Upload 4 files

.gitignore

@@ -0,0 +1,5 @@
+node_modules/
+uploads/
+.env
+*.log
+

Dockerfile

@@ -0,0 +1,19 @@
+FROM node:18-alpine
+
+WORKDIR /app
+
+# Copy package files
+COPY package*.json ./
+
+# Install dependencies
+RUN npm install --production
+
+# Copy source code
+COPY . .
+
+# Expose port (Hugging Face Spaces dùng port 7860)
+EXPOSE 7860
+
+# Start server
+CMD ["node", "server.js"]
+

package.json

@@ -0,0 +1,21 @@
+{
+  "name": "qlvb-backend",
+  "version": "1.0.0",
+  "description": "Backend API để upload file lên Google Drive 2TB",
+  "main": "server.js",
+  "scripts": {
+    "start": "node server.js",
+    "dev": "nodemon server.js"
+  },
+  "dependencies": {
+    "express": "^4.18.2",
+    "multer": "^1.4.5-lts.1",
+    "googleapis": "^126.0.0",
+    "cors": "^2.8.5",
+    "dotenv": "^16.3.1"
+  },
+  "devDependencies": {
+    "nodemon": "^3.0.1"
+  }
+}
+

server.js

@@ -0,0 +1,260 @@
+// Backend API để upload file lên Google Drive 2TB
+// Sử dụng OAuth thay vì Service Account (phù hợp với tài khoản edu)
+// Chạy: node server.js hoặc npm start
+
+require('dotenv').config();
+const express = require('express');
+const multer = require('multer');
+const { google } = require('googleapis');
+const path = require('path');
+const fs = require('fs');
+const cors = require('cors');
+
+const app = express();
+const upload = multer({ dest: 'uploads/' });
+
+// Middleware - CORS cho phép frontend từ Vercel và local
+app.use(cors({
+    origin: process.env.ALLOWED_ORIGINS ? 
+        process.env.ALLOWED_ORIGINS.split(',') : 
+        '*', // Cho phép tất cả khi không set (chỉ dùng khi dev)
+    credentials: true
+}));
+app.use(express.json());
+
+// OAuth Config - Lấy từ Google Cloud Console
+const GOOGLE_CLIENT_ID = process.env.GOOGLE_CLIENT_ID || 'YOUR_CLIENT_ID';
+const GOOGLE_CLIENT_SECRET = process.env.GOOGLE_CLIENT_SECRET || 'YOUR_CLIENT_SECRET';
+const REDIRECT_URI = process.env.REDIRECT_URI || 'http://localhost/popup.html';
+
+// Lưu refresh token của admin (tài khoản 2TB)
+// Trong production, nên lưu vào database hoặc file bảo mật
+let adminRefreshToken = null;
+
+// Khởi tạo OAuth2 client
+const oauth2Client = new google.auth.OAuth2(
+    GOOGLE_CLIENT_ID,
+    GOOGLE_CLIENT_SECRET,
+    REDIRECT_URI
+);
+
+// Lấy access token từ refresh token
+async function getAccessToken() {
+    if (!adminRefreshToken) {
+        throw new Error('Chưa có refresh token. Vui lòng đăng nhập Admin trước.');
+    }
+    
+    oauth2Client.setCredentials({
+        refresh_token: adminRefreshToken
+    });
+    
+    const { credentials } = await oauth2Client.refreshAccessToken();
+    return credentials.access_token;
+}
+
+// API: Đổi OAuth code thành token
+app.post('/api/oauth/token', async (req, res) => {
+    try {
+        const { code, redirect_uri } = req.body;
+        
+        if (!code) {
+            return res.status(400).json({ error: 'Missing authorization code' });
+        }
+
+        const { tokens } = await oauth2Client.getToken(code);
+        
+        // Lưu refresh token
+        if (tokens.refresh_token) {
+            adminRefreshToken = tokens.refresh_token;
+            // Trong production, nên lưu vào database
+            console.log('Admin refresh token đã được lưu');
+        }
+        
+        res.json({
+            access_token: tokens.access_token,
+            refresh_token: tokens.refresh_token,
+            expires_in: tokens.expiry_date
+        });
+    } catch (error) {
+        console.error('OAuth token error:', error);
+        res.status(500).json({ error: error.message });
+    }
+});
+
+// API: Set refresh token trực tiếp (nếu đã có)
+app.post('/api/oauth/set-token', async (req, res) => {
+    try {
+        const { refresh_token } = req.body;
+        
+        if (!refresh_token) {
+            return res.status(400).json({ error: 'Missing refresh_token' });
+        }
+
+        adminRefreshToken = refresh_token;
+        res.json({ success: true, message: 'Refresh token đã được lưu' });
+    } catch (error) {
+        console.error('Set token error:', error);
+        res.status(500).json({ error: error.message });
+    }
+});
+
+// Tìm hoặc tạo folder
+async function findOrCreateFolder(name, parentId = 'root') {
+    try {
+        const accessToken = await getAccessToken();
+        const drive = google.drive({ version: 'v3', auth: oauth2Client });
+        
+        const response = await drive.files.list({
+            q: `mimeType='application/vnd.google-apps.folder' and name='${name}' and '${parentId}' in parents and trashed=false`,
+            fields: 'files(id, name)',
+        });
+
+        if (response.data.files.length > 0) {
+            return response.data.files[0];
+        }
+
+        // Tạo folder mới
+        const folder = await drive.files.create({
