364 lines
11 KiB
JavaScript
364 lines
11 KiB
JavaScript
const express = require('express');
|
|
const { Pool } = require('pg');
|
|
const cors = require('cors');
|
|
const bcrypt = require('bcryptjs');
|
|
const jwt = require('jsonwebtoken');
|
|
require('dotenv').config();
|
|
|
|
const app = express();
|
|
const PORT = process.env.PORT || 80;
|
|
|
|
// PostgreSQL connection
|
|
const pool = new Pool({
|
|
connectionString: process.env.DATABASE_URL,
|
|
ssl: process.env.DATABASE_URL?.includes('amazonaws.com') ? { rejectUnauthorized: false } : false
|
|
});
|
|
|
|
// Middleware
|
|
app.use(cors({
|
|
origin: true, // Allow all origins in development
|
|
credentials: true,
|
|
methods: ['GET', 'POST', 'PUT', 'DELETE', 'OPTIONS'],
|
|
allowedHeaders: ['Content-Type', 'Authorization'],
|
|
exposedHeaders: ['Content-Length', 'Content-Type'],
|
|
maxAge: 86400
|
|
}));
|
|
app.use(express.json());
|
|
|
|
// Handle preflight requests
|
|
app.options('*', cors());
|
|
|
|
// Health check route
|
|
app.get('/', (req, res) => {
|
|
res.json({ status: 'ok', service: 'Filamenteka API' });
|
|
});
|
|
|
|
// JWT middleware
|
|
const authenticateToken = (req, res, next) => {
|
|
const authHeader = req.headers['authorization'];
|
|
const token = authHeader && authHeader.split(' ')[1];
|
|
|
|
if (!token) {
|
|
return res.status(401).json({ error: 'Unauthorized' });
|
|
}
|
|
|
|
jwt.verify(token, process.env.JWT_SECRET || 'your-secret-key', (err, user) => {
|
|
if (err) {
|
|
console.error('JWT verification error:', err);
|
|
return res.status(403).json({ error: 'Invalid token' });
|
|
}
|
|
req.user = user;
|
|
next();
|
|
});
|
|
};
|
|
|
|
// Auth endpoints
|
|
app.post('/api/login', async (req, res) => {
|
|
const { username, password } = req.body;
|
|
|
|
// For now, simple hardcoded admin check
|
|
if (username === 'admin' && password === process.env.ADMIN_PASSWORD) {
|
|
const token = jwt.sign({ username }, process.env.JWT_SECRET || 'your-secret-key', { expiresIn: '24h' });
|
|
res.json({ token });
|
|
} else {
|
|
res.status(401).json({ error: 'Invalid credentials' });
|
|
}
|
|
});
|
|
|
|
// Colors endpoints
|
|
app.get('/api/colors', async (req, res) => {
|
|
try {
|
|
const result = await pool.query('SELECT * FROM colors ORDER BY name');
|
|
res.json(result.rows);
|
|
} catch (error) {
|
|
console.error('Error fetching colors:', error);
|
|
res.status(500).json({ error: 'Failed to fetch colors' });
|
|
}
|
|
});
|
|
|
|
app.post('/api/colors', authenticateToken, async (req, res) => {
|
|
const { name, hex, cena_refill, cena_spulna } = req.body;
|
|
|
|
try {
|
|
const result = await pool.query(
|
|
'INSERT INTO colors (name, hex, cena_refill, cena_spulna) VALUES ($1, $2, $3, $4) RETURNING *',
|
|
[name, hex, cena_refill || 3499, cena_spulna || 3999]
|
|
);
|
|
res.json(result.rows[0]);
|
|
} catch (error) {
|
|
console.error('Error creating color:', error);
|
|
res.status(500).json({ error: 'Failed to create color' });
|
|
}
|
|
});
|
|
|
|
app.put('/api/colors/:id', authenticateToken, async (req, res) => {
|
|
const { id } = req.params;
|
|
const { name, hex, cena_refill, cena_spulna } = req.body;
|
|
|
|
try {
|
|
const result = await pool.query(
|
|
'UPDATE colors SET name = $1, hex = $2, cena_refill = $3, cena_spulna = $4, updated_at = CURRENT_TIMESTAMP WHERE id = $5 RETURNING *',
|
|
[name, hex, cena_refill || 3499, cena_spulna || 3999, id]
|
|
);
|
|
res.json(result.rows[0]);
|
|
} catch (error) {
|
|
console.error('Error updating color:', error);
|
|
res.status(500).json({ error: 'Failed to update color' });
|
|
}
|
|
});
|
|
|
|
app.delete('/api/colors/:id', authenticateToken, async (req, res) => {
|
|
const { id } = req.params;
|
|
|
|
try {
|
|
await pool.query('DELETE FROM colors WHERE id = $1', [id]);
|
|
res.json({ success: true });
|
|
} catch (error) {
|
|
console.error('Error deleting color:', error);
|
|
