cephie-studios
diff --git a/‎server/db/flightLogs.ts‎
Lines changed: 7 additions & 3 deletions b/‎server/db/flightLogs.ts‎
Lines changed: 7 additions & 3 deletions
diff --git a/‎server/db/flights.ts‎
Lines changed: 118 additions & 1 deletion b/‎server/db/flights.ts‎
Lines changed: 118 additions & 1 deletion
diff --git a/‎server/routes/flights.ts‎
Lines changed: 115 additions & 0 deletions b/‎server/routes/flights.ts‎
Lines changed: 115 additions & 0 deletions
diff --git a/‎src/App.tsx‎
Lines changed: 18 additions & 0 deletions b/‎src/App.tsx‎
Lines changed: 18 additions & 0 deletions
diff --git a/‎src/components/Navbar.tsx‎
Lines changed: 8 additions & 0 deletions b/‎src/components/Navbar.tsx‎
Lines changed: 8 additions & 0 deletions
@@ -2,6 +2,8 @@ import { mainDb } from './connection.js';
 import { encrypt, decrypt } from '../utils/encryption.js';
 import { sql } from 'kysely';
 
+const FLIGHT_LOG_RETENTION_DAYS = 365;
+
 export interface FlightLogData {
   userId: string;
   username: string;
@@ -60,7 +62,9 @@ export async function logFlightAction(logData: FlightLogData) {
   }
 }
 
-export async function cleanupOldFlightLogs(daysToKeep = 30) {
+export async function cleanupOldFlightLogs(
+  daysToKeep = FLIGHT_LOG_RETENTION_DAYS
+) {
   try {
     const result = await mainDb
       .deleteFrom('flight_logs')
@@ -85,15 +89,15 @@ export function startFlightLogsCleanup() {
 
   setTimeout(async () => {
     try {
-      await cleanupOldFlightLogs(30);
+      await cleanupOldFlightLogs(FLIGHT_LOG_RETENTION_DAYS);
     } catch (error) {
       console.error('Initial flight logs cleanup failed:', error);
     }
   }, 60 * 1000);
 
   cleanupInterval = setInterval(async () => {
     try {
-      await cleanupOldFlightLogs(30);
+      await cleanupOldFlightLogs(FLIGHT_LOG_RETENTION_DAYS);
     } catch (error) {
       console.error('Scheduled flight logs cleanup failed:', error);
     }
 
@@ -11,6 +11,7 @@ import crypto from 'crypto';
 import { sql } from 'kysely';
 import { incrementStat } from '../utils/statisticsCache.js';
 import type { FlightsTable } from './types/connection/main/FlightsTable.js';
+import type { FlightLogsTable } from './types/connection/main/FlightLogsTable.js';
 
 function createUTCDate(): Date {
   const now = new Date();
@@ -188,6 +189,122 @@ export async function getFlightsBySession(sessionId: string) {
   }
 }
 
