dragonflight/services/mam-api/src/index.js

import 'dotenv/config';
import express from 'express';
import cors from 'cors';
import session from 'express-session';
import ConnectPgSimple from 'connect-pg-simple';
import pool from './db/pool.js';
import { errorHandler } from './middleware/errors.js';

// Routes
import authRouter from './routes/auth.js';
import assetsRouter from './routes/assets.js';
import projectsRouter from './routes/projects.js';
import binsRouter from './routes/bins.js';
import jobsRouter from './routes/jobs.js';
import captureRouter from './routes/capture.js';
import uploadRouter from './routes/upload.js';
import recordersRouter from './routes/recorders.js';
import settingsRouter from './routes/settings.js';
import amppRouter from './routes/ampp.js';
import usersRouter    from './routes/users.js';
import groupsRouter   from './routes/groups.js';
import tokensRouter   from './routes/tokens.js';
import sequencesRouter from './routes/sequences.js';

const app  = express();
const PORT = process.env.PORT || 3000;

// ── Middleware ────────────────────────────────────────────────────────────────
app.use(cors({ origin: true, credentials: true }));
app.use(express.json({ limit: '50mb' }));

const PgSession = ConnectPgSimple(session);

app.use(
  session({
    store: new PgSession({
      pool,
      tableName: 'sessions',
      // Prune expired sessions every hour
      pruneSessionInterval: 3600,
    }),
    secret:            process.env.SESSION_SECRET || 'change-me-in-production',
    resave:            false,
    saveUninitialized: false,
    cookie: {
      secure:   process.env.NODE_ENV === 'production',
      httpOnly: true,
      maxAge:   1000 * 60 * 60 * 24, // 24 h
    },
  })
);

// ── Health (no auth) ──────────────────────────────────────────────────────────
app.get('/health', (_req, res) => res.json({ status: 'ok' }));

// ── API Routes ────────────────────────────────────────────────────────────────
// Auth routes are always open (login/logout don't require a session)
app.use('/api/v1/auth',      authRouter);

// All other routes are gated by requireAuth (no-op unless AUTH_ENABLED=true)
app.use('/api/v1/assets',    assetsRouter);
app.use('/api/v1/projects',  projectsRouter);
app.use('/api/v1/bins',      binsRouter);
app.use('/api/v1/jobs',      jobsRouter);
app.use('/api/v1/capture',   captureRouter);
app.use('/api/v1/upload',    uploadRouter);
app.use('/api/v1/recorders', recordersRouter);
app.use('/api/v1/settings',  settingsRouter);
app.use('/api/v1/ampp',      amppRouter);
app.use('/api/v1/users',     usersRouter);
app.use('/api/v1/groups',    groupsRouter);
app.use('/api/v1/tokens',    tokensRouter);
app.use('/api/v1/sequences', sequencesRouter);

// ── Error handler ─────────────────────────────────────────────────────────────
app.use(errorHandler);

// ── Start ────────────────────────────────────────────────────────────────────
import { readdirSync, readFileSync } from 'node:fs';
import { fileURLToPath } from 'node:url';
import { dirname, join } from 'node:path';

const __dirnameMig = dirname(fileURLToPath(import.meta.url));
async function runMigrations() {
  const dir = join(__dirnameMig, 'db', 'migrations');
  let files = [];
  try { files = readdirSync(dir).filter(f => f.endsWith('.sql')).sort(); } catch { return; }
  for (const f of files) {
    const sql = readFileSync(join(dir, f), 'utf8');
    try {
      await pool.query(sql);
      console.log('[migration] applied ' + f);
    } catch (err) {
      console.error('[migration] failed ' + f, err.message);
    }
  }
}
await runMigrations();

app.listen(PORT, () => {
  const authMode = process.env.AUTH_ENABLED === 'true' ? 'ENABLED' : 'DISABLED (set AUTH_ENABLED=true for production)';
  console.log(`MAM API listening on port ${PORT}`);
  console.log(`Authentication: ${authMode}`);
});
add services/mam-api/src/index.js 2026-04-07 21:58:25 -04:00			`import 'dotenv/config';`
			`import express from 'express';`
			`import cors from 'cors';`
			`import session from 'express-session';`
			`import ConnectPgSimple from 'connect-pg-simple';`
			`import pool from './db/pool.js';`
			`import { errorHandler } from './middleware/errors.js';`

