch('/:id', verifyJWT, checkRole(['admin', 'sales']), vendorController.updateVendor);
+// router.delete('/:id', verifyJWT, checkRole(['admin']), vendorController.deleteVendor);
+
+router.get('/', [keycloak.protect(), extractToken, checkRoles(['admin', 'sales'])], vendorController.getAllVendor);
+router.post('/', [keycloak.protect(), extractToken, checkRoles(['admin', 'sales'])], vendorController.storeVendor);
+router.get('/:id', [keycloak.protect(), extractToken, checkRoles(['admin', 'sales'])], vendorController.showVendor);
+router.patch('/:id', [keycloak.protect(), extractToken, checkRoles(['admin', 'sales'])], vendorController.updateVendor);
+router.delete('/:id', [keycloak.protect(), extractToken, checkRoles(['admin'])], vendorController.deleteVendor);
 
 module.exports = router;

src/routes/sales/AreaRoute.js

@@ -1,9 +1,16 @@
 const express = require('express')
 const router = express.Router()
 const areaController = require('../../controllers/sales/AreaController.js')
-const verifyJWT = require('../../middleware/VerifyJWT.js');
-const checkRole = require('../../middleware/CheckRole.js');
-const upload = require('../../middleware/UploadImage.js');
+// const verifyJWT = require('../../middleware/VerifyJWT.js');
+// const checkRole = require('../../middleware/CheckRole.js');
+// const upload = require('../../middleware/UploadImage.js');
+
+const keycloak = require('../../middleware/Keycloak.js');
+const extractToken = require('../../middleware/ExtractToken.js');
+const checkRoles = require('../../middleware/CheckRoles.js');
+
+// router.get('/', verifyJWT, checkRole(['sales']), areaController.getAllAreaByUser);
+
+router.get('/', [keycloak.protect(), extractToken, checkRoles(['sales'])], areaController.getAllAreaByUser);
 
-router.get('/', verifyJWT, checkRole(['sales']), areaController.getAllAreaByUser);
 module.exports = router;

src/routes/sales/HospitalRoute.js

@@ -3,27 +3,50 @@ const router = express.Router()
 const hospitalController = require('../../controllers/sales/HospitalController.js')
 const vendorHistoryController = require('../../controllers/sales/VendorHistoryController.js')
 const executivesHistoryController = require('../../controllers/sales/ExecutivesHistoryController.js')
-const verifyJWT = require('../../middleware/VerifyJWT.js');
-const checkRole = require('../../middleware/CheckRole.js');
+// const verifyJWT = require('../../middleware/VerifyJWT.js');
+// const checkRole = require('../../middleware/CheckRole.js');
 const upload = require('../../middleware/UploadImage.js');
 
-router.get('/', verifyJWT, checkRole(['sales']), hospitalController.getAllHospitalByArea);
-router.post('/', verifyJWT, upload.single('image'), checkRole(['sales']), hospitalController.storeHospital);
-router.patch('/:id', verifyJWT, upload.single('image'), checkRole(['sales']), hospitalController.updateHospital);
-router.get('/:id', verifyJWT, checkRole(['sales']), hospitalController.showHospital);
+const keycloak = require('../../middleware/Keycloak.js');
+const extractToken = require('../../middleware/ExtractToken.js');
+const checkRoles = require('../../middleware/CheckRoles.js');
+
+// router.get('/', verifyJWT, checkRole(['sales']), hospitalController.getAllHospitalByArea);
+// router.post('/', verifyJWT, upload.single('image'), checkRole(['sales']), hospitalController.storeHospital);
+// router.patch('/:id', verifyJWT, upload.single('image'), checkRole(['sales']), hospitalController.updateHospital);
+// router.get('/:id', verifyJWT, checkRole(['sales']), hospitalController.showHospital);
+
+// // Vendor History
+// router.get('/:id/vendor-history', verifyJWT, checkRole(['sales']), vendorHistoryController.getAllVendorHistory);
+// router.post('/:id/vendor-history', verifyJWT, checkRole(['sales']), vendorHistoryController.storeVendorHistory);
+// router.get('/:id/vendor-history/:id_vendor_history', verifyJWT, checkRole(['sales']), vendorHistoryController.showVendorHistory);
+// router.patch('/:id/vendor-history/:id_vendor_history', verifyJWT, checkRole(['sales']), vendorHistoryController.updateVendorHistory);
+// router.delete('/:id/vendor-history/:id_vendor_history', verifyJWT, checkRole(['sales']), vendorHistoryController.deleteVendorHistory);
+
+// // Executives History
+// router.get('/:id/executives-history', verifyJWT, checkRole(['sales']), executivesHistoryController.getAllExecutivesHistory);
+// router.post('/:id/executives-history', verifyJWT, checkRole(['sales']), executivesHistoryController.storeExecutivesHistory);
+// router.get('/:id/executives-history/:id_executives_history', verifyJWT, checkRole(['sales']), executivesHistoryController.showExecutivesHistory);
+// router.patch('/:id/executives-history/:id_executives_history', verifyJWT, checkRole(['sales']), executivesHistoryController.updateExecutivesHistory);
+// router.delete('/:id/executives-history/:id_executives_history', verifyJWT, checkRole(['sales']), executivesHistoryController.deleteExecutivesHistory);
+
+router.get('/', [keycloak.protect(), extractToken, checkRoles(['sales'])], hospitalController.getAllHospitalByArea);
+router.post('/', [keycloak.protect(), extractToken, checkRoles(['sales'])], upload.single('image'), hospitalController.storeHospital);
+router.patch('/:id', [keycloak.protect(), extractToken, checkRoles(['sales'])], upload.single('image'), hospitalController.updateHospital);
+router.get('/:id', [keycloak.protect(), extractToken, checkRoles(['sales'])], hospitalController.showHospital);
 
