// server.js require('dotenv').config(); const express = require('express'); const cors = require('cors'); const { log } = require('./logger'); const auth = require('./auth'); const manageBrands = require('./routes/manageBrands'); const manageProducts = require('./routes/manageProducts'); const managepricing = require('./routes/managePricing'); const adminPanel = require('./routes/adminPanel'); const privacyLawWebhooks = require('./routes/privacyLawWebhooks'); const { getToken, listTokens } = require('./tokenStore'); const { listJobs, getJob, cancelJob, getLatestJobForShop } = require('./jobStore'); const { isShopAllowed } = require('./freeAccessStore'); const { addMessage: addChatMessage, readChat } = require('./chatStore'); const app = express(); const PORT = process.env.PORT || 3002; // 0) CORS (safe before everything) app.use(cors()); // Admin panel (mounted before JSON body parser — it handles its own parsing) app.use('/d4a-admin', adminPanel); // Public free-access check used by the Shopify frontend loaders app.get('/free-access/:shop', (req, res) => { const shop = decodeURIComponent(req.params.shop || '').toLowerCase().trim(); const allowed = isShopAllowed(shop); res.json({ shop, allowed }); }); // ── PUBLIC CHAT ENDPOINTS (for customer widget) ────────────────────────────── app.post('/chat/:shop', (req, res) => { const shop = decodeURIComponent(req.params.shop || '').toLowerCase().trim(); const { text, visitorId } = req.body; if (!shop || !text) return res.status(400).json({ error: 'shop and text required' }); const msg = addChatMessage(shop, 'customer', String(text).slice(0, 1000), visitorId || null); res.json({ ok: true, message: msg }); }); app.get('/chat/:shop', (req, res) => { const shop = decodeURIComponent(req.params.shop || '').toLowerCase().trim(); if (!shop) return res.status(400).json({ error: 'shop required' }); const chat = readChat(shop); res.json({ messages: chat.messages || [] }); }); // Embeddable widget script ─ app.get('/chat/widget.js', (req, res) => { const shop = (req.query.shop || '').toLowerCase().trim(); const backendUrl = 'https://backend.data4autos.com'; res.setHeader('Content-Type', 'application/javascript; charset=utf-8'); res.setHeader('Cache-Control', 'public, max-age=300'); res.send(`(function(){ if(!window.__d4aChat) window.__d4aChat={}; var SHOP='${shop}', BASE='${backendUrl}'; var VID=localStorage.getItem('d4a_vid')||'v'+(Math.random().toString(36).slice(2)); localStorage.setItem('d4a_vid',VID); var css=\` #d4a-fab{position:fixed;bottom:24px;right:24px;width:56px;height:56px;background:linear-gradient(135deg,#2563eb,#4f46e5);border-radius:50%;display:flex;align-items:center;justify-content:center;cursor:pointer;box-shadow:0 4px 20px rgba(37,99,235,0.4);z-index:99999;transition:transform .15s;} #d4a-fab:hover{transform:scale(1.08);} #d4a-fab svg{width:26px;height:26px;fill:none;stroke:#fff;stroke-width:2;stroke-linecap:round;stroke-linejoin:round;} #d4a-badge{position:absolute;top:-4px;right:-4px;min-width:18px;height:18px;background:#ef4444;border-radius:9px;font-size:11px;font-weight:700;color:#fff;display:none;align-items:center;justify-content:center;padding:0 4px;border:2px solid #fff;} #d4a-win{position:fixed;bottom:92px;right:24px;width:360px;max-height:520px;background:#fff;border-radius:16px;box-shadow:0 20px 60px rgba(0,0,0,0.18);z-index:99998;display:none;flex-direction:column;overflow:hidden;font-family:-apple-system,BlinkMacSystemFont,'Inter',sans-serif;} #d4a-hdr{background:linear-gradient(135deg,#2563eb,#4f46e5);padding:16px 