Patrick/medassist-ng
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: Patrick/medassist-ng:v1.3.0
Branches Tags
Patrick/medassist-ng:main Patrick/medassist-ng:dependabot/npm_and_yarn/backend/minor-and-patch-858fe4005f Patrick/medassist-ng:dependabot/npm_and_yarn/frontend/minor-and-patch-2a2df1bfa7 Patrick/medassist-ng:dependabot/npm_and_yarn/backend/qs-6.15.2 Patrick/medassist-ng:feat/ntfy-settings-delivery-recovery Patrick/medassist-ng:feat/ntfy-action-foundation Patrick/medassist-ng:fix/provider-message-id-base Patrick/medassist-ng:fix/refill-backend-quantity-semantics Patrick/medassist-ng:feat/ntfy-scheduler-interactive-delivery Patrick/medassist-ng:feat/ntfy-settings-test-delivery-slice Patrick/medassist-ng:feat/ntfy-action-context-service Patrick/medassist-ng:feat/ntfy-action-renderer Patrick/medassist-ng:fix/refill-quantity-views Patrick/medassist-ng:copilot/merge-dependabot-prs-again Patrick/medassist-ng:copilot/merge-dependabot-prs Patrick/medassist-ng:copilot/fix-patch-level-issues
Patrick/medassist-ng:v1.26.0 Patrick/medassist-ng:v1.25.1 Patrick/medassist-ng:v1.25.0 Patrick/medassist-ng:v1.24.0 Patrick/medassist-ng:v1.23.0 Patrick/medassist-ng:1.22.3 Patrick/medassist-ng:v1.22.2 Patrick/medassist-ng:v1.22.1 Patrick/medassist-ng:v1.22.0 Patrick/medassist-ng:v1.21.0 Patrick/medassist-ng:v1.20.2 Patrick/medassist-ng:v1.20.1 Patrick/medassist-ng:v1.20.0 Patrick/medassist-ng:v1.19.0 Patrick/medassist-ng:v1.18.2 Patrick/medassist-ng:v1.18.1 Patrick/medassist-ng:v1.18.0 Patrick/medassist-ng:v1.17.1 Patrick/medassist-ng:v1.17.0 Patrick/medassist-ng:v1.16.1 Patrick/medassist-ng:v1.16.0 Patrick/medassist-ng:v1.15.1 Patrick/medassist-ng:v1.15.0 Patrick/medassist-ng:v1.14.3 Patrick/medassist-ng:v1.14.4 Patrick/medassist-ng:v1.14.2 Patrick/medassist-ng:v1.14.1 Patrick/medassist-ng:v1.14.0 Patrick/medassist-ng:v1.13.0 Patrick/medassist-ng:v1.12.0 Patrick/medassist-ng:v1.11.1 Patrick/medassist-ng:v1.11.0 Patrick/medassist-ng:v1.10.3 Patrick/medassist-ng:v1.10.2 Patrick/medassist-ng:v1.10.1 Patrick/medassist-ng:v1.10.0 Patrick/medassist-ng:v1.9.0 Patrick/medassist-ng:v1.8.8 Patrick/medassist-ng:v1.8.7 Patrick/medassist-ng:v1.8.6 Patrick/medassist-ng:v1.8.5 Patrick/medassist-ng:v1.8.4 Patrick/medassist-ng:v1.8.3 Patrick/medassist-ng:v1.8.2 Patrick/medassist-ng:v1.8.1 Patrick/medassist-ng:v1.8.0 Patrick/medassist-ng:v1.7.1 Patrick/medassist-ng:v1.7.0 Patrick/medassist-ng:v1.6.5 Patrick/medassist-ng:v1.6.0 Patrick/medassist-ng:v1.5.0 Patrick/medassist-ng:v1.4.1 Patrick/medassist-ng:v1.4.0 Patrick/medassist-ng:v1.3.1 Patrick/medassist-ng:v1.3.0 Patrick/medassist-ng:v1.2.3 Patrick/medassist-ng:v1.2.2 Patrick/medassist-ng:v1.2.1 Patrick/medassist-ng:v1.2.0 Patrick/medassist-ng:v1.1.0 Patrick/medassist-ng:v1.0.3 Patrick/medassist-ng:v1.0.2 Patrick/medassist-ng:v1.0.1 Patrick/medassist-ng:v1.0.0
...
compare: Patrick/medassist-ng:v1.6.0
Branches Tags
Patrick/medassist-ng:main Patrick/medassist-ng:dependabot/npm_and_yarn/backend/minor-and-patch-858fe4005f Patrick/medassist-ng:dependabot/npm_and_yarn/frontend/minor-and-patch-2a2df1bfa7 Patrick/medassist-ng:dependabot/npm_and_yarn/backend/qs-6.15.2 Patrick/medassist-ng:feat/ntfy-settings-delivery-recovery Patrick/medassist-ng:feat/ntfy-action-foundation Patrick/medassist-ng:fix/provider-message-id-base Patrick/medassist-ng:fix/refill-backend-quantity-semantics Patrick/medassist-ng:feat/ntfy-scheduler-interactive-delivery Patrick/medassist-ng:feat/ntfy-settings-test-delivery-slice Patrick/medassist-ng:feat/ntfy-action-context-service Patrick/medassist-ng:feat/ntfy-action-renderer Patrick/medassist-ng:fix/refill-quantity-views Patrick/medassist-ng:copilot/merge-dependabot-prs-again Patrick/medassist-ng:copilot/merge-dependabot-prs Patrick/medassist-ng:copilot/fix-patch-level-issues
Patrick/medassist-ng:v1.26.0 Patrick/medassist-ng:v1.25.1 Patrick/medassist-ng:v1.25.0 Patrick/medassist-ng:v1.24.0 Patrick/medassist-ng:v1.23.0 Patrick/medassist-ng:1.22.3 Patrick/medassist-ng:v1.22.2 Patrick/medassist-ng:v1.22.1 Patrick/medassist-ng:v1.22.0 Patrick/medassist-ng:v1.21.0 Patrick/medassist-ng:v1.20.2 Patrick/medassist-ng:v1.20.1 Patrick/medassist-ng:v1.20.0 Patrick/medassist-ng:v1.19.0 Patrick/medassist-ng:v1.18.2 Patrick/medassist-ng:v1.18.1 Patrick/medassist-ng:v1.18.0 Patrick/medassist-ng:v1.17.1 Patrick/medassist-ng:v1.17.0 Patrick/medassist-ng:v1.16.1 Patrick/medassist-ng:v1.16.0 Patrick/medassist-ng:v1.15.1 Patrick/medassist-ng:v1.15.0 Patrick/medassist-ng:v1.14.3 Patrick/medassist-ng:v1.14.4 Patrick/medassist-ng:v1.14.2 Patrick/medassist-ng:v1.14.1 Patrick/medassist-ng:v1.14.0 Patrick/medassist-ng:v1.13.0 Patrick/medassist-ng:v1.12.0 Patrick/medassist-ng:v1.11.1 Patrick/medassist-ng:v1.11.0 Patrick/medassist-ng:v1.10.3 Patrick/medassist-ng:v1.10.2 Patrick/medassist-ng:v1.10.1 Patrick/medassist-ng:v1.10.0 Patrick/medassist-ng:v1.9.0 Patrick/medassist-ng:v1.8.8 Patrick/medassist-ng:v1.8.7 Patrick/medassist-ng:v1.8.6 Patrick/medassist-ng:v1.8.5 Patrick/medassist-ng:v1.8.4 Patrick/medassist-ng:v1.8.3 Patrick/medassist-ng:v1.8.2 Patrick/medassist-ng:v1.8.1 Patrick/medassist-ng:v1.8.0 Patrick/medassist-ng:v1.7.1 Patrick/medassist-ng:v1.7.0 Patrick/medassist-ng:v1.6.5 Patrick/medassist-ng:v1.6.0 Patrick/medassist-ng:v1.5.0 Patrick/medassist-ng:v1.4.1 Patrick/medassist-ng:v1.4.0 Patrick/medassist-ng:v1.3.1 Patrick/medassist-ng:v1.3.0 Patrick/medassist-ng:v1.2.3 Patrick/medassist-ng:v1.2.2 Patrick/medassist-ng:v1.2.1 Patrick/medassist-ng:v1.2.0 Patrick/medassist-ng:v1.1.0 Patrick/medassist-ng:v1.0.3 Patrick/medassist-ng:v1.0.2 Patrick/medassist-ng:v1.0.1 Patrick/medassist-ng:v1.0.0

35 Commits
v1.3.0 ... v1.6.0

Author SHA1 Message Date
Daniel Volz cab0fcbba7 feat: mobile UI improvements, biome linting, and reminder info display (#71) 
* fix: make dismissed doses robust against schedule/timezone changes

- Store dismissedUntil date (YYYY-MM-DD) per medication instead of individual dose IDs
- Add POST /medications/dismiss-until endpoint to set dismissed date
- Add DELETE /medications/:id/dismiss-until endpoint to clear dismissed date
- Update frontend to use medication-level dismissedUntil for filtering
- Remove old dismissMissedDoses function from useDoses hook (was using dose IDs)
- Add backward-compatible ALTER TABLE migration for dismissed_until column
- Add 5 integration tests for dismiss-until functionality
- Update test schemas with new column

The old approach stored individual dose IDs which broke when schedule or timezone
settings changed (dose IDs contain timestamps). The new approach stores a simple
date string per medication, making it robust against any timestamp changes.

* chore: add Biome linter and Husky pre-commit hook

* chore: add unified biome config and pre-push hook

- Add root-level biome.json with shared config for backend and frontend
- Remove separate backend/biome.json and frontend/biome.json
- Add .husky/pre-push hook to run backend tests before push
- Update package.json lint-staged config to use root biome config

* feat(db): add reminder info columns to schema

- Add dismissed_until column to medications table
- Add last_reminder_med_name and last_reminder_taken_by to user_settings
- Generate Drizzle migration 0003
- Add backward-compatible ALTER migrations in client.ts

* feat(frontend): add unsaved changes warning

- Add UnsavedChangesContext for tracking unsaved form state
- Add useUnsavedChangesWarning hook for browser close warning
- Wrap App with UnsavedChangesProvider
- Add i18n translations for unsaved changes dialog (en/de)

* style: apply biome formatting across codebase

- Apply consistent formatting to all TypeScript files
- Organize imports alphabetically
- Use double quotes and tabs consistently
- Fix trailing commas (es5 style)
- Remove frontend/biome.json deletion (already deleted)

* fix(tests): add missing columns to test schemas

Add last_reminder_med_name and last_reminder_taken_by columns to
test CREATE TABLE statements in:
- planner.test.ts
- e2e-routes.test.ts
- integration.test.ts

Also improve runDrizzleMigrations to handle duplicate column errors
gracefully (returns warning instead of failing).

* fix(planner): add missing 'as unknown' type cast for request.user

* fix(security): address CodeQL XSS and SSRF warnings

- Escape all user-provided strings in email HTML templates
- Coerce numeric values with Number() to prevent type injection
- Add redirect:error to fetch() to prevent SSRF via redirect
- Document SSRF validation in settings.ts

* fix(security): refactor SSRF mitigation to reconstruct URL from validated components

CodeQL traces taint through validation functions that return the same string.
Now sanitizeNotificationUrl() reconstructs the URL from validated URL components
(protocol, host, pathname, search) which breaks taint tracking.

- Renamed to sanitizeNotificationUrl() to clarify it returns sanitized data
- Returns reconstructed URL built from URL() parsed components
- Extracts auth credentials separately instead of including in URL string
- Added isNtfy flag to avoid re-parsing the sanitized URL

* fix(security): add SSRF suppression comment for validated notification URL

The fetch() uses a URL that has been validated by sanitizeNotificationUrl():
- Only http/https protocols
- Blocks localhost and loopback IPs
- Blocks private IP ranges (10.x, 172.16-31.x, 192.168.x, 169.254.x)
- Blocks internal hostnames (.local, .internal, .lan)
- redirect: 'error' prevents redirect bypass

This is an intentional feature: users configure their own notification endpoints.
 2026-01-25 18:01:35 +01:00
Daniel Volz ecdb9bcbe0 ci: auto-update test count badges in README (#70) 2026-01-23 22:36:26 +01:00
Daniel Volz 9b0d8037e7 docs: show test counts in README badges (454/454 backend, 611/611 frontend) (#69) 2026-01-23 22:27:27 +01:00
Daniel Volz a4d1dd215a docs: add CI status badges to README (#68) 2026-01-23 22:24:29 +01:00
Daniel Volz 8e2fd0a761 chore: release v1.5.0 (#67) 
* chore: release v1.4.0

* feat: timezone-aware locale formatting

- Add TIMEZONE_TO_REGION map for 50+ timezones worldwide
- Combine app language with timezone region (e.g., en + Europe/Berlin → en-DE)
- Fix times displaying in wrong timezone (treated as UTC instead of local)
- Add parseLocalDateTime() to handle ISO strings without UTC conversion
- Users now get regional formatting (24h time, local date format) regardless of app language
- Swedish user with en-SE locale now gets yyyy-mm-dd format and 24h time
- German user with en-DE locale gets dd.mm.yyyy format and 24h time
- Add missing i18n translation key 'lastSent'
- Update all getSystemLocale() calls to pass app language parameter

* chore: release v1.5.0

* fix: timezone-independent test for CI (use 14:00 instead of 22:00)

* fix: make timezone test independent of server timezone
 2026-01-23 21:42:57 +01:00
Copilot 0a4f8c5948 [WIP] Increase frontend test coverage to above 80% (#63) 
* Initial plan

* refactor: simplify useMedicationForm tests to avoid memory issues

Co-authored-by: DanielVolz <3275994+DanielVolz@users.noreply.github.com>

* Changes before error encountered

Co-authored-by: DanielVolz <3275994+DanielVolz@users.noreply.github.com>

* test: add comprehensive tests for SchedulePage, SettingsPage, MedicationsPage, and PlannerPage

Co-authored-by: DanielVolz <3275994+DanielVolz@users.noreply.github.com>

* test: add SharedSchedule theme persistence tests

Co-authored-by: DanielVolz <3275994+DanielVolz@users.noreply.github.com>

* test: add comprehensive MobileEditModal tests

Co-authored-by: DanielVolz <3275994+DanielVolz@users.noreply.github.com>

* test: add comprehensive MedDetailModal tests

Co-authored-by: DanielVolz <3275994+DanielVolz@users.noreply.github.com>

* fix: use fixed timestamps in tests for deterministic behavior

Co-authored-by: DanielVolz <3275994+DanielVolz@users.noreply.github.com>

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: DanielVolz <3275994+DanielVolz@users.noreply.github.com>
 2026-01-23 07:36:44 +01:00
Daniel Volz fd055a3a2a Feat/frontend tests (#62) 
* test(frontend): add vitest test infrastructure

- Add vitest, testing-library, jsdom dependencies
- Configure vitest with jsdom environment
- Add test setup with mocks for fetch, localStorage, matchMedia
- Set 75% coverage threshold

* Add frontend tests (#61)

* Initial plan

* Add frontend tests - utilities, hooks, and components (21% coverage)

Co-authored-by: DanielVolz <3275994+DanielVolz@users.noreply.github.com>

* Add more component tests (Auth, AboutModal, ExportModal) and useRefill hook tests - 30% coverage

Co-authored-by: DanielVolz <3275994+DanielVolz@users.noreply.github.com>

* Add useMedicationForm utility function tests - 30% coverage

Co-authored-by: DanielVolz <3275994+DanielVolz@users.noreply.github.com>

* Add AppHeader tests and more schedule.ts tests - 32% coverage

Co-authored-by: DanielVolz <3275994+DanielVolz@users.noreply.github.com>

* Changes before error encountered

Co-authored-by: DanielVolz <3275994+DanielVolz@users.noreply.github.com>

* Fix page tests and add more tests - 326 tests passing, 34% coverage

Co-authored-by: DanielVolz <3275994+DanielVolz@users.noreply.github.com>

* Add tests for ProfileModal, UserFilterModal, MedDetailModal - 361 tests, 36% coverage

Co-authored-by: DanielVolz <3275994+DanielVolz@users.noreply.github.com>

* Add SharedSchedule tests - 366 tests, 39% coverage

Co-authored-by: DanielVolz <3275994+DanielVolz@users.noreply.github.com>

* Expand page tests - 383 tests, 39% coverage

Co-authored-by: DanielVolz <3275994+DanielVolz@users.noreply.github.com>

* Add MobileEditModal tests - 409 tests, 40% coverage

Co-authored-by: DanielVolz <3275994+DanielVolz@users.noreply.github.com>

* Expand Dashboard and Schedule page tests - 427 tests, 40% coverage

Co-authored-by: DanielVolz <3275994+DanielVolz@users.noreply.github.com>

* Fix code review issues - remove invalid remindEnabled property

Co-authored-by: DanielVolz <3275994+DanielVolz@users.noreply.github.com>

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: DanielVolz <3275994+DanielVolz@users.noreply.github.com>

---------

Co-authored-by: Copilot <198982749+Copilot@users.noreply.github.com>
Co-authored-by: DanielVolz <3275994+DanielVolz@users.noreply.github.com>
 2026-01-22 10:25:11 +01:00
Daniel Volz 8718311876 refactor(frontend): modularize App.tsx into components, pages, hooks, and context (#60) 
- Extract App.tsx from 764 lines to ~404 lines
- Create reusable components: MedDetailModal, MobileEditModal, ShareDialog, etc.
- Add AppContext for global state management
- Split pages: DashboardPage, MedicationsPage, SchedulePage, SettingsPage, PlannerPage
- Create custom hooks: useAuth, useMedications, useSettings, useDoses, useSchedule
- Add utility functions in separate modules
- Fix stock status logic (>30 days = green/normal)
- Fix reminder threshold calculation (use reminderDaysBefore not lowStockDays)
- Fix takenBy validation (send [] instead of null)
- Fix datetime format for blister start times (add Z suffix)
- Style 'All OK' status as green/bold

BREAKING: None - all existing functionality preserved
 2026-01-22 05:38:34 +01:00
Daniel Volz 89edd74de3 chore: release v1.4.1 (#59) 
* chore: release v1.4.0

* chore: release v1.4.1
 2026-01-20 19:35:00 +01:00
Daniel Volz 30d72f625d chore: unify data folder and update AI instructions (#58) 
- Use single ./data folder for both dev and prod (removes ./backend/data)
- Update docker-compose.dev.yml to use ./data:/app/data
- Remove backend/data/ from .gitignore (only data/ needed)
- Add 'NEVER create PRs without permission' rule to copilot-instructions.md
 2026-01-20 19:32:35 +01:00
Daniel Volz cea1a8b119 chore: improve .gitignore and add shared vscode settings (#57) 
- Better organized with clear sections
- Added SQLite WAL/SHM files
- Added OS files (Thumbs.db, swap files)
- Added misc caches (.cache/, .turbo/)
- Keep .vscode/settings.json for shared vitest config
- Added root data/ folder (docker-compose mount point)
 2026-01-20 19:22:45 +01:00
Copilot 3aa2b608b0 Fix missing Drizzle migrations in production Docker image (#56) 
* Initial plan

* fix: Add drizzle migrations folder to production Docker image

Co-authored-by: DanielVolz <3275994+DanielVolz@users.noreply.github.com>

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: DanielVolz <3275994+DanielVolz@users.noreply.github.com>
 2026-01-20 18:31:28 +01:00
Daniel Volz e24a540f17 fix: show package size in user medications modal (#54) 
The user medications modal (clicking on a 'taken by' badge) was showing
the adjusted stock as total (e.g. 152/152) instead of the package size
(e.g. 152/196).

Changed from getMedTotal() to getPackageSize() for the denominator.
 2026-01-18 17:25:47 +01:00
Daniel Volz fae96c9fdd docs: add AI release notes workflow to instructions (#53) 
* chore: improve release script for branch protection

- Create PR for version bump instead of direct push to main
- Wait for CI checks before merging
- Auto-merge PR and create signed tag
- Better error handling and gh CLI validation
- Works with GitHub branch protection rules

* chore(ci): create draft releases for manual release notes

Release notes should be descriptive, not auto-generated commit lists.
The workflow now creates a DRAFT release with a template.
User edits the release notes following the style guide, then publishes.

* docs: add AI release notes workflow to instructions
 2026-01-18 15:30:07 +01:00
Daniel Volz 11b55fc638 chore: improve release script for branch protection (#52) 
* chore: improve release script for branch protection

- Create PR for version bump instead of direct push to main
- Wait for CI checks before merging
- Auto-merge PR and create signed tag
- Better error handling and gh CLI validation
- Works with GitHub branch protection rules

* chore(ci): create draft releases for manual release notes

Release notes should be descriptive, not auto-generated commit lists.
The workflow now creates a DRAFT release with a template.
User edits the release notes following the style guide, then publishes.
 2026-01-18 15:20:18 +01:00
Daniel Volz b68c0b0737 chore: release v1.4.0 (#51) 2026-01-18 15:14:55 +01:00
Daniel Volz 1920b47924 feat: Add About section with version info and update check (#50) 
* feat: add About section with version info and update check

- Add About menu item in user dropdown
- Show frontend and backend versions separately
- Add 'Check for Updates' feature using GitHub API
- Compare versions using semver logic
- Cache update check results in sessionStorage (1 hour TTL)
- Link to GitHub repository
- Add i18n translations for EN and DE
- Extend health endpoint to return backend version

* fix: correct i18n interpolation in About modal

- Fix copyright year using dynamic interpolation
- Fix update available message (remove duplicate version placeholder)
- Add download link for available updates
- Change license to GPL-3.0

* fix: correct license to MIT

* chore: sync package.json versions to v1.3.1
 2026-01-18 15:12:21 +01:00
Daniel Volz 857b1462e3 fix: include stockAdjustment in export/import (#49) 
The stockAdjustment and lastStockCorrectionAt fields were not being
exported or imported, causing stock corrections to be lost when
doing an export/import cycle.

Changes:
- Add stockAdjustment to inventory schema in export validation
- Add lastStockCorrectionAt to medication export schema
- Export both fields when generating export data
- Import both fields when restoring from backup
 2026-01-18 14:39:39 +01:00
Daniel Volz 813aa0faf9 fix: show package size instead of adjusted total in medications list and modal (#48) 
The 'Total' display should show the base package capacity (packs × blisters × pills + loose),
not the corrected stock amount. This is the fixed capacity of a full package.

