frm.so/server/index.js

import express from 'express';
import cors from 'cors';
import cookieParser from 'cookie-parser';
import http from 'http';
import fs from 'fs';
import chalk from 'chalk';
import moment from 'moment';
import path from 'path';
import * as useragent from 'express-useragent';
import { fileURLToPath } from "url"
const __dirname = path.dirname(fileURLToPath(import.meta.url))

import "./util.js"
import Socket from './ws/ws.js'
import Database from "./db/db.js"
import AuthHandler from './auth.js';
import PaymentsHandler from "./payments.js"

class Server {
    db;
    auth;
    UIPath = path.join(__dirname, '../ui')
    DBPath = path.join(__dirname, '../db')

    registerRoutes(router) {
        /* Stripe */
        router.post("/create-checkout-session", PaymentsHandler.newSubscription)
        router.post("/webhook", express.raw({ type: "application/json" }), PaymentsHandler.webhook)

        /* Auth */
        router.post('/login', this.auth.login)
        router.get('/profile', this.auth.getProfile)
        router.get('/signout', this.auth.logout)

        /* Site */
        router.post('/signup', this.verifyToken, this.newUserSubmission)
        router.get('/db/images/*', this.getUserImage)
        router.get('/*', this.get)
        return router
    }

    verifyToken = (req, res, next) => {
        const { token } = req.query;
        if (!token) {
            return res.status(400).json({ error: 'Token is required' });
        }
        let fromDB = this.db.tokens.get(token)
        if (!fromDB) {
            return res.status(403).json({ error: 'Invalid or expired token' });
        } else if(fromDB.used) {
            return res.status(403).json({ error: 'Invalid or expired token' });
        }
        next()
    }

    newUserSubmission = async (req, res) => {
        const { token } = req.query;
        try {
            let tokenData = db.tokens.get(token)
            if(tokenData.used) throw new global.ServerError(400, "Token alredy used!")
            await db.members.add(req.body, tokenData.uuid)
            db.tokens.markUsed(token)
            global.db.saveData()
            return res.status(200).json({});
        } catch(e) {
            console.log(e)
            return res.status(e.status).json({ error: 'Error adding new member' });
        }
    }

    authMiddleware = (req, res, next) => {
        const authHeader = req.headers.authorization;
        if (!authHeader) {
            return res.status(401).json({ error: 'Authorization token required.' });
        }

        const [scheme, token] = authHeader.split(' ');
        if (scheme !== 'Bearer' || !token) {
            return res.status(401).json({ error: 'Malformed authorization header.' })
        }

        try {
            const payload = this.auth.verify(token);
            req.user = payload;
            return next();
        } catch (err) {
            return res.status(403).json({ error: 'Invalid or expired token.' });
        }
    }

    getUserImage = async (req, res) => {
        function getFileByNumber(dir, number) {
            const files = fs.readdirSync(dir);
            const match = files.find(file => {
                const base = path.parse(file).name;  // filename without extension
                return base === String(number);
            });
            return match ? path.join(dir, match) : null;
        }

        let filePath = path.join(this.DBPath, "images", path.basename(req.url))

        if(filePath) {
            res.sendFile(filePath)
        } else {
            return res.status(404).json({error: "Can't find image"})
        }
    }

    get = async (req, res) => {

        let url = req.url

        let publicSite = () => {
            let filePath;
            if(url.startsWith("/_")) {
                filePath = path.join(this.UIPath, url);
            } else if(url.includes("75820185")) {
                filePath = path.join(this.UIPath, "public", url.split("75820185")[1]);
            } else {
                filePath = path.join(this.UIPath, "public", "index.html");
            }

            res.sendFile(filePath);
        }

        let privateSite = () => {
            let filePath;
            let platformFolder = req.useragent.isMobile ? "mobile" : "desktop"
            if(url.startsWith("/_")) {
                filePath = path.join(this.UIPath, url);
            } else if(url.includes("75820185")) {
                filePath = path.join(this.UIPath, platformFolder, url.split("75820185")[1]);
            } else {
                filePath = path.join(this.UIPath, platformFolder, "index.html");
            }

            res.sendFile(filePath);
        }

        if(!this.auth.isLoggedInUser(req, res)) {
            publicSite()
        } else {
            privateSite()
        }
    }

    logRequest(req, res, next) {
        const formattedDate = moment().format('M.D');
        const formattedTime = moment().format('h:mma');
        if(req.url.includes("/api/")) {
            console.log(chalk.blue(`       ${req.method} ${req.url} | ${formattedDate} ${formattedTime}`));
        } else {
            if(req.url === "/")
                console.log(chalk.gray(`       ${req.method} ${req.url} | ${formattedDate} ${formattedTime}`));
        }
        next(); 
    }

    logResponse(req, res, next) {
        const originalSend = res.send;
        res.send = function (body) {
            if(res.statusCode >= 400) {
                console.log(chalk.blue( `<-${chalk.red(res.statusCode)}- ${req.method} ${req.url} | ${chalk.red(body)}`));
            } else {
                console.log(chalk.blue(`<-${res.statusCode}- ${req.method} ${req.url}`));
            }
            originalSend.call(this, body);
        };
        next();
    }

    constructor() {
        this.db = new Database()
        global.db = this.db
        this.auth = new AuthHandler()
        const app = express();
        app.post("/webhook", express.raw({ type: "application/json" }), PaymentsHandler.webhook)
        app.use(cors({ origin: '*' }));
        app.use(express.json());
        app.use(express.urlencoded({ extended: true }));
        app.use(cookieParser());
        app.use(useragent.express());

        app.use(this.logRequest);
        app.use(this.logResponse);

        let router = express.Router();
        this.registerRoutes(router)
        app.use('/', router);

        const server = http.createServer(app);
        global.Socket = new Socket(server);
        const PORT = 10002;
        server.listen(PORT, () => {
            console.log("\n")
            console.log(chalk.yellow("*************** parchment.page ********"))
            console.log(chalk.yellowBright(`Server is running on port ${PORT}: http://localhost`));
            console.log(chalk.yellow("***************************************"))
            console.log("\n")
        });

        process.on('SIGINT', async () => {
            console.log(chalk.red('Closing server...'));
            console.log(chalk.green('Database connection closed.'));
            process.exit(0);
        });

        Object.preventExtensions(this);
    }
}

const server = new Server()