 // Vendor History
-router.get('/:id/vendor-history', verifyJWT, checkRole(['sales']), vendorHistoryController.getAllVendorHistory);
-router.post('/:id/vendor-history', verifyJWT, checkRole(['sales']), vendorHistoryController.storeVendorHistory);
-router.get('/:id/vendor-history/:id_vendor_history', verifyJWT, checkRole(['sales']), vendorHistoryController.showVendorHistory);
-router.patch('/:id/vendor-history/:id_vendor_history', verifyJWT, checkRole(['sales']), vendorHistoryController.updateVendorHistory);
-router.delete('/:id/vendor-history/:id_vendor_history', verifyJWT, checkRole(['sales']), vendorHistoryController.deleteVendorHistory);
+router.get('/:id/vendor-history', [keycloak.protect(), extractToken, checkRoles(['sales'])], vendorHistoryController.getAllVendorHistory);
+router.post('/:id/vendor-history', [keycloak.protect(), extractToken, checkRoles(['sales'])], vendorHistoryController.storeVendorHistory);
+router.get('/:id/vendor-history/:id_vendor_history', [keycloak.protect(), extractToken, checkRoles(['sales'])], vendorHistoryController.showVendorHistory);
+router.patch('/:id/vendor-history/:id_vendor_history', [keycloak.protect(), extractToken, checkRoles(['sales'])], vendorHistoryController.updateVendorHistory);
+router.delete('/:id/vendor-history/:id_vendor_history', [keycloak.protect(), extractToken, checkRoles(['sales'])], vendorHistoryController.deleteVendorHistory);
 
 // Executives History
-router.get('/:id/executives-history', verifyJWT, checkRole(['sales']), executivesHistoryController.getAllExecutivesHistory);
-router.post('/:id/executives-history', verifyJWT, checkRole(['sales']), executivesHistoryController.storeExecutivesHistory);
-router.get('/:id/executives-history/:id_executives_history', verifyJWT, checkRole(['sales']), executivesHistoryController.showExecutivesHistory);
-router.patch('/:id/executives-history/:id_executives_history', verifyJWT, checkRole(['sales']), executivesHistoryController.updateExecutivesHistory);
-router.delete('/:id/executives-history/:id_executives_history', verifyJWT, checkRole(['sales']), executivesHistoryController.deleteExecutivesHistory);
+router.get('/:id/executives-history', [keycloak.protect(), extractToken, checkRoles(['sales'])], executivesHistoryController.getAllExecutivesHistory);
+router.post('/:id/executives-history', [keycloak.protect(), extractToken, checkRoles(['sales'])], executivesHistoryController.storeExecutivesHistory);
+router.get('/:id/executives-history/:id_executives_history', [keycloak.protect(), extractToken, checkRoles(['sales'])], executivesHistoryController.showExecutivesHistory);
+router.patch('/:id/executives-history/:id_executives_history', [keycloak.protect(), extractToken, checkRoles(['sales'])], executivesHistoryController.updateExecutivesHistory);
+router.delete('/:id/executives-history/:id_executives_history', [keycloak.protect(), extractToken, checkRoles(['sales'])], executivesHistoryController.deleteExecutivesHistory);
 
