Spaces:

Reality123b
/

RelayServer

Runtime error

App Files Files Community

Reality123b commited on 5 days ago

Commit

1b0fc70

verified ·

1 Parent(s): 3b29350

Update server.js

Browse files

Files changed (1) hide show

server.js +15 -101

server.js CHANGED Viewed

@@ -1,3 +1,11 @@
 const express = require('express');
 const sqlite3 = require('sqlite3').verbose();
 const bcrypt = require('bcryptjs');
@@ -6,30 +14,21 @@ const multer = require('multer');
 const cors = require('cors');
 const helmet = require('helmet');
 const rateLimit = require('express-rate-limit');
-const fs = require('fs');
-const path = require('path');
 const archiver = require('archiver');
 const { parse } = require('csv-parse');
 const app = express();
 const PORT = process.env.PORT || 3000;
 const JWT_SECRET = process.env.JWT_SECRET || 'your-super-secret-jwt-key-change-this-in-production';
 const ADMIN_PASSWORD = process.env.ADMIN_PASSWORD || 'DataMaster2024!';
-// Middleware
 app.use(helmet());
 app.use(cors());
 app.use(express.json({ limit: '50mb' }));
 app.use(express.urlencoded({ extended: true, limit: '50mb' }));
-// Rate limiting
 const limiter = rateLimit({
-  windowMs: 15 * 60 * 1000, // 15 minutes
-  max: 100 // limit each IP to 100 requests per windowMs
 });
 app.use(limiter);
-// File upload configuration
 const storage = multer.diskStorage({
   destination: (req, file, cb) => {
     const uploadPath = path.join(__dirname, 'datasets');
@@ -42,17 +41,12 @@ const storage = multer.diskStorage({
     cb(null, `${Date.now()}-${file.originalname}`);
   }
 });
-const upload = multer({
   storage: storage,
-  limits: { fileSize: 100 * 1024 * 1024 } // 100MB limit
 });
-// Initialize databases
 const userDb = new sqlite3.Database('./data/users.db');
 const datasetDb = new sqlite3.Database('./data/datasets.db');
-// Create tables
 userDb.serialize(() => {
   userDb.run(`CREATE TABLE IF NOT EXISTS users (
     id INTEGER PRIMARY KEY AUTOINCREMENT,
@@ -62,7 +56,6 @@ userDb.serialize(() => {
     created_at DATETIME DEFAULT CURRENT_TIMESTAMP
   )`);
 });
 datasetDb.serialize(() => {
   datasetDb.run(`CREATE TABLE IF NOT EXISTS datasets (
     id INTEGER PRIMARY KEY AUTOINCREMENT,
@@ -76,16 +69,12 @@ datasetDb.serialize(() => {
     download_count INTEGER DEFAULT 0
   )`);
 });
-// Authentication middleware
 const authenticateToken = (req, res, next) => {
   const authHeader = req.headers['authorization'];
   const token = authHeader && authHeader.split(' ')[1];
   if (!token) {
     return res.status(401).json({ error: 'Access token required' });
   }
   jwt.verify(token, JWT_SECRET, (err, user) => {
     if (err) {
       return res.status(403).json({ error: 'Invalid token' });
@@ -94,25 +83,16 @@ const authenticateToken = (req, res, next) => {
     next();
   });
 };
-// Routes
-// Health check
 app.get('/health', (req, res) => {
   res.json({ status: 'OK', timestamp: new Date().toISOString() });
 });
-// User registration
 app.post('/api/register', async (req, res) => {
   try {
     const { username, password } = req.body;
     if (!username || !password) {
       return res.status(400).json({ error: 'Username and password required' });
     }
     const hashedPassword = await bcrypt.hash(password, 10);
     userDb.run(
       'INSERT INTO users (username, password) VALUES (?, ?)',
       [username, hashedPassword],
@@ -123,9 +103,8 @@ app.post('/api/register', async (req, res) => {
           }
           return res.status(500).json({ error: 'Database error' });
         }
         const token = jwt.sign({ id: this.lastID, username }, JWT_SECRET, { expiresIn: '24h' });
-        res.status(201).json({
           message: 'User created successfully',
           token,
           user: { id: this.lastID, username }
@@ -136,15 +115,11 @@ app.post('/api/register', async (req, res) => {
