Umstellung auf sqlite
This commit is contained in:
Carsten Graf
229
server.js
229
server.js
@@ -3,211 +3,16 @@ const express = require('express');
|
||||
const axios = require('axios');
|
||||
const https = require('https');
|
||||
const path = require('path');
|
||||
const fs = require('fs');
|
||||
const crypto = require('crypto');
|
||||
const session = require('express-session');
|
||||
|
||||
const db = require('./db');
|
||||
|
||||
const app = express();
|
||||
const PORT = 80;
|
||||
|
||||
// Admin Configuration
|
||||
const ADMIN_PASSWORD = process.env.ADMIN_PASSWORD || 'change-this-admin-password';
|
||||
|
||||
// Code storage (data/codes.json)
|
||||
const DATA_DIR = path.join(__dirname, 'data');
|
||||
const CODES_FILE = path.join(DATA_DIR, 'codes.json');
|
||||
// 8-char alphanumeric, excludes confusing chars (0, O, 1, I, l)
|
||||
const CODE_CHARS = '23456789ABCDEFGHJKLMNPQRSTUVWXYZ';
|
||||
|
||||
function ensureDataDir() {
|
||||
if (!fs.existsSync(DATA_DIR)) {
|
||||
fs.mkdirSync(DATA_DIR, { recursive: true });
|
||||
}
|
||||
}
|
||||
|
||||
function loadCodes() {
|
||||
ensureDataDir();
|
||||
if (!fs.existsSync(CODES_FILE)) {
|
||||
return [];
|
||||
}
|
||||
try {
|
||||
const data = fs.readFileSync(CODES_FILE, 'utf8');
|
||||
return JSON.parse(data);
|
||||
} catch (err) {
|
||||
console.error('Error loading codes:', err);
|
||||
return [];
|
||||
}
|
||||
}
|
||||
|
||||
function saveCodes(codes) {
|
||||
ensureDataDir();
|
||||
fs.writeFileSync(CODES_FILE, JSON.stringify(codes, null, 2), 'utf8');
|
||||
}
|
||||
|
||||
function generateCode() {
|
||||
let code = '';
|
||||
for (let i = 0; i < 8; i++) {
|
||||
code += CODE_CHARS.charAt(Math.floor(Math.random() * CODE_CHARS.length));
|
||||
}
|
||||
return code;
|
||||
}
|
||||
|
||||
function findAndValidateCode(codeInput) {
|
||||
const codes = loadCodes();
|
||||
const normalized = String(codeInput || '').trim().toUpperCase();
|
||||
if (!normalized) return null;
|
||||
const entry = codes.find((c) => c.code === normalized);
|
||||
if (!entry) return null;
|
||||
if (entry.expiresAt && new Date(entry.expiresAt) < new Date()) {
|
||||
return null; // expired
|
||||
}
|
||||
return entry;
|
||||
}
|
||||
|
||||
function incrementCodeUseCount(codeInput) {
|
||||
const codes = loadCodes();
|
||||
const normalized = String(codeInput || '').trim().toUpperCase();
|
||||
const idx = codes.findIndex((c) => c.code === normalized);
|
||||
if (idx === -1) return;
|
||||
codes[idx].useCount = (codes[idx].useCount || 0) + 1;
|
||||
saveCodes(codes);
|
||||
}
|
||||
|
||||
function addCode(expiresInMinutes) {
|
||||
const code = generateCode();
|
||||
const now = new Date();
|
||||
const expiresAt = expiresInMinutes
|
||||
? new Date(now.getTime() + expiresInMinutes * 60 * 1000)
|
||||
: null;
|
||||
const entry = {
|
||||
code,
|
||||
createdAt: now.toISOString(),
|
||||
expiresAt: expiresAt ? expiresAt.toISOString() : null,
|
||||
useCount: 0
|
||||
};
|
||||
const codes = loadCodes();
|
||||
codes.push(entry);
|
||||
saveCodes(codes);
|
||||
return entry;
|
||||
}
|
||||
|
||||
function deleteCode(codeInput) {
|
||||
const codes = loadCodes();
|
||||
const normalized = String(codeInput || '').trim().toUpperCase();
|
||||
const filtered = codes.filter((c) => c.code !== normalized);
