v.2

.gitignore

@@ -12,8 +12,7 @@ yarn-error.log*
 backup.xlsx
 
 # Environment variables
-.env
-.env.local
+# .env and .env.local removed from gitignore as per user request for private repo.
 .env.development.local
 .env.test.local
 .env.production.local

DEPLOYMENT.md

@@ -18,30 +18,29 @@ Follow these steps to host your application for free on the web.
 3.  Get your **Database URL** and **Auth Token**.
 4.  You will use these in the next step.
 
-## 3. Backend (Render)
-1.  Go to [Render.com](https://render.com) and sign up.
-2.  Create a new **Web Service**.
-3.  Connect your GitHub repository.
-4.  Set the following:
-    - **Language**: `Node`
-    - **Build Command**: `cd server && npm install`
-    - **Start Command**: `cd server && npx tsx src/index.ts`
-5.  Add **Environment Variables**:
+## 3. Backend (Hugging Face Spaces)
+1.  Go to [huggingface.co](https://huggingface.co) and sign up (Free, **no credit card**).
+2.  Click **New** -> **Space**.
+3.  Name it (e.g., `wallets-api`).
+4.  Select **Docker** as the SDK.
+5.  Go to **Settings** -> **Variables and secrets**.
+6.  Add the following **Secrets**:
     - `DATABASE_URL`: (From Turso)
     - `DATABASE_AUTH_TOKEN`: (From Turso)
-    - `JWT_SECRET`: (Any random string like `my-secret-key-123`)
-    - `EMAIL_USER`: (Your Gmail if using backup)
-    - `EMAIL_PASS`: (Your Gmail App Password)
-    - `EMAIL_TO`: (Where to send backups)
-6.  Render will give you a URL like `https://wallets-api.onrender.com`.
+    - `JWT_SECRET`: (Any random string)
+    - `EMAIL_USER`: (Your Gmail)
+    - `EMAIL_PASS`: (Gmail App Password)
+    - `EMAIL_TO`: (Your email)
+7.  Push your code to the Space (you can connect it to your GitHub repo in the Settings tab).
+8.  Hugging Face will give you a URL like `https://name-space.hf.space`.
 
 ## 4. Frontend (Vercel)
-1.  Go to [Vercel.com](https://vercel.com) and sign up.
+1.  Go to [Vercel.com](https://vercel.com) and sign up (Free, **no credit card**).
 2.  Create a new **Project**.
 3.  Connect your GitHub repository.
 4.  Set the **Root Directory** to `client`.
 5.  Add **Environment Variable**:
-    - `VITE_API_URL`: `https://your-render-api-url.onrender.com/api`
+    - `VITE_API_URL`: `https://your-huggingface-url.hf.space/api`
 6.  Deploy!
 
 ## 5. Mobile Access

client/.env

@@ -0,0 +1 @@
+VITE_API_URL=http://localhost:3001/api

client/src/pages/Login.tsx

@@ -4,6 +4,8 @@ import { useNavigate } from 'react-router-dom';
 import axios from 'axios';
 import { Wallet, Lock, User, AlertCircle, ArrowRight, Loader2 } from 'lucide-react';
 
+const API_URL = import.meta.env.VITE_API_URL || 'http://localhost:3001/api';
+
 const Login: React.FC = () => {
   const [username, setUsername] = useState('');
   const [password, setPassword] = useState('');
@@ -19,7 +21,7 @@ const Login: React.FC = () => {
       if (deviceId && storedUsername) {
         setIsLoading(true);
         try {
-          const response = await axios.post('http://localhost:3001/api/login-device', {
+          const response = await axios.post(`${API_URL}/login-device`, {
             username: storedUsername,
             deviceId,
           });
@@ -43,7 +45,7 @@ const Login: React.FC = () => {
     try {
       const deviceName = `${navigator.platform} - ${navigator.userAgent.split(') ')[0].split(' (')[1] || 'Web Browser'}`;
       