res.status(500).json({ error: 'Failed to delete color' });
|
|
}
|
|
});
|
|
|
|
// Filaments endpoints (PUBLIC - no auth required)
|
|
app.get('/api/filaments', async (req, res) => {
|
|
try {
|
|
const result = await pool.query('SELECT * FROM filaments ORDER BY created_at DESC');
|
|
res.json(result.rows);
|
|
} catch (error) {
|
|
console.error('Error fetching filaments:', error);
|
|
res.status(500).json({ error: 'Failed to fetch filaments' });
|
|
}
|
|
});
|
|
|
|
app.post('/api/filaments', authenticateToken, async (req, res) => {
|
|
const { tip, finish, boja, boja_hex, refill, spulna, cena } = req.body;
|
|
|
|
try {
|
|
// Ensure refill and spulna are numbers
|
|
const refillNum = parseInt(refill) || 0;
|
|
const spulnaNum = parseInt(spulna) || 0;
|
|
const kolicina = refillNum + spulnaNum;
|
|
|
|
const result = await pool.query(
|
|
`INSERT INTO filaments (tip, finish, boja, boja_hex, refill, spulna, kolicina, cena)
|
|
VALUES ($1, $2, $3, $4, $5, $6, $7, $8) RETURNING *`,
|
|
[tip, finish, boja, boja_hex, refillNum, spulnaNum, kolicina, cena]
|
|
);
|
|
res.json(result.rows[0]);
|
|
} catch (error) {
|
|
console.error('Error creating filament:', error);
|
|
res.status(500).json({ error: 'Failed to create filament' });
|
|
}
|
|
});
|
|
|
|
app.put('/api/filaments/:id', authenticateToken, async (req, res) => {
|
|
const { id } = req.params;
|
|
const { tip, finish, boja, boja_hex, refill, spulna, cena, sale_percentage, sale_active, sale_start_date, sale_end_date } = req.body;
|
|
|
|
try {
|
|
// Ensure refill and spulna are numbers
|
|
const refillNum = parseInt(refill) || 0;
|
|
const spulnaNum = parseInt(spulna) || 0;
|
|
const kolicina = refillNum + spulnaNum;
|
|
|
|
const result = await pool.query(
|
|
`UPDATE filaments
|
|
SET tip = $1, finish = $2, boja = $3, boja_hex = $4,
|
|
refill = $5, spulna = $6, kolicina = $7, cena = $8,
|
|
sale_percentage = $9, sale_active = $10,
|
|
sale_start_date = $11, sale_end_date = $12,
|
|
updated_at = CURRENT_TIMESTAMP
|
|
WHERE id = $13 RETURNING *`,
|
|
[tip, finish, boja, boja_hex, refillNum, spulnaNum, kolicina, cena,
|
|
sale_percentage || 0, sale_active || false, sale_start_date, sale_end_date, id]
|
|
);
|
|
res.json(result.rows[0]);
|
|
} catch (error) {
|
|
console.error('Error updating filament:', error);
|
|
res.status(500).json({ error: 'Failed to update filament' });
|
|
}
|
|
});
|
|
|
|
app.delete('/api/filaments/:id', authenticateToken, async (req, res) => {
|
|
const { id } = req.params;
|
|
|
|
try {
|
|
await pool.query('DELETE FROM filaments WHERE id = $1', [id]);
|
|
res.json({ success: true });
|
|
} catch (error) {
|
|
console.error('Error deleting filament:', error);
|
|
res.status(500).json({ error: 'Failed to delete filament' });
|
|
}
|
|
});
|
|
|
|
// Bulk sale update endpoint
|
|
app.post('/api/filaments/sale/bulk', authenticateToken, async (req, res) => {
|
|
const { filamentIds, salePercentage, saleStartDate, saleEndDate, enableSale } = req.body;
|
|
|
|
try {
|
|
let query;
|
|
let params;
|
|
|
|
if (filamentIds && filamentIds.length > 0) {
|
|
// Update specific filaments
|
|
query = `
|
|
UPDATE filaments
|
|
SET sale_percentage = $1,
|
|
sale_active = $2,
|
|
sale_start_date = $3,
|
|
sale_end_date = $4,
|
|
updated_at = CURRENT_TIMESTAMP
|
|
WHERE id = ANY($5)
|
|
RETURNING *`;
|
|
params = [salePercentage || 0, enableSale || false, saleStartDate, saleEndDate, filamentIds];
|
|
} else {
|
|
// Update all filaments
|
|
query = `
|
|
UPDATE filaments
|
|
SET sale_percentage = $1,
|
|
sale_active = $2,
|
|
sale_start_date = $3,
|
|
sale_end_date = $4,
|
|
updated_at = CURRENT_TIMESTAMP
|
|
RETURNING *`;
|
|
params = [salePercentage || 0, enableSale || false, saleStartDate, saleEndDate];
|
|
}
|
|
|
|
const result = await pool.query(query, params);
|
|
res.json({
|
|
success: true,
|
|
updatedCount: result.rowCount,
|
|
updatedFilaments: result.rows
|
|
});
|
|
} catch (error) {