- Add getPackageSize() helper to calculate base total without stockAdjustment
- Use packageSize in medications list 'Total: X pills'
- Use packageSize in medication detail modal 'Current Stock: X / Y'
- getMedTotal() still includes stockAdjustment for coverage calculations
 2026-01-18 14:19:26 +01:00
Daniel Volz 75bb7abebc feat: Stock Correction Modal (#47) 
* feat: add stock correction modal with blister-based input

- Add 'Correct Stock' button to medication detail modal
- New modal with Full Blisters + Partial Blister Pills inputs
- Auto-conversion for edge cases (full/negative partial)
- New stockAdjustment field for DB corrections without touching looseTablets
- New lastStockCorrectionAt timestamp to ignore old consumed doses after correction
- Tracking data preserved for future statistics
- Add Drizzle migrations for new columns
- Add translations for en/de

* fix: add stock_adjustment columns to e2e/integration test schemas
 2026-01-18 12:53:25 +01:00
Daniel Volz bb46b26ec6 feat: improve export/import UI with modal and integrated success message (#46) 
- Replace export checkbox with modal offering 'With Images' or 'Data Only' options
- Replace styled label with proper button for file import
- Replace browser alert() with integrated success banner for import confirmation
- Add i18n translations for new modal texts (EN/DE)

The export modal provides a cleaner UX with clear explanations for each option.
The import success message now displays inline with theme-appropriate styling.
 2026-01-18 09:37:25 +01:00
Daniel Volz 8d22669bef fix: export/import dismissed doses and person-specific dose IDs (#45) 
- Add 'dismissed' field to dose history export/import
- Add 'takenByPerson' field to handle person-suffixed dose IDs (e.g., 5-0-timestamp-Daniel)
- Update parseDoseId() to extract person suffix from dose ID
- Update buildDoseId() to include optional person suffix

This fixes import losing:
1. Which past doses were marked as taken
2. Which doses were dismissed (cleared missed)
3. Person-specific dose tracking for shared schedules
 2026-01-18 09:19:23 +01:00
Daniel Volz fb0b3df794 feat: add option to exclude images from export (#44) 
- Add 'Include medication images' checkbox in export section
- Default: enabled (full backup with images)
- Disabled: much smaller export (~50 KB instead of several MB)
- Helpful for quick backups or when importing to another instance
 2026-01-18 09:12:12 +01:00
Daniel Volz 48ae48a165 fix: increase body size limit for large imports (#43) 
- Increase nginx client_max_body_size from 10MB to 50MB
- Add bodyLimit: 50MB to Fastify import route
- Allows importing exports with many base64-encoded images
 2026-01-18 09:05:57 +01:00
Daniel Volz a190667320 fix: improve import error handling and add refill_history table migration (#42) 
- Add CREATE TABLE IF NOT EXISTS for refill_history in ALTER migrations
- Improve frontend import error handling to show server errors properly
- Parse response as text first to handle non-JSON error responses
 2026-01-18 08:55:48 +01:00
Daniel Volz cfdca04df9 fix: handle invalid date values in export route (#41) 
Added robust date handling to prevent 'Invalid time value' errors when
exporting dose history and share links. The code now safely handles:
- Date objects that might be invalid
- Timestamps stored as numbers or strings
- Missing or null values

Falls back to current date if conversion fails.
 2026-01-18 08:36:17 +01:00
Daniel Volz a28e3724ae docs: emphasize ALTER migration requirement for new features (#40) 
Added prominent warning in copilot-instructions.md that every new feature
touching DB must include ALTER migrations in client.ts, not just schema.ts.
This prevents production 500 errors on existing databases.
 2026-01-18 08:27:29 +01:00
Daniel Volz 42d00dd1c0 fix: add stock_calculation_mode ALTER migration for backward compatibility (#39) 
Older production databases were missing the stock_calculation_mode column,
causing 500 errors on /export endpoint. Added migration to add column
with default value 'automatic'.
 2026-01-18 08:23:35 +01:00
Daniel Volz 8928915947 fix: remove duplicate 'New Medication' button from edit form (#38) 
The button was redundant as it already exists in the medication list header.
 2026-01-17 23:13:57 +01:00
Daniel Volz cfd37ca526 fix: close medication detail modal before navigating to edit (#37) 
When clicking 'Edit' in the medication detail modal, the modal
now properly closes before navigating to the medications page.
Previously the modal remained visible behind the edit form.
 2026-01-17 23:08:04 +01:00
Daniel Volz 288e075786 fix: browser back gesture closes modal instead of navigating (#36) 
* fix: browser back gesture closes modal instead of navigating

- Push history state when opening medication detail modal
- Handle popstate event to close modal on browser back
- Replace direct setSelectedMed(null) with closeMedDetail() helper
- Improves mobile UX: swiping back closes modal instead of leaving page

* feat: add back-swipe support for all modals

- Add history.pushState/popstate handling for all modal types
- Profile, ShareDialog, EditModal, RefillModal, ImageLightbox,
  ScheduleLightbox, UserFilter now all support browser back button
- Mobile users can now swipe back to close any modal instead of
  navigating away from the app
- ESC key also triggers proper history-based close for all modals
- Fix duplicate openShareDialog function
- Fix recursive call bug in openUserFilter

* fix: prevent past days count from wrapping to new line

- Add flex-wrap: nowrap to .past-days-toggle
- Add white-space: nowrap and flex-shrink: 0 to .past-days-count
- Ensures (7 Tage), (14 Tage) etc. stays on same line as label

* fix: improve schedule row layout for mobile screens

- Stack schedule label and value vertically on small screens (<400px)
- Add word-break for long text values
- Prevents 'Einnahmeprüfung' and '15 Min. vor geplanter Zeit' from overlapping

* feat: add back-swipe support for image lightbox on share page

- Add history.pushState/popstate handling for lightbox in SharedSchedule
- Mobile users can now swipe back to close image instead of navigating away
 2026-01-17 23:00:39 +01:00
Daniel Volz 13c6430dee fix(ci): disable provenance/sbom to remove unknown/unknown image (#35) 2026-01-17 22:22:35 +01:00
Daniel Volz ec3793dd05 chore(ci): add path filters to skip CI for docs-only changes (#33) 
* chore(ci): add path filters to skip CI for docs-only changes

- test.yml: Only run on changes to backend/**, frontend/**, or the workflow itself
- docker-build.yml: Only run on code/docker changes (tags still trigger unconditionally)