-      const response = await axios.post('http://localhost:3001/api/login', {
+      const response = await axios.post(`${API_URL}/login`, {
         username,
         password,
         deviceName,

client/src/pages/Settings.tsx

@@ -1,10 +1,14 @@
 import { useState, useRef, useEffect } from 'react';
+import { useQueryClient } from '@tanstack/react-query';
 import { Settings as SettingsIcon, Download, Upload, Trash2, AlertCircle, CheckCircle2, ShieldAlert, Smartphone, X } from 'lucide-react';
 import { Button } from '../components/ui/button';
 import { useAuthStore } from '../store/useAuthStore';
 import axios from 'axios';
 
+const API_URL = import.meta.env.VITE_API_URL || 'http://localhost:3001/api';
+
 export default function Settings() {
+    const queryClient = useQueryClient();
     const [exporting, setExporting] = useState(false);
     const [importing, setImporting] = useState(false);
     const [clearing, setClearing] = useState(false);
@@ -24,7 +28,7 @@ export default function Settings() {
         if (!token) return;
         setLoadingDevices(true);
         try {
-            const response = await axios.get('http://localhost:3001/api/devices', {
+            const response = await axios.get(`${API_URL}/devices`, {
                 headers: { Authorization: `Bearer ${token}` }
             });
             setDevices(response.data);
@@ -39,7 +43,7 @@ export default function Settings() {
         if (!window.confirm('Are you sure you want to remove this device? You will be logged out on that device.')) return;
         
         try {
-            await axios.delete(`http://localhost:3001/api/devices/${id}`, {
+            await axios.delete(`${API_URL}/devices/${id}`, {
                 headers: { Authorization: `Bearer ${token}` }
             });
             
@@ -54,7 +58,11 @@ export default function Settings() {
         setExporting(true);
         setStatus('idle');
         try {
-            const response = await fetch('http://localhost:3001/api/export');
+            const response = await fetch(`${API_URL}/export`, {
+                headers: {
+                    'Authorization': `Bearer ${token}`
+                }
+            });
             if (!response.ok) throw new Error('Export failed');
 
             const blob = await response.blob();
@@ -94,9 +102,12 @@ export default function Settings() {
             reader.onload = async (event) => {
                 const base64 = (event.target?.result as string).split(',')[1];
                 try {
-                    const response = await fetch('http://localhost:3001/api/import', {
+                    const response = await fetch(`${API_URL}/import`, {
                         method: 'POST',
-                        headers: { 'Content-Type': 'application/json' },
+                        headers: { 
+                            'Content-Type': 'application/json',
+                            'Authorization': `Bearer ${token}`
+                        },
                         body: JSON.stringify({ file: base64, replace: replaceData })
                     });
 
@@ -105,6 +116,13 @@ export default function Settings() {
                         throw new Error(err.error || 'Import failed');
                     }
 
+                    // Invalidate queries to refresh UI
+                    queryClient.invalidateQueries({ queryKey: ['transactions'] });
+                    queryClient.invalidateQueries({ queryKey: ['exchanges'] });
+                    queryClient.invalidateQueries({ queryKey: ['loans'] });
+                    queryClient.invalidateQueries({ queryKey: ['analytics'] });
+                    queryClient.invalidateQueries({ queryKey: ['wallets'] });
+
                     setStatus('success');
                     setMessage('Data imported successfully!');
                 } catch (error: any) {
@@ -133,8 +151,21 @@ export default function Settings() {
         setClearing(true);
         setStatus('idle');
         try {
-            const response = await fetch('http://localhost:3001/api/data', { method: 'DELETE' });
+            const response = await fetch(`${API_URL}/data`, { 
+                method: 'DELETE',
+                headers: {
+                    'Authorization': `Bearer ${token}`
+                }
+            });
             if (!response.ok) throw new Error('Clear data failed');
+            
+            // Invalidate queries to refresh UI
+            queryClient.invalidateQueries({ queryKey: ['transactions'] });
+            queryClient.invalidateQueries({ queryKey: ['exchanges'] });
+            queryClient.invalidateQueries({ queryKey: ['loans'] });
+            queryClient.invalidateQueries({ queryKey: ['analytics'] });
+            queryClient.invalidateQueries({ queryKey: ['wallets'] });
+
             setStatus('success');
             setMessage('All data cleared successfully.');
         } catch (error) {