|
||||
if (filtered.length === codes.length) return false;
|
||||
saveCodes(filtered);
|
||||
return true;
|
||||
}
|
||||
|
||||
// Packages storage (data/packages.json)
|
||||
const PACKAGES_FILE = path.join(DATA_DIR, 'packages.json');
|
||||
const PENDING_ORDERS_FILE = path.join(DATA_DIR, 'pending-orders.json');
|
||||
const PENDING_ORDER_TTL_MS = 30 * 60 * 1000; // 30 minutes
|
||||
|
||||
function loadPackages() {
|
||||
ensureDataDir();
|
||||
if (!fs.existsSync(PACKAGES_FILE)) return [];
|
||||
try {
|
||||
return JSON.parse(fs.readFileSync(PACKAGES_FILE, 'utf8'));
|
||||
} catch (err) {
|
||||
console.error('Error loading packages:', err);
|
||||
return [];
|
||||
}
|
||||
}
|
||||
|
||||
function savePackages(packages) {
|
||||
ensureDataDir();
|
||||
fs.writeFileSync(PACKAGES_FILE, JSON.stringify(packages, null, 2), 'utf8');
|
||||
}
|
||||
|
||||
function findPackageById(id) {
|
||||
return loadPackages().find((p) => p.id === id);
|
||||
}
|
||||
|
||||
function addPackage({ name, durationMinutes, price, currency, active = true }) {
|
||||
const packages = loadPackages();
|
||||
const maxOrder = packages.reduce((m, p) => Math.max(m, p.sortOrder || 0), 0);
|
||||
const entry = {
|
||||
id: crypto.randomUUID(),
|
||||
name: String(name || '').trim(),
|
||||
durationMinutes: parseInt(durationMinutes, 10) || 60,
|
||||
price: parseFloat(price) || 0,
|
||||
currency: String(currency || 'EUR').toUpperCase().slice(0, 3),
|
||||
active: Boolean(active),
|
||||
sortOrder: maxOrder + 1
|
||||
};
|
||||
packages.push(entry);
|
||||
savePackages(packages);
|
||||
return entry;
|
||||
}
|
||||
|
||||
function updatePackage(id, updates) {
|
||||
const packages = loadPackages();
|
||||
const idx = packages.findIndex((p) => p.id === id);
|
||||
if (idx === -1) return null;
|
||||
packages[idx] = {
|
||||
...packages[idx],
|
||||
...(updates.name !== undefined && { name: String(updates.name).trim() }),
|
||||
...(updates.durationMinutes !== undefined && { durationMinutes: parseInt(updates.durationMinutes, 10) || packages[idx].durationMinutes }),
|
||||
...(updates.price !== undefined && { price: parseFloat(updates.price) || packages[idx].price }),
|
||||
...(updates.currency !== undefined && { currency: String(updates.currency).toUpperCase().slice(0, 3) }),
|
||||
...(updates.active !== undefined && { active: Boolean(updates.active) }),
|
||||
...(updates.sortOrder !== undefined && { sortOrder: parseInt(updates.sortOrder, 10) })
|
||||
};
|
||||
savePackages(packages);
|
||||
return packages[idx];
|
||||
}
|
||||
|
||||
function deletePackage(id) {
|
||||
const packages = loadPackages();
|
||||
const filtered = packages.filter((p) => p.id !== id);
|
||||
if (filtered.length === packages.length) return false;
|
||||
savePackages(filtered);
|
||||
return true;
|
||||
}
|
||||
|
||||
function loadPendingOrders() {
|
||||
ensureDataDir();
|
||||
if (!fs.existsSync(PENDING_ORDERS_FILE)) return {};
|
||||
try {
|
||||
return JSON.parse(fs.readFileSync(PENDING_ORDERS_FILE, 'utf8'));
|
||||
} catch (err) {
|
||||
console.error('Error loading pending orders:', err);
|
||||
return {};
|
||||
}
|
||||
}
|
||||
|
||||
function savePendingOrders(obj) {
|
||||
ensureDataDir();
|
||||