     res.status(500).json({ error: 'Server error' });
   }
 });
-// User login
 app.post('/api/login', (req, res) => {
   const { username, password } = req.body;
   if (!username || !password) {
     return res.status(400).json({ error: 'Username and password required' });
   }
   userDb.get(
     'SELECT * FROM users WHERE username = ?',
     [username],
@@ -152,22 +127,18 @@ app.post('/api/login', (req, res) => {
       if (err) {
         return res.status(500).json({ error: 'Database error' });
       }
       if (!user) {
         return res.status(401).json({ error: 'Invalid credentials' });
       }
       const validPassword = await bcrypt.compare(password, user.password);
       if (!validPassword) {
         return res.status(401).json({ error: 'Invalid credentials' });
       }
       const token = jwt.sign(
         { id: user.id, username: user.username, role: user.role },
         JWT_SECRET,
         { expiresIn: '24h' }
       );
       res.json({
         message: 'Login successful',
         token,
@@ -176,8 +147,6 @@ app.post('/api/login', (req, res) => {
     }
   );
 });
-// Get all datasets
 app.get('/api/datasets', authenticateToken, (req, res) => {
   datasetDb.all(
     'SELECT id, name, description, file_type, size, created_by, created_at, download_count FROM datasets ORDER BY created_at DESC',
@@ -189,18 +158,14 @@ app.get('/api/datasets', authenticateToken, (req, res) => {
     }
   );
 });
-// Upload dataset
 app.post('/api/datasets/upload', authenticateToken, upload.single('file'), (req, res) => {
   if (!req.file) {
     return res.status(400).json({ error: 'No file uploaded' });
   }
   const { name, description } = req.body;
   if (!name) {
     return res.status(400).json({ error: 'Dataset name required' });
   }
   datasetDb.run(
     'INSERT INTO datasets (name, description, file_path, file_type, size, created_by) VALUES (?, ?, ?, ?, ?, ?)',
     [name, description || '', req.file.path, req.file.mimetype, req.file.size, req.user.username],
@@ -211,7 +176,6 @@ app.post('/api/datasets/upload', authenticateToken, upload.single('file'), (req,
         }
         return res.status(500).json({ error: 'Database error' });
       }
       res.status(201).json({
         id: this.lastID,
         name,
@@ -223,11 +187,8 @@ app.post('/api/datasets/upload', authenticateToken, upload.single('file'), (req,
     }
   );
 });
-// Download dataset
 app.get('/api/datasets/:id/download', authenticateToken, (req, res) => {
   const datasetId = req.params.id;
   datasetDb.get(
     'SELECT * FROM datasets WHERE id = ?',
     [datasetId],
@@ -235,56 +196,43 @@ app.get('/api/datasets/:id/download', authenticateToken, (req, res) => {
       if (err) {
         return res.status(500).json({ error: 'Database error' });
       }
       if (!dataset) {
         return res.status(404).json({ error: 'Dataset not found' });
       }
       if (!fs.existsSync(dataset.file_path)) {
         return res.status(404).json({ error: 'File not found on server' });
       }
-      // Update download count
       datasetDb.run(
         'UPDATE datasets SET download_count = download_count + 1 WHERE id = ?',
         [datasetId]
       );
       res.download(dataset.file_path, dataset.name);
     }
   );
 });
-// Create custom dataset from JSON
 app.post('/api/datasets/create', authenticateToken, (req, res) => {
   const { name, description, data } = req.body;
   if (!name || !data) {
     return res.status(400).json({ error: 'Name and data required' });
   }
   const fileName = `${Date.now()}-${name.replace(/[^a-zA-Z0-9]/g, '_')}.json`;
   const filePath = path.join(__dirname, 'datasets', fileName);
   fs.writeFile(filePath, JSON.stringify(data, null, 2), (err) => {
     if (err) {
       return res.status(500).json({ error: 'Failed to create file' });
     }
     const fileSize = fs.statSync(filePath).size;
