47 lines
1.8 KiB
TypeScript
47 lines
1.8 KiB
TypeScript
import express from 'express';
|
|
import cors from 'cors';
|
|
import path from 'path';
|
|
import './db/schema'; // initialize DB + bootstrap admin
|
|
import { UPLOAD_PATH } from './db/schema';
|
|
import { requireAuth } from './middleware/auth';
|
|
import authRouter from './routes/auth';
|
|
import projectsRouter from './routes/projects';
|
|
import toolsRouter from './routes/tools';
|
|
import uploadsRouter from './routes/uploads';
|
|
import settingsRouter from './routes/settings';
|
|
import usersRouter from './routes/users';
|
|
|
|
const app = express();
|
|
const PORT = Number(process.env.PORT || 3000);
|
|
|
|
app.use(cors());
|
|
app.use(express.json({ limit: '10mb' }));
|
|
|
|
// Public — auth endpoints
|
|
app.use('/api/auth', authRouter);
|
|
|
|
// Public — serve uploaded files as static assets.
|
|
// <img> tags and markdown renderers can't send Authorization headers,
|
|
// so file reads must be unauthenticated. POST/DELETE in uploadsRouter
|
|
// are still protected by requireAuth inside the router.
|
|
app.use('/api/uploads', express.static(UPLOAD_PATH));
|
|
|
|
// Protected — all other API routes require a valid JWT
|
|
app.use('/api/projects', requireAuth, projectsRouter);
|
|
app.use('/api/tools', requireAuth, toolsRouter);
|
|
app.use('/api/uploads', requireAuth, uploadsRouter); // handles POST + DELETE only
|
|
app.use('/api/settings', settingsRouter); // GET is public (branding on login page); PUT/POST require admin (per-method in router)
|
|
app.use('/api/users', usersRouter); // requireAdmin applied inside router
|
|
|
|
// Serve built React client in production
|
|
const clientDist = path.join(__dirname, '../../client/dist');
|
|
app.use(express.static(clientDist));
|
|
app.get(/^(?!\/api).*/, (_req, res) => {
|
|
res.sendFile(path.join(clientDist, 'index.html'));
|
|
});
|
|
|
|
app.listen(PORT, '0.0.0.0', () => {
|
|
console.log(`[CODEDUMP] Running on port ${PORT}`);
|
|
console.log(`[CODEDUMP] Data directory: ${process.env.DATA_DIR || 'data/'}`);
|
|
});
|