18px;display:flex;align-items:center;gap:10px;} #d4a-hdr-icon{width:36px;height:36px;background:rgba(255,255,255,.2);border-radius:10px;display:flex;align-items:center;justify-content:center;font-size:18px;} #d4a-hdr-title{font-size:14px;font-weight:700;color:#fff;} #d4a-hdr-sub{font-size:12px;color:rgba(255,255,255,.75);margin-top:1px;} #d4a-msgs{flex:1;overflow-y:auto;padding:16px;display:flex;flex-direction:column;gap:10px;background:#f8fafc;min-height:200px;max-height:340px;} .d4a-bub{max-width:80%;padding:9px 13px;font-size:13px;line-height:1.5;border-radius:12px;} .d4a-bub.admin{background:#fff;color:#0f172a;border:1px solid #e2e8f0;align-self:flex-start;border-radius:12px 12px 12px 3px;} .d4a-bub.customer{background:#2563eb;color:#fff;align-self:flex-end;border-radius:12px 12px 3px 12px;} .d4a-time{font-size:10px;color:#94a3b8;margin-top:3px;} .d4a-time.r{text-align:right;} #d4a-inp-row{padding:12px;border-top:1px solid #e2e8f0;display:flex;gap:8px;background:#fff;} #d4a-inp{flex:1;border:1.5px solid #e2e8f0;border-radius:8px;padding:9px 12px;font-size:13px;font-family:inherit;outline:none;resize:none;} #d4a-inp:focus{border-color:#2563eb;} #d4a-send{background:#2563eb;border:none;border-radius:8px;color:#fff;padding:9px 16px;font-size:13px;font-weight:700;cursor:pointer;white-space:nowrap;} #d4a-send:hover{background:#1d4ed8;} \`; var el=document.createElement('style');el.textContent=css;document.head.appendChild(el); var fab=document.createElement('div');fab.id='d4a-fab'; fab.innerHTML='
'; document.body.appendChild(fab); var win=document.createElement('div');win.id='d4a-win'; win.innerHTML='
💬
Chat with us
We typically reply within a few hours
Send us a message and we\'ll get back to you!
'; document.body.appendChild(win); var open=false,unread=0,lastTs='',polling=null; fab.onclick=function(){ open=!open;win.style.display=open?'flex':'none'; if(open){unread=0;document.getElementById('d4a-badge').style.display='none';loadMsgs(true);} else if(polling){clearInterval(polling);polling=null;} if(open&&!polling) polling=setInterval(function(){loadMsgs(false);},3000); }; function loadMsgs(scroll){ fetch(BASE+'/chat/'+encodeURIComponent(SHOP)+'?vid='+VID).then(r=>r.json()).then(function(d){ var msgs=d.messages||[];var el=document.getElementById('d4a-msgs'); if(!msgs.length) return; var latest=msgs[msgs.length-1]?.timestamp||''; var isNew=latest&&latest!==lastTs;lastTs=latest; if(!isNew&&!scroll) return; el.innerHTML=msgs.map(function(m){ var isAdmin=m.from==='admin'; var t=new Date(m.timestamp).toLocaleTimeString(undefined,{hour:'2-digit',minute:'2-digit'}); return '
'+esc(m.text)+'
'+t+'
'; }).join(''); if(scroll||el.scrollHeight-el.scrollTop-el.clientHeight<80) el.scrollTop=el.scrollHeight; if(!open&&isNew&&msgs[msgs.length-1]?.from==='admin'){ unread++;var b=document.getElementById('d4a-badge');b.textContent=unread>9?'9+':unread;b.style.display='flex'; } }).catch(function(){}); } window.__d4aChat.send=function(){ var inp=document.getElementById('d4a-inp');var text=inp.value.trim();if(!text) return; inp.value=''; fetch(BASE+'/chat/'+encodeURIComponent(SHOP),{method:'POST',headers:{'Content-Type':'application/json'},body:JSON.stringify({text:text,visitorId:VID})}).then(function(){loadMsgs(true);}); }; function esc(s){return String(s).replace(/&/g,'&').replace(//g,'>');} loadMsgs(true); })();`); }); // Health check app.get('/health', (req, res) => { res.json({ ok: true, uptime: process.uptime(), timestamp: new Date().toISOString() }); }); // Top-level job endpoints (mirrors manageproducts/jobs/* but at /jobs/*) app.get('/jobs', (req, res) => { const shop = req.query.shop || null; res.json({ jobs: listJobs(shop) }); }); app.get('/jobs/:jobId', (req, res) => { const