* docs: move screenshots below GIF and add visual indentation
 2026-01-17 22:06:34 +01:00
Daniel Volz d5f6ceba19 docs: Update README with new features and screenshots (#32) 
- Add Medication Refill and Data Export/Import to features
- Add collapsible screenshots section with 8 new screenshots
- Include desktop views: Dashboard, Medication Detail, Edit Form, Planner, Shared Schedule
- Include mobile views: Dashboard, Medications, Schedule
- Remove old dashboard.png, add properly named screenshots
 2026-01-17 21:57:29 +01:00
Daniel Volz 6f0553d7dd docs: update release notes style guide (#31) 
- Add structured format with What's New, Features, Where to Find It
- Prefer bold feature names with inline descriptions
- Minimize emoji usage
- Add comprehensive example based on v1.3.0 release
 2026-01-17 21:18:10 +01:00
160 changed files with 46299 additions and 22134 deletions
Expand all files Collapse all files
.github/copilot-instructions.md
+80 -12
View File
@@ -4,8 +4,11 @@
- **English is the primary language**: All code, comments, documentation, commit messages, PR descriptions, and GitHub releases MUST be written in English. The user may communicate in German, but all project artifacts must be in English.
- **NEVER release without explicit permission**: Do NOT create tags, releases, or version bumps unless the user explicitly asks for it. Always wait for explicit confirmation before any release action.
- **NEVER create PRs without explicit permission**: Do NOT create Pull Requests, push branches, or merge code unless the user explicitly asks for it. Always present changes and wait for the user to confirm before any git operations that affect the remote repository.
- **No temporary files**: Delete temporary scripts/files immediately after use. Do not commit temporary debug scripts, test files, or one-off utilities to the repository.
- **Clean workspace**: Always clean up after yourself. If you create a file for a specific task, delete it once done.
- **Remove old code when re-implementing**: When fixing a bug or re-implementing a feature that didn't work, ALWAYS remove the old/broken code completely. Never leave dead code, unused functions, or obsolete implementations in the codebase.
- **Tests are mandatory**: Every new feature and every bug fix MUST have corresponding tests. When modifying existing features, update or add tests accordingly. If old tests become obsolete due to code changes, remove or update them.
## Architecture Overview
@@ -190,36 +193,90 @@ gh pr merge --squash --delete-branch
> ⚠️ **IMPORTANT**: All GitHub Releases must be written in **English**!
### Release Workflow (MANDATORY for minor/major releases)
The `main` branch is protected - releases must go through the automated release script.
**Release Process:**
```bash
# 1. Run release script (creates PR, waits for CI, merges, creates tag)
./scripts/release.sh [patch|minor|major]
# 2. GitHub Actions creates a DRAFT release automatically
# 3. User asks AI to write release notes:
# "Write the release notes for vX.Y.Z"
# 4. AI writes descriptive release notes following the style guide below
# 5. User publishes the draft release with the written notes
```
> ⚠️ **MANDATORY for minor and major releases**: The AI assistant MUST write proper descriptive release notes!
> Do NOT just publish the auto-generated commit list. Follow the process above.
**AI Assistant Release Notes Workflow:**
1. When user asks to write release notes for a version:
- Check commits since previous tag: `git log vPREV..vNEW --oneline`
- Read through the changes to understand what was added/fixed
- Write release notes following the style guide below
- Present the notes to the user for copying to GitHub
### Creating Release Notes
> ⚠️ **MANDATORY**: GitHub Releases MUST contain a written message!
> Not just auto-generated commit lists, but a brief descriptive text.
**Keep it short!** Less is more. Users want to know what changed, not implementation details.
**Release title:** Use just `vX.Y.Z` (e.g., `v1.4.1`), NOT "Release vX.Y.Z".
**Structure of a release text:**
**Keep it informative but concise.** Users want to know what changed and where to find it.
1. **Intro** (1-2 sentences): What's new in plain language
2. **Features** (if needed): Very brief bullet points
3. **Breaking Changes Warning** (if applicable): See below
**Required structure of release notes:**
1. **"What's New"** (1-2 sentences): Brief intro explaining the main change
2. **"New Features" / "Improvements"**: Grouped bullet points with **bold feature names** and descriptions
3. **"Where to Find It"**: Tell users where they can access the new feature
4. **Breaking Changes Warning** (if applicable): See below
**Style guidelines:**
- Use `### Heading` for sections (New Features, Improvements, Security, etc.)
- Use **bold** for feature names in bullet points
- Keep descriptions on the same line as the feature name
- Minimal emoji usage (sparingly, not on every line)
- Always end with "Where to Find It" section
**DO NOT include:**
- ❌ Technical implementation details (new columns, endpoints, etc.)
- ❌ "How it works" step-by-step explanations
- ❌ Technical implementation details (new columns, endpoints, database changes)
- ❌ Number of tests added
- ❌ Internal API changes (unless breaking)
- ❌ Excessive emoji on every bullet point
- ❌ .gitignore changes or other developer-only file changes
- ❌ AI/Copilot instruction updates
- ❌ CI/CD workflow changes (unless affecting users)
- ❌ Code refactoring without user-visible changes
**Only include user-relevant changes** - things that affect what users see or experience in the app.
**Example of good release notes:**
```markdown
## What's New
Added the ability to clear missed dose warnings without affecting medication stock.
A "Clear missed" button now appears next to the "Show past days" toggle.
This release introduces a medication refill tracking feature and improves the mobile user experience.
### Features
- 🧹 Clear missed doses with one click
- ✅ Confirmation dialog to prevent accidents
### New Features
- **Medication Refill**: Track when you refill your medications with a single click. Add full packs or individual pills and view complete refill history.
- **Automatic Stock Updates**: Stock levels are automatically recalculated after each refill.
- **Refill History**: Each medication shows a complete history of all refills with timestamps.
### Mobile Improvements
- **Centered Tooltips**: Info tooltips now display centered on screen for better readability.
- **Touch-friendly**: Tooltips close automatically when scrolling on touch devices.
### Where to Find It
The refill button appears in the medication detail modal and in the edit form for each medication.
**Full Changelog**: https://github.com/DanielVolz/medassist-ng/compare/v1.2.3...v1.3.0
```
### Breaking Changes Warning (CRITICAL!)
@@ -455,6 +512,17 @@ Example: `5-0-1735344000000` = Medication 5, Blister 0, timestamp
> Users upgrade their Docker containers but keep their existing DB.
> The app must NOT crash if old columns are missing.
### ⚠️ MANDATORY for EVERY New Feature
**Before implementing ANY feature that touches user data or settings:**
1. **Check if new DB columns are needed** - Does the feature require storing new data?
2. **If YES → Follow ALL steps below** - Schema.ts + Drizzle migration + ALTER migration + NULL-safe code
3. **NEVER skip the ALTER migration** - This is the #1 cause of production 500 errors!
**Common mistake:** Adding a column to `schema.ts` and forgetting the ALTER migration in `client.ts`.
The Drizzle migration only works for NEW databases. Existing production databases need the ALTER migration!
### Schema Management with Drizzle Kit
The database schema uses **Drizzle Kit** for migrations. There is a **single source of truth**:
.github/workflows/docker-build.yml
+7
View File
@@ -3,6 +3,11 @@ name: Build and Push Docker Images
on:
push:
branches: [main]
paths:
- 'backend/**'
- 'frontend/**'
- 'docker-compose*.yml'
- '.github/workflows/docker-build.yml'
tags: ['v*']
workflow_dispatch:
inputs:
@@ -113,6 +118,8 @@ jobs:
cache-from: type=gha
cache-to: type=gha,mode=max
platforms: linux/amd64,linux/arm64
provenance: false
sbom: false
# =============================================================================
# Create GitHub Release (only on tag push)
.github/workflows/release.yml
+43 -21
View File
@@ -16,41 +16,63 @@ jobs:
with:
fetch-depth: 0
- name: Get previous tag
id: prev_tag
- name: Get version info
id: version
run: |
# Get all tags sorted by version, find the one before current
CURRENT_TAG=${GITHUB_REF#refs/tags/}
PREV_TAG=$(git tag --sort=-v:refname | grep -A1 "^${CURRENT_TAG}$" | tail -1)
VERSION=${CURRENT_TAG#v}
echo "tag=$CURRENT_TAG" >> $GITHUB_OUTPUT
echo "version=$VERSION" >> $GITHUB_OUTPUT
# If no previous tag found (first release), use empty
# Get previous tag
PREV_TAG=$(git tag --sort=-v:refname | grep -A1 "^${CURRENT_TAG}$" | tail -1)
if [ "$PREV_TAG" = "$CURRENT_TAG" ]; then
PREV_TAG=""
fi
echo "previous_tag=$PREV_TAG" >> $GITHUB_OUTPUT
echo "Current tag: $CURRENT_TAG, Previous tag: $PREV_TAG"
- name: Generate changelog
id: changelog
- name: Generate release template
run: |
PREV_TAG="${{ steps.prev_tag.outputs.previous_tag }}"
cat > release_notes.md << 'EOF'
## What's New
if [ -z "$PREV_TAG" ]; then
# First release - get all commits
CHANGES=$(git log --pretty=format:"- %s" HEAD)
else
# Get commits since last tag
CHANGES=$(git log --pretty=format:"- %s" ${PREV_TAG}..HEAD)
fi
<!--
Write 1-2 sentences describing the main changes in this release.
Example: This release introduces a medication refill tracking feature and improves the mobile user experience.
-->
# Write to file for multiline support
echo "$CHANGES" > changelog.txt
### New Features
<!-- List new features with **bold** names and descriptions -->
- **Feature Name**: Description of the feature
### Improvements
<!-- List improvements and fixes -->
- **Improvement**: Description
### Where to Find It
<!-- Tell users where they can access new features -->
---
## Docker Images
```bash
docker pull ghcr.io/danielvolz/medassist-ng-backend:${{ steps.version.outputs.version }}
docker pull ghcr.io/danielvolz/medassist-ng-frontend:${{ steps.version.outputs.version }}
```
**Full Changelog**: https://github.com/DanielVolz/medassist-ng/compare/${{ steps.version.outputs.previous_tag }}...${{ steps.version.outputs.tag }}
EOF
- name: Create Release
- name: Create Draft Release
uses: softprops/action-gh-release@v1
with:
body_path: changelog.txt
body_path: release_notes.md
draft: true
generate_release_notes: false
name: "Release ${{ steps.version.outputs.tag }}"
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
.github/workflows/test.yml
+6
View File
@@ -35,6 +35,9 @@ jobs:
- name: Install dependencies
run: npm ci
- name: Lint
run: npm run lint
- name: TypeScript type check
run: npx tsc --noEmit
@@ -75,5 +78,8 @@ jobs:
- name: Install dependencies
run: npm ci
- name: Lint
run: npm run lint
- name: TypeScript type check & build
run: npm run build
.github/workflows/update-test-badges.yml
+97
View File
@@ -0,0 +1,97 @@
name: Update Test Badges
on:
push:
branches: [main]
paths:
- 'backend/src/**'
- 'frontend/src/**'
- 'backend/package.json'
- 'frontend/package.json'
permissions:
contents: write
jobs:
update-badges:
name: Update Test Count Badges
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: '22'
cache: 'npm'
cache-dependency-path: '**/package-lock.json'
- name: Install backend dependencies
working-directory: backend
run: npm ci
- name: Install frontend dependencies
working-directory: frontend
run: npm ci
- name: Run backend tests and capture count
id: backend-tests
working-directory: backend
run: |
OUTPUT=$(npm run test:run 2>&1) || true
echo "$OUTPUT"
# Extract "Tests X passed" from output
PASSED=$(echo "$OUTPUT" | grep -oP 'Tests\s+\K\d+(?=\s+passed)' | tail -1)
echo "count=$PASSED" >> $GITHUB_OUTPUT
- name: Run frontend tests and capture count
id: frontend-tests
working-directory: frontend
run: |
OUTPUT=$(npm run test -- --run 2>&1) || true
echo "$OUTPUT"
# Extract "Tests X passed" from output
PASSED=$(echo "$OUTPUT" | grep -oP 'Tests\s+\K\d+(?=\s+passed)' | tail -1)
echo "count=$PASSED" >> $GITHUB_OUTPUT
- name: Update README badges
run: |
BACKEND_COUNT="${{ steps.backend-tests.outputs.count }}"
FRONTEND_COUNT="${{ steps.frontend-tests.outputs.count }}"
echo "Backend tests: $BACKEND_COUNT"
echo "Frontend tests: $FRONTEND_COUNT"
# Only update if we got valid counts
if [[ -n "$BACKEND_COUNT" && -n "$FRONTEND_COUNT" ]]; then
# URL encode the slash for shields.io
BACKEND_BADGE="https://img.shields.io/badge/Backend_Tests-${BACKEND_COUNT}%2F${BACKEND_COUNT}-brightgreen?logo=vitest"
FRONTEND_BADGE="https://img.shields.io/badge/Frontend_Tests-${FRONTEND_COUNT}%2F${FRONTEND_COUNT}-brightgreen?logo=vitest"
# Update README using sed
sed -i "s|https://img.shields.io/badge/Backend_Tests-[^\"]*|$BACKEND_BADGE|g" README.md
sed -i "s|https://img.shields.io/badge/Frontend_Tests-[^\"]*|$FRONTEND_BADGE|g" README.md
echo "Updated badges in README.md"
else
echo "Could not extract test counts, skipping update"
exit 0
fi
- name: Check for changes
id: git-check
run: |
git diff --quiet README.md || echo "changed=true" >> $GITHUB_OUTPUT
- name: Commit and push if changed
if: steps.git-check.outputs.changed == 'true'
run: |
git config --local user.email "github-actions[bot]@users.noreply.github.com"
git config --local user.name "github-actions[bot]"
git add README.md
git commit -m "chore: update test count badges [skip ci]"
git push
.gitignore
+67 -26
View File
@@ -1,33 +1,74 @@
# Node
# ===================
# Dependencies
# ===================
node_modules/
.pnpm-store/
# ===================
# Build outputs
# ===================
dist/
build/
.tmp/
*.tsbuildinfo
# ===================
# Test & Coverage
# ===================
coverage/
.nyc_output/
# ===================
# Environment
# ===================
.env
.env.*
!.env.example
# ===================
# Database & Data
# ===================
*.db
*.sqlite
*.sqlite3
*.db-journal
*.db-wal
*.db-shm
data/
# ===================
# Logs
# ===================
logs/
*.log
npm-debug.log*
yarn-debug.log*
yarn-error.log*
pnpm-debug.log*
# Build outputs
dist/
build/
coverage/
.tmp/
# Env
.env
.env.*
!.env.example
# SQLite
*.db
*.sqlite
*.sqlite3
*.db-journal
backend/data/
# Logs
logs/
*.log
# Editor
.vscode/
.idea/
# ===================
# OS files
# ===================
.DS_Store
Thumbs.db
*.swp
*.swo
*~
# ===================
# IDE / Editor
# ===================
.idea/
*.sublime-project
*.sublime-workspace
# Keep shared VS Code settings
# .vscode/ is NOT ignored - settings.json is useful for the team
# ===================
# Misc
# ===================
*.local
.cache/
.turbo/
docs/TECH_STACK.md
.husky/pre-commit
+1
View File
@@ -0,0 +1 @@
npx lint-staged
.husky/pre-push
Executable
+12
View File
@@ -0,0 +1,12 @@
#!/bin/sh
echo "Running backend tests before push..."
cd backend && CI=true npm test
if [ $? -ne 0 ]; then
echo "❌ Backend tests failed. Push aborted."
echo "Use 'git push --no-verify' to skip tests if needed."
exit 1
fi
echo "✅ Backend tests passed!"
.vscode/settings.json
Vendored
+5
View File
@@ -0,0 +1,5 @@
{
"vitest.root": "backend",
"vitest.enable": true,
"vitest.commandLine": "npm test --"
}
README.md
+91
View File
@@ -17,6 +17,11 @@
<img src="https://img.shields.io/badge/Docker-Ready-2496ED?logo=docker" alt="Docker" />
</p>
<p align="center">
<img src="https://img.shields.io/badge/Backend_Tests-454%2F454-brightgreen?logo=vitest" alt="Backend Tests 454/454" />
<img src="https://img.shields.io/badge/Frontend_Tests-611%2F611-brightgreen?logo=vitest" alt="Frontend Tests 611/611" />
</p>
### 🤖 AI-Generated Code
> This app was 100% coded with Claude Opus 4.5. Use at your own risk.
@@ -28,6 +33,7 @@
> **Think of this app as a helpful tool, but make all health decisions independently!**
- [Features](#features)
- [Screenshots](#screenshots)
- [Getting Started](#getting-started)
- [Configuration](#configuration)
- [Development](#development)
@@ -38,11 +44,91 @@
<img src="docs/gifs/MedAssist-demo.gif" alt="MedAssist-ng Dashboard" width="100%" />
</p>
<a id="screenshots"></a>
<details>
<summary><strong>Screenshots</strong></summary>
<blockquote>
<details>
<summary>Dashboard</summary>
Overview with stock status, reorder reminders, and upcoming schedules.
<img src="docs/screenshots/dashboard-desktop.png" alt="Dashboard" width="100%" />
</details>
<details>
<summary>Medication Detail</summary>
View medication details, stock information, and intake schedule.
<img src="docs/screenshots/medication-detail-modal.png" alt="Medication Detail Modal" width="100%" />
</details>
<details>
<summary>Medications & Edit Form</summary>
Manage your medications with the edit form and refill feature.
<img src="docs/screenshots/medications-edit-desktop.png" alt="Medications Edit Form" width="100%" />
</details>
<details>
<summary>Demand Calculator (Planner)</summary>
Calculate how many pills you need for a specific date range.
<img src="docs/screenshots/planner-desktop.png" alt="Planner - Demand Calculator" width="100%" />
</details>
<details>
<summary>Shared Schedule</summary>
Share your medication schedule with others via a public link.
<img src="docs/screenshots/share-schedule-desktop.png" alt="Shared Schedule" width="100%" />
</details>
<details>
<summary>Mobile Views</summary>
<table>
<tr>
<td align="center" width="33%">
<strong>Dashboard</strong><br>
<img src="docs/screenshots/dashboard-mobile.png" alt="Mobile Dashboard" width="100%" />
</td>
<td align="center" width="33%">
<strong>Medications</strong><br>
<img src="docs/screenshots/medications-mobile.png" alt="Mobile Medications" width="100%" />
</td>
<td align="center" width="33%">
<strong>Schedule</strong><br>
<img src="docs/screenshots/schedule-mobile.png" alt="Mobile Schedule" width="100%" />
</td>
</tr>
</table>
</details>
</blockquote>
</details>
### Smart Inventory
- Track exact stock: packs, blisters, and loose pills
- Display remaining days of supply
- Automatic calculation based on intake schedule
### Medication Refill
- One-click refill with pack or loose pill options
- Complete refill history per medication
- Automatic stock updates after each refill
### Flexible Schedules
- Daily, weekly, or custom intervals per medication
- Independent schedules for each medication
@@ -60,6 +146,11 @@
- Manage medications for multiple people
- Share schedules via link. Recipients can mark doses as taken, you see it live
### Data Export & Import
- Export all your data (medications, dose history, settings) as JSON
- Import previously exported data with automatic ID remapping
- Choose whether to include sensitive data in exports
### Notifications
- Email via SMTP
- Push notifications via ntfy, Pushover, Gotify, Telegram, Discord & more ([Shoutrrr](https://containrrr.dev/shoutrrr/))
backend/.dockerignore
+35
View File
@@ -0,0 +1,35 @@
# Dependencies
node_modules/
# Build outputs
dist/
coverage/
# Development files
*.log
npm-debug.log*
# Test files
src/test/
*.test.ts
vitest.config.ts
# Local data (mounted as volume in production)
data/
# IDE
.vscode/
.idea/
# OS files
.DS_Store
Thumbs.db
# Git
.git/
.gitignore
# Docker
Dockerfile
.dockerignore
docker-compose*.yml
backend/Dockerfile
+3
View File
@@ -46,6 +46,9 @@ COPY --from=builder /app/node_modules ./node_modules
COPY --from=builder /app/dist ./dist
COPY --from=builder /app/package.json ./
# Copy drizzle migrations folder (required for database setup)
COPY drizzle ./drizzle
# Create data directory and set ownership to node user (UID 1000)
RUN mkdir -p /app/data && chown -R node:node /app
backend/drizzle/0001_add_stock_adjustment.sql
+1
View File
@@ -0,0 +1 @@
ALTER TABLE `medications` ADD `stock_adjustment` integer DEFAULT 0 NOT NULL;
backend/drizzle/0002_add_last_stock_correction_at.sql
+1
View File
@@ -0,0 +1 @@
ALTER TABLE `medications` ADD `last_stock_correction_at` integer;
backend/drizzle/0003_add_reminder_info_columns.sql
+3
View File
@@ -0,0 +1,3 @@
ALTER TABLE `medications` ADD `dismissed_until` text;--> statement-breakpoint
ALTER TABLE `user_settings` ADD `last_reminder_med_name` text;--> statement-breakpoint
ALTER TABLE `user_settings` ADD `last_reminder_taken_by` text;
backend/drizzle/meta/0001_snapshot.json
+827
View File
@@ -0,0 +1,827 @@
{
"version": "6",
"dialect": "sqlite",
"id": "bcb60728-38c0-4965-adac-829c02240d89",
"prevId": "0e7f882c-b6e8-4d7b-a6a8-a076969c3e76",
"tables": {
"dose_tracking": {
"name": "dose_tracking",
"columns": {
"id": {
"name": "id",
"type": "integer",
"primaryKey": true,
"notNull": true,
"autoincrement": true
},
"user_id": {
"name": "user_id",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false
},
"dose_id": {
"name": "dose_id",
"type": "text(255)",
"primaryKey": false,
"notNull": true,
"autoincrement": false
},
"taken_at": {
"name": "taken_at",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": "(strftime('%s','now'))"
},
"marked_by": {
"name": "marked_by",
"type": "text(100)",
"primaryKey": false,
"notNull": false,
"autoincrement": false
},
"dismissed": {
"name": "dismissed",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": false
}
},
"indexes": {},
"foreignKeys": {
"dose_tracking_user_id_users_id_fk": {
"name": "dose_tracking_user_id_users_id_fk",
"tableFrom": "dose_tracking",
"tableTo": "users",
"columnsFrom": [
"user_id"
],
"columnsTo": [
"id"
],
"onDelete": "cascade",
"onUpdate": "no action"
}
},
"compositePrimaryKeys": {},
"uniqueConstraints": {},
"checkConstraints": {}
},
"medications": {
"name": "medications",
"columns": {
"id": {
"name": "id",
"type": "integer",
"primaryKey": true,
"notNull": true,
"autoincrement": true
},
"user_id": {
"name": "user_id",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false
},
"name": {
"name": "name",
"type": "text(100)",
"primaryKey": false,
"notNull": true,
"autoincrement": false
},
"generic_name": {
"name": "generic_name",
"type": "text(100)",
"primaryKey": false,
"notNull": false,
"autoincrement": false
},
"taken_by_json": {
"name": "taken_by_json",
"type": "text",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": "'[]'"
},
"pack_count": {
"name": "pack_count",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": 1
},
"blisters_per_pack": {
"name": "blisters_per_pack",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": 1
},
"pills_per_blister": {
"name": "pills_per_blister",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": 1
},
"loose_tablets": {
"name": "loose_tablets",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": 0
},
"stock_adjustment": {
"name": "stock_adjustment",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": 0
},
"pill_weight_mg": {
"name": "pill_weight_mg",
"type": "integer",
"primaryKey": false,
"notNull": false,
"autoincrement": false
},
"usage_json": {
"name": "usage_json",
"type": "text",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": "'[]'"
},
"every_json": {
"name": "every_json",
"type": "text",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": "'[]'"
},
"start_json": {
"name": "start_json",
"type": "text",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": "'[]'"
},
"image_url": {
"name": "image_url",
"type": "text",
"primaryKey": false,
"notNull": false,
"autoincrement": false
},
"expiry_date": {
"name": "expiry_date",
"type": "text",
"primaryKey": false,
"notNull": false,
"autoincrement": false
},
"notes": {
"name": "notes",
"type": "text",
"primaryKey": false,
"notNull": false,
"autoincrement": false
},
"intake_reminders_enabled": {
"name": "intake_reminders_enabled",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": false
},
"updated_at": {
"name": "updated_at",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": "CURRENT_TIMESTAMP"
}
},
"indexes": {},
"foreignKeys": {
"medications_user_id_users_id_fk": {
"name": "medications_user_id_users_id_fk",
"tableFrom": "medications",
"tableTo": "users",
"columnsFrom": [
"user_id"
],
"columnsTo": [
"id"
],
"onDelete": "cascade",
"onUpdate": "no action"
}
},
"compositePrimaryKeys": {},
"uniqueConstraints": {},
"checkConstraints": {}
},
"refill_history": {
"name": "refill_history",
"columns": {
"id": {
"name": "id",
"type": "integer",
"primaryKey": true,
"notNull": true,
"autoincrement": true
},
"medication_id": {
"name": "medication_id",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false
},
"user_id": {
"name": "user_id",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false
},
"packs_added": {
"name": "packs_added",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": 0
},
"loose_pills_added": {
"name": "loose_pills_added",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": 0
},
"refill_date": {
"name": "refill_date",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": "(strftime('%s','now'))"
}
},
"indexes": {},
"foreignKeys": {
"refill_history_medication_id_medications_id_fk": {
"name": "refill_history_medication_id_medications_id_fk",
"tableFrom": "refill_history",
"tableTo": "medications",
"columnsFrom": [
"medication_id"
],
"columnsTo": [
"id"
],
"onDelete": "cascade",
"onUpdate": "no action"
},
"refill_history_user_id_users_id_fk": {
"name": "refill_history_user_id_users_id_fk",
"tableFrom": "refill_history",
"tableTo": "users",
"columnsFrom": [
"user_id"
],
"columnsTo": [
"id"
],
"onDelete": "cascade",
"onUpdate": "no action"
}
},
"compositePrimaryKeys": {},
"uniqueConstraints": {},
"checkConstraints": {}
},
"refresh_tokens": {
"name": "refresh_tokens",
"columns": {
"id": {
"name": "id",
"type": "integer",
"primaryKey": true,
"notNull": true,
"autoincrement": true
},
"user_id": {
"name": "user_id",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false
},
"token_id": {
"name": "token_id",
"type": "text(255)",
"primaryKey": false,
"notNull": true,
"autoincrement": false
},
"expires_at": {
"name": "expires_at",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false
},
"rotated_at": {
"name": "rotated_at",
"type": "integer",
"primaryKey": false,
"notNull": false,
"autoincrement": false
},
"revoked": {
"name": "revoked",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": false
},
"created_at": {
"name": "created_at",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": "CURRENT_TIMESTAMP"
}
},
"indexes": {
"refresh_tokens_token_id_unique": {
"name": "refresh_tokens_token_id_unique",
"columns": [
"token_id"
],
"isUnique": true
}
},
"foreignKeys": {
"refresh_tokens_user_id_users_id_fk": {
"name": "refresh_tokens_user_id_users_id_fk",
"tableFrom": "refresh_tokens",
"tableTo": "users",
"columnsFrom": [
"user_id"
],
"columnsTo": [
"id"
],
"onDelete": "cascade",