     datasetDb.run(
       'INSERT INTO datasets (name, description, file_path, file_type, size, created_by) VALUES (?, ?, ?, ?, ?, ?)',
       [name, description || '', filePath, 'application/json', fileSize, req.user.username],
       function(err) {
         if (err) {
-          fs.unlinkSync(filePath); // Clean up file if database insert fails
           if (err.message.includes('UNIQUE constraint failed')) {
             return res.status(409).json({ error: 'Dataset name already exists' });
           }
           return res.status(500).json({ error: 'Database error' });
         }
         res.status(201).json({
           id: this.lastID,
           name,
@@ -297,11 +245,8 @@ app.post('/api/datasets/create', authenticateToken, (req, res) => {
     );
   });
 });
-// Delete dataset
 app.delete('/api/datasets/:id', authenticateToken, (req, res) => {
   const datasetId = req.params.id;
   datasetDb.get(
     'SELECT * FROM datasets WHERE id = ?',
     [datasetId],
@@ -309,22 +254,15 @@ app.delete('/api/datasets/:id', authenticateToken, (req, res) => {
       if (err) {
         return res.status(500).json({ error: 'Database error' });
       }
       if (!dataset) {
         return res.status(404).json({ error: 'Dataset not found' });
       }
-      // Check if user owns the dataset or is admin
       if (dataset.created_by !== req.user.username && req.user.role !== 'admin') {
         return res.status(403).json({ error: 'Not authorized to delete this dataset' });
       }
-      // Delete file
       if (fs.existsSync(dataset.file_path)) {
         fs.unlinkSync(dataset.file_path);
       }
-      // Delete from database
       datasetDb.run(
         'DELETE FROM datasets WHERE id = ?',
         [datasetId],
@@ -338,11 +276,8 @@ app.delete('/api/datasets/:id', authenticateToken, (req, res) => {
     }
   );
 });
-// Get dataset info
 app.get('/api/datasets/:id', authenticateToken, (req, res) => {
   const datasetId = req.params.id;
   datasetDb.get(
     'SELECT * FROM datasets WHERE id = ?',
     [datasetId],
@@ -350,26 +285,19 @@ app.get('/api/datasets/:id', authenticateToken, (req, res) => {
       if (err) {
         return res.status(500).json({ error: 'Database error' });
       }
       if (!dataset) {
         return res.status(404).json({ error: 'Dataset not found' });
       }
       res.json(dataset);
     }
   );
 });
-// Bulk download (zip multiple datasets)
 app.post('/api/datasets/bulk-download', authenticateToken, (req, res) => {
   const { datasetIds } = req.body;
   if (!datasetIds || !Array.isArray(datasetIds)) {
     return res.status(400).json({ error: 'Dataset IDs array required' });
   }
   const placeholders = datasetIds.map(() => '?').join(',');
   datasetDb.all(
     `SELECT * FROM datasets WHERE id IN (${placeholders})`,
     datasetIds,
@@ -377,36 +305,22 @@ app.post('/api/datasets/bulk-download', authenticateToken, (req, res) => {
       if (err) {
         return res.status(500).json({ error: 'Database error' });
       }
       if (datasets.length === 0) {
         return res.status(404).json({ error: 'No datasets found' });
       }
       const archive = archiver('zip', { zlib: { level: 9 } });
       res.attachment('datasets.zip');
       archive.pipe(res);
       datasets.forEach(dataset => {
         if (fs.existsSync(dataset.file_path)) {
           archive.file(dataset.file_path, { name: dataset.name });
         }
       });
       archive.finalize();
     }
   );
 });
-// Error handling middleware
 app.use((err, req, res, next) => {
-  console.error(err.stack);
   res.status(500).json({ error: 'Something went wrong!' });
 });
-// Start server
-app.listen(PORT, () => {
-  console.log(`Server running on port ${PORT}`);
-  console.log(`Admin password: ${ADMIN_PASSWORD}`);
-  console.log(`JWT Secret: ${JWT_SECRET}`);
-});

