Moved away from SSR to regular Node API server.

src-server/server.js

@@ -0,0 +1,100 @@
+/**
+ * More info about this file:
+ * https://v2.quasar.dev/quasar-cli-vite/developing-ssr/ssr-webserver
+ *
+ * Runs in Node context.
+ */
+
+/**
+ * Make sure to yarn add / npm install (in your project root)
+ * anything you import here (except for express and compression).
+ */
+import express from 'express';
+import compression from 'compression';
+import session from 'express-session'; // Added for session management
+import { v4 as uuidv4 } from 'uuid'; // Added for generating session IDs
+import apiRoutes from './routes/api.js';
+import authRoutes from './routes/auth.js'; // Added for WebAuthn routes
+import chatRoutes from './routes/chat.js'; // Added for Chat routes
+import cron from 'node-cron';
+import { generateAndStoreMantisSummary } from './services/mantisSummarizer.js';
+
+// Define Relying Party details (Update with your actual details)
+export const rpID = process.env.NODE_ENV === 'production' ? 'your-production-domain.com' : 'localhost';
+export const rpName = 'StylePoint';
+export const origin = process.env.NODE_ENV === 'production' ? `https://${rpID}` : `http://${rpID}:9000`;
+
+// In-memory store for challenges (Replace with a persistent store in production)
+export const challengeStore = new Map();
+
+const app = express();
+
+// Session middleware configuration
+app.use(session({
+  genid: (req) => uuidv4(), // Use UUIDs for session IDs
+  secret: process.env.SESSION_SECRET || 'a-very-strong-secret-key', // Use an environment variable for the secret
+  resave: false,
+  saveUninitialized: true,
+  cookie: {
+    secure: process.env.NODE_ENV === 'production', // Use secure cookies in production
+    httpOnly: true,
+    maxAge: 1000 * 60 * 60 * 24 // 1 day
+  }
+}));
+
+// Initialize the database (now synchronous)
+try 
+{
+  console.log('Prisma Client is ready.'); // Log Prisma readiness
+
+  // Schedule the Mantis summary task after DB initialization
+  // Run daily at 1:00 AM server time (adjust as needed)
+  cron.schedule('0 1 * * *', async() => 
+  {
+    console.log('Running scheduled Mantis summary task...');
+    try 
+    {
+      await generateAndStoreMantisSummary();
+      console.log('Scheduled Mantis summary task completed.');
+    }
+    catch (error) 
+    {
+      console.error('Error running scheduled Mantis summary task:', error);
+    }
+  }, {
+    scheduled: true,
+    timezone: 'Europe/London' // Example: Set to your server's timezone
+  });
+}
+catch (error) 
+{
+  console.error('Error during server setup:', error);
+  // Optionally handle the error more gracefully, e.g., prevent server start
+  process.exit(1); // Exit if setup fails
+}
+
+// attackers can use this header to detect apps running Express
+// and then launch specifically-targeted attacks
+app.disable('x-powered-by');
+
+// Add JSON body parsing middleware
+app.use(express.json());
+
+// Add API routes
+app.use('/api', apiRoutes);
+app.use('/api/auth', authRoutes);
+app.use('/api/chat', chatRoutes);
+
+// place here any middlewares that
+// absolutely need to run before anything else
+if (process.env.PROD) 
+{
+  app.use(compression());
+}
+
+app.use(express.static('public', { index: false }));
+
+app.listen(8000, () => 
+{
+  console.log('Server is running on http://localhost:8000');
+});