"onUpdate": "no action"
}
},
"compositePrimaryKeys": {},
"uniqueConstraints": {},
"checkConstraints": {}
},
"share_tokens": {
"name": "share_tokens",
"columns": {
"id": {
"name": "id",
"type": "integer",
"primaryKey": true,
"notNull": true,
"autoincrement": true
},
"user_id": {
"name": "user_id",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false
},
"token": {
"name": "token",
"type": "text(64)",
"primaryKey": false,
"notNull": true,
"autoincrement": false
},
"taken_by": {
"name": "taken_by",
"type": "text(100)",
"primaryKey": false,
"notNull": true,
"autoincrement": false
},
"schedule_days": {
"name": "schedule_days",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": 30
},
"created_at": {
"name": "created_at",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": "CURRENT_TIMESTAMP"
},
"expires_at": {
"name": "expires_at",
"type": "integer",
"primaryKey": false,
"notNull": false,
"autoincrement": false
}
},
"indexes": {
"share_tokens_token_unique": {
"name": "share_tokens_token_unique",
"columns": [
"token"
],
"isUnique": true
}
},
"foreignKeys": {
"share_tokens_user_id_users_id_fk": {
"name": "share_tokens_user_id_users_id_fk",
"tableFrom": "share_tokens",
"tableTo": "users",
"columnsFrom": [
"user_id"
],
"columnsTo": [
"id"
],
"onDelete": "cascade",
"onUpdate": "no action"
}
},
"compositePrimaryKeys": {},
"uniqueConstraints": {},
"checkConstraints": {}
},
"user_settings": {
"name": "user_settings",
"columns": {
"id": {
"name": "id",
"type": "integer",
"primaryKey": true,
"notNull": true,
"autoincrement": true
},
"user_id": {
"name": "user_id",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false
},
"email_enabled": {
"name": "email_enabled",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": false
},
"notification_email": {
"name": "notification_email",
"type": "text",
"primaryKey": false,
"notNull": false,
"autoincrement": false
},
"email_stock_reminders": {
"name": "email_stock_reminders",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": true
},
"email_intake_reminders": {
"name": "email_intake_reminders",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": true
},
"shoutrrr_enabled": {
"name": "shoutrrr_enabled",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": false
},
"shoutrrr_url": {
"name": "shoutrrr_url",
"type": "text",
"primaryKey": false,
"notNull": false,
"autoincrement": false
},
"shoutrrr_stock_reminders": {
"name": "shoutrrr_stock_reminders",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": true
},
"shoutrrr_intake_reminders": {
"name": "shoutrrr_intake_reminders",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": true
},
"reminder_days_before": {
"name": "reminder_days_before",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": 7
},
"repeat_daily_reminders": {
"name": "repeat_daily_reminders",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": false
},
"skip_reminders_for_taken_doses": {
"name": "skip_reminders_for_taken_doses",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": false
},
"repeat_reminders_enabled": {
"name": "repeat_reminders_enabled",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": false
},
"reminder_repeat_interval_minutes": {
"name": "reminder_repeat_interval_minutes",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": 30
},
"max_nagging_reminders": {
"name": "max_nagging_reminders",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": 5
},
"low_stock_days": {
"name": "low_stock_days",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": 30
},
"normal_stock_days": {
"name": "normal_stock_days",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": 90
},
"high_stock_days": {
"name": "high_stock_days",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": 180
},
"expiry_warning_days": {
"name": "expiry_warning_days",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": 90
},
"language": {
"name": "language",
"type": "text(10)",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": "'en'"
},
"stock_calculation_mode": {
"name": "stock_calculation_mode",
"type": "text(20)",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": "'automatic'"
},
"last_auto_email_sent": {
"name": "last_auto_email_sent",
"type": "text",
"primaryKey": false,
"notNull": false,
"autoincrement": false
},
"last_notification_type": {
"name": "last_notification_type",
"type": "text",
"primaryKey": false,
"notNull": false,
"autoincrement": false
},
"last_notification_channel": {
"name": "last_notification_channel",
"type": "text",
"primaryKey": false,
"notNull": false,
"autoincrement": false
},
"updated_at": {
"name": "updated_at",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": "CURRENT_TIMESTAMP"
}
},
"indexes": {
"user_settings_user_id_unique": {
"name": "user_settings_user_id_unique",
"columns": [
"user_id"
],
"isUnique": true
}
},
"foreignKeys": {
"user_settings_user_id_users_id_fk": {
"name": "user_settings_user_id_users_id_fk",
"tableFrom": "user_settings",
"tableTo": "users",
"columnsFrom": [
"user_id"
],
"columnsTo": [
"id"
],
"onDelete": "cascade",
"onUpdate": "no action"
}
},
"compositePrimaryKeys": {},
"uniqueConstraints": {},
"checkConstraints": {}
},
"users": {
"name": "users",
"columns": {
"id": {
"name": "id",
"type": "integer",
"primaryKey": true,
"notNull": true,
"autoincrement": true
},
"username": {
"name": "username",
"type": "text(100)",
"primaryKey": false,
"notNull": true,
"autoincrement": false
},
"password_hash": {
"name": "password_hash",
"type": "text(255)",
"primaryKey": false,
"notNull": false,
"autoincrement": false
},
"avatar_url": {
"name": "avatar_url",
"type": "text(255)",
"primaryKey": false,
"notNull": false,
"autoincrement": false
},
"auth_provider": {
"name": "auth_provider",
"type": "text(50)",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": "'local'"
},
"oidc_subject": {
"name": "oidc_subject",
"type": "text(255)",
"primaryKey": false,
"notNull": false,
"autoincrement": false
},
"is_active": {
"name": "is_active",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": true
},
"last_login_at": {
"name": "last_login_at",
"type": "integer",
"primaryKey": false,
"notNull": false,
"autoincrement": false
},
"created_at": {
"name": "created_at",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": "CURRENT_TIMESTAMP"
},
"updated_at": {
"name": "updated_at",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": "CURRENT_TIMESTAMP"
}
},
"indexes": {
"users_username_unique": {
"name": "users_username_unique",
"columns": [
"username"
],
"isUnique": true
}
},
"foreignKeys": {},
"compositePrimaryKeys": {},
"uniqueConstraints": {},
"checkConstraints": {}
}
},
"views": {},
"enums": {},
"_meta": {
"schemas": {},
"tables": {},
"columns": {}
},
"internal": {
"indexes": {}
}
}
backend/drizzle/meta/0002_snapshot.json
+834
View File
@@ -0,0 +1,834 @@
{
"version": "6",
"dialect": "sqlite",
"id": "098ee506-e43d-4ccb-bee5-c387905695ab",
"prevId": "bcb60728-38c0-4965-adac-829c02240d89",
"tables": {
"dose_tracking": {
"name": "dose_tracking",
"columns": {
"id": {
"name": "id",
"type": "integer",
"primaryKey": true,
"notNull": true,
"autoincrement": true
},
"user_id": {
"name": "user_id",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false
},
"dose_id": {
"name": "dose_id",
"type": "text(255)",
"primaryKey": false,
"notNull": true,
"autoincrement": false
},
"taken_at": {
"name": "taken_at",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": "(strftime('%s','now'))"
},
"marked_by": {
"name": "marked_by",
"type": "text(100)",
"primaryKey": false,
"notNull": false,
"autoincrement": false
},
"dismissed": {
"name": "dismissed",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": false
}
},
"indexes": {},
"foreignKeys": {
"dose_tracking_user_id_users_id_fk": {
"name": "dose_tracking_user_id_users_id_fk",
"tableFrom": "dose_tracking",
"tableTo": "users",
"columnsFrom": [
"user_id"
],
"columnsTo": [
"id"
],
"onDelete": "cascade",
"onUpdate": "no action"
}
},
"compositePrimaryKeys": {},
"uniqueConstraints": {},
"checkConstraints": {}
},
"medications": {
"name": "medications",
"columns": {
"id": {
"name": "id",
"type": "integer",
"primaryKey": true,
"notNull": true,
"autoincrement": true
},
"user_id": {
"name": "user_id",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false
},
"name": {
"name": "name",
"type": "text(100)",
"primaryKey": false,
"notNull": true,
"autoincrement": false
},
"generic_name": {
"name": "generic_name",
"type": "text(100)",
"primaryKey": false,
"notNull": false,
"autoincrement": false
},
"taken_by_json": {
"name": "taken_by_json",
"type": "text",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": "'[]'"
},
"pack_count": {
"name": "pack_count",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": 1
},
"blisters_per_pack": {
"name": "blisters_per_pack",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": 1
},
"pills_per_blister": {
"name": "pills_per_blister",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": 1
},
"loose_tablets": {
"name": "loose_tablets",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": 0
},
"stock_adjustment": {
"name": "stock_adjustment",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": 0
},
"last_stock_correction_at": {
"name": "last_stock_correction_at",
"type": "integer",
"primaryKey": false,
"notNull": false,
"autoincrement": false
},
"pill_weight_mg": {
"name": "pill_weight_mg",
"type": "integer",
"primaryKey": false,
"notNull": false,
"autoincrement": false
},
"usage_json": {
"name": "usage_json",
"type": "text",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": "'[]'"
},
"every_json": {
"name": "every_json",
"type": "text",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": "'[]'"
},
"start_json": {
"name": "start_json",
"type": "text",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": "'[]'"
},
"image_url": {
"name": "image_url",
"type": "text",
"primaryKey": false,
"notNull": false,
"autoincrement": false
},
"expiry_date": {
"name": "expiry_date",
"type": "text",
"primaryKey": false,
"notNull": false,
"autoincrement": false
},
"notes": {
"name": "notes",
"type": "text",
"primaryKey": false,
"notNull": false,
"autoincrement": false
},
"intake_reminders_enabled": {
"name": "intake_reminders_enabled",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": false
},
"updated_at": {
"name": "updated_at",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": "CURRENT_TIMESTAMP"
}
},
"indexes": {},
"foreignKeys": {
"medications_user_id_users_id_fk": {
"name": "medications_user_id_users_id_fk",
"tableFrom": "medications",
"tableTo": "users",
"columnsFrom": [
"user_id"
],
"columnsTo": [
"id"
],
"onDelete": "cascade",
"onUpdate": "no action"
}
},
"compositePrimaryKeys": {},
"uniqueConstraints": {},
"checkConstraints": {}
},
"refill_history": {
"name": "refill_history",
"columns": {
"id": {
"name": "id",
"type": "integer",
"primaryKey": true,
"notNull": true,
"autoincrement": true
},
"medication_id": {
"name": "medication_id",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false
},
"user_id": {
"name": "user_id",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false
},
"packs_added": {
"name": "packs_added",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": 0
},
"loose_pills_added": {
"name": "loose_pills_added",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": 0
},
"refill_date": {
"name": "refill_date",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": "(strftime('%s','now'))"
}
},
"indexes": {},
"foreignKeys": {
"refill_history_medication_id_medications_id_fk": {
"name": "refill_history_medication_id_medications_id_fk",
"tableFrom": "refill_history",
"tableTo": "medications",
"columnsFrom": [
"medication_id"
],
"columnsTo": [
"id"
],
"onDelete": "cascade",
"onUpdate": "no action"
},
"refill_history_user_id_users_id_fk": {
"name": "refill_history_user_id_users_id_fk",
"tableFrom": "refill_history",
"tableTo": "users",
"columnsFrom": [
"user_id"
],
"columnsTo": [
"id"
],
"onDelete": "cascade",
"onUpdate": "no action"
}
},
"compositePrimaryKeys": {},
"uniqueConstraints": {},
"checkConstraints": {}
},
"refresh_tokens": {
"name": "refresh_tokens",
"columns": {
"id": {
"name": "id",
"type": "integer",
"primaryKey": true,
"notNull": true,
"autoincrement": true
},
"user_id": {
"name": "user_id",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false
},
"token_id": {
"name": "token_id",
"type": "text(255)",
"primaryKey": false,
"notNull": true,
"autoincrement": false
},
"expires_at": {
"name": "expires_at",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false
},
"rotated_at": {
"name": "rotated_at",
"type": "integer",
"primaryKey": false,
"notNull": false,
"autoincrement": false
},
"revoked": {
"name": "revoked",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": false
},
"created_at": {
"name": "created_at",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": "CURRENT_TIMESTAMP"
}
},
"indexes": {
"refresh_tokens_token_id_unique": {
"name": "refresh_tokens_token_id_unique",
"columns": [
"token_id"
],
"isUnique": true
}
},
"foreignKeys": {
"refresh_tokens_user_id_users_id_fk": {
"name": "refresh_tokens_user_id_users_id_fk",
"tableFrom": "refresh_tokens",
"tableTo": "users",
"columnsFrom": [
"user_id"
],
"columnsTo": [
"id"
],
"onDelete": "cascade",
"onUpdate": "no action"
}
},
"compositePrimaryKeys": {},
"uniqueConstraints": {},
"checkConstraints": {}
},
"share_tokens": {
"name": "share_tokens",
"columns": {
"id": {
"name": "id",
"type": "integer",
"primaryKey": true,
"notNull": true,
"autoincrement": true
},
"user_id": {
"name": "user_id",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false
},
"token": {
"name": "token",
"type": "text(64)",
"primaryKey": false,
"notNull": true,
"autoincrement": false
},
"taken_by": {
"name": "taken_by",
"type": "text(100)",
"primaryKey": false,
"notNull": true,
"autoincrement": false
},
"schedule_days": {
"name": "schedule_days",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": 30
},
"created_at": {
"name": "created_at",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": "CURRENT_TIMESTAMP"
},
"expires_at": {
"name": "expires_at",
"type": "integer",
"primaryKey": false,
"notNull": false,
"autoincrement": false
}
},
"indexes": {
"share_tokens_token_unique": {
"name": "share_tokens_token_unique",
"columns": [
"token"
],
"isUnique": true
}
},
"foreignKeys": {
"share_tokens_user_id_users_id_fk": {
"name": "share_tokens_user_id_users_id_fk",
"tableFrom": "share_tokens",
"tableTo": "users",
"columnsFrom": [
"user_id"
],
"columnsTo": [
"id"
],
"onDelete": "cascade",
"onUpdate": "no action"
}
},
"compositePrimaryKeys": {},
"uniqueConstraints": {},
"checkConstraints": {}
},
"user_settings": {
"name": "user_settings",
"columns": {
"id": {
"name": "id",
"type": "integer",
"primaryKey": true,
"notNull": true,
"autoincrement": true
},
"user_id": {
"name": "user_id",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false
},
"email_enabled": {
"name": "email_enabled",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": false
},
"notification_email": {
"name": "notification_email",
"type": "text",
"primaryKey": false,
"notNull": false,
"autoincrement": false
},
"email_stock_reminders": {
"name": "email_stock_reminders",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": true
},
"email_intake_reminders": {
"name": "email_intake_reminders",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": true
},
"shoutrrr_enabled": {
"name": "shoutrrr_enabled",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": false
},
"shoutrrr_url": {
"name": "shoutrrr_url",
"type": "text",
"primaryKey": false,
"notNull": false,
"autoincrement": false
},
"shoutrrr_stock_reminders": {
"name": "shoutrrr_stock_reminders",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": true
},
"shoutrrr_intake_reminders": {
"name": "shoutrrr_intake_reminders",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": true
},
"reminder_days_before": {
"name": "reminder_days_before",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": 7
},
"repeat_daily_reminders": {
"name": "repeat_daily_reminders",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": false
},
"skip_reminders_for_taken_doses": {
"name": "skip_reminders_for_taken_doses",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": false
},
"repeat_reminders_enabled": {
"name": "repeat_reminders_enabled",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": false
},
"reminder_repeat_interval_minutes": {
"name": "reminder_repeat_interval_minutes",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": 30
},
"max_nagging_reminders": {
"name": "max_nagging_reminders",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": 5
},
"low_stock_days": {
"name": "low_stock_days",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": 30
},
"normal_stock_days": {
"name": "normal_stock_days",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": 90
},
"high_stock_days": {
"name": "high_stock_days",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": 180
},
"expiry_warning_days": {
"name": "expiry_warning_days",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": 90
},
"language": {
"name": "language",
"type": "text(10)",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": "'en'"
},
"stock_calculation_mode": {
"name": "stock_calculation_mode",
"type": "text(20)",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": "'automatic'"
},
"last_auto_email_sent": {
"name": "last_auto_email_sent",
"type": "text",
"primaryKey": false,
"notNull": false,
"autoincrement": false
},
"last_notification_type": {
"name": "last_notification_type",
"type": "text",
"primaryKey": false,
"notNull": false,
"autoincrement": false
},
"last_notification_channel": {
"name": "last_notification_channel",
"type": "text",
"primaryKey": false,
"notNull": false,
"autoincrement": false
},
"updated_at": {
"name": "updated_at",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": "CURRENT_TIMESTAMP"
}
},
"indexes": {
"user_settings_user_id_unique": {
"name": "user_settings_user_id_unique",
"columns": [
"user_id"
],
"isUnique": true
}
},
"foreignKeys": {
"user_settings_user_id_users_id_fk": {
"name": "user_settings_user_id_users_id_fk",
"tableFrom": "user_settings",
"tableTo": "users",
"columnsFrom": [
"user_id"
],
"columnsTo": [
"id"
],
"onDelete": "cascade",
"onUpdate": "no action"
}
},
"compositePrimaryKeys": {},
"uniqueConstraints": {},
"checkConstraints": {}
},
"users": {
"name": "users",
"columns": {
"id": {
"name": "id",
"type": "integer",
"primaryKey": true,
"notNull": true,
"autoincrement": true
},
"username": {
"name": "username",
"type": "text(100)",
"primaryKey": false,
"notNull": true,
"autoincrement": false
},
"password_hash": {
"name": "password_hash",
"type": "text(255)",
"primaryKey": false,
"notNull": false,
"autoincrement": false
},
"avatar_url": {
"name": "avatar_url",
"type": "text(255)",
"primaryKey": false,
"notNull": false,
"autoincrement": false
},
"auth_provider": {
"name": "auth_provider",
"type": "text(50)",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": "'local'"
},
"oidc_subject": {
"name": "oidc_subject",
"type": "text(255)",
"primaryKey": false,
"notNull": false,
"autoincrement": false
},
"is_active": {
"name": "is_active",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": true
},
"last_login_at": {
"name": "last_login_at",
"type": "integer",
"primaryKey": false,
"notNull": false,
"autoincrement": false
},
"created_at": {
"name": "created_at",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": "CURRENT_TIMESTAMP"
},
"updated_at": {
"name": "updated_at",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": "CURRENT_TIMESTAMP"
}
},
"indexes": {
"users_username_unique": {
"name": "users_username_unique",
"columns": [
"username"
],
"isUnique": true
}
},
"foreignKeys": {},
"compositePrimaryKeys": {},
"uniqueConstraints": {},
"checkConstraints": {}
}
},
"views": {},
"enums": {},
"_meta": {
"schemas": {},
"tables": {},
"columns": {}
},
"internal": {
"indexes": {}
}
}
backend/drizzle/meta/0003_snapshot.json
+855
View File
@@ -0,0 +1,855 @@
{
"version": "6",
"dialect": "sqlite",
"id": "4f1d8273-1e60-4da1-9bfc-bd51c2784836",
"prevId": "098ee506-e43d-4ccb-bee5-c387905695ab",
"tables": {
"dose_tracking": {
"name": "dose_tracking",
"columns": {
"id": {
"name": "id",
"type": "integer",
"primaryKey": true,
"notNull": true,
"autoincrement": true
},
"user_id": {
"name": "user_id",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false
},
"dose_id": {
"name": "dose_id",
"type": "text(255)",
"primaryKey": false,
"notNull": true,
"autoincrement": false
},
"taken_at": {
"name": "taken_at",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": "(strftime('%s','now'))"
},
"marked_by": {
"name": "marked_by",
"type": "text(100)",
"primaryKey": false,
"notNull": false,
"autoincrement": false
},
"dismissed": {
"name": "dismissed",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": false
}
},
"indexes": {},
"foreignKeys": {
"dose_tracking_user_id_users_id_fk": {
"name": "dose_tracking_user_id_users_id_fk",
"tableFrom": "dose_tracking",
"tableTo": "users",
"columnsFrom": [
"user_id"
],
"columnsTo": [
"id"
],
"onDelete": "cascade",
"onUpdate": "no action"
}
},
"compositePrimaryKeys": {},
"uniqueConstraints": {},
"checkConstraints": {}
},
"medications": {
"name": "medications",
"columns": {
"id": {
"name": "id",
"type": "integer",
"primaryKey": true,
"notNull": true,
"autoincrement": true
},
"user_id": {
"name": "user_id",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false
},
"name": {
"name": "name",
"type": "text(100)",
"primaryKey": false,
"notNull": true,
"autoincrement": false
},
"generic_name": {
"name": "generic_name",
"type": "text(100)",
"primaryKey": false,
"notNull": false,
"autoincrement": false
},
"taken_by_json": {
"name": "taken_by_json",
"type": "text",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": "'[]'"
},
"pack_count": {
"name": "pack_count",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": 1
},
"blisters_per_pack": {
"name": "blisters_per_pack",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": 1
},
"pills_per_blister": {
"name": "pills_per_blister",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": 1
},
"loose_tablets": {
"name": "loose_tablets",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": 0
},
"stock_adjustment": {
"name": "stock_adjustment",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": 0
},
"last_stock_correction_at": {
"name": "last_stock_correction_at",
"type": "integer",
"primaryKey": false,
"notNull": false,
"autoincrement": false
},
"pill_weight_mg": {
"name": "pill_weight_mg",
"type": "integer",
"primaryKey": false,
"notNull": false,
"autoincrement": false
},
"usage_json": {
"name": "usage_json",
"type": "text",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": "'[]'"
},
"every_json": {
"name": "every_json",
"type": "text",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": "'[]'"
},
"start_json": {
"name": "start_json",
"type": "text",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": "'[]'"
},
"image_url": {
"name": "image_url",
"type": "text",
"primaryKey": false,
"notNull": false,
"autoincrement": false
},
"expiry_date": {
"name": "expiry_date",
"type": "text",
"primaryKey": false,
"notNull": false,
"autoincrement": false
},
"notes": {
"name": "notes",
"type": "text",
"primaryKey": false,
"notNull": false,
"autoincrement": false
},
"intake_reminders_enabled": {
"name": "intake_reminders_enabled",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": false
},
"dismissed_until": {
"name": "dismissed_until",
"type": "text",
"primaryKey": false,
"notNull": false,
"autoincrement": false
},
"updated_at": {
"name": "updated_at",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": "CURRENT_TIMESTAMP"
}
},
"indexes": {},
"foreignKeys": {
"medications_user_id_users_id_fk": {
"name": "medications_user_id_users_id_fk",
"tableFrom": "medications",
"tableTo": "users",
"columnsFrom": [
"user_id"
],
"columnsTo": [
"id"
],
"onDelete": "cascade",
"onUpdate": "no action"
}
},
"compositePrimaryKeys": {},
"uniqueConstraints": {},
"checkConstraints": {}
},
"refill_history": {
"name": "refill_history",
"columns": {
"id": {
"name": "id",
"type": "integer",
"primaryKey": true,
"notNull": true,
"autoincrement": true
},
"medication_id": {
"name": "medication_id",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false
},
"user_id": {
"name": "user_id",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false
},
"packs_added": {
"name": "packs_added",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": 0
},
"loose_pills_added": {
"name": "loose_pills_added",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": 0
},
"refill_date": {
"name": "refill_date",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": "(strftime('%s','now'))"
}
},
"indexes": {},
"foreignKeys": {
"refill_history_medication_id_medications_id_fk": {
"name": "refill_history_medication_id_medications_id_fk",
"tableFrom": "refill_history",
"tableTo": "medications",
"columnsFrom": [
"medication_id"
],
"columnsTo": [
"id"
],
"onDelete": "cascade",
"onUpdate": "no action"
},
"refill_history_user_id_users_id_fk": {
"name": "refill_history_user_id_users_id_fk",
"tableFrom": "refill_history",
"tableTo": "users",
"columnsFrom": [
"user_id"
],
"columnsTo": [
"id"
],
"onDelete": "cascade",
"onUpdate": "no action"
}
},
"compositePrimaryKeys": {},
"uniqueConstraints": {},
"checkConstraints": {}
},
"refresh_tokens": {
"name": "refresh_tokens",
"columns": {
"id": {
"name": "id",
"type": "integer",
"primaryKey": true,
"notNull": true,
"autoincrement": true
},
"user_id": {
"name": "user_id",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false
},
"token_id": {
"name": "token_id",
"type": "text(255)",
"primaryKey": false,
"notNull": true,
"autoincrement": false
},
"expires_at": {
"name": "expires_at",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false
},
"rotated_at": {
"name": "rotated_at",
"type": "integer",
"primaryKey": false,
"notNull": false,
"autoincrement": false
},
"revoked": {
"name": "revoked",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": false
},
"created_at": {
"name": "created_at",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": "CURRENT_TIMESTAMP"
}
},
"indexes": {
"refresh_tokens_token_id_unique": {
"name": "refresh_tokens_token_id_unique",
"columns": [
"token_id"
],
"isUnique": true
}
},
"foreignKeys": {
"refresh_tokens_user_id_users_id_fk": {
"name": "refresh_tokens_user_id_users_id_fk",
"tableFrom": "refresh_tokens",
"tableTo": "users",
"columnsFrom": [
"user_id"
],
"columnsTo": [
"id"
],
"onDelete": "cascade",