+const fs = require('fs');
+const path = require('path');
+['data', 'datasets'].forEach(dir => {
+  const fullPath = path.join(__dirname, dir);
+  if (!fs.existsSync(fullPath)) {
+    fs.mkdirSync(fullPath, { recursive: true });
+  }
+});
 const express = require('express');
 const sqlite3 = require('sqlite3').verbose();
 const bcrypt = require('bcryptjs');
 const cors = require('cors');
 const helmet = require('helmet');
 const rateLimit = require('express-rate-limit');
 const archiver = require('archiver');
 const { parse } = require('csv-parse');
 const app = express();
 const PORT = process.env.PORT || 3000;
 const JWT_SECRET = process.env.JWT_SECRET || 'your-super-secret-jwt-key-change-this-in-production';
 const ADMIN_PASSWORD = process.env.ADMIN_PASSWORD || 'DataMaster2024!';
 app.use(helmet());
 app.use(cors());
 app.use(express.json({ limit: '50mb' }));
 app.use(express.urlencoded({ extended: true, limit: '50mb' }));
 const limiter = rateLimit({
+  windowMs: 15 * 60 * 1000,
+  max: 100
 });
 app.use(limiter);
 const storage = multer.diskStorage({
   destination: (req, file, cb) => {
     const uploadPath = path.join(__dirname, 'datasets');
     cb(null, `${Date.now()}-${file.originalname}`);
   }
 });
+const upload = multer({
   storage: storage,
+  limits: { fileSize: 100 * 1024 * 1024 }
 });
 const userDb = new sqlite3.Database('./data/users.db');
 const datasetDb = new sqlite3.Database('./data/datasets.db');
 userDb.serialize(() => {
   userDb.run(`CREATE TABLE IF NOT EXISTS users (
     id INTEGER PRIMARY KEY AUTOINCREMENT,
     created_at DATETIME DEFAULT CURRENT_TIMESTAMP
   )`);
 });
 datasetDb.serialize(() => {
   datasetDb.run(`CREATE TABLE IF NOT EXISTS datasets (
     id INTEGER PRIMARY KEY AUTOINCREMENT,
     download_count INTEGER DEFAULT 0
   )`);
 });
 const authenticateToken = (req, res, next) => {
   const authHeader = req.headers['authorization'];
   const token = authHeader && authHeader.split(' ')[1];
   if (!token) {
     return res.status(401).json({ error: 'Access token required' });
   }
   jwt.verify(token, JWT_SECRET, (err, user) => {
     if (err) {
       return res.status(403).json({ error: 'Invalid token' });
     next();
   });
 };
 app.get('/health', (req, res) => {
   res.json({ status: 'OK', timestamp: new Date().toISOString() });
 });
 app.post('/api/register', async (req, res) => {
   try {
     const { username, password } = req.body;
     if (!username || !password) {
       return res.status(400).json({ error: 'Username and password required' });
     }
     const hashedPassword = await bcrypt.hash(password, 10);
     userDb.run(
       'INSERT INTO users (username, password) VALUES (?, ?)',
       [username, hashedPassword],
           }
           return res.status(500).json({ error: 'Database error' });
         }
         const token = jwt.sign({ id: this.lastID, username }, JWT_SECRET, { expiresIn: '24h' });
+        res.status(201).json({
           message: 'User created successfully',
           token,
           user: { id: this.lastID, username }
     res.status(500).json({ error: 'Server error' });
   }
 });
 app.post('/api/login', (req, res) => {
   const { username, password } = req.body;
   if (!username || !password) {
     return res.status(400).json({ error: 'Username and password required' });
   }
   userDb.get(
     'SELECT * FROM users WHERE username = ?',
     [username],
       if (err) {
         return res.status(500).json({ error: 'Database error' });
       }
       if (!user) {
         return res.status(401).json({ error: 'Invalid credentials' });
       }
       const validPassword = await bcrypt.compare(password, user.password);
       if (!validPassword) {
         return res.status(401).json({ error: 'Invalid credentials' });
       }
       const token = jwt.sign(
         { id: user.id, username: user.username, role: user.role },
         JWT_SECRET,
         { expiresIn: '24h' }
       );
       res.json({
         message: 'Login successful',
         token,
     }
   );
 });
 app.get('/api/datasets', authenticateToken, (req, res) => {
   datasetDb.all(
     'SELECT id, name, description, file_type, size, created_by, created_at, download_count FROM datasets ORDER BY created_at DESC',
     }
   );
 });
 app.post('/api/datasets/upload', authenticateToken, upload.single('file'), (req, res) => {
   if (!req.file) {
     return res.status(400).json({ error: 'No file uploaded' });
   }
   const { name, description } = req.body;
   if (!name) {
     return res.status(400).json({ error: 'Dataset name required' });
   }
   datasetDb.run(