fs.writeFileSync(PENDING_ORDERS_FILE, JSON.stringify(obj, null, 2), 'utf8');
|
||||
}
|
||||
|
||||
function addPendingOrder(orderId, { guestMac, packageId }) {
|
||||
const orders = loadPendingOrders();
|
||||
orders[orderId] = {
|
||||
guestMac,
|
||||
packageId,
|
||||
createdAt: new Date().toISOString()
|
||||
};
|
||||
savePendingOrders(orders);
|
||||
}
|
||||
|
||||
function getAndRemovePendingOrder(orderId) {
|
||||
const orders = loadPendingOrders();
|
||||
const entry = orders[orderId];
|
||||
if (!entry) return null;
|
||||
const created = new Date(entry.createdAt).getTime();
|
||||
if (Date.now() - created > PENDING_ORDER_TTL_MS) {
|
||||
delete orders[orderId];
|
||||
savePendingOrders(orders);
|
||||
return null;
|
||||
}
|
||||
delete orders[orderId];
|
||||
savePendingOrders(orders);
|
||||
return entry;
|
||||
}
|
||||
|
||||
// Telegram Configuration
|
||||
const TELEGRAM_BOT_TOKEN = process.env.TELEGRAM_BOT_TOKEN;
|
||||
const TELEGRAM_CHAT_ID = process.env.TELEGRAM_CHAT_ID;
|
||||
@@ -328,7 +133,7 @@ app.post('/authorize', async (req, res) => {
|
||||
});
|
||||
}
|
||||
|
||||
const codeEntry = findAndValidateCode(code);
|
||||
const codeEntry = db.findAndValidateCode(code);
|
||||
if (!codeEntry) {
|
||||
return res.status(400).json({
|
||||
success: false,
|
||||
@@ -350,7 +155,7 @@ app.post('/authorize', async (req, res) => {
|
||||
|
||||
console.log('Authorization successful!', authorizeResponse.data);
|
||||
|
||||
incrementCodeUseCount(code);
|
||||
db.incrementCodeUseCount(code);
|
||||
|
||||
res.json({
|
||||
success: true,
|
||||
@@ -394,7 +199,7 @@ app.get('/admin/check', (req, res) => {
|
||||
});
|
||||
|
||||
app.get('/admin/codes', requireAdmin, (req, res) => {
|
||||
const codes = loadCodes();
|
||||
const codes = db.loadCodes();
|
||||
const now = new Date();
|
||||
const filtered = codes.map((c) => ({
|
||||
...c,
|
||||
@@ -405,12 +210,12 @@ app.get('/admin/codes', requireAdmin, (req, res) => {
|
||||
|
||||
app.post('/admin/codes', requireAdmin, (req, res) => {
|
||||
const { expiresInMinutes } = req.body || {};
|
||||
const entry = addCode(expiresInMinutes != null ? Number(expiresInMinutes) : null);
|
||||
const entry = db.addCode(expiresInMinutes != null ? Number(expiresInMinutes) : null);
|
||||
res.json({ success: true, code: entry.code, entry });
|
||||
});
|
||||
|
||||
app.delete('/admin/codes/:code', requireAdmin, (req, res) => {
|
||||
const deleted = deleteCode(req.params.code);
|
||||
const deleted = db.deleteCode(req.params.code);
|
||||
if (deleted) {
|
||||
return res.json({ success: true });
|
||||
}
|
||||
@@ -419,7 +224,7 @@ app.delete('/admin/codes/:code', requireAdmin, (req, res) => {
|
||||
|
||||
// Public packages (active only)
|
||||
app.get('/api/packages', (req, res) => {
|
||||
const packages = loadPackages()
|
||||
const packages = db.loadPackages()
|
||||
.filter((p) => p.active)
|
||||
.sort((a, b) => (a.sortOrder || 0) - (b.sortOrder || 0))
|
||||
.map((p) => ({
|
||||
@@ -434,7 +239,7 @@ app.get('/api/packages', (req, res) => {
|
||||
|
||||
// Admin packages CRUD
|
||||
app.get('/admin/packages', requireAdmin, (req, res) => {
|
||||
const packages = loadPackages().sort((a, b) => (a.sortOrder || 0) - (b.sortOrder || 0));
|
||||
const packages = db.loadPackages().sort((a, b) => (a.sortOrder || 0) - (b.sortOrder || 0));