+            requestBody: {
+                name: name,
+                mimeType: 'application/vnd.google-apps.folder',
+                parents: [parentId],
+            },
+            fields: 'id, name',
+        });
+
+        return folder.data;
+    } catch (error) {
+        console.error('Error in findOrCreateFolder:', error);
+        throw error;
+    }
+}
+
+// Upload file
+async function uploadFile(filePath, fileName, parentId) {
+    try {
+        const accessToken = await getAccessToken();
+        const drive = google.drive({ version: 'v3', auth: oauth2Client });
+        
+        const fileMetadata = {
+            name: fileName,
+            parents: [parentId],
+        };
+
+        const media = {
+            mimeType: 'application/octet-stream',
+            body: fs.createReadStream(filePath),
+        };
+
+        const file = await drive.files.create({
+            requestBody: fileMetadata,
+            media: media,
+            fields: 'id, name, webViewLink, webContentLink, iconLink',
+        });
+
+        return file.data;
+    } catch (error) {
+        console.error('Error uploading file:', error);
+        throw error;
+    }
+}
+
+// API: Upload files
+app.post('/api/upload', upload.array('files'), async (req, res) => {
+    try {
+        const { docName, type, month } = req.body; // type: 'incoming' hoặc 'outgoing'
+        
+        if (!req.files || req.files.length === 0) {
+            return res.status(400).json({ error: 'No files uploaded' });
+        }
+
+        if (!adminRefreshToken) {
+            return res.status(401).json({ error: 'Chưa đăng nhập Admin. Vui lòng đăng nhập tài khoản Google 2TB trước.' });
+        }
+
+        // Tạo cấu trúc folder
+        const qlvbFolder = await findOrCreateFolder('QLVB-DATA');
+        const typeFolder = await findOrCreateFolder(
+            type === 'incoming' ? 'VanBanDen' : 'VanBanDi',
+            qlvbFolder.id
+        );
+        const monthFolder = await findOrCreateFolder(month || `Tháng ${String(new Date().getMonth() + 1).padStart(2, '0')}`, typeFolder.id);
+        const docFolder = await findOrCreateFolder(
+            `${docName} - ${Date.now()}`,
+            monthFolder.id
+        );
+
+        // Upload tất cả files
+        const uploadedFiles = [];
+        for (const file of req.files) {
+            const uploadedFile = await uploadFile(
+                file.path,
+                file.originalname,
+                docFolder.id
+            );
+            uploadedFiles.push({
+                id: uploadedFile.id,
+                name: uploadedFile.name,
+                iconLink: `https://drive.google.com/file/d/${uploadedFile.id}/view`,
+                webViewLink: uploadedFile.webViewLink,
+                webContentLink: uploadedFile.webContentLink,
+            });
+
+            // Xóa file tạm
+            fs.unlinkSync(file.path);
+        }
+
+        // Lấy danh sách files trong folder
+        const drive = google.drive({ version: 'v3', auth: oauth2Client });
+        const filesList = await drive.files.list({
+            q: `'${docFolder.id}' in parents and trashed=false`,
+            fields: 'files(id, name, iconLink, webViewLink, webContentLink)',
+        });
+
+        res.json({
+            folderId: docFolder.id,
+            folderUrl: `https://drive.google.com/drive/folders/${docFolder.id}`,
+            files: filesList.data.files || [],
+        });
+    } catch (error) {
+        console.error('Upload error:', error);
+        res.status(500).json({ error: error.message });
+    }
+});
+
+// API: Download file từ Google Drive (để tóm tắt)
+app.get('/api/download/:fileId', async (req, res) => {
+    try {
+        const { fileId } = req.params;
+        
+        if (!adminRefreshToken) {
+            return res.status(401).json({ error: 'Chưa đăng nhập Admin' });
+        }
+        
+        await getAccessToken();
+        const drive = google.drive({ version: 'v3', auth: oauth2Client });
+        
+        const response = await drive.files.get(
+            { fileId, alt: 'media' },
+            { responseType: 'stream' }
+        );
+        response.data.pipe(res);
+    } catch (error) {
+        console.error('Download error:', error);
+        res.status(500).json({ error: error.message });
+    }
+});
+
+// API: Kiểm tra trạng thái đăng nhập
+app.get('/api/oauth/status', (req, res) => {
+    res.json({
+        logged_in: !!adminRefreshToken
+    });
+});
+
+// Hugging Face Spaces dùng port 7860, local dùng 3000
+const PORT = process.env.PORT || process.env.SPACE_PORT || 3000;
+app.listen(PORT, () => {
+    console.log(`Backend server running on port ${PORT}`);
+    console.log('Lưu ý: Cần đăng nhập Admin (tài khoản 2TB) trước khi upload file');
+});