Update server.js

server.js

@@ -20,7 +20,6 @@ cloudinary.config({
 const DB_FILE = 'megapin_master_db.json'; 
 const MAX_TRENDING = 100;
 const ADMIN_USER = process.env.ADMIN_USER; 
-// Admin Pass is checked in /login via process.env.ADMIN_PASS
 const DEFAULT_AVATAR = "https://cdn-icons-png.flaticon.com/512/149/149071.png"; 
 
 let localDB = null; 
@@ -28,7 +27,6 @@ let localDB = null;
 app.use(express.urlencoded({ extended: true }));
 app.use(express.json());
 app.set('view engine', 'ejs');
-app.use(express.static('public')); // ADDED: To serve your external script/css
 
 app.use(cookieSession({
   name: '__Secure-session',
@@ -73,19 +71,22 @@ const uploadImage = (buffer) => {
     });
 };
 
+// --- LOGIC HELPERS ---
 function addNotification(toUser, fromUser, type, pinId = null, preview = "") {
     if (toUser === fromUser) return;
     if (!localDB.users[toUser]) return;
     if (!localDB.users[toUser].notifications) localDB.users[toUser].notifications = [];
+    
     localDB.users[toUser].notifications.unshift({
         from: fromUser,
         fromAvatar: localDB.users[fromUser].avatar,
-        type: type,
+        type: type, 
         pinId: pinId,
         preview: preview,
         timestamp: Date.now(),
         read: false
     });
+    
     if (localDB.users[toUser].notifications.length > 50) localDB.users[toUser].notifications.pop();
 }
 
@@ -108,7 +109,7 @@ function checkAdmin(req, res, next) {
 
 // --- ROUTES ---
 
-// Helper to format pins for view
+// Helper: Format pins for view
 function formatPins(pins, username) {
     return pins.map(pin => {
         const authorData = localDB.users[pin.author] || { avatar: DEFAULT_AVATAR, displayName: pin.author };
@@ -124,6 +125,7 @@ function formatPins(pins, username) {
     });
 }
 
+// HOME PAGE
 app.get('/', async (req, res) => {
     await initDB();
     const username = req.session.user;
@@ -138,23 +140,32 @@ app.get('/', async (req, res) => {
         if (currentUser.notifications) notifications = currentUser.notifications;
     }
 
-    // Default View: All Pins
-    let viewPins = formatPins(localDB.pins, username);
+    let viewPins = localDB.pins;
+    if (req.query.q) {
+        const q = req.query.q.toLowerCase();
+        viewPins = localDB.pins.filter(p => 
+            p.author.toLowerCase().includes(q) || 
+            (p.caption && p.caption.toLowerCase().includes(q))
+        );
+    }
+
+    const formattedPins = formatPins(viewPins, username);
 
     res.render('index', { 
-        pins: viewPins, 
+        pins: formattedPins, 
         user: currentUser, 
         notifications,
         isAdmin: (username === ADMIN_USER), 
+        searchQuery: req.query.q || '',
         pageType: 'home',
         profileUser: null
     });
 });
 
-// Profile Route
+// PROFILE PAGE
 app.get('/u/:username', async (req, res) => {
     await initDB();
-    const username = req.session.user; // My logged in session
+    const username = req.session.user; 
     const targetUsername = req.params.username;
     
     if (!localDB.users[targetUsername]) return res.redirect('/');
@@ -163,7 +174,6 @@ app.get('/u/:username', async (req, res) => {
     const userPins = localDB.pins.filter(p => p.author === targetUsername);
     const formattedPins = formatPins(userPins, username);
     
-    // Construct Profile Object
     const profileUser = {
         username: targetUsername,
         ...targetUser,
@@ -188,7 +198,14 @@ app.get('/u/:username', async (req, res) => {
 
 // --- API ACTIONS ---
 
-// Search User API
+app.get('/api/pin/:id', async (req, res) => {
+    await initDB();
+    const pin = localDB.pins.find(p => p.id === parseInt(req.params.id));
+    if(!pin) return res.json({error: "Not found"});
+    const formatted = formatPins([pin], req.session.user)[0];
+    res.json(formatted);
+});
+
 app.get('/api/search-users', async (req, res) => {
     await initDB();
     const q = req.query.q ? req.query.q.toLowerCase() : '';
@@ -201,58 +218,6 @@ app.get('/api/search-users', async (req, res) => {
     res.json(results);
 });
 