fix(auth+bugs): optional auth bypass, login routes, conform column name, panel metadata fields, login page: index.js 2026-05-15 23:40:12 -04:00			`// Routes`
			`import authRouter from './routes/auth.js';`
add services/mam-api/src/index.js 2026-04-07 21:58:25 -04:00			`import assetsRouter from './routes/assets.js';`
			`import projectsRouter from './routes/projects.js';`
			`import binsRouter from './routes/bins.js';`
			`import jobsRouter from './routes/jobs.js';`
			`import captureRouter from './routes/capture.js';`
Phase 2: services/mam-api/src/index.js 2026-04-07 22:05:39 -04:00			`import uploadRouter from './routes/upload.js';`
			`import recordersRouter from './routes/recorders.js';`
feat: AMPP folder sync integration — pre-create folder hierarchy on upload, expose lookup endpoint for Script Task: index.js 2026-04-18 13:42:09 -04:00			`import settingsRouter from './routes/settings.js';`
			`import amppRouter from './routes/ampp.js';`
merge: bring sequences/auth/admin backend + auth-guard frontend into fix/library-and-signal-indicator 2026-05-18 21:25:36 -04:00			`import usersRouter from './routes/users.js';`
			`import groupsRouter from './routes/groups.js';`
			`import tokensRouter from './routes/tokens.js';`
feat(api): register sequences route 2026-05-18 19:54:41 -04:00			`import sequencesRouter from './routes/sequences.js';`
add services/mam-api/src/index.js 2026-04-07 21:58:25 -04:00
fix(auth+bugs): optional auth bypass, login routes, conform column name, panel metadata fields, login page: index.js 2026-05-15 23:40:12 -04:00			`const app = express();`
add services/mam-api/src/index.js 2026-04-07 21:58:25 -04:00			`const PORT = process.env.PORT \|\| 3000;`

fix(auth+bugs): optional auth bypass, login routes, conform column name, panel metadata fields, login page: index.js 2026-05-15 23:40:12 -04:00			`// ── Middleware ────────────────────────────────────────────────────────────────`
			`app.use(cors({ origin: true, credentials: true }));`
Phase 2: services/mam-api/src/index.js 2026-04-07 22:05:39 -04:00			`app.use(express.json({ limit: '50mb' }));`
add services/mam-api/src/index.js 2026-04-07 21:58:25 -04:00
			`const PgSession = ConnectPgSimple(session);`

			`app.use(`
			`session({`
			`store: new PgSession({`
			`pool,`
			`tableName: 'sessions',`
fix(auth+bugs): optional auth bypass, login routes, conform column name, panel metadata fields, login page: index.js 2026-05-15 23:40:12 -04:00			`// Prune expired sessions every hour`
			`pruneSessionInterval: 3600,`
add services/mam-api/src/index.js 2026-04-07 21:58:25 -04:00			`}),`
fix(auth+bugs): optional auth bypass, login routes, conform column name, panel metadata fields, login page: index.js 2026-05-15 23:40:12 -04:00			`secret: process.env.SESSION_SECRET \|\| 'change-me-in-production',`
			`resave: false,`
add services/mam-api/src/index.js 2026-04-07 21:58:25 -04:00			`saveUninitialized: false,`
			`cookie: {`
fix(auth+bugs): optional auth bypass, login routes, conform column name, panel metadata fields, login page: index.js 2026-05-15 23:40:12 -04:00			`secure: process.env.NODE_ENV === 'production',`
add services/mam-api/src/index.js 2026-04-07 21:58:25 -04:00			`httpOnly: true,`
fix(auth+bugs): optional auth bypass, login routes, conform column name, panel metadata fields, login page: index.js 2026-05-15 23:40:12 -04:00			`maxAge: 1000 * 60 * 60 * 24, // 24 h`
add services/mam-api/src/index.js 2026-04-07 21:58:25 -04:00			`},`
			`})`
			`);`

fix(auth+bugs): optional auth bypass, login routes, conform column name, panel metadata fields, login page: index.js 2026-05-15 23:40:12 -04:00			`// ── Health (no auth) ──────────────────────────────────────────────────────────`
			`app.get('/health', (_req, res) => res.json({ status: 'ok' }));`

