Update index.js

server/index.js

@@ -7,6 +7,7 @@ import path from 'path';
 import { fileURLToPath } from 'url';
 import fetch from 'node-fetch';
 import rateLimit from 'express-rate-limit';
+import fs from 'fs';
 
 import { handleWsMessage } from './wsHandler.js';
 import { sessionStore, initStoreConfig } from './sessionStore.js';
@@ -32,6 +33,30 @@ const ADMIN_TOKEN = process.env.ADMIN_TOKEN || 'supersecret';
 // Rate limiter for admin endpoints (5 attempts per IP per minute)
 const verifyLimiter = rateLimit({ windowMs: 60*1000, max: 5, standardHeaders: true, legacyHeaders: false });
 
+const DATA_DIR = path.join(__dirname, 'data');
+const VERSION_FILE = path.join(DATA_DIR, 'version.json');
+
+function loadStoredSHA() {
+  try {
+    if (!fs.existsSync(DATA_DIR)) fs.mkdirSync(DATA_DIR, { recursive: true });
+    if (!fs.existsSync(VERSION_FILE)) return null;
+    const data = JSON.parse(fs.readFileSync(VERSION_FILE, 'utf-8'));
+    return data.sha || null;
+  } catch (e) {
+    console.error('Failed to load stored SHA:', e);
+    return null;
+  }
+}
+
+function saveStoredSHA(sha) {
+  try {
+    if (!fs.existsSync(DATA_DIR)) fs.mkdirSync(DATA_DIR, { recursive: true });
+    fs.writeFileSync(VERSION_FILE, JSON.stringify({ sha }, null, 2), 'utf-8');
+  } catch (e) {
+    console.error('Failed to save SHA:', e);
+  }
+}
+
 app.use(express.json({ limit: '10mb' }));
 
 // --- API Turnstile Protection ---
@@ -79,14 +104,25 @@ app.post('/api/turnstile', async (req,res)=>{
   }catch(e){ console.error('turnstile verify',e); return res.status(500).json({error:'Server error'});}
 });
 
-// --- Fetch latest commit SHA ---
-async function fetchLatestSHA(){
-  try{
+async function fetchLatestSHA() {
+  try {
     const res = await fetch(`https://api.github.com/repos/${GITHUB_REPO}/commits/main`);
     const data = await res.json();
     latestSHA = data.sha;
     console.log('Updated latest SHA:', latestSHA);
-  }catch(e){ console.error('Failed to fetch latest commit SHA', e);}
+    saveStoredSHA(latestSHA);  // persist it
+  } catch (e) {
+    console.error('Failed to fetch latest commit SHA', e);
+  }
+}
+
+// Load persisted SHA if exists; otherwise fetch latest
+latestSHA = loadStoredSHA();
+if (!latestSHA) {
+  console.log('No stored SHA found, fetching latest...');
+  await fetchLatestSHA();
+} else {
+  console.log('Using stored SHA:', latestSHA);
 }
 
 // --- Admin endpoints ---
@@ -113,11 +149,21 @@ app.get('/admin/verify',verifyLimiter,(req,res)=>{
   res.json({success: token===ADMIN_TOKEN});
 });
 
-app.get('/admin/refresh',verifyLimiter,async (req,res)=>{
+app.get('/admin/refresh', verifyLimiter, async (req, res) => {
   const token = req.query.token;
-  if(token!==ADMIN_TOKEN) return res.status(403).send('Forbidden');
+  if (token !== ADMIN_TOKEN) return res.status(403).send('Forbidden');
+
+  const sha = req.query.sha?.trim();
+  if (sha) {
+    if (!/^[0-9a-f]{7,40}$/.test(sha)) return res.status(400).send('Invalid SHA');
+    latestSHA = sha;
+    saveStoredSHA(latestSHA); // persist manual SHA
+    console.log(`Manual SHA set by admin: ${latestSHA}`);
+    return res.send(`Version set to commit ${latestSHA}`);
+  }
+
   await fetchLatestSHA();
-  res.send('Latest version refreshed');
+  res.send(`Latest version refreshed: ${latestSHA}`);
 });
 
 // --- MIME type helper ---