server/.env

@@ -0,0 +1,6 @@
+EMAIL_USER=amezamanj11@gmail.com
+EMAIL_PASS="ttvy mdoi ncke vdkh"
+EMAIL_TO=amezamanj7@gmail.com
+
+DATABASE_URL=libsql://wallets-01amez.aws-ap-northeast-1.turso.io
+DATABASE_AUTH_TOKEN=eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9.eyJhIjoicnciLCJpYXQiOjE3NzM3OTA2ODMsImlkIjoiMDE5Y2ZlMjktYjUwMS03ZWMzLTk0ODAtZTYyN2QyNWQ1NjQzIiwicmlkIjoiZTE4ZDAwNDktYjBlMS00MzE5LWFhMGYtNGM4YWM5NTk1YTZiIn0.rhWzrofoZlV4mAVmh6QABnnlxeuz7fwxnjEr0QBQBfsrH2ziRl25UZc090NH59JPP0aqmi4fmp1P9oxRRUfvCw

server/Dockerfile

@@ -0,0 +1,24 @@
+FROM node:20-slim
+
+WORKDIR /app
+
+# Copy package files
+COPY package*.json ./
+
+# Install dependencies
+RUN npm install
+
+# Copy source code
+COPY . .
+
+# Build if necessary (not needed for tsx but good practice)
+# RUN npm run build 
+
+# Expose port (HF Spaces uses 7860 by default)
+EXPOSE 7860
+
+# Set environment variable for port
+ENV PORT=7860
+
+# Start command
+CMD ["npx", "tsx", "src/index.ts"]

server/scripts/test-db.ts

@@ -10,10 +10,16 @@ async function test() {
     console.log(`Found ${wallets.length} wallets.`);
     
     if (wallets.length > 0) {
-      console.log('First wallet:', wallets[0].name);
+      console.log('Testing insert with undefined parameter...');
+      // Inserting a transaction with undefined for optional fields
+      await db.run(
+        'INSERT INTO transactions (type, amount, currency, wallet_id, date, category, note) VALUES (?, ?, ?, ?, ?, ?, ?)',
+        ['income', 100, 'USD', wallets[0].id, new Date().toISOString(), undefined, 'Test with undefined']
+      );
+      console.log('Insert with undefined parameter successful.');
     }
     
-    console.log('SUCCESS: Database connection is working with LibSQL wrapper.');
+    console.log('SUCCESS: Database connection and parameter sanitization are working.');
     process.exit(0);
   } catch (error) {
     console.error('FAILED: Database connection error:', error);

server/src/db.ts

@@ -26,18 +26,33 @@ export async function getDb(): Promise<Database> {
     authToken,
   });
 
+  const sanitizeParams = (params: any[]): any[] => {
+    return params.map(p => p === undefined ? null : p);
+  };
+
+  const sanitizeResult = (row: any) => {
+    if (!row) return row;
+    const newRow = { ...row };
+    for (const [key, value] of Object.entries(newRow)) {
+      if (typeof value === 'bigint') {
+        newRow[key] = Number(value);
+      }
+    }
+    return newRow;
+  };
+
   const db: Database = {
     get: async (sql: string, params: any[] = []) => {
-      const res = await client.execute({ sql, args: params });
-      return res.rows[0] ? { ...res.rows[0] } : undefined;
+      const res = await client.execute({ sql, args: sanitizeParams(params) });
+      return res.rows[0] ? sanitizeResult(res.rows[0]) : undefined;
     },
     all: async (sql: string, params: any[] = []) => {
-      const res = await client.execute({ sql, args: params });
-      return res.rows.map(row => ({ ...row }));
+      const res = await client.execute({ sql, args: sanitizeParams(params) });
+      return res.rows.map(row => sanitizeResult(row));
     },
     run: async (sql: string, params: any[] = []) => {
-      const res = await client.execute({ sql, args: params });
-      return { lastID: res.lastInsertRowid || 0 };
+      const res = await client.execute({ sql, args: sanitizeParams(params) });
+      return { lastID: Number(res.lastInsertRowid || 0) };
     },
     exec: async (sql: string) => {
       await client.batch(sql.split(';').filter(s => s.trim()), 'write');