			`// ── API Routes ────────────────────────────────────────────────────────────────`
			`// Auth routes are always open (login/logout don't require a session)`
			`app.use('/api/v1/auth', authRouter);`
add services/mam-api/src/index.js 2026-04-07 21:58:25 -04:00
fix(auth+bugs): optional auth bypass, login routes, conform column name, panel metadata fields, login page: index.js 2026-05-15 23:40:12 -04:00			`// All other routes are gated by requireAuth (no-op unless AUTH_ENABLED=true)`
			`app.use('/api/v1/assets', assetsRouter);`
			`app.use('/api/v1/projects', projectsRouter);`
			`app.use('/api/v1/bins', binsRouter);`
			`app.use('/api/v1/jobs', jobsRouter);`
			`app.use('/api/v1/capture', captureRouter);`
			`app.use('/api/v1/upload', uploadRouter);`
Phase 2: services/mam-api/src/index.js 2026-04-07 22:05:39 -04:00			`app.use('/api/v1/recorders', recordersRouter);`
fix(auth+bugs): optional auth bypass, login routes, conform column name, panel metadata fields, login page: index.js 2026-05-15 23:40:12 -04:00			`app.use('/api/v1/settings', settingsRouter);`
			`app.use('/api/v1/ampp', amppRouter);`
merge: bring sequences/auth/admin backend + auth-guard frontend into fix/library-and-signal-indicator 2026-05-18 21:25:36 -04:00			`app.use('/api/v1/users', usersRouter);`
			`app.use('/api/v1/groups', groupsRouter);`
			`app.use('/api/v1/tokens', tokensRouter);`
			`app.use('/api/v1/sequences', sequencesRouter);`
add services/mam-api/src/index.js 2026-04-07 21:58:25 -04:00
fix(auth+bugs): optional auth bypass, login routes, conform column name, panel metadata fields, login page: index.js 2026-05-15 23:40:12 -04:00			`// ── Error handler ─────────────────────────────────────────────────────────────`
add services/mam-api/src/index.js 2026-04-07 21:58:25 -04:00			`app.use(errorHandler);`

fix(auth+bugs): optional auth bypass, login routes, conform column name, panel metadata fields, login page: index.js 2026-05-15 23:40:12 -04:00			`// ── Start ────────────────────────────────────────────────────────────────────`
feat(growing-files): Phase 1 - live HLS preview during recording While a recorder is running, the capture container tees an HLS stream into /live/<assetId>/ alongside the ProRes master upload. The asset row is pre-created at recorder start with status='live' so the clip appears in the library immediately. /api/v1/assets/:id/stream returns the HLS playlist URL until recording stops, then proxy. * docker-compose: shared wild-dragon-live mount on api/capture/web-ui * migration 001-add-live-status: idempotent ALTER TYPE for asset_status * mam-api: runMigrations() on boot; recorders.js pre-creates live asset + passes ASSET_ID; assets.js POST upserts on existing live row instead of inserting a duplicate, and stream route returns HLS for live assets * capture: parallel HLS ffmpeg into /live/<assetId>/; ASSET_ID env * web-ui: nginx serves /live/, preview.js loads hls.js, LIVE badge added 2026-05-18 07:29:50 -04:00			`import { readdirSync, readFileSync } from 'node:fs';`
			`import { fileURLToPath } from 'node:url';`
			`import { dirname, join } from 'node:path';`

			`const __dirnameMig = dirname(fileURLToPath(import.meta.url));`
			`async function runMigrations() {`
			`const dir = join(__dirnameMig, 'db', 'migrations');`
			`let files = [];`
			`try { files = readdirSync(dir).filter(f => f.endsWith('.sql')).sort(); } catch { return; }`
			`for (const f of files) {`
			`const sql = readFileSync(join(dir, f), 'utf8');`
			`try {`
			`await pool.query(sql);`
			`console.log('[migration] applied ' + f);`
			`} catch (err) {`
			`console.error('[migration] failed ' + f, err.message);`
			`}`
			`}`
			`}`
			`await runMigrations();`

add services/mam-api/src/index.js 2026-04-07 21:58:25 -04:00			`app.listen(PORT, () => {`
fix(auth+bugs): optional auth bypass, login routes, conform column name, panel metadata fields, login page: index.js 2026-05-15 23:40:12 -04:00			`const authMode = process.env.AUTH_ENABLED === 'true' ? 'ENABLED' : 'DISABLED (set AUTH_ENABLED=true for production)';`
add services/mam-api/src/index.js 2026-04-07 21:58:25 -04:00			console.log(`MAM API listening on port ${PORT}`);
fix(auth+bugs): optional auth bypass, login routes, conform column name, panel metadata fields, login page: index.js 2026-05-15 23:40:12 -04:00			console.log(`Authentication: ${authMode}`);
add services/mam-api/src/index.js 2026-04-07 21:58:25 -04:00			`});`