+export async function getFlightsByUser(userId: string) {
+  try {
+    const flights = await mainDb
+      .selectFrom('flights')
+      .selectAll()
+      .where('user_id', '=', userId)
+      .orderBy('created_at', 'desc')
+      .execute();
+
+    return flights.map((flight) => sanitizeFlightForClient(flight));
+  } catch (error) {
+    console.error(`Error fetching flights for user ${userId}:`, error);
+    return [];
+  }
+}
+
+export async function getFlightByIdForUser(userId: string, flightId: string) {
+  try {
+    const validFlightId = validateFlightId(flightId);
+    const flight = await mainDb
+      .selectFrom('flights')
+      .selectAll()
+      .where('id', '=', validFlightId)
+      .where('user_id', '=', userId)
+      .executeTakeFirst();
+
+    return flight ? sanitizeFlightForClient(flight) : null;
+  } catch (error) {
+    console.error(`Error fetching flight ${flightId} for user ${userId}:`, error);
+    return null;
+  }
+}
+
+export async function getFlightLogsForUser(userId: string, flightId: string) {
+  try {
+    const validFlightId = validateFlightId(flightId);
+
+    const ownedFlight = await mainDb
+      .selectFrom('flights')
+      .select(['id', 'created_at'])
+      .where('id', '=', validFlightId)
+      .where('user_id', '=', userId)
+      .executeTakeFirst();
+
+    if (!ownedFlight) {
+      return { logs: [], logsDiscardedDueToAge: false };
+    }
+
+    const retentionThreshold = new Date(
+      Date.now() - 365 * 24 * 60 * 60 * 1000
+    );
+    const logsDiscardedDueToAge = !!(
+      ownedFlight.created_at && ownedFlight.created_at < retentionThreshold
+    );
+
+    const logs = await mainDb
+      .selectFrom('flight_logs')
+      .selectAll()
+      .where('flight_id', '=', validFlightId)
+      .orderBy('created_at', 'desc')
+      .execute();
+
+    return {
+      logs: logs.map((log: FlightLogsTable) => ({
+      id: log.id,
+      action: log.action,
+      old_data: log.old_data,
+      new_data: log.new_data,
+      created_at: log.created_at,
+      })),
+      logsDiscardedDueToAge,
+    };
+  } catch (error) {
+    console.error(
+      `Error fetching flight logs for flight ${flightId} and user ${userId}:`,
+      error
+    );
+    return { logs: [], logsDiscardedDueToAge: false };
+  }
+}
+
+export async function claimFlightForUser(
+  sessionId: string,
+  flightId: string,
+  acarsToken: string,
+  userId: string
+) {
+  const validSessionId = validateSessionId(sessionId);
+  const validFlightId = validateFlightId(flightId);
+
+  const flight = await mainDb
+    .selectFrom('flights')
+    .select(['id', 'user_id', 'acars_token'])
+    .where('session_id', '=', validSessionId)
+    .where('id', '=', validFlightId)
+    .executeTakeFirst();
+
+  if (!flight) return { ok: false, reason: 'not_found' as const };
+  if (flight.acars_token !== acarsToken)
+    return { ok: false, reason: 'invalid_token' as const };
+  if (flight.user_id && flight.user_id !== userId)
+    return { ok: false, reason: 'already_claimed' as const };
+
+  await mainDb
+    .updateTable('flights')
+    .set({
+      user_id: userId,
+      updated_at: createUTCDate(),
+    })
+    .where('session_id', '=', validSessionId)
+    .where('id', '=', validFlightId)
+    .execute();
+
+  return { ok: true as const };
+}
+
 export async function validateAcarsAccess(
   sessionId: string,
   flightId: string,
@@ -418,7 +535,7 @@ export async function updateFlight(
   for (const [key, value] of Object.entries(updates)) {
     let dbKey = key;
     if (key === 'cruisingFL') dbKey = 'cruisingfl';
-    if (key === 'clearedFL')  dbKey = 'clearedfl';
+    if (key === 'clearedFL') dbKey = 'clearedfl';
     if (allowedColumns.includes(dbKey)) {
       dbUpdates[dbKey] = dbKey === 'clearance' ? String(value) : value;
     }
 
@@ -3,6 +3,11 @@ import requireAuth from '../middleware/auth.js';
 import { requireFlightAccess } from '../middleware/flightAccess.js';
 import {
   getFlightsBySession,
+  getFlightsByUser,
+  getFlightByIdForUser,
+  getFlightLogsForUser,
+  claimFlightForUser,
+  getFlightById,
   addFlight,
   updateFlight,
   deleteFlight,
@@ -54,6 +59,116 @@ process.on('SIGTERM', () => {
   activeAcarsTerminals.clear();
 });
 