 module.exports = router;

src/routes/sales/VendorRoute.js

@@ -1,9 +1,13 @@
 const express = require('express')
 const router = express.Router()
 const vendorController = require('../../controllers/sales/VendorController.js')
-const verifyJWT = require('../../middleware/VerifyJWT.js');
-const checkRole = require('../../middleware/CheckRole.js');
+// const verifyJWT = require('../../middleware/VerifyJWT.js');
+// const checkRole = require('../../middleware/CheckRole.js');
 
-router.get('/', verifyJWT, checkRole(['sales']), vendorController.getAllVendor);
+const keycloak = require('../../middleware/Keycloak.js');
+const extractToken = require('../../middleware/ExtractToken.js');
+const checkRoles = require('../../middleware/CheckRoles.js');
+
+router.get('/', [keycloak.protect(), extractToken, checkRoles(['sales'])], vendorController.getAllVendor);
 
 module.exports = router;

src/services/sales/AreaService.js

@@ -5,7 +5,7 @@ exports.getAllAreaByUserService = async ({ page, limit, search, sortBy, orderBy
     const skip = (page - 1) * limit;
 
     const where = {
-        user_id: req.user.id,
+        user_id: req.tokenData.sub,
         deletedAt: null,
         ...SearchFilter(search, ['province.name']),
     };

src/services/sales/HospitalService.js

@@ -7,12 +7,13 @@ const CityRepository = require('../../repository/admin/CityRepository.js');
 const HttpException = require('../../utils/HttpException.js');
 const HospitalRepository = require('../../repository/admin/HospitalRepository.js');
 const { formatISOWithoutTimezone } = require('../../utils/FormatDate.js');
+const { getUserNameById } = require('../../utils/CheckUserKeycloak.js');
 
 exports.getAllHospitalByAreaService = async ({ page, limit, search, sortBy, orderBy, province, city, type, ownership, progress_status }, req) => {
     const skip = (page - 1) * limit;
 
     const userAreas = await prisma.userArea.findMany({
-        where: { user_id: req.user.id },
+        where: { user_id: req.tokenData.sub },
         select: { province_id: true },
     });
 
@@ -216,5 +217,7 @@ exports.showHospitalService = async (id) => {
         throw new HttpException("Data hospital not found", 404);
     }
 
-    return hospital;
+    const userName = await getUserNameById(hospital.created_by);
+
+    return { hospital, userName };
 };

src/utils/CheckUserKeycloak.js

@@ -0,0 +1,47 @@
+const axios = require('axios');
+require('dotenv').config();
+
+const getKeycloakAdminToken = async () => {
+    const response = await axios.post(`${process.env.KEYCLOAK_URL}/realms/master/protocol/openid-connect/token`, new URLSearchParams({
+        client_id: 'admin-cli',
+        username: process.env.KEYCLOAK_ADMIN_USERNAME,
+        password: process.env.KEYCLOAK_ADMIN_PASSWORD,
+        grant_type: 'password'
+    }), {
+        headers: {
+            'Content-Type': 'application/x-www-form-urlencoded'
+        }
+    });
+
+    return response.data.access_token;
+};
+
+const getUserInfoById = async (userId) => {
+    try {
+        const token = await getKeycloakAdminToken();
+
+        const response = await axios.get(`${process.env.KEYCLOAK_URL}/admin/realms/${process.env.KEYCLOAK_REALM}/users/${userId}`, {
+            headers: {
+                Authorization: `Bearer ${token}`
+            }
+        });
+
+        return response.data;
+    } catch (error) {
+        console.error("Failed to get user info from Keycloak:", error.message);
+        return null;
+    }
+};
+
+const getUserNameById = async (userId) => {
+    const userInfo = await getUserInfoById(userId);
+    if (!userInfo) return null;
+
+    const firstName = userInfo.firstName || '';
+    const lastName = userInfo.lastName || '';
+    const fullName = `${firstName} ${lastName}`.trim();
+
+    return fullName || null;
+};
+
+module.exports = { getUserNameById };