Update app.js

app.js

@@ -6,7 +6,8 @@ const axios = require('axios');
 const bodyParser = require('body-parser');
 
 const app = express();
-app.use(bodyParser.json());
+// Increased limit to support image/context uploads from Plugin
+app.use(bodyParser.json({ limit: '50mb' })); 
 
 // ---------------------------------------------------------
 // 1. STATE MANAGEMENT
@@ -43,7 +44,7 @@ const verifyFirebaseUser = async (req, res, next) => {
     const debugMode = process.env.DEBUG_NO_AUTH === 'true'; 
 
     if (debugMode) {
-        req.user = { uid: "debug_user_001" };
+        req.user = { uid: "user_dev_001" };
         return next();
     }
 
@@ -169,47 +170,64 @@ app.post('/verify', async (req, res) => {
     }
 });
 
-// --- NEW ENDPOINT: Feedback Forwarder ---
+// ---------------------------------------------------------
+// PROXY ENDPOINTS (UPDATED)
+// ---------------------------------------------------------
+
+/**
+ * FEEDBACK FORWARDER
+ * Forwards everything (Prompt, Context, Images, TaskComplete)
+ * to the Main Core Server.
+ */
 app.post('/feedback', async (req, res) => {
-    const { token, prompt, logs } = req.body;
+    // 1. Separate the Auth Token from the Data payload
+    const { token, ...pluginPayload } = req.body;
 
-    if (!token || !prompt) return res.status(400).json({ error: 'Token and prompt required' });
+    if (!token) return res.status(400).json({ error: 'Token required' });
 
-    // 1. Verify User Session
+    // 2. Decode Token to Identify User/Project
     const decoded = jwt.decode(token);
     if (!decoded || !decoded.uid || !decoded.projectId) {
         return res.status(401).json({ error: 'Malformed token' });
     }
 
+    // 3. Verify Session exists
     const secret = await getSessionSecret(decoded.uid, decoded.projectId);
     if (!secret) return res.status(404).json({ error: 'Session revoked' });
 
     try {
-        jwt.verify(token, secret); // Validate signature
+        jwt.verify(token, secret); // Validate Signature
 
-        const externalBase = process.env.EXTERNAL_SERVER_URL || 'https://httpbin.org/post';
-        // Strip the query parameters or path from base if necessary, or just append
-        // Assuming EXTERNAL_SERVER_URL is the root (e.g. https://my-ai-api.com)
-        // We append /project/feedback
+        // 4. Construct External URL
+        const externalBase = process.env.EXTERNAL_SERVER_URL || 'http://localhost:7860';
         const targetUrl = externalBase.replace(/\/$/, '') + '/project/feedback';
 
-        console.log(`📨 Forwarding feedback for ${decoded.projectId} to ${targetUrl}`);
+        console.log(`📨 Forwarding feedback for ${decoded.projectId} (${decoded.uid})`);
 
+        // 5. Forward Payload with User/Project Injection
+        // We pass ...pluginPayload which includes:
+        // prompt, hierarchyContext, scriptContext, logContext, taskComplete, images
         const response = await axios.post(targetUrl, {
-            user: decoded.uid,
-            projectId: decoded.projectId,
-            prompt: prompt,
-            logs: logs || ""
+            userId: decoded.uid,       // Injected from Auth
+            projectId: decoded.projectId, // Injected from Auth
+            ...pluginPayload           // Pass-through everything else from Plugin
         });
 
         return res.json({ success: true, externalResponse: response.data });
 
     } catch (err) {
-        console.error("Feedback Error:", err.message);
-        return res.status(502).json({ error: 'Failed to forward feedback to AI server' });
+        console.error("Feedback Forward Error:", err.message);
+        if (err.response) {
+            return res.status(err.response.status).json(err.response.data);
+        }
+        return res.status(502).json({ error: 'Failed to forward feedback to Main AI server' });
     }
 });
 
+/**
+ * POLLING FORWARDER
+ * Maps Plugin '/poll' -> Main Server '/project/ping'
+ */
 app.post('/poll', async (req, res) => {
     const { token } = req.body;
 
@@ -221,31 +239,31 @@ app.post('/poll', async (req, res) => {
     }
 
     const secret = await getSessionSecret(decoded.uid, decoded.projectId);
-
-    if (!secret) {
-        return res.status(404).json({ error: 'Session revoked or not found' });
-    }
+    if (!secret) return res.status(404).json({ error: 'Session revoked or not found' });
 
     try {
         const verifiedData = jwt.verify(token, secret);
 
+        // Expiry check
         const threeDaysInSeconds = 3 * 24 * 60 * 60;
         const nowInSeconds = Math.floor(Date.now() / 1000);
-
         if (verifiedData.iat && (nowInSeconds - verifiedData.iat > threeDaysInSeconds)) {
              return res.status(403).json({ error: 'Token expired (older than 3 days)' });
         }
         
-        const externalUrl = process.env.EXTERNAL_SERVER_URL || 'https://httpbin.org/post'; 
+        const externalBase = process.env.EXTERNAL_SERVER_URL || 'http://localhost:7860';
+        // Note: Main Core Server uses /project/ping for task retrieval
+        const targetUrl = externalBase.replace(/\/$/, '') + '/project/ping'; 
         
         try {
-            const response = await axios.post(externalUrl, {
+            const response = await axios.post(targetUrl, {
                 projectId: verifiedData.projectId
-                // Just polling for tasks, no user prompt here anymore
             });
           
-            return res.json({ status: 'success', externalResponse: response.data });
+            // Return raw response from Main Server (contains action: 'EXECUTE', code: '...')
+            return res.json(response.data); 
         } catch (extError) {
+            console.error("Poll Forward Error:", extError.message);
             return res.status(502).json({ error: 'External server error' });
         }
 
@@ -257,6 +275,10 @@ app.post('/poll', async (req, res) => {
     }
 });
 
+// ---------------------------------------------------------
+// MANAGEMENT ENDPOINTS
+// ---------------------------------------------------------
+
 app.get('/cleanup', (req, res) => {
     const THRESHOLD = 1000 * 60 * 60; 
     const now = Date.now();
@@ -309,10 +331,10 @@ app.post('/nullify', verifyFirebaseUser, async (req, res) => {
 });
 
 app.get('/', (req, res) => {
-    res.send('Plugin Auth Server Running');
+    res.send('Plugin Auth Proxy Running');
 });
 
-const PORT = process.env.PORT || 7860;
+const PORT = process.env.PORT || 7861; // Changed default port to avoid conflict if running locally
 app.listen(PORT, () => {
-    console.log(`🚀 Server running on http://localhost:${PORT}`);
+    console.log(`🚀 Auth Proxy running on http://localhost:${PORT}`);
 });