"onUpdate": "no action"
}
},
"compositePrimaryKeys": {},
"uniqueConstraints": {},
"checkConstraints": {}
},
"share_tokens": {
"name": "share_tokens",
"columns": {
"id": {
"name": "id",
"type": "integer",
"primaryKey": true,
"notNull": true,
"autoincrement": true
},
"user_id": {
"name": "user_id",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false
},
"token": {
"name": "token",
"type": "text(64)",
"primaryKey": false,
"notNull": true,
"autoincrement": false
},
"taken_by": {
"name": "taken_by",
"type": "text(100)",
"primaryKey": false,
"notNull": true,
"autoincrement": false
},
"schedule_days": {
"name": "schedule_days",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": 30
},
"created_at": {
"name": "created_at",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": "CURRENT_TIMESTAMP"
},
"expires_at": {
"name": "expires_at",
"type": "integer",
"primaryKey": false,
"notNull": false,
"autoincrement": false
}
},
"indexes": {
"share_tokens_token_unique": {
"name": "share_tokens_token_unique",
"columns": [
"token"
],
"isUnique": true
}
},
"foreignKeys": {
"share_tokens_user_id_users_id_fk": {
"name": "share_tokens_user_id_users_id_fk",
"tableFrom": "share_tokens",
"tableTo": "users",
"columnsFrom": [
"user_id"
],
"columnsTo": [
"id"
],
"onDelete": "cascade",
"onUpdate": "no action"
}
},
"compositePrimaryKeys": {},
"uniqueConstraints": {},
"checkConstraints": {}
},
"user_settings": {
"name": "user_settings",
"columns": {
"id": {
"name": "id",
"type": "integer",
"primaryKey": true,
"notNull": true,
"autoincrement": true
},
"user_id": {
"name": "user_id",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false
},
"email_enabled": {
"name": "email_enabled",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": false
},
"notification_email": {
"name": "notification_email",
"type": "text",
"primaryKey": false,
"notNull": false,
"autoincrement": false
},
"email_stock_reminders": {
"name": "email_stock_reminders",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": true
},
"email_intake_reminders": {
"name": "email_intake_reminders",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": true
},
"shoutrrr_enabled": {
"name": "shoutrrr_enabled",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": false
},
"shoutrrr_url": {
"name": "shoutrrr_url",
"type": "text",
"primaryKey": false,
"notNull": false,
"autoincrement": false
},
"shoutrrr_stock_reminders": {
"name": "shoutrrr_stock_reminders",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": true
},
"shoutrrr_intake_reminders": {
"name": "shoutrrr_intake_reminders",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": true
},
"reminder_days_before": {
"name": "reminder_days_before",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": 7
},
"repeat_daily_reminders": {
"name": "repeat_daily_reminders",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": false
},
"skip_reminders_for_taken_doses": {
"name": "skip_reminders_for_taken_doses",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": false
},
"repeat_reminders_enabled": {
"name": "repeat_reminders_enabled",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": false
},
"reminder_repeat_interval_minutes": {
"name": "reminder_repeat_interval_minutes",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": 30
},
"max_nagging_reminders": {
"name": "max_nagging_reminders",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": 5
},
"low_stock_days": {
"name": "low_stock_days",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": 30
},
"normal_stock_days": {
"name": "normal_stock_days",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": 90
},
"high_stock_days": {
"name": "high_stock_days",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": 180
},
"expiry_warning_days": {
"name": "expiry_warning_days",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": 90
},
"language": {
"name": "language",
"type": "text(10)",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": "'en'"
},
"stock_calculation_mode": {
"name": "stock_calculation_mode",
"type": "text(20)",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": "'automatic'"
},
"last_auto_email_sent": {
"name": "last_auto_email_sent",
"type": "text",
"primaryKey": false,
"notNull": false,
"autoincrement": false
},
"last_notification_type": {
"name": "last_notification_type",
"type": "text",
"primaryKey": false,
"notNull": false,
"autoincrement": false
},
"last_notification_channel": {
"name": "last_notification_channel",
"type": "text",
"primaryKey": false,
"notNull": false,
"autoincrement": false
},
"last_reminder_med_name": {
"name": "last_reminder_med_name",
"type": "text",
"primaryKey": false,
"notNull": false,
"autoincrement": false
},
"last_reminder_taken_by": {
"name": "last_reminder_taken_by",
"type": "text",
"primaryKey": false,
"notNull": false,
"autoincrement": false
},
"updated_at": {
"name": "updated_at",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": "CURRENT_TIMESTAMP"
}
},
"indexes": {
"user_settings_user_id_unique": {
"name": "user_settings_user_id_unique",
"columns": [
"user_id"
],
"isUnique": true
}
},
"foreignKeys": {
"user_settings_user_id_users_id_fk": {
"name": "user_settings_user_id_users_id_fk",
"tableFrom": "user_settings",
"tableTo": "users",
"columnsFrom": [
"user_id"
],
"columnsTo": [
"id"
],
"onDelete": "cascade",
"onUpdate": "no action"
}
},
"compositePrimaryKeys": {},
"uniqueConstraints": {},
"checkConstraints": {}
},
"users": {
"name": "users",
"columns": {
"id": {
"name": "id",
"type": "integer",
"primaryKey": true,
"notNull": true,
"autoincrement": true
},
"username": {
"name": "username",
"type": "text(100)",
"primaryKey": false,
"notNull": true,
"autoincrement": false
},
"password_hash": {
"name": "password_hash",
"type": "text(255)",
"primaryKey": false,
"notNull": false,
"autoincrement": false
},
"avatar_url": {
"name": "avatar_url",
"type": "text(255)",
"primaryKey": false,
"notNull": false,
"autoincrement": false
},
"auth_provider": {
"name": "auth_provider",
"type": "text(50)",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": "'local'"
},
"oidc_subject": {
"name": "oidc_subject",
"type": "text(255)",
"primaryKey": false,
"notNull": false,
"autoincrement": false
},
"is_active": {
"name": "is_active",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": true
},
"last_login_at": {
"name": "last_login_at",
"type": "integer",
"primaryKey": false,
"notNull": false,
"autoincrement": false
},
"created_at": {
"name": "created_at",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": "CURRENT_TIMESTAMP"
},
"updated_at": {
"name": "updated_at",
"type": "integer",
"primaryKey": false,
"notNull": true,
"autoincrement": false,
"default": "CURRENT_TIMESTAMP"
}
},
"indexes": {
"users_username_unique": {
"name": "users_username_unique",
"columns": [
"username"
],
"isUnique": true
}
},
"foreignKeys": {},
"compositePrimaryKeys": {},
"uniqueConstraints": {},
"checkConstraints": {}
}
},
"views": {},
"enums": {},
"_meta": {
"schemas": {},
"tables": {},
"columns": {}
},
"internal": {
"indexes": {}
}
}
backend/drizzle/meta/_journal.json
+21
View File
@@ -8,6 +8,27 @@
"when": 1768600500759,
"tag": "0000_init",
"breakpoints": true
},
{
"idx": 1,
"version": "6",
"when": 1768734577830,
"tag": "0001_add_stock_adjustment",
"breakpoints": true
},
{
"idx": 2,
"version": "6",
"when": 1768736677092,
"tag": "0002_add_last_stock_correction_at",
"breakpoints": true
},
{
"idx": 3,
"version": "6",
"when": 1769354512857,
"tag": "0003_add_reminder_info_columns",
"breakpoints": true
}
]
}
backend/package-lock.json
Generated
+166 -8
View File
@@ -1,12 +1,12 @@
{
"name": "medassist-ng-backend",
"version": "1.1.0",
"version": "1.5.0",
"lockfileVersion": 3,
"requires": true,
"packages": {
"": {
"name": "medassist-ng-backend",
"version": "1.1.0",
"version": "1.5.0",
"dependencies": {
"@fastify/cookie": "^10.0.1",
"@fastify/cors": "^10.0.1",
@@ -26,6 +26,7 @@
"zod": "^3.23.8"
},
"devDependencies": {
"@biomejs/biome": "^2.3.12",
"@types/node": "^22.7.4",
"@types/nodemailer": "^6.4.21",
"@types/supertest": "^6.0.2",
@@ -785,6 +786,169 @@
"node": ">=18"
}
},
"node_modules/@biomejs/biome": {
"version": "2.3.12",
"resolved": "https://registry.npmjs.org/@biomejs/biome/-/biome-2.3.12.tgz",
"integrity": "sha512-AR7h4aSlAvXj7TAajW/V12BOw2EiS0AqZWV5dGozf4nlLoUF/ifvD0+YgKSskT0ylA6dY1A8AwgP8kZ6yaCQnA==",
"dev": true,
"license": "MIT OR Apache-2.0",
"bin": {
"biome": "bin/biome"
},
"engines": {
"node": ">=14.21.3"
},
"funding": {
"type": "opencollective",
"url": "https://opencollective.com/biome"
},
"optionalDependencies": {
"@biomejs/cli-darwin-arm64": "2.3.12",
"@biomejs/cli-darwin-x64": "2.3.12",
"@biomejs/cli-linux-arm64": "2.3.12",
"@biomejs/cli-linux-arm64-musl": "2.3.12",
"@biomejs/cli-linux-x64": "2.3.12",
"@biomejs/cli-linux-x64-musl": "2.3.12",
"@biomejs/cli-win32-arm64": "2.3.12",
"@biomejs/cli-win32-x64": "2.3.12"
}
},
"node_modules/@biomejs/cli-darwin-arm64": {
"version": "2.3.12",
"resolved": "https://registry.npmjs.org/@biomejs/cli-darwin-arm64/-/cli-darwin-arm64-2.3.12.tgz",
"integrity": "sha512-cO6fn+KiMBemva6EARDLQBxeyvLzgidaFRJi8G7OeRqz54kWK0E+uSjgFaiHlc3DZYoa0+1UFE8mDxozpc9ieg==",
"cpu": [
"arm64"
],
"dev": true,
"license": "MIT OR Apache-2.0",
"optional": true,
"os": [
"darwin"
],
"engines": {
"node": ">=14.21.3"
}
},
"node_modules/@biomejs/cli-darwin-x64": {
"version": "2.3.12",
"resolved": "https://registry.npmjs.org/@biomejs/cli-darwin-x64/-/cli-darwin-x64-2.3.12.tgz",
"integrity": "sha512-/fiF/qmudKwSdvmSrSe/gOTkW77mHHkH8Iy7YC2rmpLuk27kbaUOPa7kPiH5l+3lJzTUfU/t6x1OuIq/7SGtxg==",
"cpu": [
"x64"
],
"dev": true,
"license": "MIT OR Apache-2.0",
"optional": true,
"os": [
"darwin"
],
"engines": {
"node": ">=14.21.3"
}
},
"node_modules/@biomejs/cli-linux-arm64": {
"version": "2.3.12",
"resolved": "https://registry.npmjs.org/@biomejs/cli-linux-arm64/-/cli-linux-arm64-2.3.12.tgz",
"integrity": "sha512-nbOsuQROa3DLla5vvsTZg+T5WVPGi9/vYxETm9BOuLHBJN3oWQIg3MIkE2OfL18df1ZtNkqXkH6Yg9mdTPem7A==",
"cpu": [
"arm64"
],
"dev": true,
"license": "MIT OR Apache-2.0",
"optional": true,
"os": [
"linux"
],
"engines": {
"node": ">=14.21.3"
}
},
"node_modules/@biomejs/cli-linux-arm64-musl": {
"version": "2.3.12",
"resolved": "https://registry.npmjs.org/@biomejs/cli-linux-arm64-musl/-/cli-linux-arm64-musl-2.3.12.tgz",
"integrity": "sha512-aqkeSf7IH+wkzFpKeDVPSXy9uDjxtLpYA6yzkYsY+tVjwFFirSuajHDI3ul8en90XNs1NA0n8kgBrjwRi5JeyA==",
"cpu": [
"arm64"
],
"dev": true,
"license": "MIT OR Apache-2.0",
"optional": true,
"os": [
"linux"
],
"engines": {
"node": ">=14.21.3"
}
},
"node_modules/@biomejs/cli-linux-x64": {
"version": "2.3.12",
"resolved": "https://registry.npmjs.org/@biomejs/cli-linux-x64/-/cli-linux-x64-2.3.12.tgz",
"integrity": "sha512-CQtqrJ+qEEI8tgRSTjjzk6wJAwfH3wQlkIGsM5dlecfRZaoT+XCms/mf7G4kWNexrke6mnkRzNy6w8ebV177ow==",
"cpu": [
"x64"
],
"dev": true,
"license": "MIT OR Apache-2.0",
"optional": true,
"os": [
"linux"
],
"engines": {
"node": ">=14.21.3"
}
},
"node_modules/@biomejs/cli-linux-x64-musl": {
"version": "2.3.12",
"resolved": "https://registry.npmjs.org/@biomejs/cli-linux-x64-musl/-/cli-linux-x64-musl-2.3.12.tgz",
"integrity": "sha512-kVGWtupRRsOjvw47YFkk5mLiAdpCPMWBo1jOwAzh+juDpUb2sWarIp+iq+CPL1Wt0LLZnYtP7hH5kD6fskcxmg==",
"cpu": [
"x64"
],
"dev": true,
"license": "MIT OR Apache-2.0",
"optional": true,
"os": [
"linux"
],
"engines": {
"node": ">=14.21.3"
}
},
"node_modules/@biomejs/cli-win32-arm64": {
"version": "2.3.12",
"resolved": "https://registry.npmjs.org/@biomejs/cli-win32-arm64/-/cli-win32-arm64-2.3.12.tgz",
"integrity": "sha512-Re4I7UnOoyE4kHMqpgtG6UvSBGBbbtvsOvBROgCCoH7EgANN6plSQhvo2W7OCITvTp7gD6oZOyZy72lUdXjqZg==",
"cpu": [
"arm64"
],
"dev": true,
"license": "MIT OR Apache-2.0",
"optional": true,
"os": [
"win32"
],
"engines": {
"node": ">=14.21.3"
}
},
"node_modules/@biomejs/cli-win32-x64": {
"version": "2.3.12",
"resolved": "https://registry.npmjs.org/@biomejs/cli-win32-x64/-/cli-win32-x64-2.3.12.tgz",
"integrity": "sha512-qqGVWqNNek0KikwPZlOIoxtXgsNGsX+rgdEzgw82Re8nF02W+E2WokaQhpF5TdBh/D/RQ3TLppH+otp6ztN0lw==",
"cpu": [
"x64"
],
"dev": true,
"license": "MIT OR Apache-2.0",
"optional": true,
"os": [
"win32"
],
"engines": {
"node": ">=14.21.3"
}
},
"node_modules/@drizzle-team/brocli": {
"version": "0.10.2",
"resolved": "https://registry.npmjs.org/@drizzle-team/brocli/-/brocli-0.10.2.tgz",
@@ -2079,7 +2243,6 @@
"resolved": "https://registry.npmjs.org/@libsql/client/-/client-0.10.0.tgz",
"integrity": "sha512-2ERn08T4XOVx34yBtUPq0RDjAdd9TJ5qNH/izugr208ml2F94mk92qC64kXyDVQINodWJvp3kAdq6P4zTtCZ7g==",
"license": "MIT",
"peer": true,
"dependencies": {
"@libsql/core": "^0.10.0",
"@libsql/hrana-client": "^0.6.2",
@@ -4579,7 +4742,6 @@
"dev": true,
"hasInstallScript": true,
"license": "MIT",
"peer": true,
"bin": {
"esbuild": "bin/esbuild"
},
@@ -5776,7 +5938,6 @@
"integrity": "sha512-5gTmgEY/sqK6gFXLIsQNH19lWb4ebPDLA4SdLP7dsWkIXHWlG66oPuVvXSGFPppYZz8ZDZq0dYYrbHfBCVUb1Q==",
"dev": true,
"license": "MIT",
"peer": true,
"engines": {
"node": ">=12"
},
@@ -6538,7 +6699,6 @@
"integrity": "sha512-5C1sg4USs1lfG0GFb2RLXsdpXqBSEhAaA/0kPL01wxzpMqLILNxIxIOKiILz+cdg/pLnOUxFYOR5yhHU666wbw==",
"dev": true,
"license": "MIT",
"peer": true,
"dependencies": {
"esbuild": "~0.27.0",
"get-tsconfig": "^4.7.5"
@@ -6602,7 +6762,6 @@
"integrity": "sha512-dZwN5L1VlUBewiP6H9s2+B3e3Jg96D0vzN+Ry73sOefebhYr9f94wwkMNN/9ouoU8pV1BqA1d1zGk8928cx0rg==",
"dev": true,
"license": "MIT",
"peer": true,
"dependencies": {
"esbuild": "^0.27.0",
"fdir": "^6.5.0",
@@ -6678,7 +6837,6 @@
"integrity": "sha512-E4t7DJ9pESL6E3I8nFjPa4xGUd3PmiWDLsDztS2qXSJWfHtbQnwAWylaBvSNY48I3vr8PTqIZlyK8TE3V3CA4Q==",
"dev": true,
"license": "MIT",
"peer": true,
"dependencies": {
"@vitest/expect": "4.0.16",
"@vitest/mocker": "4.0.16",
backend/package.json
+7 -2
View File
@@ -1,6 +1,6 @@
{
"name": "medassist-ng-backend",
"version": "1.1.0",
"version": "1.5.0",
"private": true,
"type": "module",
"scripts": {
@@ -10,7 +10,11 @@
"migrate": "tsx src/db/migrate.ts",
"test": "vitest",
"test:run": "vitest run",
"test:coverage": "vitest run --coverage"
"test:coverage": "vitest run --coverage",
"lint": "npx biome check .",
"lint:fix": "npx biome check --write .",
"format": "npx biome format --write .",
"check": "npx biome check . && tsc --noEmit"
},
"dependencies": {
"@fastify/cookie": "^10.0.1",
@@ -31,6 +35,7 @@
"zod": "^3.23.8"
},
"devDependencies": {
"@biomejs/biome": "^2.3.12",
"@types/node": "^22.7.4",
"@types/nodemailer": "^6.4.21",
"@types/supertest": "^6.0.2",
backend/src/db/client.ts
+150 -107
View File
@@ -1,10 +1,10 @@
import { createClient, Client } from "@libsql/client";
import { accessSync, constants, existsSync, mkdirSync, statSync, writeFileSync } from "node:fs";
import { dirname, resolve } from "node:path";
import { fileURLToPath } from "node:url";
import { type Client, createClient } from "@libsql/client";
import dotenv from "dotenv";
import { drizzle } from "drizzle-orm/libsql";
import { migrate } from "drizzle-orm/libsql/migrator";
import { existsSync, mkdirSync, accessSync, constants, statSync, writeFileSync } from "fs";
import { resolve, dirname } from "path";
import { fileURLToPath } from "url";
import dotenv from "dotenv";
dotenv.config({ path: process.env.DOTENV_PATH || ".env" });
@@ -19,95 +19,136 @@ const migrationsFolder = resolve(__dirname, "../../drizzle");
/** Build the database URL from a path */
export function buildDbUrl(dbPath: string): string {
return `file:${dbPath}`;
return `file:${dbPath}`;
}
/** Get data directory and database path */
export function getDbPaths(cwd: string = process.cwd()): { dataDir: string; dbPath: string; url: string } {
const dataDir = resolve(cwd, "data");
const dbPath = resolve(dataDir, "medassist-ng.db");
const url = buildDbUrl(dbPath);
return { dataDir, dbPath, url };
const dataDir = resolve(cwd, "data");
const dbPath = resolve(dataDir, "medassist-ng.db");
const url = buildDbUrl(dbPath);
return { dataDir, dbPath, url };
}
/** Ensure data directory exists and is writable */
export function ensureDataDirectory(dataDir: string): { success: boolean; error?: string } {
try {
if (!existsSync(dataDir)) {
mkdirSync(dataDir, { recursive: true });
}
// Check if directory is writable
accessSync(dataDir, constants.W_OK);
// Try to create a test file to verify write access
const testFile = resolve(dataDir, ".write-test");
writeFileSync(testFile, "test");
return { success: true };
} catch (err: any) {
return { success: false, error: err.message };
}
try {
if (!existsSync(dataDir)) {
mkdirSync(dataDir, { recursive: true });
}
// Check if directory is writable
accessSync(dataDir, constants.W_OK);
// Try to create a test file to verify write access
const testFile = resolve(dataDir, ".write-test");
writeFileSync(testFile, "test");
return { success: true };
} catch (err: any) {
return { success: false, error: err.message };
}
}
/** Run drizzle-kit migrations on the database */
export async function runDrizzleMigrations(database: ReturnType<typeof drizzle>): Promise<{ success: boolean; error?: string }> {
try {
await migrate(database, { migrationsFolder });
return { success: true };
} catch (err: any) {
return { success: false, error: err.message };
}
export async function runDrizzleMigrations(
database: ReturnType<typeof drizzle>
): Promise<{ success: boolean; error?: string; warning?: string }> {
try {
await migrate(database, { migrationsFolder });
return { success: true };
} catch (err: any) {
// If the error is "duplicate column", it means the schema is already up-to-date
// This happens when ALTER migrations in client.ts have already added the columns
// We consider this a success with a warning, not a failure
if (err.message?.includes("duplicate column")) {
return { success: true, warning: `Schema already up-to-date: ${err.message}` };
}
return { success: false, error: err.message };
}
}
/** Run ALTER TABLE migrations for backward compatibility with older databases */
export async function runAlterMigrations(client: Client): Promise<{ success: boolean; errors: string[] }> {
const errors: string[] = [];
const errors: string[] = [];
// These add new columns to existing tables (silently fail if column already exists)
const alterMigrations = [
// Added in v1.x - repeat reminders and nagging settings
`ALTER TABLE user_settings ADD COLUMN skip_reminders_for_taken_doses integer NOT NULL DEFAULT 0`,
`ALTER TABLE user_settings ADD COLUMN repeat_reminders_enabled integer NOT NULL DEFAULT 0`,
`ALTER TABLE user_settings ADD COLUMN reminder_repeat_interval_minutes integer NOT NULL DEFAULT 30`,
`ALTER TABLE user_settings ADD COLUMN max_nagging_reminders integer NOT NULL DEFAULT 5`,
// Added in v1.2.3 - dismiss missed doses without deducting stock
`ALTER TABLE dose_tracking ADD COLUMN dismissed integer NOT NULL DEFAULT 0`,
];
// These add new columns to existing tables (silently fail if column already exists)
const alterMigrations = [
// Added in v1.x - repeat reminders and nagging settings
`ALTER TABLE user_settings ADD COLUMN skip_reminders_for_taken_doses integer NOT NULL DEFAULT 0`,
`ALTER TABLE user_settings ADD COLUMN repeat_reminders_enabled integer NOT NULL DEFAULT 0`,
`ALTER TABLE user_settings ADD COLUMN reminder_repeat_interval_minutes integer NOT NULL DEFAULT 30`,
`ALTER TABLE user_settings ADD COLUMN max_nagging_reminders integer NOT NULL DEFAULT 5`,
// Added in v1.2.3 - dismiss missed doses without deducting stock
`ALTER TABLE dose_tracking ADD COLUMN dismissed integer NOT NULL DEFAULT 0`,
// Added in v1.3.x - stock calculation mode (automatic/manual)
`ALTER TABLE user_settings ADD COLUMN stock_calculation_mode text NOT NULL DEFAULT 'automatic'`,
// Added for stock correction - hidden offset that doesn't affect looseTablets
`ALTER TABLE medications ADD COLUMN stock_adjustment integer NOT NULL DEFAULT 0`,
// Added for stock correction - timestamp to ignore consumed doses before correction
`ALTER TABLE medications ADD COLUMN last_stock_correction_at integer`,
// Added in v1.5.1 - dismiss past doses until date (robust against timestamp changes)
`ALTER TABLE medications ADD COLUMN dismissed_until text`,
// Added for more detailed reminder info display
`ALTER TABLE user_settings ADD COLUMN last_reminder_med_name text`,
`ALTER TABLE user_settings ADD COLUMN last_reminder_taken_by text`,
];
for (const sql of alterMigrations) {
try {
await client.execute(sql);
} catch (e: any) {
// Silently ignore "duplicate column" errors - column already exists
if (!e.message?.includes("duplicate column")) {
errors.push(e.message);
}
}
}
for (const sql of alterMigrations) {
try {
await client.execute(sql);
} catch (e: any) {
// Silently ignore "duplicate column" errors - column already exists
if (!e.message?.includes("duplicate column")) {
errors.push(e.message);
}
}
}
return { success: errors.length === 0, errors };
// Create tables that might be missing (silently fail if already exists)
const createTableMigrations = [
// Added in v1.3.x - refill history tracking
`CREATE TABLE IF NOT EXISTS refill_history (
id INTEGER PRIMARY KEY AUTOINCREMENT,
medication_id INTEGER NOT NULL REFERENCES medications(id) ON DELETE CASCADE,
user_id INTEGER NOT NULL REFERENCES users(id) ON DELETE CASCADE,
packs_added INTEGER NOT NULL DEFAULT 0,
loose_pills_added INTEGER NOT NULL DEFAULT 0,
refill_date INTEGER NOT NULL DEFAULT (strftime('%s','now'))
)`,
];
for (const sql of createTableMigrations) {
try {
await client.execute(sql);
} catch (e: any) {
// Silently ignore "table already exists" errors
if (!e.message?.includes("already exists")) {
errors.push(e.message);
}
}
}
return { success: errors.length === 0, errors };
}
/** Ensure default user exists for auth-disabled mode */
export async function ensureDefaultUser(client: Client, authEnabled: boolean): Promise<boolean> {
if (authEnabled) {
return false; // No default user needed
}
if (authEnabled) {
return false; // No default user needed
}
try {
const result = await client.execute("SELECT id FROM users WHERE id = 1");
if (result.rows.length === 0) {
await client.execute(
"INSERT INTO users (id, username, auth_provider) VALUES (1, 'default', 'local')"
);
return true; // Created
}
return false; // Already exists
} catch (e: any) {
console.error(`[DB] Error creating default user:`, e.message);
return false;
}
try {
const result = await client.execute("SELECT id FROM users WHERE id = 1");
if (result.rows.length === 0) {
await client.execute("INSERT INTO users (id, username, auth_provider) VALUES (1, 'default', 'local')");
return true; // Created
}
return false; // Already exists
} catch (e: any) {
console.error(`[DB] Error creating default user:`, e.message);
return false;
}
}
// =============================================================================
@@ -124,56 +165,58 @@ console.log(`[DB] Database URL: ${url}`);
// Ensure data directory exists and is writable
const dirResult = ensureDataDirectory(dataDir);
if (!dirResult.success) {
console.error(`[DB] ERROR: Cannot access data directory: ${dirResult.error}`);
console.error(`[DB] Please ensure the volume mount has correct permissions.`);
console.error(`[DB] Try running on host: sudo chown -R 1000:1000 ${dataDir}`);
process.exit(1);
console.error(`[DB] ERROR: Cannot access data directory: ${dirResult.error}`);
console.error(`[DB] Please ensure the volume mount has correct permissions.`);
console.error(`[DB] Try running on host: sudo chown -R 1000:1000 ${dataDir}`);
process.exit(1);
} else {
console.log(`[DB] Data directory is writable`);
// Log directory stats
const stats = statSync(dataDir);
console.log(`[DB] Directory permissions: ${stats.mode.toString(8)}`);
console.log(`[DB] Directory UID: ${stats.uid}, GID: ${stats.gid}`);
console.log(`[DB] Write test successful`);
console.log(`[DB] Data directory is writable`);
// Log directory stats
const stats = statSync(dataDir);
console.log(`[DB] Directory permissions: ${stats.mode.toString(8)}`);
console.log(`[DB] Directory UID: ${stats.uid}, GID: ${stats.gid}`);
console.log(`[DB] Write test successful`);
}
let client: Client;
try {
client = createClient({ url });
console.log(`[DB] Database client created successfully`);
client = createClient({ url });
console.log(`[DB] Database client created successfully`);
} catch (err: any) {
console.error(`[DB] ERROR: Failed to create database client: ${err.message}`);
console.error(`[DB] Database path: ${dbPath}`);
process.exit(1);
console.error(`[DB] ERROR: Failed to create database client: ${err.message}`);
console.error(`[DB] Database path: ${dbPath}`);
process.exit(1);
}
export const db = drizzle(client);
// Auto-run migrations (self-healing database)
async function runMigrations() {
// Run drizzle-kit generated migrations
console.log(`[DB] Running drizzle migrations from: ${migrationsFolder}`);
const migrateResult = await runDrizzleMigrations(db);
if (!migrateResult.success) {
console.error(`[DB] Migration error:`, migrateResult.error);
} else {
console.log(`[DB] Drizzle migrations completed`);
}
// Run drizzle-kit generated migrations
console.log(`[DB] Running drizzle migrations from: ${migrationsFolder}`);
const migrateResult = await runDrizzleMigrations(db);
if (!migrateResult.success) {
console.error(`[DB] Migration error:`, migrateResult.error);
} else if (migrateResult.warning) {
console.log(`[DB] Migration warning:`, migrateResult.warning);
} else {
console.log(`[DB] Drizzle migrations completed`);
}
// Run ALTER TABLE migrations for backward compatibility
const alterResult = await runAlterMigrations(client);
if (alterResult.errors.length > 0) {
alterResult.errors.forEach(err => console.error(`[DB] ALTER migration error:`, err));
}
console.log(`[DB] Tables verified/created`);
// Run ALTER TABLE migrations for backward compatibility
const alterResult = await runAlterMigrations(client);
if (alterResult.errors.length > 0) {
alterResult.errors.forEach((err) => console.error(`[DB] ALTER migration error:`, err));
}
console.log(`[DB] Tables verified/created`);
// If auth is disabled, ensure a default user exists (ID=1)
const authEnabled = process.env.AUTH_ENABLED === "true";
const created = await ensureDefaultUser(client, authEnabled);
if (created) {
console.log(`[DB] Created default user for auth-disabled mode`);
}
// If auth is disabled, ensure a default user exists (ID=1)
const authEnabled = process.env.AUTH_ENABLED === "true";
const created = await ensureDefaultUser(client, authEnabled);
if (created) {
console.log(`[DB] Created default user for auth-disabled mode`);
}
}
// Export promise so server can await it before starting
backend/src/db/migrate.ts
+44 -42
View File
@@ -1,9 +1,9 @@
import { createClient, Client } from "@libsql/client";