job = getJob(req.params.jobId); if (!job) return res.status(404).json({ error: 'Job not found' }); res.json(job); }); app.post('/jobs/:jobId/cancel', (req, res) => { const job = cancelJob(req.params.jobId); if (!job) return res.status(404).json({ error: 'Job not found' }); res.json({ ok: true, job }); }); app.get('/shops', (req, res) => { try { const store = listTokens(); const shops = Object.keys(store).map(shop => ({ shop, savedAt: store[shop].savedAt, hasToken: !!store[shop].accessToken, hasLocation: !!store[shop].locationId, hasFulfillment: !!store[shop].fulfillmentService, })); res.json({ shops }); } catch { res.json({ shops: [] }); } }); app.get("/checkisshopdataexists/:shop", (req, res) => { const shop = req.params.shop; console.log("GET /checkisshopdataexists:", shop); const tokenRecord = getToken(shop); if (!tokenRecord) { return res.json({ status: 0, message: "Shop not found" }); } // Expected fields const expectedFields = [ "accessToken", "scope", "savedAt", "locationId", "fulfillmentService" ]; const result = {}; expectedFields.forEach((field) => { result[field] = tokenRecord[field] ? "present" : "missing"; }); res.json({ status: 1, shop, fields: result }); }); // 1) COMPLIANCE WEBHOOKS (raw body) — MUST be before any JSON body parser app.use('/webhooks', privacyLawWebhooks); // 2) OAuth / other routes app.use('/', auth); // 3) Body parsers for the rest of your app app.use(express.json({ limit: '10mb' })); app.use(express.urlencoded({ limit: '10mb', extended: true })); // 4) Your other endpoints app.post('/fulfillment', (req, res) => { console.log('POST /fulfillment:', req.body); res.sendStatus(200); }); app.use('/managebrands', manageBrands); app.use('/manageproducts', manageProducts); app.use('/managepricing', managepricing); const server = app.listen(PORT, () => { log('general', `🖥️ Server listening on port ${PORT}`); console.log(`Server running on https://backend.data4autos.com/`); }); server.on('error', err => { if (err.code === 'EADDRINUSE') { console.error(`Port ${PORT} is already in use. Choose a different PORT or kill the process using it.`); process.exit(1); } else { console.error('Server error:', err); process.exit(1); } }); // // server.js // require('dotenv').config(); // const express = require('express'); // const { log } = require('./logger'); // // OAuth callback // const auth = require('./auth'); // // Your job-routes // const manageBrands = require('./routes/manageBrands'); // const manageProducts = require('./routes/manageProducts'); // const managepricing = require('./routes/managePricing'); // // const syncInventory = require('./routes/syncInventory'); // // const syncCustomers = require('./routes/syncCustomers'); // // // …etc, one per file in routes/ // const app = express(); // const PORT = process.env.PORT || 3002; // const cors = require('cors'); // app.use(express.json({ limit: '10mb' })); // app.use(express.urlencoded({ limit: '10mb', extended: true })); // app.use(express.json()); // // 1) OAuth // app.use('/', auth); // app.use(cors()); // // 2) Job endpoints (manually mapped) // app.post('/fulfillment', (req, res) => { // console.log('POST request received:', req.body); // Optional logging // res.sendStatus(200); // Sends 200 OK // }); // app.use('/managebrands', manageBrands); // app.use('/manageproducts', manageProducts); // app.use('/managepricing', managepricing); // const server = app.listen(PORT, () => { // log('general', `🖥️ Server listening on port ${PORT}`); // console.log(`Server running on https://backend.data4autos.com/`); // }); // server.on('error', err => { // if (err.code === 'EADDRINUSE') { // console.error(`Port ${PORT} is already in use. Choose a different PORT or kill the process using it.