kit/server.js at master · WillBarton888/kit · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
require('dotenv').config();
const express = require('express');
const cors = require('cors');
const helmet = require('helmet');
const rateLimit = require('express-rate-limit');
const path = require('path');
const fs = require('fs');

const app = express();
const PORT = process.env.PORT || 3000;

// Security middleware
app.use(helmet({
    contentSecurityPolicy: false // Disable for demo purposes
}));

// Rate limiting
const limiter = rateLimit({
    windowMs: 15 * 60 * 1000, // 15 minutes
    max: 100 // limit each IP to 100 requests per windowMs
});
app.use('/api/', limiter);

// CORS configuration
app.use(cors({
    origin: ['http://localhost:3000', 'http://127.0.0.1:3000', 'http://localhost:8000'],
    credentials: true
}));

// Body parsing middleware
app.use(express.json({ limit: '10mb' }));
app.use(express.urlencoded({ extended: true, limit: '10mb' }));

// Auth middleware — optional for now (sets req.user if token present, doesn't reject)
// Change optionalAuth to requireAuth when ready for production
const { optionalAuth } = require('./middleware/auth');
app.use('/api', (req, res, next) => {
    // Skip auth for login endpoint
    if (req.path === '/auth/login') return next();
    optionalAuth(req, res, next);
});

// Serve static files
app.use(express.static(path.join(__dirname)));

// API Routes
app.use('/api/bookings', require('./routes/bookings'));
app.use('/api/customers', require('./routes/customers'));
app.use('/api/drivers', require('./routes/drivers'));
app.use('/api/vehicles', require('./routes/vehicles'));
app.use('/api/locations', require('./routes/locations'));
app.use('/api/regions', require('./routes/regions'));
app.use('/api/rates', require('./routes/rates'));
app.use('/api/custom-rates', require('./routes/custom-rates'));
app.use('/api/invoices', require('./routes/invoices'));
app.use('/api/payments', require('./routes/payments'));
app.use('/api/analytics', require('./routes/analytics'));
app.use('/api/auth', require('./routes/auth'));
app.use('/api/agents', require('./routes/agents'));
app.use('/api/exception-dates', require('./routes/exception-dates'));
app.use('/api/process-payments', require('./routes/process-payments'));
app.use('/api/email-invoice', require('./routes/email-invoice'));
app.use('/api/notes', require('./routes/notes'));
app.use('/api/driver-unavailability', require('./routes/driver-unavailability'));

// Serve main pages
app.get('/', (req, res) => {
    res.sendFile(path.join(__dirname, 'index.html'));
});

app.get('/manage', (req, res) => {
    res.sendFile(path.join(__dirname, 'manage.html'));
});

app.get('/staff', (req, res) => {
    res.sendFile(path.join(__dirname, 'staff.html'));
});

app.get('/app', (req, res) => {
    res.sendFile(path.join(__dirname, 'app.html'));
});

app.get('/login', (req, res) => {
    res.sendFile(path.join(__dirname, 'login.html'));
});

// Public booking page
app.get('/book', (req, res) => {
    res.sendFile(path.join(__dirname, 'public-booking.html'));
});

// Public API (no auth required) — for website booking form
app.get('/api/public/rates', (req, res) => {
    const sqlite3 = require('sqlite3').verbose();
    const db = new sqlite3.Database(path.join(__dirname, 'database/kit_demo.db'));
    db.all(`SELECT r.*, pl.name as pickup_name, dl.name as dropoff_name
        FROM rates r
        LEFT JOIN locations pl ON r.pickup_location_id = pl.id
        LEFT JOIN locations dl ON r.dropoff_location_id = dl.id
        WHERE r.active = 1
        ORDER BY pl.name, dl.name`, (err, rows) => {
        res.json({ rates: rows || [] });
        db.close();
    });
});

app.get('/api/public/locations', (req, res) => {
    const sqlite3 = require('sqlite3').verbose();
    const db = new sqlite3.Database(path.join(__dirname, 'database/kit_demo.db'));
    db.all('SELECT id, name, region, type FROM locations WHERE active = 1 AND show_on_website = 1 ORDER BY name', (err, rows) => {
        res.json({ locations: rows || [] });
        db.close();
    });
});

app.get('/api/public/exception-dates', (req, res) => {
    const sqlite3 = require('sqlite3').verbose();
    const db = new sqlite3.Database(path.join(__dirname, 'database/kit_demo.db'));
    db.all('SELECT date, name, description, price_multiplier FROM exception_dates WHERE active = 1 ORDER BY date', (err, rows) => {
        res.json({ dates: rows || [] });
        db.close();
    });
});

// Health check endpoint
app.get('/api/health', (req, res) => {
    res.json({
        status: 'OK',
        timestamp: new Date().toISOString(),
        uptime: process.uptime()
    });
});

// Error handling middleware
app.use((err, req, res, next) => {
    console.error('Error:', err.stack);
    res.status(500).json({
        error: 'Internal Server Error',
        message: process.env.NODE_ENV === 'development' ? err.message : 'Something went wrong!'
    });
});

// 404 handler
app.use((req, res) => {
    res.status(404).json({ error: 'Not Found' });
});

// Start server
app.listen(PORT, () => {
    console.log('🚀 Kangaroo Island Transfers Server Starting...');
    console.log(`📍 Server running on http://localhost:${PORT}`);
    console.log(`📊 Management Interface: http://localhost:${PORT}/manage`);
    console.log(`👥 Staff Portal: http://localhost:${PORT}/staff`);
    console.log(`🛒 Public Booking: http://localhost:${PORT}/`);
    console.log(`📋 API Health Check: http://localhost:${PORT}/api/health`);
    console.log('');
    console.log('🎯 Demo Features:');
    console.log('  • Complete booking management');
    console.log('  • Real-time driver allocation');
    console.log('  • Invoice generation & email');
    console.log('  • Payment processing simulation');
    console.log('  • Customer & agent management');
    console.log('  • Rate management system');
    console.log('  • Analytics dashboard');
    console.log('');
    console.log('📁 Database location: ./database/kit_demo.db');
    console.log('');
});

module.exports = app;