import { dirname, resolve } from "node:path";
import { fileURLToPath } from "node:url";
import { type Client, createClient } from "@libsql/client";
import dotenv from "dotenv";
import { drizzle } from "drizzle-orm/libsql";
import { migrate } from "drizzle-orm/libsql/migrator";
import dotenv from "dotenv";
import { resolve, dirname } from "path";
import { fileURLToPath } from "url";
dotenv.config({ path: process.env.DOTENV_PATH || ".env" });
@@ -18,37 +18,39 @@ const migrationsFolder = resolve(__dirname, "../../drizzle");
/** Split SQL string into individual statements (for backwards compatibility with tests) */
export function splitSQLStatements(sql: string): string[] {
return sql.split(';').filter(s => s.trim().length > 0);
return sql.split(";").filter((s) => s.trim().length > 0);
}
/** Execute drizzle migrations on a database */
export async function executeMigration(client: Client): Promise<{ success: boolean; executed: number; errors: string[] }> {
const errors: string[] = [];
const db = drizzle(client);
export async function executeMigration(
client: Client
): Promise<{ success: boolean; executed: number; errors: string[] }> {
const errors: string[] = [];
const db = drizzle(client);
try {
await migrate(db, { migrationsFolder });
// Count tables as a proxy for "executed" statements
const tables = await client.execute(
"SELECT COUNT(*) as count FROM sqlite_master WHERE type='table' AND name NOT LIKE 'sqlite_%' AND name NOT LIKE '__drizzle%'"
);
const executed = Number(tables.rows[0].count) || 0;
return { success: true, executed, errors };
} catch (err: any) {
errors.push(err.message);
return { success: false, executed: 0, errors };
}
try {
await migrate(db, { migrationsFolder });
// Count tables as a proxy for "executed" statements
const tables = await client.execute(
"SELECT COUNT(*) as count FROM sqlite_master WHERE type='table' AND name NOT LIKE 'sqlite_%' AND name NOT LIKE '__drizzle%'"
);
const executed = Number(tables.rows[0].count) || 0;
return { success: true, executed, errors };
} catch (err: any) {
errors.push(err.message);
return { success: false, executed: 0, errors };
}
}
/** Get a preview of statement (first N characters) */
export function getStatementPreview(stmt: string, maxLength: number = 50): string {
const trimmed = stmt.trim();
if (trimmed.length <= maxLength) {
return trimmed;
}
return trimmed.substring(0, maxLength) + "...";
const trimmed = stmt.trim();
if (trimmed.length <= maxLength) {
return trimmed;
}
return `${trimmed.substring(0, maxLength)}...`;
}
// =============================================================================
@@ -58,25 +60,25 @@ export function getStatementPreview(stmt: string, maxLength: number = 50): strin
const url = "file:./data/medassist-ng.db";
async function main() {
console.log("Starting database setup...");
console.log("Database URL:", url);
console.log("Migrations folder:", migrationsFolder);
const client = createClient({ url });
const db = drizzle(client);
console.log("Running drizzle migrations...");
await migrate(db, { migrationsFolder });
console.log("Starting database setup...");
console.log("Database URL:", url);
console.log("Migrations folder:", migrationsFolder);
console.log("Database setup complete!");
process.exit(0);
const client = createClient({ url });
const db = drizzle(client);
console.log("Running drizzle migrations...");
await migrate(db, { migrationsFolder });
console.log("Database setup complete!");
process.exit(0);
}
// Only run main() if this file is executed directly (not imported)
const isMainModule = import.meta.url === `file://${process.argv[1]}`;
if (isMainModule) {
main().catch((err) => {
console.error("Migration failed:", err);
process.exit(1);
});
main().catch((err) => {
console.error("Migration failed:", err);
process.exit(1);
});
}
backend/src/db/schema-sql.ts
+9 -9
View File
@@ -8,8 +8,8 @@
* Each statement creates a table if it doesn't exist.
*/
export function getTableCreationSQL(): string[] {
return [
`CREATE TABLE IF NOT EXISTS users (
return [
`CREATE TABLE IF NOT EXISTS users (
id integer PRIMARY KEY AUTOINCREMENT,
username text NOT NULL UNIQUE,
password_hash text,
@@ -21,7 +21,7 @@ export function getTableCreationSQL(): string[] {
created_at integer NOT NULL DEFAULT (strftime('%s','now')),
updated_at integer NOT NULL DEFAULT (strftime('%s','now'))
)`,
`CREATE TABLE IF NOT EXISTS medications (
`CREATE TABLE IF NOT EXISTS medications (
id integer PRIMARY KEY AUTOINCREMENT,
user_id integer NOT NULL,
name text NOT NULL,
@@ -42,7 +42,7 @@ export function getTableCreationSQL(): string[] {
updated_at integer NOT NULL DEFAULT (strftime('%s','now')),
FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE
)`,
`CREATE TABLE IF NOT EXISTS user_settings (
`CREATE TABLE IF NOT EXISTS user_settings (
id integer PRIMARY KEY AUTOINCREMENT,
user_id integer NOT NULL UNIQUE,
email_enabled integer NOT NULL DEFAULT 0,
@@ -71,7 +71,7 @@ export function getTableCreationSQL(): string[] {
updated_at integer NOT NULL DEFAULT (strftime('%s','now')),
FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE
)`,
`CREATE TABLE IF NOT EXISTS refresh_tokens (
`CREATE TABLE IF NOT EXISTS refresh_tokens (
id integer PRIMARY KEY AUTOINCREMENT,
user_id integer NOT NULL,
token_id text NOT NULL UNIQUE,
@@ -81,7 +81,7 @@ export function getTableCreationSQL(): string[] {
created_at integer NOT NULL DEFAULT (strftime('%s','now')),
FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE
)`,
`CREATE TABLE IF NOT EXISTS share_tokens (
`CREATE TABLE IF NOT EXISTS share_tokens (
id integer PRIMARY KEY AUTOINCREMENT,
user_id integer NOT NULL,
token text NOT NULL UNIQUE,
@@ -91,7 +91,7 @@ export function getTableCreationSQL(): string[] {
expires_at integer,
FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE
)`,
`CREATE TABLE IF NOT EXISTS dose_tracking (
`CREATE TABLE IF NOT EXISTS dose_tracking (
id integer PRIMARY KEY AUTOINCREMENT,
user_id integer NOT NULL,
dose_id text NOT NULL,
@@ -100,7 +100,7 @@ export function getTableCreationSQL(): string[] {
dismissed integer NOT NULL DEFAULT 0,
FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE
)`,
`CREATE TABLE IF NOT EXISTS refill_history (
`CREATE TABLE IF NOT EXISTS refill_history (
id integer PRIMARY KEY AUTOINCREMENT,
medication_id integer NOT NULL,
user_id integer NOT NULL,
@@ -110,5 +110,5 @@ export function getTableCreationSQL(): string[] {
FOREIGN KEY (medication_id) REFERENCES medications(id) ON DELETE CASCADE,
FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE
)`,
];
];
}
backend/src/db/schema.ts
+109 -89
View File
@@ -1,132 +1,152 @@
import { sqliteTable, text, integer } from "drizzle-orm/sqlite-core";
import { sql } from "drizzle-orm";
import { integer, sqliteTable, text } from "drizzle-orm/sqlite-core";
// =============================================================================
// Users - Simple auth, no roles (every user is equal)
// =============================================================================
export const users = sqliteTable("users", {
id: integer("id").primaryKey({ autoIncrement: true }),
username: text("username", { length: 100 }).notNull().unique(),
passwordHash: text("password_hash", { length: 255 }),
avatarUrl: text("avatar_url", { length: 255 }),
authProvider: text("auth_provider", { length: 50 }).notNull().default("local"),
oidcSubject: text("oidc_subject", { length: 255 }), // OIDC provider's unique user ID (sub claim)
isActive: integer("is_active", { mode: "boolean" }).notNull().default(true),
lastLoginAt: integer("last_login_at", { mode: "timestamp" }),
createdAt: integer("created_at", { mode: "timestamp" }).notNull().default(sql`CURRENT_TIMESTAMP`),
updatedAt: integer("updated_at", { mode: "timestamp" }).notNull().default(sql`CURRENT_TIMESTAMP`),
id: integer("id").primaryKey({ autoIncrement: true }),
username: text("username", { length: 100 }).notNull().unique(),
passwordHash: text("password_hash", { length: 255 }),
avatarUrl: text("avatar_url", { length: 255 }),
authProvider: text("auth_provider", { length: 50 }).notNull().default("local"),
oidcSubject: text("oidc_subject", { length: 255 }), // OIDC provider's unique user ID (sub claim)
isActive: integer("is_active", { mode: "boolean" }).notNull().default(true),
lastLoginAt: integer("last_login_at", { mode: "timestamp" }),
createdAt: integer("created_at", { mode: "timestamp" }).notNull().default(sql`CURRENT_TIMESTAMP`),
updatedAt: integer("updated_at", { mode: "timestamp" }).notNull().default(sql`CURRENT_TIMESTAMP`),
});
// =============================================================================
// Medications - Per user
// =============================================================================
export const medications = sqliteTable("medications", {
id: integer("id").primaryKey({ autoIncrement: true }),
userId: integer("user_id").notNull().references(() => users.id, { onDelete: "cascade" }),
name: text("name", { length: 100 }).notNull(),
genericName: text("generic_name", { length: 100 }),
takenByJson: text("taken_by_json").notNull().default("[]"), // JSON array of person names
packCount: integer("pack_count").notNull().default(1),
blistersPerPack: integer("blisters_per_pack").notNull().default(1),
pillsPerBlister: integer("pills_per_blister").notNull().default(1),
looseTablets: integer("loose_tablets").notNull().default(0),
pillWeightMg: integer("pill_weight_mg"),
usageJson: text("usage_json").notNull().default("[]"),
everyJson: text("every_json").notNull().default("[]"),
startJson: text("start_json").notNull().default("[]"),
imageUrl: text("image_url"),
expiryDate: text("expiry_date"),
notes: text("notes"),
intakeRemindersEnabled: integer("intake_reminders_enabled", { mode: "boolean" }).notNull().default(false),
updatedAt: integer("updated_at", { mode: "timestamp" }).notNull().default(sql`CURRENT_TIMESTAMP`),
id: integer("id").primaryKey({ autoIncrement: true }),
userId: integer("user_id")
.notNull()
.references(() => users.id, { onDelete: "cascade" }),
name: text("name", { length: 100 }).notNull(),
genericName: text("generic_name", { length: 100 }),
takenByJson: text("taken_by_json").notNull().default("[]"), // JSON array of person names
packCount: integer("pack_count").notNull().default(1),
blistersPerPack: integer("blisters_per_pack").notNull().default(1),
pillsPerBlister: integer("pills_per_blister").notNull().default(1),
looseTablets: integer("loose_tablets").notNull().default(0), // TRUE loose pills (user-entered)
stockAdjustment: integer("stock_adjustment").notNull().default(0), // Hidden offset from stock corrections
lastStockCorrectionAt: integer("last_stock_correction_at", { mode: "timestamp" }), // When stock was last corrected - consumed doses before this don't count
pillWeightMg: integer("pill_weight_mg"),
usageJson: text("usage_json").notNull().default("[]"),
everyJson: text("every_json").notNull().default("[]"),
startJson: text("start_json").notNull().default("[]"),
imageUrl: text("image_url"),
expiryDate: text("expiry_date"),
notes: text("notes"),
intakeRemindersEnabled: integer("intake_reminders_enabled", { mode: "boolean" }).notNull().default(false),
dismissedUntil: text("dismissed_until"), // ISO date string (e.g. "2026-01-23") - all past doses until this date are dismissed
updatedAt: integer("updated_at", { mode: "timestamp" }).notNull().default(sql`CURRENT_TIMESTAMP`),
});
// =============================================================================
// User Settings - Per user (email, push, thresholds, language)
// =============================================================================
export const userSettings = sqliteTable("user_settings", {
id: integer("id").primaryKey({ autoIncrement: true }),
userId: integer("user_id").notNull().unique().references(() => users.id, { onDelete: "cascade" }),
// Email notifications
emailEnabled: integer("email_enabled", { mode: "boolean" }).notNull().default(false),
notificationEmail: text("notification_email"),
emailStockReminders: integer("email_stock_reminders", { mode: "boolean" }).notNull().default(true),
emailIntakeReminders: integer("email_intake_reminders", { mode: "boolean" }).notNull().default(true),
// Push notifications (shoutrrr/ntfy)
shoutrrrEnabled: integer("shoutrrr_enabled", { mode: "boolean" }).notNull().default(false),
shoutrrrUrl: text("shoutrrr_url"),
shoutrrrStockReminders: integer("shoutrrr_stock_reminders", { mode: "boolean" }).notNull().default(true),
shoutrrrIntakeReminders: integer("shoutrrr_intake_reminders", { mode: "boolean" }).notNull().default(true),
// Reminder settings
reminderDaysBefore: integer("reminder_days_before").notNull().default(7),
repeatDailyReminders: integer("repeat_daily_reminders", { mode: "boolean" }).notNull().default(false),
skipRemindersForTakenDoses: integer("skip_reminders_for_taken_doses", { mode: "boolean" }).notNull().default(false),
repeatRemindersEnabled: integer("repeat_reminders_enabled", { mode: "boolean" }).notNull().default(false),
reminderRepeatIntervalMinutes: integer("reminder_repeat_interval_minutes").notNull().default(30),
maxNaggingReminders: integer("max_nagging_reminders").notNull().default(5),
// Stock thresholds (days)
lowStockDays: integer("low_stock_days").notNull().default(30),
normalStockDays: integer("normal_stock_days").notNull().default(90),
highStockDays: integer("high_stock_days").notNull().default(180),
expiryWarningDays: integer("expiry_warning_days").notNull().default(90),
// UI preferences
language: text("language", { length: 10 }).notNull().default("en"),
// Stock calculation mode: "automatic" (schedule-based) or "manual" (only marked doses)
stockCalculationMode: text("stock_calculation_mode", { length: 20 }).notNull().default("automatic"),
// Last notification tracking
lastAutoEmailSent: text("last_auto_email_sent"),
lastNotificationType: text("last_notification_type"),
lastNotificationChannel: text("last_notification_channel"),
// Timestamps
updatedAt: integer("updated_at", { mode: "timestamp" }).notNull().default(sql`CURRENT_TIMESTAMP`),
id: integer("id").primaryKey({ autoIncrement: true }),
userId: integer("user_id")
.notNull()
.unique()
.references(() => users.id, { onDelete: "cascade" }),
// Email notifications
emailEnabled: integer("email_enabled", { mode: "boolean" }).notNull().default(false),
notificationEmail: text("notification_email"),
emailStockReminders: integer("email_stock_reminders", { mode: "boolean" }).notNull().default(true),
emailIntakeReminders: integer("email_intake_reminders", { mode: "boolean" }).notNull().default(true),
// Push notifications (shoutrrr/ntfy)
shoutrrrEnabled: integer("shoutrrr_enabled", { mode: "boolean" }).notNull().default(false),
shoutrrrUrl: text("shoutrrr_url"),
shoutrrrStockReminders: integer("shoutrrr_stock_reminders", { mode: "boolean" }).notNull().default(true),
shoutrrrIntakeReminders: integer("shoutrrr_intake_reminders", { mode: "boolean" }).notNull().default(true),
// Reminder settings
reminderDaysBefore: integer("reminder_days_before").notNull().default(7),
repeatDailyReminders: integer("repeat_daily_reminders", { mode: "boolean" }).notNull().default(false),
skipRemindersForTakenDoses: integer("skip_reminders_for_taken_doses", { mode: "boolean" }).notNull().default(false),
repeatRemindersEnabled: integer("repeat_reminders_enabled", { mode: "boolean" }).notNull().default(false),
reminderRepeatIntervalMinutes: integer("reminder_repeat_interval_minutes").notNull().default(30),
maxNaggingReminders: integer("max_nagging_reminders").notNull().default(5),
// Stock thresholds (days)
lowStockDays: integer("low_stock_days").notNull().default(30),
normalStockDays: integer("normal_stock_days").notNull().default(90),
highStockDays: integer("high_stock_days").notNull().default(180),
expiryWarningDays: integer("expiry_warning_days").notNull().default(90),
// UI preferences
language: text("language", { length: 10 }).notNull().default("en"),
// Stock calculation mode: "automatic" (schedule-based) or "manual" (only marked doses)
stockCalculationMode: text("stock_calculation_mode", { length: 20 }).notNull().default("automatic"),
// Last notification tracking
lastAutoEmailSent: text("last_auto_email_sent"),
lastNotificationType: text("last_notification_type"),
lastNotificationChannel: text("last_notification_channel"),
lastReminderMedName: text("last_reminder_med_name"),
lastReminderTakenBy: text("last_reminder_taken_by"),
// Timestamps
updatedAt: integer("updated_at", { mode: "timestamp" }).notNull().default(sql`CURRENT_TIMESTAMP`),
});
// =============================================================================
// Refresh Tokens - For JWT rotation
// =============================================================================
export const refreshTokens = sqliteTable("refresh_tokens", {
id: integer("id").primaryKey({ autoIncrement: true }),
userId: integer("user_id").notNull().references(() => users.id, { onDelete: "cascade" }),
tokenId: text("token_id", { length: 255 }).notNull().unique(),
expiresAt: integer("expires_at", { mode: "timestamp" }).notNull(),
rotatedAt: integer("rotated_at", { mode: "timestamp" }),
revoked: integer("revoked", { mode: "boolean" }).notNull().default(false),
createdAt: integer("created_at", { mode: "timestamp" }).notNull().default(sql`CURRENT_TIMESTAMP`),
id: integer("id").primaryKey({ autoIncrement: true }),
userId: integer("user_id")
.notNull()
.references(() => users.id, { onDelete: "cascade" }),
tokenId: text("token_id", { length: 255 }).notNull().unique(),
expiresAt: integer("expires_at", { mode: "timestamp" }).notNull(),
rotatedAt: integer("rotated_at", { mode: "timestamp" }),
revoked: integer("revoked", { mode: "boolean" }).notNull().default(false),
createdAt: integer("created_at", { mode: "timestamp" }).notNull().default(sql`CURRENT_TIMESTAMP`),
});
// =============================================================================
// Share Tokens - For public schedule sharing by takenBy person
// =============================================================================
export const shareTokens = sqliteTable("share_tokens", {
id: integer("id").primaryKey({ autoIncrement: true }),
userId: integer("user_id").notNull().references(() => users.id, { onDelete: "cascade" }),
token: text("token", { length: 64 }).notNull().unique(),
takenBy: text("taken_by", { length: 100 }).notNull(),
scheduleDays: integer("schedule_days").notNull().default(30),
createdAt: integer("created_at", { mode: "timestamp" }).notNull().default(sql`CURRENT_TIMESTAMP`),
expiresAt: integer("expires_at", { mode: "timestamp" }), // NULL = never expires
id: integer("id").primaryKey({ autoIncrement: true }),
userId: integer("user_id")
.notNull()
.references(() => users.id, { onDelete: "cascade" }),
token: text("token", { length: 64 }).notNull().unique(),
takenBy: text("taken_by", { length: 100 }).notNull(),
scheduleDays: integer("schedule_days").notNull().default(30),
createdAt: integer("created_at", { mode: "timestamp" }).notNull().default(sql`CURRENT_TIMESTAMP`),
expiresAt: integer("expires_at", { mode: "timestamp" }), // NULL = never expires
});
// =============================================================================
// Dose Tracking - Tracks when doses are marked as taken
// =============================================================================
export const doseTracking = sqliteTable("dose_tracking", {
id: integer("id").primaryKey({ autoIncrement: true }),
userId: integer("user_id").notNull().references(() => users.id, { onDelete: "cascade" }),
doseId: text("dose_id", { length: 255 }).notNull(), // e.g. "med-5-1-86400000-1735200000000"
takenAt: integer("taken_at", { mode: "timestamp" }).notNull().default(sql`(strftime('%s','now'))`),
markedBy: text("marked_by", { length: 100 }), // null = user, "Daniel" = via share link
dismissed: integer("dismissed", { mode: "boolean" }).notNull().default(false), // true = missed dose acknowledged without taking
id: integer("id").primaryKey({ autoIncrement: true }),
userId: integer("user_id")
.notNull()
.references(() => users.id, { onDelete: "cascade" }),
doseId: text("dose_id", { length: 255 }).notNull(), // e.g. "med-5-1-86400000-1735200000000"
takenAt: integer("taken_at", { mode: "timestamp" }).notNull().default(sql`(strftime('%s','now'))`),
markedBy: text("marked_by", { length: 100 }), // null = user, "Daniel" = via share link
dismissed: integer("dismissed", { mode: "boolean" }).notNull().default(false), // true = missed dose acknowledged without taking
});
// =============================================================================
// Refill History - Tracks when medication stock was refilled
// =============================================================================
export const refillHistory = sqliteTable("refill_history", {
id: integer("id").primaryKey({ autoIncrement: true }),
medicationId: integer("medication_id").notNull().references(() => medications.id, { onDelete: "cascade" }),
userId: integer("user_id").notNull().references(() => users.id, { onDelete: "cascade" }),
packsAdded: integer("packs_added").notNull().default(0),
loosePillsAdded: integer("loose_pills_added").notNull().default(0),
refillDate: integer("refill_date", { mode: "timestamp" }).notNull().default(sql`(strftime('%s','now'))`),
id: integer("id").primaryKey({ autoIncrement: true }),
medicationId: integer("medication_id")
.notNull()
.references(() => medications.id, { onDelete: "cascade" }),
userId: integer("user_id")
.notNull()
.references(() => users.id, { onDelete: "cascade" }),
packsAdded: integer("packs_added").notNull().default(0),
loosePillsAdded: integer("loose_pills_added").notNull().default(0),
refillDate: integer("refill_date", { mode: "timestamp" }).notNull().default(sql`(strftime('%s','now'))`),
});
backend/src/i18n/translations.ts
+248 -175
View File
@@ -1,193 +1,266 @@
// Backend translations for notifications
export type Language = "en" | "de";
/**
* Map timezone to region code (ISO 3166-1 alpha-2).
* This allows combining app language with regional formatting.
*/
const TIMEZONE_TO_REGION: Record<string, string> = {
// Europe
"Europe/Berlin": "DE",
"Europe/Vienna": "AT",
"Europe/Zurich": "CH",
"Europe/London": "GB",
"Europe/Dublin": "IE",
"Europe/Paris": "FR",
"Europe/Madrid": "ES",
"Europe/Rome": "IT",
"Europe/Amsterdam": "NL",
"Europe/Brussels": "BE",
"Europe/Warsaw": "PL",
"Europe/Prague": "CZ",
"Europe/Stockholm": "SE",
"Europe/Oslo": "NO",
"Europe/Copenhagen": "DK",
"Europe/Helsinki": "FI",
"Europe/Athens": "GR",
"Europe/Lisbon": "PT",
"Europe/Moscow": "RU",
"Europe/Kiev": "UA",
"Europe/Kyiv": "UA",
"Europe/Budapest": "HU",
"Europe/Bucharest": "RO",
// Americas
"America/New_York": "US",
"America/Chicago": "US",
"America/Denver": "US",
"America/Los_Angeles": "US",
"America/Phoenix": "US",
"America/Toronto": "CA",
"America/Vancouver": "CA",
"America/Mexico_City": "MX",
"America/Sao_Paulo": "BR",
"America/Buenos_Aires": "AR",
// Asia/Pacific
"Asia/Tokyo": "JP",
"Asia/Shanghai": "CN",
"Asia/Hong_Kong": "HK",
"Asia/Singapore": "SG",
"Asia/Seoul": "KR",
"Asia/Dubai": "AE",
"Asia/Kolkata": "IN",
"Australia/Sydney": "AU",
"Australia/Melbourne": "AU",
"Pacific/Auckland": "NZ",
};
/**
* Get region code from TZ environment variable.
*/
function getRegionFromTimezone(): string | undefined {
const tz = process.env.TZ;
if (!tz) return undefined;
return TIMEZONE_TO_REGION[tz];
}
type TranslationKeys = {
// Stock reminder email
stockReminder: {
subject: string;
title: string;
description: string;
alertSingle: string;
alertMultiple: string;
tableHeaders: {
medication: string;
pills: string;
days: string;
runsOut: string;
};
footer: string;
repeatDailyNote: string;
};
// Intake reminder email
intakeReminder: {
subject: string;
title: string;
description: string;
alertSingle: string;
alertMultiple: string;
tableHeaders: {
medication: string;
dosage: string;
time: string;
};
pills: string;
takenBy: string;
footer: string;
};
// Push notifications
push: {
stockTitle: string;
stockTitleMultiple: string;
intakeTitle: string;
pillsLeft: string;
daysLeft: string;
pillsAt: string;
repeatDailyNote: string;
empty: string;
low: string;
reorderNow: string;
emptySection: string;
lowSection: string;
};
// Common
common: {
pill: string;
pills: string;
day: string;
days: string;
soon: string;
};
// Stock reminder email
stockReminder: {
subject: string;
title: string;
description: string;
alertSingle: string;
alertMultiple: string;
tableHeaders: {
medication: string;
pills: string;
days: string;
runsOut: string;
};
footer: string;
repeatDailyNote: string;
};
// Intake reminder email
intakeReminder: {
subject: string;
title: string;
description: string;
alertSingle: string;
alertMultiple: string;
tableHeaders: {
medication: string;
dosage: string;
time: string;
};
pills: string;
takenBy: string;
footer: string;
};
// Push notifications
push: {
stockTitle: string;
stockTitleMultiple: string;
intakeTitle: string;
pillsLeft: string;
daysLeft: string;
pillsAt: string;
repeatDailyNote: string;
empty: string;
low: string;
reorderNow: string;
emptySection: string;
lowSection: string;
};
// Common
common: {
pill: string;
pills: string;
day: string;
days: string;
soon: string;
};
};
const translations: Record<Language, TranslationKeys> = {
en: {
stockReminder: {
subject: "MedAssist-ng Auto-Reminder: {count} Medication{s} Running Low",
title: "⚠️ MedAssist-ng - Automatic Reorder Reminder",
description: "The following medications are running low and need to be reordered:",
alertSingle: "⚠️ 1 medication running low!",
alertMultiple: "⚠️ {count} medications running low!",
tableHeaders: {
medication: "Medication",
pills: "Pills",
days: "Days",
runsOut: "Runs Out",
},
footer: "🤖 Automatic reminder from MedAssist-ng",
repeatDailyNote: "You are receiving this daily reminder because 'Repeat Daily' is enabled in settings.",
},
intakeReminder: {
subject: "MedAssist-ng: Medication Reminder - {medications}",
title: "💊 MedAssist-ng - Intake Reminder",
description: "Time to take your medication in {minutes} minutes:",
alertSingle: "💊 1 medication scheduled",
alertMultiple: "💊 {count} medications scheduled",
tableHeaders: {
medication: "Medication",
dosage: "Dosage",
time: "Time",
},
pills: "pills",
takenBy: "for {name}",
footer: "🤖 Automatic reminder from MedAssist-ng",
},
push: {
stockTitle: "MedAssist-ng: 1 Medication Running Low",
stockTitleMultiple: "MedAssist-ng: {count} Medications Running Low",
intakeTitle: "💊 Medication Reminder in {minutes} min",
pillsLeft: "{count} pills",
daysLeft: "{count} days left",
pillsAt: "{count} pills at {time}",
repeatDailyNote: "(Daily reminder enabled)",
empty: "Empty",
low: "Low",
reorderNow: "Reorder Now!",
emptySection: "EMPTY (reorder immediately)",
