84 lines
3.1 KiB
JavaScript
84 lines
3.1 KiB
JavaScript
// Load environment variables from .env file for development
|
|
if (process.env.NODE_ENV !== 'production') {
|
|
require('dotenv').config();
|
|
}
|
|
|
|
const express = require('express');
|
|
const bodyParser = require('body-parser');
|
|
const fs = require('fs');
|
|
const path = require('path');
|
|
const cors = require('cors');
|
|
|
|
const app = express();
|
|
const port = 3050;
|
|
// Admin password (shared secret). Defaults to "balloons" for development if not provided.
|
|
const ADMIN_PASSWORD = process.env.ADMIN_PASSWORD || 'balloons';
|
|
|
|
// --- Production Security Check ---
|
|
if (process.env.NODE_ENV === 'production' && (!ADMIN_PASSWORD || ADMIN_PASSWORD === "balloons")) {
|
|
console.warn(`
|
|
****************************************************************
|
|
** WARNING: ADMIN_PASSWORD is not set or is insecure in production. **
|
|
** If the admin UI is already behind auth, this may be acceptable. **
|
|
** Otherwise, set a strong ADMIN_PASSWORD environment variable. **
|
|
****************************************************************
|
|
`);
|
|
}
|
|
|
|
// --- Middleware Setup ---
|
|
// More explicit CORS configuration to allow all origins
|
|
app.use(cors({
|
|
origin: '*'
|
|
}));
|
|
app.use(bodyParser.json());
|
|
|
|
// --- API Routes ---
|
|
const apiRouter = express.Router();
|
|
|
|
apiRouter.post('/update-status', (req, res) => {
|
|
console.log(`[${new Date().toISOString()}] Received request for /api/update-status`);
|
|
const { data } = req.body;
|
|
|
|
if (!data) {
|
|
return res.status(400).json({ success: false, message: 'Bad Request: No data provided.' });
|
|
}
|
|
|
|
const jsonString = JSON.stringify(data, null, 4);
|
|
const filePath = path.join(__dirname, 'update.json');
|
|
|
|
fs.writeFile(filePath, jsonString, (err) => {
|
|
if (err) {
|
|
console.error(`[${new Date().toISOString()}] Error writing to update.json:`, err);
|
|
return res.status(500).json({ success: false, message: 'Internal Server Error: Could not write to file.' });
|
|
}
|
|
console.log(`[${new Date().toISOString()}] update.json was successfully updated.`);
|
|
res.json({ success: true, message: 'Status updated successfully.' });
|
|
});
|
|
});
|
|
|
|
// Mount the API router under the /api path
|
|
app.use('/api', apiRouter);
|
|
|
|
// --- Static Files ---
|
|
const staticCacheOptions = {
|
|
maxAge: process.env.NODE_ENV === 'production' ? '30d' : 0,
|
|
setHeaders: (res, filePath) => {
|
|
if (filePath.endsWith('.html') || filePath.endsWith('update.json')) {
|
|
res.setHeader('Cache-Control', 'no-store');
|
|
} else if (/\.(js|css|svg|ico|png|jpg|jpeg|webp|avif|woff2?)$/i.test(filePath)) {
|
|
res.setHeader('Cache-Control', 'public, max-age=2592000, immutable');
|
|
}
|
|
}
|
|
};
|
|
// Serve bundled assets under /build with long cache
|
|
app.use('/build', express.static(path.join(__dirname, 'public/build'), staticCacheOptions));
|
|
// Serve static files from the root directory (handles all other GET requests)
|
|
app.use(express.static(path.join(__dirname), staticCacheOptions));
|
|
|
|
app.listen(port, () => {
|
|
console.log(`Server listening at http://localhost:${port}`);
|
|
if (process.env.NODE_ENV !== 'production') {
|
|
console.log(`Admin panel available at http://localhost:${port}/admin.html`);
|
|
}
|
|
});
|