`); // process.exit(1); // } else { // console.error('Server error:', err); // process.exit(1); // } // }); // // app.use('/syncinventory', syncInventory); // // app.use('/synccustomers', syncCustomers); // // add more here as you create new files in routes/ // // app.listen(PORT, () => { // // log('general', `🖥️ Server listening on port ${PORT}`); // // console.log(`Server running on https://backend.dine360.ca/`); // // }); // // // server.js // // require('dotenv').config(); // // const express = require('express'); // // const auth = require('./auth'); // // const { log } = require('./logger'); // // const app = express(); // // const PORT = process.env.PORT || 3002; // // // mount the auth routes // // app.use('/', auth); // // app.listen(PORT, () => { // // log('general', `🖥️ Server listening on port ${PORT}`); // // console.log(`Server running on http://localhost:${PORT}`); // // }); // // const express = require('express'); // // const axios = require('axios'); // // const app = express(); // // const PORT = 3002; // // // Replace these with your app's credentials // // const CLIENT_ID = 'b7534c980967bad619cfdb9d3f837cfa'; // // const CLIENT_SECRET = 'ed6882a4fc5839df0677ad1bb3c92f2b'; // // app.get('/auth/callback', async (req, res) => { // // console.log('🔔 [Callback] Received OAuth callback'); // // const { shop, code } = req.query; // // if (!shop || !code) { // // console.warn('⚠️ [Callback] Missing shop or code in query:', req.query); // // return res.status(400).send('Missing shop or code parameter.'); // // } // // console.log(`🔍 [Callback] shop=${shop}, code=${code}`); // // try { // // console.log('🚀 [OAuth] Exchanging authorization code for access token...'); // // const tokenResponse = await axios.post( // // `https://${shop}/admin/oauth/access_token`, // // { // // client_id: CLIENT_ID, // // client_secret: CLIENT_SECRET, // // code: code, // // }, // // { // // headers: { 'Content-Type': 'application/json' }, // // } // // ); // // console.log('✅ [OAuth] Token endpoint responded:', tokenResponse.data); // // const { access_token, scope } = tokenResponse.data; // // console.log('🔑 [OAuth] Access Token:', access_token); // // console.log('📜 [OAuth] Granted Scopes:', scope); // // // TODO: Persist access_token securely in your database here // // console.log(`💾 [Store] Storing access token for shop ${shop} (simulate DB save)`); // // res.send('Access token received and logged. You can close this window.'); // // } catch (error) { // // console.error( // // '❌ [OAuth] Error exchanging code for access token:', // // error.response?.data || error.message // // ); // // res.status(500).send('Failed to get access token'); // // } // // }); // // app.listen(PORT, () => { // // console.log(`🖥️ [Server] Listening on http://localhost:${PORT}`); // // }); // // // 🔔 [Callback] Received OAuth callback // // // 🔍 [Callback] shop=veloxautomotive.myshopify.com, code=03f875ca02185dea8e60226c9263f3ba // // // 🚀 [OAuth] Exchanging authorization code for access token... // // // ✅ [OAuth] Token endpoint responded: { // // // access_token: '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', // // // scope: 'write_inventory,write_products,write_publications' // // // } // // // 🔑 [OAuth] Access Token: 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 // // // 📜 [OAuth] Granted Scopes: write_inventory,write_products,write_publications // // // 💾 [Store] Storing access token for shop veloxautomotive.myshopify.com (simulate DB save)