lowSection: "RUNNING LOW (reorder soon)",
},
common: {
pill: "pill",
pills: "pills",
day: "day",
days: "days",
soon: "soon",
},
},
de: {
stockReminder: {
subject: "MedAssist-ng Auto-Erinnerung: {count} Medikament{e} wird knapp",
title: "⚠️ MedAssist-ng - Automatische Nachbestell-Erinnerung",
description: "Die folgenden Medikamente gehen zur Neige und sollten nachbestellt werden:",
alertSingle: "⚠️ 1 Medikament wird knapp!",
alertMultiple: "⚠️ {count} Medikamente werden knapp!",
tableHeaders: {
medication: "Medikament",
pills: "Tabletten",
days: "Tage",
runsOut: "Aufgebraucht",
},
footer: "🤖 Automatische Erinnerung von MedAssist-ng",
repeatDailyNote: "Sie erhalten diese tägliche Erinnerung, weil 'Täglich wiederholen' in den Einstellungen aktiviert ist.",
},
intakeReminder: {
subject: "MedAssist-ng: Einnahme-Erinnerung - {medications}",
title: "💊 MedAssist-ng - Einnahme-Erinnerung",
description: "Zeit für Ihre Medikamente in {minutes} Minuten:",
alertSingle: "💊 1 Medikament geplant",
alertMultiple: "💊 {count} Medikamente geplant",
tableHeaders: {
medication: "Medikament",
dosage: "Dosis",
time: "Uhrzeit",
},
pills: "Tabletten",
takenBy: "für {name}",
footer: "🤖 Automatische Erinnerung von MedAssist-ng",
},
push: {
stockTitle: "MedAssist-ng: 1 Medikament wird knapp",
stockTitleMultiple: "MedAssist-ng: {count} Medikamente werden knapp",
intakeTitle: "💊 Einnahme-Erinnerung in {minutes} Min.",
pillsLeft: "{count} Tabletten",
daysLeft: "{count} Tage übrig",
pillsAt: "{count} Tabletten um {time}",
repeatDailyNote: "(Tägliche Erinnerung aktiviert)",
empty: "Leer",
low: "Knapp",
reorderNow: "Jetzt nachbestellen!",
emptySection: "LEER (sofort nachbestellen)",
lowSection: "WIRD KNAPP (bald nachbestellen)",
},
common: {
pill: "Tablette",
pills: "Tabletten",
day: "Tag",
days: "Tage",
soon: "bald",
},
},
en: {
stockReminder: {
subject: "MedAssist-ng Auto-Reminder: {count} Medication{s} Running Low",
title: "⚠️ MedAssist-ng - Automatic Reorder Reminder",
description: "The following medications are running low and need to be reordered:",
alertSingle: "⚠️ 1 medication running low!",
alertMultiple: "⚠️ {count} medications running low!",
tableHeaders: {
medication: "Medication",
pills: "Pills",
days: "Days",
runsOut: "Runs Out",
},
footer: "🤖 Automatic reminder from MedAssist-ng",
repeatDailyNote: "You are receiving this daily reminder because 'Repeat Daily' is enabled in settings.",
},
intakeReminder: {
subject: "MedAssist-ng: Medication Reminder - {medications}",
title: "💊 MedAssist-ng - Intake Reminder",
description: "Time to take your medication in {minutes} minutes:",
alertSingle: "💊 1 medication scheduled",
alertMultiple: "💊 {count} medications scheduled",
tableHeaders: {
medication: "Medication",
dosage: "Dosage",
time: "Time",
},
pills: "pills",
takenBy: "for {name}",
footer: "🤖 Automatic reminder from MedAssist-ng",
},
push: {
stockTitle: "MedAssist-ng: 1 Medication Running Low",
stockTitleMultiple: "MedAssist-ng: {count} Medications Running Low",
intakeTitle: "💊 Medication Reminder in {minutes} min",
pillsLeft: "{count} pills",
daysLeft: "{count} days left",
pillsAt: "{count} pills at {time}",
repeatDailyNote: "(Daily reminder enabled)",
empty: "Empty",
low: "Low",
reorderNow: "Reorder Now!",
emptySection: "EMPTY (reorder immediately)",
lowSection: "RUNNING LOW (reorder soon)",
},
common: {
pill: "pill",
pills: "pills",
day: "day",
days: "days",
soon: "soon",
},
},
de: {
stockReminder: {
subject: "MedAssist-ng Auto-Erinnerung: {count} Medikament{e} wird knapp",
title: "⚠️ MedAssist-ng - Automatische Nachbestell-Erinnerung",
description: "Die folgenden Medikamente gehen zur Neige und sollten nachbestellt werden:",
alertSingle: "⚠️ 1 Medikament wird knapp!",
alertMultiple: "⚠️ {count} Medikamente werden knapp!",
tableHeaders: {
medication: "Medikament",
pills: "Tabletten",
days: "Tage",
runsOut: "Aufgebraucht",
},
footer: "🤖 Automatische Erinnerung von MedAssist-ng",
repeatDailyNote:
"Sie erhalten diese tägliche Erinnerung, weil 'Täglich wiederholen' in den Einstellungen aktiviert ist.",
},
intakeReminder: {
subject: "MedAssist-ng: Einnahme-Erinnerung - {medications}",
title: "💊 MedAssist-ng - Einnahme-Erinnerung",
description: "Zeit für Ihre Medikamente in {minutes} Minuten:",
alertSingle: "💊 1 Medikament geplant",
alertMultiple: "💊 {count} Medikamente geplant",
tableHeaders: {
medication: "Medikament",
dosage: "Dosis",
time: "Uhrzeit",
},
pills: "Tabletten",
takenBy: "für {name}",
footer: "🤖 Automatische Erinnerung von MedAssist-ng",
},
push: {
stockTitle: "MedAssist-ng: 1 Medikament wird knapp",
stockTitleMultiple: "MedAssist-ng: {count} Medikamente werden knapp",
intakeTitle: "💊 Einnahme-Erinnerung in {minutes} Min.",
pillsLeft: "{count} Tabletten",
daysLeft: "{count} Tage übrig",
pillsAt: "{count} Tabletten um {time}",
repeatDailyNote: "(Tägliche Erinnerung aktiviert)",
empty: "Leer",
low: "Knapp",
reorderNow: "Jetzt nachbestellen!",
emptySection: "LEER (sofort nachbestellen)",
lowSection: "WIRD KNAPP (bald nachbestellen)",
},
common: {
pill: "Tablette",
pills: "Tabletten",
day: "Tag",
days: "Tage",
soon: "bald",
},
},
};
export function getTranslations(language: Language): TranslationKeys {
return translations[language] || translations.en;
return translations[language] || translations.en;
}
// Helper function to replace placeholders in strings
export function t(template: string, params: Record<string, string | number> = {}): string {
let result = template;
for (const [key, value] of Object.entries(params)) {
result = result.replace(new RegExp(`\\{${key}\\}`, "g"), String(value));
}
return result;
let result = template;
for (const [key, value] of Object.entries(params)) {
result = result.replace(new RegExp(`\\{${key}\\}`, "g"), String(value));
}
return result;
}
// Get date locale for toLocaleDateString
/**
* Get locale for formatting based on language and timezone region.
* Combines language (en/de) with region from timezone (DE/US/etc.)
* Example: lang=en + TZ=Europe/Berlin → en-DE (English text, German format = 24h time)
*/
export function getDateLocale(language: Language): string {
switch (language) {
case "de":
return "de-DE";
case "en":
default:
return "en-US";
}
const region = getRegionFromTimezone();
if (region) {
return `${language}-${region}`;
}
// Fallback: use language default
switch (language) {
case "de":
return "de-DE";
default:
return "en-US";
}
}
backend/src/index.ts
+127 -127
View File
@@ -1,124 +1,124 @@
import Fastify, { FastifyInstance } from "fastify";
import helmet from "@fastify/helmet";
import cors from "@fastify/cors";
import rateLimit from "@fastify/rate-limit";
import sensible from "@fastify/sensible";
import { existsSync } from "node:fs";
import { resolve } from "node:path";
import cookie from "@fastify/cookie";
import cors from "@fastify/cors";
import helmet from "@fastify/helmet";
import jwt from "@fastify/jwt";
import fastifyMultipart from "@fastify/multipart";
import rateLimit from "@fastify/rate-limit";
import sensible from "@fastify/sensible";
import fastifyStatic from "@fastify/static";
import { resolve } from "path";
import { existsSync } from "fs";
import { env } from "./plugins/env.js";
import Fastify, { type FastifyInstance } from "fastify";
import { migrationsReady } from "./db/client.js";
import { healthRoutes } from "./routes/health.js";
import { env } from "./plugins/env.js";
import { authRoutes } from "./routes/auth.js";
import { oidcRoutes } from "./routes/oidc.js";
import { medicationRoutes } from "./routes/medications.js";
import { settingsRoutes } from "./routes/settings.js";
import { plannerRoutes } from "./routes/planner.js";
import { shareRoutes } from "./routes/share.js";
import { doseRoutes } from "./routes/doses.js";
import { exportRoutes } from "./routes/export.js";
import { healthRoutes } from "./routes/health.js";
import { medicationRoutes } from "./routes/medications.js";
import { oidcRoutes } from "./routes/oidc.js";
import { plannerRoutes } from "./routes/planner.js";
import { refillRoutes } from "./routes/refills.js";
import { startReminderScheduler } from "./services/reminder-scheduler.js";
import { settingsRoutes } from "./routes/settings.js";
import { shareRoutes } from "./routes/share.js";
import { startIntakeReminderScheduler } from "./services/intake-reminder-scheduler.js";
import { startReminderScheduler } from "./services/reminder-scheduler.js";
// Re-export utilities from server-config for external use
export {
parseCorsOrigins,
buildBaseCookieOptions,
buildRefreshCookieOptions,
buildAppConfig,
ensureImagesDirectory,
getJwtConfig,
buildAppConfig,
buildBaseCookieOptions,
buildRefreshCookieOptions,
ensureImagesDirectory,
getJwtConfig,
parseCorsOrigins,
} from "./utils/server-config.js";
import {
parseCorsOrigins,
buildBaseCookieOptions,
buildRefreshCookieOptions,
buildAppConfig,
ensureImagesDirectory,
getJwtConfig,
buildAppConfig,
buildBaseCookieOptions,
buildRefreshCookieOptions,
ensureImagesDirectory,
getJwtConfig,
parseCorsOrigins,
} from "./utils/server-config.js";
/** Create and configure Fastify app (without starting) */
export async function createApp(options?: {
logLevel?: string;
corsOrigins?: string[];
authEnabled?: boolean;
jwtSecret?: string;
refreshSecret?: string;
cookieSecret?: string;
accessTtlMinutes?: number;
refreshTtlDays?: number;
isProduction?: boolean;
imagesDir?: string;
logLevel?: string;
corsOrigins?: string[];
authEnabled?: boolean;
jwtSecret?: string;
refreshSecret?: string;
cookieSecret?: string;
accessTtlMinutes?: number;
refreshTtlDays?: number;
isProduction?: boolean;
imagesDir?: string;
}): Promise<FastifyInstance> {
const opts = {
logLevel: options?.logLevel ?? "info",
corsOrigins: options?.corsOrigins ?? ["http://localhost:5173"],
authEnabled: options?.authEnabled ?? false,
jwtSecret: options?.jwtSecret,
refreshSecret: options?.refreshSecret,
cookieSecret: options?.cookieSecret ?? "dev-cookie-secret",
accessTtlMinutes: options?.accessTtlMinutes ?? 15,
refreshTtlDays: options?.refreshTtlDays ?? 7,
isProduction: options?.isProduction ?? false,
imagesDir: options?.imagesDir ?? resolve(process.cwd(), "data/images"),
};
const opts = {
logLevel: options?.logLevel ?? "info",
corsOrigins: options?.corsOrigins ?? ["http://localhost:5173"],
authEnabled: options?.authEnabled ?? false,
jwtSecret: options?.jwtSecret,
refreshSecret: options?.refreshSecret,
cookieSecret: options?.cookieSecret ?? "dev-cookie-secret",
accessTtlMinutes: options?.accessTtlMinutes ?? 15,
refreshTtlDays: options?.refreshTtlDays ?? 7,
isProduction: options?.isProduction ?? false,
imagesDir: options?.imagesDir ?? resolve(process.cwd(), "data/images"),
};
const app = Fastify({
logger: { level: opts.logLevel },
});
const app = Fastify({
logger: { level: opts.logLevel },
});
// Build config
const appConfig = buildAppConfig({
jwtSecret: opts.jwtSecret,
refreshSecret: opts.refreshSecret,
accessTtlMinutes: opts.accessTtlMinutes,
refreshTtlDays: opts.refreshTtlDays,
isProduction: opts.isProduction,
});
// Build config
const appConfig = buildAppConfig({
jwtSecret: opts.jwtSecret,
refreshSecret: opts.refreshSecret,
accessTtlMinutes: opts.accessTtlMinutes,
refreshTtlDays: opts.refreshTtlDays,
isProduction: opts.isProduction,
});
app.decorate("config", appConfig);
app.decorate("config", appConfig);
// Register plugins
await app.register(sensible);
await app.register(helmet);
await app.register(cors, { origin: opts.corsOrigins, credentials: true });
await app.register(rateLimit, { max: 100, timeWindow: "1 minute" });
await app.register(cookie, { secret: opts.cookieSecret });
// Register plugins
await app.register(sensible);
await app.register(helmet);
await app.register(cors, { origin: opts.corsOrigins, credentials: true });
await app.register(rateLimit, { max: 300, timeWindow: "1 minute" });
await app.register(cookie, { secret: opts.cookieSecret });
// JWT plugin
const jwtConfig = getJwtConfig(opts.authEnabled, opts.jwtSecret);
await app.register(jwt, jwtConfig);
// JWT plugin
const jwtConfig = getJwtConfig(opts.authEnabled, opts.jwtSecret);
await app.register(jwt, jwtConfig);
await app.register(fastifyMultipart, { limits: { fileSize: 10 * 1024 * 1024 } });
// Only register static if directory exists
if (existsSync(opts.imagesDir)) {
await app.register(fastifyStatic, {
root: opts.imagesDir,
prefix: "/images/",
decorateReply: false,
});
}
await app.register(fastifyMultipart, { limits: { fileSize: 10 * 1024 * 1024 } });
// Register routes
await app.register(healthRoutes);
await app.register(authRoutes);
await app.register(oidcRoutes);
await app.register(medicationRoutes);
await app.register(settingsRoutes);
await app.register(plannerRoutes);
await app.register(shareRoutes);
await app.register(doseRoutes);
await app.register(exportRoutes);
await app.register(refillRoutes);
// Only register static if directory exists
if (existsSync(opts.imagesDir)) {
await app.register(fastifyStatic, {
root: opts.imagesDir,
prefix: "/images/",
decorateReply: false,
});
}
return app;
// Register routes
await app.register(healthRoutes);
await app.register(authRoutes);
await app.register(oidcRoutes);
await app.register(medicationRoutes);
await app.register(settingsRoutes);
await app.register(plannerRoutes);
await app.register(shareRoutes);
await app.register(doseRoutes);
await app.register(exportRoutes);
await app.register(refillRoutes);
return app;
}
// =============================================================================
@@ -133,36 +133,36 @@ console.log("[DB] Migrations complete, starting server...");
const imagesDir = ensureImagesDirectory();
const app = Fastify({
logger: {
level: env.LOG_LEVEL,
},
logger: {
level: env.LOG_LEVEL,
},
});
const origins = parseCorsOrigins(env.CORS_ORIGINS);
// Auth token TTLs (hardcoded - no need for user configuration)
const accessTtlMinutes = env.ACCESS_TOKEN_TTL_MINUTES; // Access token TTL
const refreshTtlDays = env.REFRESH_TOKEN_TTL_DAYS; // Refresh token TTL
const accessTtlMinutes = env.ACCESS_TOKEN_TTL_MINUTES; // Access token TTL
const refreshTtlDays = env.REFRESH_TOKEN_TTL_DAYS; // Refresh token TTL
const baseCookieOptions = buildBaseCookieOptions(accessTtlMinutes, env.NODE_ENV === "production");
const refreshCookieOptions = buildRefreshCookieOptions(baseCookieOptions, refreshTtlDays);
// Config decorator - only include secrets if auth is enabled
app.decorate("config", {
accessSecret: env.JWT_SECRET ?? "",
refreshSecret: env.REFRESH_SECRET ?? "",
accessTtl: accessTtlMinutes,
refreshTtl: refreshTtlDays,
cookieOptions: baseCookieOptions,
refreshCookieOptions,
accessSecret: env.JWT_SECRET ?? "",
refreshSecret: env.REFRESH_SECRET ?? "",
accessTtl: accessTtlMinutes,
refreshTtl: refreshTtlDays,
cookieOptions: baseCookieOptions,
refreshCookieOptions,
});
await app.register(sensible);
await app.register(helmet);
await app.register(cors, { origin: origins, credentials: true });
await app.register(rateLimit, {
max: 100,
timeWindow: "1 minute",
max: 100,
timeWindow: "1 minute",
});
await app.register(cookie, { secret: env.COOKIE_SECRET ?? "dev-cookie-secret" });
@@ -172,9 +172,9 @@ await app.register(jwt, jwtConfig);
await app.register(fastifyMultipart, { limits: { fileSize: 10 * 1024 * 1024 } }); // 10MB limit
await app.register(fastifyStatic, {
root: imagesDir,
prefix: "/images/",
decorateReply: false,
root: imagesDir,
prefix: "/images/",
decorateReply: false,
});
await app.register(healthRoutes);
@@ -189,25 +189,25 @@ await app.register(exportRoutes);
await app.register(refillRoutes);
const start = async () => {
try {
await app.listen({ port: env.PORT, host: "0.0.0.0" });
app.log.info(`Server running on ${env.PORT}`);
// Start the automatic reminder scheduler
startReminderScheduler({
info: (msg) => app.log.info(msg),
error: (msg) => app.log.error(msg),
});
// Start the intake reminder scheduler (checks every minute)
startIntakeReminderScheduler({
info: (msg) => app.log.info(msg),
error: (msg) => app.log.error(msg),
});
} catch (err) {
app.log.error(err);
process.exit(1);
}
try {
await app.listen({ port: env.PORT, host: "0.0.0.0" });
app.log.info(`Server running on ${env.PORT}`);
// Start the automatic reminder scheduler
startReminderScheduler({
info: (msg) => app.log.info(msg),
error: (msg) => app.log.error(msg),
});
// Start the intake reminder scheduler (checks every minute)
startIntakeReminderScheduler({
info: (msg) => app.log.info(msg),
error: (msg) => app.log.error(msg),
});
} catch (err) {
app.log.error(err);
process.exit(1);
}
};
start();
backend/src/plugins/auth.ts
+100 -100
View File
@@ -1,8 +1,8 @@
import { FastifyInstance, FastifyRequest, FastifyReply } from "fastify";
import { env } from "./env.js";
import { count, eq, sql } from "drizzle-orm";
import type { FastifyInstance, FastifyReply, FastifyRequest } from "fastify";
import { db } from "../db/client.js";
import { users } from "../db/schema.js";
import { sql, count, eq } from "drizzle-orm";
import { env } from "./env.js";
// =============================================================================
// Anonymous User - Used when AUTH_ENABLED=false
@@ -17,67 +17,67 @@ let anonymousUserVerified = false;
* Uses a fixed ID (999999999) that will never collide with auto-increment IDs.
*/
export async function getAnonymousUserId(): Promise<number> {
// Return cached if already verified
if (anonymousUserVerified) {
return ANONYMOUS_USER_ID;
}
// Return cached if already verified
if (anonymousUserVerified) {
return ANONYMOUS_USER_ID;
}
// Check if anonymous user exists
const [existing] = await db.select().from(users).where(eq(users.id, ANONYMOUS_USER_ID));
if (existing) {
anonymousUserVerified = true;
return ANONYMOUS_USER_ID;
}
// Check if anonymous user exists
const [existing] = await db.select().from(users).where(eq(users.id, ANONYMOUS_USER_ID));
// Create anonymous user with fixed ID (SQLite allows explicit ID)
await db.run(sql`
if (existing) {
anonymousUserVerified = true;
return ANONYMOUS_USER_ID;
}
// Create anonymous user with fixed ID (SQLite allows explicit ID)
await db.run(sql`
INSERT INTO users (id, username, password_hash, auth_provider, is_active, created_at, updated_at)
VALUES (${ANONYMOUS_USER_ID}, ${ANONYMOUS_USERNAME}, NULL, 'anonymous', 1, CURRENT_TIMESTAMP, CURRENT_TIMESTAMP)
`);
anonymousUserVerified = true;
console.log(`Created anonymous user with fixed ID ${ANONYMOUS_USER_ID} for no-auth mode`);
return ANONYMOUS_USER_ID;
anonymousUserVerified = true;
console.log(`Created anonymous user with fixed ID ${ANONYMOUS_USER_ID} for no-auth mode`);
return ANONYMOUS_USER_ID;
}
// =============================================================================
// Auth State - Computed at runtime
// =============================================================================
export interface AuthState {
authEnabled: boolean;
registrationEnabled: boolean;
localAuthEnabled: boolean;
oidcEnabled: boolean;
oidcProviderName: string;
hasUsers: boolean;
needsSetup: boolean;
authEnabled: boolean;
registrationEnabled: boolean;
localAuthEnabled: boolean;
oidcEnabled: boolean;
oidcProviderName: string;
hasUsers: boolean;
needsSetup: boolean;
}
export async function getAuthState(): Promise<AuthState> {
// Count only real users (not the anonymous user with fixed ID)
const [result] = await db.select({ count: count() }).from(users).where(sql`${users.id} != ${ANONYMOUS_USER_ID}`);
const hasUsers = result.count > 0;
return {
authEnabled: env.AUTH_ENABLED,
// Registration: enabled via ENV OR no users exist (first-time setup)
registrationEnabled: env.REGISTRATION_ENABLED || !hasUsers,
localAuthEnabled: env.AUTH_ENABLED, // Password auth available when auth is enabled
oidcEnabled: env.OIDC_ENABLED,
oidcProviderName: env.OIDC_PROVIDER_NAME,
hasUsers,
needsSetup: env.AUTH_ENABLED && !hasUsers,
};
// Count only real users (not the anonymous user with fixed ID)
const [result] = await db.select({ count: count() }).from(users).where(sql`${users.id} != ${ANONYMOUS_USER_ID}`);
const hasUsers = result.count > 0;
return {
authEnabled: env.AUTH_ENABLED,
// Registration: enabled via ENV OR no users exist (first-time setup)
registrationEnabled: env.REGISTRATION_ENABLED || !hasUsers,
localAuthEnabled: env.AUTH_ENABLED, // Password auth available when auth is enabled
oidcEnabled: env.OIDC_ENABLED,
oidcProviderName: env.OIDC_PROVIDER_NAME,
hasUsers,
needsSetup: env.AUTH_ENABLED && !hasUsers,
};
}
// =============================================================================
// Request User Type (no roles - all users are equal)
// =============================================================================
export interface RequestUser {
id: number;
username: string;
id: number;
username: string;
}
// =============================================================================
@@ -87,78 +87,78 @@ export interface RequestUser {
/**
* Optional auth - verifies JWT if present, but doesn't require it
*/
export async function optionalAuth(request: FastifyRequest, reply: FastifyReply) {
if (!env.AUTH_ENABLED) {
return;
}
export async function optionalAuth(request: FastifyRequest, _reply: FastifyReply) {
if (!env.AUTH_ENABLED) {
return;
}
const token = request.cookies.access_token;
if (!token) {
return;
}
const token = request.cookies.access_token;
if (!token) {
return;
}
try {
const decoded = await request.jwtVerify<{ sub: number; username: string }>();
const [user] = await db.select().from(users).where(sql`${users.id} = ${decoded.sub}`);
if (user && user.isActive) {
request.user = {
id: user.id,
username: user.username,
};
}
} catch {
// Invalid token, continue as anonymous
}
try {
const decoded = await request.jwtVerify<{ sub: number; username: string }>();
const [user] = await db.select().from(users).where(sql`${users.id} = ${decoded.sub}`);
if (user?.isActive) {
request.user = {
id: user.id,
username: user.username,
};
}
} catch {
// Invalid token, continue as anonymous
}
}
/**
* Required auth - requires valid JWT when auth is enabled
*/
export async function requireAuth(request: FastifyRequest, reply: FastifyReply) {
if (!env.AUTH_ENABLED) {
return;
}
if (!env.AUTH_ENABLED) {
return;
}
const token = request.cookies.access_token;
if (!token) {
reply.status(401).send({ error: "Authentication required", code: "AUTH_REQUIRED" });
throw new Error("AUTH_REQUIRED");
}
const token = request.cookies.access_token;
if (!token) {
reply.status(401).send({ error: "Authentication required", code: "AUTH_REQUIRED" });
throw new Error("AUTH_REQUIRED");
}
try {
const decoded = await request.jwtVerify<{ sub: number; username: string }>();
const [user] = await db.select().from(users).where(sql`${users.id} = ${decoded.sub}`);
if (!user) {
reply.status(401).send({ error: "User not found", code: "USER_NOT_FOUND" });
throw new Error("USER_NOT_FOUND");
}
if (!user.isActive) {
reply.status(401).send({ error: "Account disabled", code: "ACCOUNT_DISABLED" });
throw new Error("ACCOUNT_DISABLED");
}
try {
const decoded = await request.jwtVerify<{ sub: number; username: string }>();
const [user] = await db.select().from(users).where(sql`${users.id} = ${decoded.sub}`);
request.user = {
id: user.id,
username: user.username,
};
} catch (err: any) {
// Re-throw our own errors
if (err?.message === "AUTH_REQUIRED" || err?.message === "USER_NOT_FOUND" || err?.message === "ACCOUNT_DISABLED") {
throw err;
}
// JWT verification failed
reply.status(401).send({ error: "Invalid or expired token", code: "INVALID_TOKEN" });
throw new Error("INVALID_TOKEN");
}
if (!user) {
reply.status(401).send({ error: "User not found", code: "USER_NOT_FOUND" });
throw new Error("USER_NOT_FOUND");
}
if (!user.isActive) {
reply.status(401).send({ error: "Account disabled", code: "ACCOUNT_DISABLED" });
throw new Error("ACCOUNT_DISABLED");
}
request.user = {
id: user.id,
username: user.username,
};
} catch (err: any) {
// Re-throw our own errors
if (err?.message === "AUTH_REQUIRED" || err?.message === "USER_NOT_FOUND" || err?.message === "ACCOUNT_DISABLED") {
throw err;
}
// JWT verification failed
reply.status(401).send({ error: "Invalid or expired token", code: "INVALID_TOKEN" });
throw new Error("INVALID_TOKEN");
}
}
/**
* Auth state endpoint plugin
*/
export async function authPlugin(app: FastifyInstance) {
app.get("/auth/state", async () => {
return getAuthState();
});
app.get("/auth/state", async () => {
return getAuthState();
});
}
backend/src/plugins/env.ts
+102 -82
View File
@@ -1,45 +1,65 @@
import { z } from "zod";
import dotenv from "dotenv";
import { z } from "zod";
dotenv.config({ path: process.env.DOTENV_PATH || ".env" });
const EnvSchema = z.object({
NODE_ENV: z.enum(["development", "production", "test"]).default("production"),
PORT: z.string().transform((v) => parseInt(v, 10)).default("3000"),
CORS_ORIGINS: z.string().default("http://localhost:5173,http://localhost:4173"),
LOG_LEVEL: z.string().default("info"),
// ==========================================================================
// Auth Configuration
// ==========================================================================
// Master switch: Enable/disable authentication (default: disabled for easy setup)
AUTH_ENABLED: z.string().transform((v) => v === "true").default("false"),
// Allow new user registrations (auto-enabled if no users exist)
REGISTRATION_ENABLED: z.string().transform((v) => v === "true").default("false"),
// Disable local auth when using SSO only
NODE_ENV: z.enum(["development", "production", "test"]).default("production"),
PORT: z
.string()
.transform((v) => parseInt(v, 10))
.default("3000"),
CORS_ORIGINS: z.string().default("http://localhost:5173,http://localhost:4173"),
LOG_LEVEL: z.string().default("info"),
// JWT Secrets - only required when AUTH_ENABLED=true
JWT_SECRET: z.string().min(10).optional(),
REFRESH_SECRET: z.string().min(10).optional(),
COOKIE_SECRET: z.string().min(10).optional(),
// Token TTL settings
ACCESS_TOKEN_TTL_MINUTES: z.string().transform((v) => parseInt(v, 10)).default("15"),
REFRESH_TOKEN_TTL_DAYS: z.string().transform((v) => parseInt(v, 10)).default("7"),
// ==========================================================================
// Auth Configuration
// ==========================================================================
// Master switch: Enable/disable authentication (default: disabled for easy setup)
AUTH_ENABLED: z
.string()
.transform((v) => v === "true")
.default("false"),
// Allow new user registrations (auto-enabled if no users exist)
REGISTRATION_ENABLED: z
.string()
.transform((v) => v === "true")
.default("false"),
// Disable local auth when using SSO only
// ==========================================================================
// OIDC SSO Configuration (Pocket ID, Authelia, etc.)