+// GET: /api/flights/me - get flights submitted by current user
+router.get('/me/list', requireAuth, async (req, res) => {
+  try {
+    if (!req.user) return res.status(401).json({ error: 'Unauthorized' });
+    const flights = await getFlightsByUser(req.user.userId);
+    res.json(flights);
+  } catch {
+    res.status(500).json({ error: 'Failed to fetch your flights' });
+  }
+});
+
+// GET: /api/flights/me/:flightId - get one owned flight
+router.get('/me/:flightId', requireAuth, async (req, res) => {
+  try {
+    if (!req.user) return res.status(401).json({ error: 'Unauthorized' });
+    const flight = await getFlightByIdForUser(req.user.userId, req.params.flightId);
+    if (!flight) return res.status(404).json({ error: 'Flight not found' });
+    res.json(flight);
+  } catch {
+    res.status(500).json({ error: 'Failed to fetch flight' });
+  }
+});
+
+// GET: /api/flights/me/:flightId/logs - get owned flight logs
+router.get('/me/:flightId/logs', requireAuth, async (req, res) => {
+  try {
+    if (!req.user) return res.status(401).json({ error: 'Unauthorized' });
+    const logsData = await getFlightLogsForUser(
+      req.user.userId,
+      req.params.flightId
+    );
+    res.json(logsData);
+  } catch {
+    res.status(500).json({ error: 'Failed to fetch flight logs' });
+  }
+});
+
+// POST: /api/flights/claim - claim a just-submitted guest flight after login
+router.post('/claim', requireAuth, async (req, res) => {
+  try {
+    if (!req.user) return res.status(401).json({ error: 'Unauthorized' });
+
+    const { sessionId, flightId, acarsToken } = req.body ?? {};
+    if (!sessionId || !flightId || !acarsToken) {
+      return res.status(400).json({ error: 'Missing required fields' });
+    }
+
+    const result = await claimFlightForUser(
+      String(sessionId),
+      String(flightId),
+      String(acarsToken),
+      req.user.userId
+    );
+
+    if (!result.ok) {
+      if (result.reason === 'not_found') {
+        return res.status(404).json({ error: 'Flight not found' });
+      }
+      if (result.reason === 'invalid_token') {
+        return res.status(403).json({ error: 'Invalid claim token' });
+      }
+      if (result.reason === 'already_claimed') {
+        return res.status(409).json({ error: 'Flight already claimed' });
+      }
+      return res.status(400).json({ error: 'Unable to claim flight' });
+    }
+
+    res.json({ success: true });
+  } catch {
+    res.status(500).json({ error: 'Failed to claim flight' });
+  }
+});
+
+// GET: /api/flights/:sessionId/:flightId/acars-flight - get specific flight for ACARS token
+router.get(
+  '/:sessionId/:flightId/acars-flight',
+  acarsValidationLimiter,
+  async (req, res) => {
+    try {
+      const { sessionId, flightId } = req.params;
+      const acarsToken =
+        typeof req.query.acars_token === 'string'
+          ? req.query.acars_token
+          : undefined;
+
+      if (!acarsToken) {
+        return res.status(400).json({ error: 'Missing access token' });
+      }
+
+      const validation = await validateAcarsAccess(sessionId, flightId, acarsToken);
+      if (!validation.valid) {
+        return res.status(403).json({ error: 'Invalid ACARS token' });
+      }
+
+      const flight = await getFlightById(sessionId, flightId);
+      if (!flight) {
+        return res.status(404).json({ error: 'Flight not found' });
+      }
+
+      const { user_id, ip_address, acars_token, ...sanitizedFlight } = flight;
+      void user_id;
+      void ip_address;
+      void acars_token;
+      res.json(sanitizedFlight);
+    } catch {
+      res.status(500).json({ error: 'Failed to load flight' });
+    }
+  }
+);
+
 // GET: /api/flights/:sessionId - get all flights for a session
 router.get('/:sessionId', requireAuth, async (req, res) => {
   try {
 
@@ -7,6 +7,8 @@ import Create from './pages/Create';
 import Sessions from './pages/Sessions';
 import Submit from './pages/Submit';
 import Flights from './pages/Flights';
+import MyFlights from './pages/MyFlights';
+import MyFlightDetail from './pages/MyFlightDetail';
 import Settings from './pages/Settings';
 import PFATCFlights from './pages/PFATCFlights';
 import ACARS from './pages/ACARS';
@@ -191,6 +193,22 @@ export default function App() {
               </ProtectedRoute>
             }
           />
+          <Route
+            path="/my-flights"
+            element={
+              <ProtectedRoute>
+                <MyFlights />
+              </ProtectedRoute>
+            }
+          />
+          <Route
+            path="/my-flights/:id"
+            element={
+              <ProtectedRoute>
+                <MyFlightDetail />
+              </ProtectedRoute>
+            }
+          />
 
           <Route
             path="/admin/*"
 
@@ -456,6 +456,14 @@ export default function Navbar({
                   >
                     My Sessions
                   </a>
+                  {user && (
+                    <a
+                      href="/my-flights"
+                      className="text-white hover:text-blue-400 transition-colors duration-300 font-medium"
+                    >
+                      My Flights
+                    </a>
+                  )}
                   <a
                     href="/pfatc"
                     className="text-white hover:text-blue-400 transition-colors duration-300 font-medium"