|
||||
res.json({ packages });
|
||||
});
|
||||
|
||||
@@ -443,18 +248,18 @@ app.post('/admin/packages', requireAdmin, (req, res) => {
|
||||
if (!name || !durationMinutes || price == null) {
|
||||
return res.status(400).json({ success: false, error: 'Missing required fields: name, durationMinutes, price' });
|
||||
}
|
||||
const entry = addPackage({ name, durationMinutes, price, currency: currency || 'EUR', active });
|
||||
const entry = db.addPackage({ name, durationMinutes, price, currency: currency || 'EUR', active });
|
||||
res.json({ success: true, package: entry });
|
||||
});
|
||||
|
||||
app.put('/admin/packages/:id', requireAdmin, (req, res) => {
|
||||
const pkg = updatePackage(req.params.id, req.body || {});
|
||||
const pkg = db.updatePackage(req.params.id, req.body || {});
|
||||
if (!pkg) return res.status(404).json({ success: false, error: 'Package not found' });
|
||||
res.json({ success: true, package: pkg });
|
||||
});
|
||||
|
||||
app.delete('/admin/packages/:id', requireAdmin, (req, res) => {
|
||||
const deleted = deletePackage(req.params.id);
|
||||
const deleted = db.deletePackage(req.params.id);
|
||||
if (!deleted) return res.status(404).json({ success: false, error: 'Package not found' });
|
||||
res.json({ success: true });
|
||||
});
|
||||
@@ -466,7 +271,7 @@ app.post('/api/paypal/create-order', async (req, res) => {
|
||||
return res.status(400).json({ success: false, error: 'Session expired. Please reconnect to WiFi.' });
|
||||
}
|
||||
const { packageId } = req.body || {};
|
||||
const pkg = findPackageById(packageId);
|
||||
const pkg = db.findPackageById(packageId);
|
||||
if (!pkg || !pkg.active) {
|
||||
return res.status(400).json({ success: false, error: 'Invalid package' });
|
||||
}
|
||||
@@ -497,7 +302,7 @@ app.post('/api/paypal/create-order', async (req, res) => {
|
||||
}
|
||||
);
|
||||
const orderId = resPayPal.data.id;
|
||||
addPendingOrder(orderId, {
|
||||
db.addPendingOrder(orderId, {
|
||||
guestMac: req.session.guestMac,
|
||||
packageId: pkg.id
|
||||
});
|
||||
@@ -523,12 +328,12 @@ app.post('/api/paypal/capture-order', async (req, res) => {
|
||||
return res.status(400).json({ success: false, error: 'Missing orderId' });
|
||||
}
|
||||
|
||||
const pending = getAndRemovePendingOrder(orderId);
|
||||
const pending = db.getAndRemovePendingOrder(orderId);
|
||||
if (!pending || pending.guestMac !== guestMac) {
|
||||
return res.status(400).json({ success: false, error: 'Invalid or expired order' });
|
||||
}
|
||||
|
||||
const pkg = findPackageById(pending.packageId);
|
||||
const pkg = db.findPackageById(pending.packageId);
|
||||
if (!pkg) {
|
||||
return res.status(400).json({ success: false, error: 'Package no longer available' });
|
||||
}
|
||||
@@ -550,7 +355,7 @@ app.post('/api/paypal/capture-order', async (req, res) => {
|
||||
return res.status(400).json({ success: false, error: 'Payment not completed' });
|
||||
}
|
||||
|
||||
addCode(pkg.durationMinutes); // record for audit
|
||||
db.addCode(pkg.durationMinutes); // record for audit
|
||||
|
||||
const amount = `${Number(pkg.price).toFixed(2)} ${pkg.currency}`;
|
||||
const durationText = pkg.durationMinutes >= 1440
|
||||
|
||||
Reference in New Issue
Block a user