     'INSERT INTO datasets (name, description, file_path, file_type, size, created_by) VALUES (?, ?, ?, ?, ?, ?)',
     [name, description || '', req.file.path, req.file.mimetype, req.file.size, req.user.username],
         }
         return res.status(500).json({ error: 'Database error' });
       }
       res.status(201).json({
         id: this.lastID,
         name,
     }
   );
 });
 app.get('/api/datasets/:id/download', authenticateToken, (req, res) => {
   const datasetId = req.params.id;
   datasetDb.get(
     'SELECT * FROM datasets WHERE id = ?',
     [datasetId],
       if (err) {
         return res.status(500).json({ error: 'Database error' });
       }
       if (!dataset) {
         return res.status(404).json({ error: 'Dataset not found' });
       }
       if (!fs.existsSync(dataset.file_path)) {
         return res.status(404).json({ error: 'File not found on server' });
       }
       datasetDb.run(
         'UPDATE datasets SET download_count = download_count + 1 WHERE id = ?',
         [datasetId]
       );
       res.download(dataset.file_path, dataset.name);
     }
   );
 });
 app.post('/api/datasets/create', authenticateToken, (req, res) => {
   const { name, description, data } = req.body;
   if (!name || !data) {
     return res.status(400).json({ error: 'Name and data required' });
   }
   const fileName = `${Date.now()}-${name.replace(/[^a-zA-Z0-9]/g, '_')}.json`;
   const filePath = path.join(__dirname, 'datasets', fileName);
   fs.writeFile(filePath, JSON.stringify(data, null, 2), (err) => {
     if (err) {
       return res.status(500).json({ error: 'Failed to create file' });
     }
     const fileSize = fs.statSync(filePath).size;
     datasetDb.run(
       'INSERT INTO datasets (name, description, file_path, file_type, size, created_by) VALUES (?, ?, ?, ?, ?, ?)',
       [name, description || '', filePath, 'application/json', fileSize, req.user.username],
       function(err) {
         if (err) {
+          fs.unlinkSync(filePath);
           if (err.message.includes('UNIQUE constraint failed')) {
             return res.status(409).json({ error: 'Dataset name already exists' });
           }
           return res.status(500).json({ error: 'Database error' });
         }
         res.status(201).json({
           id: this.lastID,
           name,
     );
   });
 });
 app.delete('/api/datasets/:id', authenticateToken, (req, res) => {
   const datasetId = req.params.id;
   datasetDb.get(
     'SELECT * FROM datasets WHERE id = ?',
     [datasetId],
       if (err) {
         return res.status(500).json({ error: 'Database error' });
       }
       if (!dataset) {
         return res.status(404).json({ error: 'Dataset not found' });
       }
       if (dataset.created_by !== req.user.username && req.user.role !== 'admin') {
         return res.status(403).json({ error: 'Not authorized to delete this dataset' });
       }
       if (fs.existsSync(dataset.file_path)) {
         fs.unlinkSync(dataset.file_path);
       }
       datasetDb.run(
         'DELETE FROM datasets WHERE id = ?',
         [datasetId],
     }
   );
 });
 app.get('/api/datasets/:id', authenticateToken, (req, res) => {
   const datasetId = req.params.id;
   datasetDb.get(
     'SELECT * FROM datasets WHERE id = ?',
     [datasetId],
       if (err) {
         return res.status(500).json({ error: 'Database error' });
       }
       if (!dataset) {
         return res.status(404).json({ error: 'Dataset not found' });
       }
       res.json(dataset);
     }
   );
 });
 app.post('/api/datasets/bulk-download', authenticateToken, (req, res) => {
   const { datasetIds } = req.body;
   if (!datasetIds || !Array.isArray(datasetIds)) {
     return res.status(400).json({ error: 'Dataset IDs array required' });
   }
   const placeholders = datasetIds.map(() => '?').join(',');
   datasetDb.all(
     `SELECT * FROM datasets WHERE id IN (${placeholders})`,
     datasetIds,
       if (err) {
         return res.status(500).json({ error: 'Database error' });
       }
       if (datasets.length === 0) {
         return res.status(404).json({ error: 'No datasets found' });
       }
       const archive = archiver('zip', { zlib: { level: 9 } });
       res.attachment('datasets.zip');
       archive.pipe(res);
       datasets.forEach(dataset => {
         if (fs.existsSync(dataset.file_path)) {
           archive.file(dataset.file_path, { name: dataset.name });
         }
       });
       archive.finalize();
     }
   );
 });
 app.use((err, req, res, next) => {
   res.status(500).json({ error: 'Something went wrong!' });
 });
+app.listen(PORT, () => {});