server/src/index.ts

@@ -14,7 +14,7 @@ dotenv.config();
 const JWT_SECRET = process.env.JWT_SECRET || 'your-secret-key-change-this-in-production';
 
 const app = express();
-const PORT = 3001;
+const PORT = process.env.PORT || 3001;
 
 app.use(cors());
 app.use(express.json({ limit: '50mb' }));
@@ -162,10 +162,10 @@ const loanSchema = z.object({
 async function getWalletBalance(db: any, walletId: number): Promise<number> {
     const query1 = `
         SELECT 
-            COALESCE(SUM(CASE WHEN type = "income" AND wallet_id = ? THEN amount ELSE 0 END), 0) -
-            COALESCE(SUM(CASE WHEN type = "expense" AND wallet_id = ? THEN amount ELSE 0 END), 0) -
-            COALESCE(SUM(CASE WHEN type = "transfer" AND wallet_id = ? THEN amount ELSE 0 END), 0) +
-            COALESCE(SUM(CASE WHEN type = "transfer" AND to_wallet_id = ? THEN amount ELSE 0 END), 0) as balance
+            COALESCE(SUM(CASE WHEN type = 'income' AND wallet_id = ? THEN amount ELSE 0 END), 0) -
+            COALESCE(SUM(CASE WHEN type = 'expense' AND wallet_id = ? THEN amount ELSE 0 END), 0) -
+            COALESCE(SUM(CASE WHEN type = 'transfer' AND wallet_id = ? THEN amount ELSE 0 END), 0) +
+            COALESCE(SUM(CASE WHEN type = 'transfer' AND to_wallet_id = ? THEN amount ELSE 0 END), 0) as balance
         FROM transactions
         WHERE wallet_id = ? OR to_wallet_id = ?
     `;
@@ -340,9 +340,7 @@ app.post('/api/import', authenticateToken, async (req, res) => {
         const db = await getDb();
 
         if (replace) {
-            await db.run('DELETE FROM transactions');
-            await db.run('DELETE FROM exchanges');
-            await db.run('DELETE FROM loans');
+            await db.exec('DELETE FROM transactions; DELETE FROM exchanges; DELETE FROM loans;');
         }
 
         // Import Transactions
@@ -395,9 +393,7 @@ app.post('/api/import', authenticateToken, async (req, res) => {
 app.delete('/api/data', authenticateToken, async (req, res) => {
     try {
         const db = await getDb();
-        await db.run('DELETE FROM transactions');
-        await db.run('DELETE FROM exchanges');
-        await db.run('DELETE FROM loans');
+        await db.exec('DELETE FROM transactions; DELETE FROM exchanges; DELETE FROM loans;');
         res.json({ success: true, message: 'All data cleared successfully' });
     } catch (error: any) {
         console.error('Clear data error:', error);

server/test-delete.ts

@@ -0,0 +1,35 @@
+import { getDb } from './src/db';
+
+async function testDelete() {
+  try {
+    const db = await getDb();
+    
+    console.log('Inserting test loan...');
+    await db.run(
+      'INSERT INTO loans (person, type, amount, currency, date) VALUES (?, ?, ?, ?, ?)',
+      ['Test Person', 'loaned', 500, 'USD', new Date().toISOString()]
+    );
+    
+    let loans = await db.all('SELECT * FROM loans');
+    console.log(`Loans before delete: ${loans.length}`);
+    
+    console.log('Deleting all loans...');
+    await db.run('DELETE FROM loans');
+    
+    loans = await db.all('SELECT * FROM loans');
+    console.log(`Loans after delete: ${loans.length}`);
+    
+    if (loans.length === 0) {
+      console.log('SUCCESS: Delete from loans works.');
+    } else {
+      console.log('FAILURE: Delete from loans did not work.');
+    }
+    
+    process.exit(0);
+  } catch (error) {
+    console.error('Test failed:', error);
+    process.exit(1);
+  }
+}
+
+testDelete();