-// Get Single Pin Details (For Modal)
-app.get('/api/pin/:id', async (req, res) => {
-    await initDB();
-    const pin = localDB.pins.find(p => p.id === parseInt(req.params.id));
-    if(!pin) return res.json({error: "Not found"});
-    const formatted = formatPins([pin], req.session.user)[0];
-    res.json(formatted);
-});
-
-// ADMIN ROUTES
-app.post('/api/admin/badge', checkAdmin, async (req, res) => {
-    await initDB();
-    const { targetUser, badge } = req.body; // badge: 'blue', 'green', or ''
-    if(localDB.users[targetUser]) {
-        localDB.users[targetUser].badge = badge;
-        await saveDB();
-        res.json({success: true});
-    } else {
-        res.json({success: false});
-    }
-});
-
-app.post('/api/admin/ban', checkAdmin, async (req, res) => {
-    await initDB();
-    const { targetUser, banned } = req.body; 
-    if(localDB.users[targetUser] && targetUser !== ADMIN_USER) {
-        localDB.users[targetUser].banned = banned; // true or false
-        await saveDB();
-        res.json({success: true});
-    } else {
-        res.json({success: false});
-    }
-});
-
-app.post('/api/admin/delete-user', checkAdmin, async (req, res) => {
-    await initDB();
-    const { targetUser } = req.body;
-    if(localDB.users[targetUser] && targetUser !== ADMIN_USER) {
-        delete localDB.users[targetUser];
-        // Clean up their pins
-        localDB.pins = localDB.pins.filter(p => p.author !== targetUser);
-        await saveDB();
-        res.json({success: true});
-    } else {
-        res.json({success: false});
-    }
-});
-
-// (Keep existing API routes: like, follow, comment, clear-notifications, signup, login, etc.)
-// ... [INSERT YOUR EXISTING /api/like, /api/follow routes HERE] ...
-// Re-pasting essential ones for context:
-
 app.post('/api/like', checkBan, async (req, res) => {
     if (!req.session.user) return res.status(401).json({error: "Login required"});
     await initDB();
@@ -281,12 +246,16 @@ app.post('/api/follow', checkBan, async (req, res) => {
     const { targetUser } = req.body;
     const me = req.session.user;
     if (!localDB.users[targetUser] || targetUser === me) return res.json({ success: false });
+    
     const targetData = localDB.users[targetUser];
     const myData = localDB.users[me];
+
     if (!targetData.followers) targetData.followers = [];
     if (!myData.following) myData.following = [];
+
     let isFollowing = false;
     const idx = targetData.followers.indexOf(me);
+    
     if (idx === -1) {
         targetData.followers.push(me);
         myData.following.push(targetUser);
@@ -323,6 +292,55 @@ app.post('/api/comment', checkBan, async (req, res) => {
     res.json({ success: false });
 });
 
+app.post('/api/clear-notifications', async (req, res) => {
+    if (!req.session.user) return;
+    await initDB();
+    if(localDB.users[req.session.user]) {
+        localDB.users[req.session.user].notifications = [];
+        await saveDB();
+    }
+    res.json({success: true});
+});
+
+// --- ADMIN API ---
+app.post('/api/admin/badge', checkAdmin, async (req, res) => {
+    await initDB();
+    const { targetUser, badge } = req.body;
+    if(localDB.users[targetUser]) {
+        localDB.users[targetUser].badge = badge;
+        await saveDB();
+        res.json({success: true});
+    } else {
+        res.json({success: false});
+    }
+});
+
+app.post('/api/admin/ban', checkAdmin, async (req, res) => {
+    await initDB();
+    const { targetUser, banned } = req.body; 
+    if(localDB.users[targetUser] && targetUser !== ADMIN_USER) {
+        localDB.users[targetUser].banned = banned;
+        await saveDB();
+        res.json({success: true});
+    } else {
+        res.json({success: false});
+    }
+});
+
+app.post('/api/admin/delete-user', checkAdmin, async (req, res) => {
+    await initDB();
+    const { targetUser } = req.body;
+    if(localDB.users[targetUser] && targetUser !== ADMIN_USER) {
+        delete localDB.users[targetUser];
+        localDB.pins = localDB.pins.filter(p => p.author !== targetUser);
+        await saveDB();
+        res.json({success: true});
+    } else {
+        res.json({success: false});
+    }
+});
+
+// --- STANDARD FORMS ---
 app.post('/signup', async (req, res) => {
     const { username, password, email } = req.body;
     await initDB();
@@ -345,14 +363,13 @@ app.post('/signup', async (req, res) => {
 app.post('/login', async (req, res) => {
     const { username, password } = req.body;
     await initDB();
-    // Admin Check
     if (username === ADMIN_USER && password === process.env.ADMIN_PASS) {
         req.session.user = username;
         return res.redirect('/');
     }
     const user = localDB.users[username];
     if (user && bcrypt.compareSync(password, user.hash)) {
-        if(user.banned) return res.send("Account Suspended.");
+        if(user.banned) return res.send("Banned.");
         req.session.user = username;
         res.redirect('/');
     } else {
@@ -389,7 +406,6 @@ app.post('/update-profile', upload.single('avatar'), checkBan, async (req, res)
         user.avatar = result.secure_url;
     }
     await saveDB();
-    // Redirect back to profile page
     res.redirect('/u/' + req.session.user);
 });
 
@@ -408,4 +424,4 @@ app.post('/delete', checkBan, async (req, res) => {
 app.get('/logout', (req, res) => { req.session = null; res.redirect('/'); });
 
 initDB();
-app.listen(7860, () => console.log("Megapin 2.0 Active"));
+app.listen(7860, () => console.log("Megapin Redux Active"));