|
|
console.error('Error updating sale:', error);
|
|
res.status(500).json({ error: 'Failed to update sale' });
|
|
}
|
|
});
|
|
|
|
// Color request endpoints
|
|
|
|
// Get all color requests (admin only)
|
|
app.get('/api/color-requests', authenticateToken, async (req, res) => {
|
|
try {
|
|
const result = await pool.query(
|
|
'SELECT * FROM color_requests ORDER BY created_at DESC'
|
|
);
|
|
res.json(result.rows);
|
|
} catch (error) {
|
|
console.error('Error fetching color requests:', error);
|
|
res.status(500).json({ error: 'Failed to fetch color requests' });
|
|
}
|
|
});
|
|
|
|
// Submit a new color request (public)
|
|
app.post('/api/color-requests', async (req, res) => {
|
|
try {
|
|
const {
|
|
color_name,
|
|
material_type,
|
|
finish_type,
|
|
user_email,
|
|
user_phone,
|
|
user_name,
|
|
description,
|
|
reference_url
|
|
} = req.body;
|
|
|
|
// Check if similar request already exists
|
|
const existingRequest = await pool.query(
|
|
`SELECT id, request_count FROM color_requests
|
|
WHERE LOWER(color_name) = LOWER($1)
|
|
AND material_type = $2
|
|
AND (finish_type = $3 OR (finish_type IS NULL AND $3 IS NULL))
|
|
AND status = 'pending'`,
|
|
[color_name, material_type, finish_type]
|
|
);
|
|
|
|
if (existingRequest.rows.length > 0) {
|
|
// Increment request count for existing request
|
|
const result = await pool.query(
|
|
`UPDATE color_requests
|
|
SET request_count = request_count + 1,
|
|
updated_at = CURRENT_TIMESTAMP
|
|
WHERE id = $1
|
|
RETURNING *`,
|
|
[existingRequest.rows[0].id]
|
|
);
|
|
res.json({
|
|
message: 'Your request has been added to an existing request for this color',
|
|
request: result.rows[0]
|
|
});
|
|
} else {
|
|
// Create new request
|
|
const result = await pool.query(
|
|
`INSERT INTO color_requests
|
|
(color_name, material_type, finish_type, user_email, user_phone, user_name, description, reference_url)
|
|
VALUES ($1, $2, $3, $4, $5, $6, $7, $8)
|
|
RETURNING *`,
|
|
[color_name, material_type, finish_type, user_email, user_phone, user_name, description, reference_url]
|
|
);
|
|
res.json({
|
|
message: 'Color request submitted successfully',
|
|
request: result.rows[0]
|
|
});
|
|
}
|
|
} catch (error) {
|
|
console.error('Error creating color request:', error);
|
|
res.status(500).json({ error: 'Failed to submit color request' });
|
|
}
|
|
});
|
|
|
|
// Update color request status (admin only)
|
|
app.put('/api/color-requests/:id', authenticateToken, async (req, res) => {
|
|
try {
|
|
const { id } = req.params;
|
|
const { status, admin_notes } = req.body;
|
|
|
|
const result = await pool.query(
|
|
`UPDATE color_requests
|
|
SET status = $1,
|
|
admin_notes = $2,
|
|
processed_at = CURRENT_TIMESTAMP,
|
|
processed_by = $3,
|
|
updated_at = CURRENT_TIMESTAMP
|
|
WHERE id = $4
|
|
RETURNING *`,
|
|
[status, admin_notes, req.user.username, id]
|
|
);
|
|
|
|
if (result.rows.length === 0) {
|
|
return res.status(404).json({ error: 'Color request not found' });
|
|
}
|
|
|
|
res.json(result.rows[0]);
|
|
} catch (error) {
|
|
console.error('Error updating color request:', error);
|
|
res.status(500).json({ error: 'Failed to update color request' });
|
|
}
|
|
});
|
|
|
|
// Delete color request (admin only)
|
|
app.delete('/api/color-requests/:id', authenticateToken, async (req, res) => {
|
|
try {
|
|
const { id } = req.params;
|
|
|
|
const result = await pool.query(
|
|
'DELETE FROM color_requests WHERE id = $1 RETURNING *',
|
|
[id]
|
|
);
|
|
|
|
if (result.rows.length === 0) {
|
|
return res.status(404).json({ error: 'Color request not found' });
|
|
}
|
|
|
|
res.json({ message: 'Color request deleted successfully' });
|
|
} catch (error) {
|
|
console.error('Error deleting color request:', error);
|
|
res.status(500).json({ error: 'Failed to delete color request' });
|
|
}
|
|
});
|
|
|
|
app.listen(PORT, () => {
|
|
console.log(`Server running on port ${PORT}`);
|
|
}); |