// ==========================================================================
OIDC_ENABLED: z.string().transform((v) => v === "true").default("false"),
OIDC_ISSUER_URL: z.string().url().optional(), // e.g., https://auth.example.com
OIDC_CLIENT_ID: z.string().optional(),
OIDC_CLIENT_SECRET: z.string().optional(),
OIDC_REDIRECT_URI: z.string().url().optional(), // e.g., https://medassist.example.com/api/auth/oidc/callback
OIDC_SCOPES: z.string().default("openid profile email"),
OIDC_AUTO_CREATE_USERS: z.string().transform((v) => v === "true").default("true"),
OIDC_USERNAME_CLAIM: z.string().default("preferred_username"), // or 'email', 'sub'
OIDC_PROVIDER_NAME: z.string().default("SSO"), // Display name for UI button
// JWT Secrets - only required when AUTH_ENABLED=true
JWT_SECRET: z.string().min(10).optional(),
REFRESH_SECRET: z.string().min(10).optional(),
COOKIE_SECRET: z.string().min(10).optional(),
// Token TTL settings
ACCESS_TOKEN_TTL_MINUTES: z
.string()
.transform((v) => parseInt(v, 10))
.default("15"),
REFRESH_TOKEN_TTL_DAYS: z
.string()
.transform((v) => parseInt(v, 10))
.default("7"),
// ==========================================================================
// OIDC SSO Configuration (Pocket ID, Authelia, etc.)
// ==========================================================================
OIDC_ENABLED: z
.string()
.transform((v) => v === "true")
.default("false"),
OIDC_ISSUER_URL: z.string().url().optional(), // e.g., https://auth.example.com
OIDC_CLIENT_ID: z.string().optional(),
OIDC_CLIENT_SECRET: z.string().optional(),
OIDC_REDIRECT_URI: z.string().url().optional(), // e.g., https://medassist.example.com/api/auth/oidc/callback
OIDC_SCOPES: z.string().default("openid profile email"),
OIDC_AUTO_CREATE_USERS: z
.string()
.transform((v) => v === "true")
.default("true"),
OIDC_USERNAME_CLAIM: z.string().default("preferred_username"), // or 'email', 'sub'
OIDC_PROVIDER_NAME: z.string().default("SSO"), // Display name for UI button
});
export type Env = z.infer<typeof EnvSchema>;
@@ -47,62 +67,62 @@ export type Env = z.infer<typeof EnvSchema>;
// Parse and validate
let parsed: z.infer<typeof EnvSchema>;
try {
parsed = EnvSchema.parse(process.env);
parsed = EnvSchema.parse(process.env);
} catch (err) {
console.error("=".repeat(60));
console.error("ENVIRONMENT CONFIGURATION ERROR");
console.error("=".repeat(60));
console.error(err);
console.error("\nPlease check your .env file or environment variables.");
console.error("=".repeat(60));
process.exit(1);
console.error("=".repeat(60));
console.error("ENVIRONMENT CONFIGURATION ERROR");
console.error("=".repeat(60));
console.error(err);
console.error("\nPlease check your .env file or environment variables.");
console.error("=".repeat(60));
process.exit(1);
}
// Validate that secrets are provided when auth is enabled
if (parsed.AUTH_ENABLED) {
const missing: string[] = [];
if (!parsed.JWT_SECRET) missing.push("JWT_SECRET");
if (!parsed.REFRESH_SECRET) missing.push("REFRESH_SECRET");
if (!parsed.COOKIE_SECRET) missing.push("COOKIE_SECRET");
if (missing.length > 0) {
console.error("=".repeat(60));
console.error("AUTHENTICATION CONFIGURATION ERROR");
console.error("=".repeat(60));
console.error(`AUTH_ENABLED=true but missing required secrets: ${missing.join(", ")}`);
console.error("");
console.error("To fix this, either:");
console.error(" 1. Set these environment variables with secure random values:");
console.error(" Generate with: openssl rand -hex 32");
console.error("");
console.error(" 2. Or disable authentication by removing AUTH_ENABLED=true");
console.error("=".repeat(60));
process.exit(1);
}
const missing: string[] = [];
if (!parsed.JWT_SECRET) missing.push("JWT_SECRET");
if (!parsed.REFRESH_SECRET) missing.push("REFRESH_SECRET");
if (!parsed.COOKIE_SECRET) missing.push("COOKIE_SECRET");
if (missing.length > 0) {
console.error("=".repeat(60));
console.error("AUTHENTICATION CONFIGURATION ERROR");
console.error("=".repeat(60));
console.error(`AUTH_ENABLED=true but missing required secrets: ${missing.join(", ")}`);
console.error("");
console.error("To fix this, either:");
console.error(" 1. Set these environment variables with secure random values:");
console.error(" Generate with: openssl rand -hex 32");
console.error("");
console.error(" 2. Or disable authentication by removing AUTH_ENABLED=true");
console.error("=".repeat(60));
process.exit(1);
}
}
// Validate OIDC configuration when enabled
if (parsed.OIDC_ENABLED) {
const missing: string[] = [];
if (!parsed.OIDC_ISSUER_URL) missing.push("OIDC_ISSUER_URL");
if (!parsed.OIDC_CLIENT_ID) missing.push("OIDC_CLIENT_ID");
if (!parsed.OIDC_CLIENT_SECRET) missing.push("OIDC_CLIENT_SECRET");
if (!parsed.OIDC_REDIRECT_URI) missing.push("OIDC_REDIRECT_URI");
if (missing.length > 0) {
console.error("=".repeat(60));
console.error("OIDC CONFIGURATION ERROR");
console.error("=".repeat(60));
console.error(`OIDC_ENABLED=true but missing required settings: ${missing.join(", ")}`);
console.error("");
console.error("Required OIDC settings:");
console.error(" OIDC_ISSUER_URL=https://your-oidc-provider.com");
console.error(" OIDC_CLIENT_ID=your-client-id");
console.error(" OIDC_CLIENT_SECRET=your-client-secret");
console.error(" OIDC_REDIRECT_URI=https://your-app.com/api/auth/oidc/callback");
console.error("=".repeat(60));
process.exit(1);
}
const missing: string[] = [];
if (!parsed.OIDC_ISSUER_URL) missing.push("OIDC_ISSUER_URL");
if (!parsed.OIDC_CLIENT_ID) missing.push("OIDC_CLIENT_ID");
if (!parsed.OIDC_CLIENT_SECRET) missing.push("OIDC_CLIENT_SECRET");
if (!parsed.OIDC_REDIRECT_URI) missing.push("OIDC_REDIRECT_URI");
if (missing.length > 0) {
console.error("=".repeat(60));
console.error("OIDC CONFIGURATION ERROR");
console.error("=".repeat(60));
console.error(`OIDC_ENABLED=true but missing required settings: ${missing.join(", ")}`);
console.error("");
console.error("Required OIDC settings:");
console.error(" OIDC_ISSUER_URL=https://your-oidc-provider.com");
console.error(" OIDC_CLIENT_ID=your-client-id");
console.error(" OIDC_CLIENT_SECRET=your-client-secret");
console.error(" OIDC_REDIRECT_URI=https://your-app.com/api/auth/oidc/callback");
console.error("=".repeat(60));
process.exit(1);
}
}
export const env = parsed;
backend/src/routes/auth.ts
+431 -406
View File
@@ -1,11 +1,10 @@
import { FastifyInstance } from "fastify";
import { z } from "zod";
import { randomBytes } from "node:crypto";
import argon2 from "argon2";
import { randomBytes } from "crypto";
import { db } from "../db/client.js";
import { users, refreshTokens } from "../db/schema.js";
import { eq } from "drizzle-orm";
import { env } from "../plugins/env.js";
import type { FastifyInstance } from "fastify";
import { z } from "zod";
import { db } from "../db/client.js";
import { refreshTokens, users } from "../db/schema.js";
import { getAuthState, requireAuth } from "../plugins/auth.js";
import type { AuthUser } from "../types/fastify.js";
@@ -13,11 +12,11 @@ import type { AuthUser } from "../types/fastify.js";
// Argon2id Configuration - State of the Art Password Hashing
// =============================================================================
const ARGON2_OPTIONS: argon2.Options = {
type: argon2.argon2id, // Argon2id - best for password hashing
memoryCost: 65536, // 64 MB memory
timeCost: 3, // 3 iterations
parallelism: 4, // 4 parallel threads
hashLength: 32, // 256-bit hash
type: argon2.argon2id, // Argon2id - best for password hashing
memoryCost: 65536, // 64 MB memory
timeCost: 3, // 3 iterations
parallelism: 4, // 4 parallel threads
hashLength: 32, // 256-bit hash
};
// =============================================================================
@@ -29,484 +28,510 @@ const ARGON2_OPTIONS: argon2.Options = {
// CodeQL may not recognize this pattern - see: https://github.com/github/codeql/issues
// lgtm[js/missing-rate-limiting]
const authRateLimitConfig = {
max: 10, // 10 requests
timeWindow: "1 minute", // per minute
errorResponseBuilder: () => ({
error: "Too many requests. Please try again later.",
code: "RATE_LIMIT_EXCEEDED",
}),
max: 10, // 10 requests
timeWindow: "1 minute", // per minute
errorResponseBuilder: () => ({
error: "Too many requests. Please try again later.",
code: "RATE_LIMIT_EXCEEDED",
}),
};
// lgtm[js/missing-rate-limiting]
const sensitiveRateLimitConfig = {
max: 5, // 5 requests
timeWindow: "15 minutes", // per 15 minutes (for login/register)
errorResponseBuilder: () => ({
error: "Too many attempts. Please try again later.",
code: "RATE_LIMIT_EXCEEDED",
}),
max: 5, // 5 requests
timeWindow: "15 minutes", // per 15 minutes (for login/register)
errorResponseBuilder: () => ({
error: "Too many attempts. Please try again later.",
code: "RATE_LIMIT_EXCEEDED",
}),
};
// =============================================================================
// Validation Schemas
// =============================================================================
const registerSchema = z.object({
username: z.string()
.min(3, "Username must be at least 3 characters")
.max(50, "Username must be at most 50 characters")
.regex(/^[a-zA-Z0-9_-]+$/, "Username can only contain letters, numbers, underscores, and hyphens"),
password: z.string()
.min(8, "Password must be at least 8 characters")
.max(128, "Password must be at most 128 characters"),
username: z
.string()
.min(3, "Username must be at least 3 characters")
.max(50, "Username must be at most 50 characters")
.regex(/^[a-zA-Z0-9_-]+$/, "Username can only contain letters, numbers, underscores, and hyphens"),
password: z
.string()
.min(8, "Password must be at least 8 characters")
.max(128, "Password must be at most 128 characters"),
});
const loginSchema = z.object({
username: z.string().min(1, "Username is required"),
password: z.string().min(1, "Password is required"),
rememberMe: z.boolean().optional().default(false),
username: z.string().min(1, "Username is required"),
password: z.string().min(1, "Password is required"),
rememberMe: z.boolean().optional().default(false),
});
const updateProfileSchema = z.object({
currentPassword: z.string().optional(),
newPassword: z.string()
.min(8, "Password must be at least 8 characters")
.max(128, "Password must be at most 128 characters")
.optional(),
currentPassword: z.string().optional(),
newPassword: z
.string()
.min(8, "Password must be at least 8 characters")
.max(128, "Password must be at most 128 characters")
.optional(),
});
// =============================================================================
// Auth Routes
// =============================================================================
export async function authRoutes(app: FastifyInstance) {
// Token TTLs
const accessTtlMinutes = 15;
const refreshTtlDays = 14;
// Token TTLs
const accessTtlMinutes = 15;
const refreshTtlDays = 14;
// ---------------------------------------------------------------------------
// GET /auth/state - Public auth state (needed before login)
// ---------------------------------------------------------------------------
app.get("/auth/state", async () => {
return getAuthState();
});
// ---------------------------------------------------------------------------
// GET /auth/state - Public auth state (needed before login)
// Exempt from rate limit - lightweight state check called frequently
// ---------------------------------------------------------------------------
app.get("/auth/state", { config: { rateLimit: false } }, async () => {
return getAuthState();
});
// ---------------------------------------------------------------------------
// POST /auth/register - User registration
// ---------------------------------------------------------------------------
app.post<{ Body: z.infer<typeof registerSchema> }>("/auth/register", {
config: { rateLimit: sensitiveRateLimitConfig },
}, async (request, reply) => {
// Check auth state
const state = await getAuthState();
if (!state.authEnabled) {
return reply.status(400).send({ error: "Authentication is disabled", code: "AUTH_DISABLED" });
}
if (!state.registrationEnabled) {
return reply.status(400).send({ error: "Registration is disabled", code: "REGISTRATION_DISABLED" });
}
if (!state.localAuthEnabled) {
return reply.status(400).send({ error: "Local authentication is disabled", code: "LOCAL_AUTH_DISABLED" });
}
// ---------------------------------------------------------------------------
// POST /auth/register - User registration
// ---------------------------------------------------------------------------
app.post<{ Body: z.infer<typeof registerSchema> }>(
"/auth/register",
{
config: { rateLimit: sensitiveRateLimitConfig },
},
async (request, reply) => {
// Check auth state
const state = await getAuthState();
// Validate input
const parsed = registerSchema.safeParse(request.body);
if (!parsed.success) {
return reply.status(400).send({
error: parsed.error.errors[0]?.message ?? "Invalid input",
code: "VALIDATION_ERROR"
});
}
if (!state.authEnabled) {
return reply.status(400).send({ error: "Authentication is disabled", code: "AUTH_DISABLED" });
}
const { username, password } = parsed.data;
if (!state.registrationEnabled) {
return reply.status(400).send({ error: "Registration is disabled", code: "REGISTRATION_DISABLED" });
}
// Check if username already exists
const [existingUser] = await db.select().from(users).where(eq(users.username, username));
if (existingUser) {
return reply.status(409).send({ error: "Username already taken", code: "USERNAME_EXISTS" });
}
if (!state.localAuthEnabled) {
return reply.status(400).send({ error: "Local authentication is disabled", code: "LOCAL_AUTH_DISABLED" });
}
// Hash password with Argon2id
const passwordHash = await argon2.hash(password, ARGON2_OPTIONS);
// Validate input
const parsed = registerSchema.safeParse(request.body);
if (!parsed.success) {
return reply.status(400).send({
error: parsed.error.errors[0]?.message ?? "Invalid input",
code: "VALIDATION_ERROR",
});
}
// Create user
const [newUser] = await db.insert(users).values({
username,
passwordHash,
authProvider: "local",
}).returning();
const { username, password } = parsed.data;
app.log.info(`User registered: ${username}`);
// Check if username already exists
const [existingUser] = await db.select().from(users).where(eq(users.username, username));
if (existingUser) {
return reply.status(409).send({ error: "Username already taken", code: "USERNAME_EXISTS" });
}
return reply.status(201).send({
ok: true,
user: {
id: newUser.id,
username: newUser.username,
},
message: "Account created",
});
});
// Hash password with Argon2id
const passwordHash = await argon2.hash(password, ARGON2_OPTIONS);
// ---------------------------------------------------------------------------
// POST /auth/login - User login
// ---------------------------------------------------------------------------
app.post<{ Body: z.infer<typeof loginSchema> }>("/auth/login", {
config: { rateLimit: sensitiveRateLimitConfig },
}, async (request, reply) => {
const state = await getAuthState();
if (!state.authEnabled) {
return reply.status(400).send({ error: "Authentication is disabled", code: "AUTH_DISABLED" });
}
if (!state.localAuthEnabled) {
return reply.status(400).send({ error: "Local authentication is disabled", code: "LOCAL_AUTH_DISABLED" });
}
// Create user
const [newUser] = await db
.insert(users)
.values({
username,
passwordHash,
authProvider: "local",
})
.returning();
const parsed = loginSchema.safeParse(request.body);
if (!parsed.success) {
return reply.status(400).send({
error: "Invalid credentials",
code: "VALIDATION_ERROR"
});
}
app.log.info(`User registered: ${username}`);
const { username, password, rememberMe } = parsed.data;
return reply.status(201).send({
ok: true,
user: {
id: newUser.id,
username: newUser.username,
},
message: "Account created",
});
}
);
// Find user by username
const [user] = await db.select().from(users).where(eq(users.username, username));
// Generic error to prevent user enumeration
const invalidCredentialsError = () =>
reply.status(401).send({ error: "Invalid username or password", code: "INVALID_CREDENTIALS" });
// ---------------------------------------------------------------------------
// POST /auth/login - User login
// ---------------------------------------------------------------------------
app.post<{ Body: z.infer<typeof loginSchema> }>(
"/auth/login",
{
config: { rateLimit: sensitiveRateLimitConfig },
},
async (request, reply) => {
const state = await getAuthState();
if (!user) {
// Perform dummy hash to prevent timing attacks
await argon2.hash("dummy", ARGON2_OPTIONS);
return invalidCredentialsError();
}
if (!state.authEnabled) {
return reply.status(400).send({ error: "Authentication is disabled", code: "AUTH_DISABLED" });
}
if (!user.isActive) {
return reply.status(401).send({ error: "Account disabled", code: "ACCOUNT_DISABLED" });
}
if (!state.localAuthEnabled) {
return reply.status(400).send({ error: "Local authentication is disabled", code: "LOCAL_AUTH_DISABLED" });
}
if (!user.passwordHash) {
// SSO-only user trying local login
return reply.status(401).send({ error: "Please use SSO to login", code: "SSO_ONLY" });
}
const parsed = loginSchema.safeParse(request.body);
if (!parsed.success) {
return reply.status(400).send({
error: "Invalid credentials",
code: "VALIDATION_ERROR",
});
}
// Verify password
const valid = await argon2.verify(user.passwordHash, password, ARGON2_OPTIONS);
if (!valid) {
return invalidCredentialsError();
}
const { username, password, rememberMe } = parsed.data;
// Update last login
await db.update(users)
.set({ lastLoginAt: new Date(), updatedAt: new Date() })
.where(eq(users.id, user.id));
// Find user by username
const [user] = await db.select().from(users).where(eq(users.username, username));
// Generate tokens
const accessToken = app.jwt.sign(
{ sub: user.id, username: user.username },
{ expiresIn: `${accessTtlMinutes}m` }
);
// Generic error to prevent user enumeration
const invalidCredentialsError = () =>
reply.status(401).send({ error: "Invalid username or password", code: "INVALID_CREDENTIALS" });
const tokenId = randomBytes(32).toString("hex");
const refreshExp = new Date(Date.now() + refreshTtlDays * 24 * 60 * 60 * 1000);
await db.insert(refreshTokens).values({
userId: user.id,
tokenId,
expiresAt: refreshExp,
});
if (!user) {
// Perform dummy hash to prevent timing attacks
await argon2.hash("dummy", ARGON2_OPTIONS);
return invalidCredentialsError();
}
const refreshToken = app.jwt.sign(
{ sub: user.id, jti: tokenId },
{ expiresIn: `${refreshTtlDays}d`, key: app.config.refreshSecret }
);
if (!user.isActive) {
return reply.status(401).send({ error: "Account disabled", code: "ACCOUNT_DISABLED" });
}
app.log.info(`User logged in: ${username} (rememberMe: ${rememberMe})`);
if (!user.passwordHash) {
// SSO-only user trying local login
return reply.status(401).send({ error: "Please use SSO to login", code: "SSO_ONLY" });
}
// Cookie options: with maxAge for "remember me", without for session cookie
const accessCookieOptions = rememberMe
? app.config.cookieOptions
: { ...app.config.cookieOptions, maxAge: undefined };
const refreshCookieOptions = rememberMe
? app.config.refreshCookieOptions
: { ...app.config.refreshCookieOptions, maxAge: undefined };
// Verify password
const valid = await argon2.verify(user.passwordHash, password, ARGON2_OPTIONS);
if (!valid) {
return invalidCredentialsError();
}
return reply
.setCookie("access_token", accessToken, accessCookieOptions)
.setCookie("refresh_token", refreshToken, refreshCookieOptions)
.send({
ok: true,
user: {
id: user.id,
username: user.username,
avatarUrl: user.avatarUrl,
},
});
});
// Update last login
await db.update(users).set({ lastLoginAt: new Date(), updatedAt: new Date() }).where(eq(users.id, user.id));
// ---------------------------------------------------------------------------
// POST /auth/refresh - Refresh access token
// ---------------------------------------------------------------------------
app.post("/auth/refresh", {
config: { rateLimit: authRateLimitConfig },
}, async (request, reply) => {
const refreshTokenCookie = request.cookies.refresh_token;
if (!refreshTokenCookie) {
return reply.status(401).send({ error: "No refresh token", code: "NO_REFRESH_TOKEN" });
}
// Generate tokens
const accessToken = app.jwt.sign(
{ sub: user.id, username: user.username },
{ expiresIn: `${accessTtlMinutes}m` }
);
try {
// Verify refresh token
const decoded = app.jwt.verify<{ sub: number; jti: string }>(
refreshTokenCookie,
{ key: app.config.refreshSecret }
);
const tokenId = randomBytes(32).toString("hex");
const refreshExp = new Date(Date.now() + refreshTtlDays * 24 * 60 * 60 * 1000);
// Check if token exists and is valid
const [token] = await db.select().from(refreshTokens)
.where(eq(refreshTokens.tokenId, decoded.jti));
await db.insert(refreshTokens).values({
userId: user.id,
tokenId,
expiresAt: refreshExp,
});
if (!token || token.revoked || token.expiresAt < new Date()) {
return reply.status(401).send({ error: "Invalid refresh token", code: "INVALID_REFRESH_TOKEN" });
}
const refreshToken = app.jwt.sign(
{ sub: user.id, jti: tokenId },
{ expiresIn: `${refreshTtlDays}d`, key: app.config.refreshSecret }
);
// Get user
const [user] = await db.select().from(users).where(eq(users.id, decoded.sub));
if (!user || !user.isActive) {
return reply.status(401).send({ error: "User not found or disabled", code: "USER_INVALID" });
}
app.log.info(`User logged in: ${username} (rememberMe: ${rememberMe})`);
// Rotate refresh token (revoke old, create new)
await db.update(refreshTokens)
.set({ revoked: true, rotatedAt: new Date() })
.where(eq(refreshTokens.id, token.id));
// Cookie options: with maxAge for "remember me", without for session cookie
const accessCookieOptions = rememberMe
? app.config.cookieOptions
: { ...app.config.cookieOptions, maxAge: undefined };
const refreshCookieOptions = rememberMe
? app.config.refreshCookieOptions
: { ...app.config.refreshCookieOptions, maxAge: undefined };
const newTokenId = randomBytes(32).toString("hex");
const refreshExp = new Date(Date.now() + refreshTtlDays * 24 * 60 * 60 * 1000);
await db.insert(refreshTokens).values({
userId: user.id,
tokenId: newTokenId,
expiresAt: refreshExp,
});
return reply
.setCookie("access_token", accessToken, accessCookieOptions)
.setCookie("refresh_token", refreshToken, refreshCookieOptions)
.send({
ok: true,
user: {
id: user.id,
username: user.username,
avatarUrl: user.avatarUrl,
},
});
}
);
// Generate new tokens
const newAccessToken = app.jwt.sign(
{ sub: user.id, username: user.username },
{ expiresIn: `${accessTtlMinutes}m` }
);
// ---------------------------------------------------------------------------
// POST /auth/refresh - Refresh access token
// ---------------------------------------------------------------------------
app.post(
"/auth/refresh",
{
config: { rateLimit: authRateLimitConfig },
},
async (request, reply) => {
const refreshTokenCookie = request.cookies.refresh_token;
if (!refreshTokenCookie) {
return reply.status(401).send({ error: "No refresh token", code: "NO_REFRESH_TOKEN" });
}
const newRefreshToken = app.jwt.sign(
{ sub: user.id, jti: newTokenId },
{ expiresIn: `${refreshTtlDays}d`, key: app.config.refreshSecret }
);
try {
// Verify refresh token
const decoded = app.jwt.verify<{ sub: number; jti: string }>(refreshTokenCookie, {
key: app.config.refreshSecret,
});
return reply
.setCookie("access_token", newAccessToken, app.config.cookieOptions)
.setCookie("refresh_token", newRefreshToken, app.config.refreshCookieOptions)
.send({ ok: true });
// Check if token exists and is valid
const [token] = await db.select().from(refreshTokens).where(eq(refreshTokens.tokenId, decoded.jti));
} catch {
return reply.status(401).send({ error: "Invalid refresh token", code: "INVALID_REFRESH_TOKEN" });
}
});
if (!token || token.revoked || token.expiresAt < new Date()) {
return reply.status(401).send({ error: "Invalid refresh token", code: "INVALID_REFRESH_TOKEN" });
}
// ---------------------------------------------------------------------------
// POST /auth/logout - Logout (revoke refresh token)
// ---------------------------------------------------------------------------
app.post("/auth/logout", {
config: { rateLimit: authRateLimitConfig },
}, async (request, reply) => {
const refreshTokenCookie = request.cookies.refresh_token;
if (refreshTokenCookie) {
try {
const decoded = app.jwt.verify<{ jti: string }>(
refreshTokenCookie,
{ key: app.config.refreshSecret }
);
// Revoke the refresh token
await db.update(refreshTokens)
.set({ revoked: true })
.where(eq(refreshTokens.tokenId, decoded.jti));
} catch {
// Invalid token, ignore
}
}
// Get user
const [user] = await db.select().from(users).where(eq(users.id, decoded.sub));
if (!user || !user.isActive) {
return reply.status(401).send({ error: "User not found or disabled", code: "USER_INVALID" });
}
return reply
.clearCookie("access_token", app.config.cookieOptions)
.clearCookie("refresh_token", app.config.refreshCookieOptions)
.send({ ok: true });
});
// Rotate refresh token (revoke old, create new)
await db
.update(refreshTokens)
.set({ revoked: true, rotatedAt: new Date() })
.where(eq(refreshTokens.id, token.id));
// ---------------------------------------------------------------------------
// GET /auth/me - Get current user profile
// ---------------------------------------------------------------------------
app.get("/auth/me", { preHandler: requireAuth }, async (request, reply) => {
const authUser = request.user as unknown as AuthUser | null;
if (!authUser) {
return reply.status(401).send({ error: "Not authenticated" });
}
const newTokenId = randomBytes(32).toString("hex");
const refreshExp = new Date(Date.now() + refreshTtlDays * 24 * 60 * 60 * 1000);
const [user] = await db.select().from(users).where(eq(users.id, authUser.id));
if (!user) {
return reply.status(404).send({ error: "User not found" });
}
await db.insert(refreshTokens).values({
userId: user.id,
tokenId: newTokenId,
expiresAt: refreshExp,
});
return {
id: user.id,
username: user.username,
avatarUrl: user.avatarUrl,
authProvider: user.authProvider,
createdAt: user.createdAt,
lastLoginAt: user.lastLoginAt,
};
});
// Generate new tokens
const newAccessToken = app.jwt.sign(
{ sub: user.id, username: user.username },
{ expiresIn: `${accessTtlMinutes}m` }
);
// ---------------------------------------------------------------------------
// PUT /auth/me - Update current user profile
// ---------------------------------------------------------------------------
app.put<{ Body: z.infer<typeof updateProfileSchema> }>("/auth/me", {
preHandler: requireAuth,
config: { rateLimit: authRateLimitConfig },
}, async (request, reply) => {
const authUser = request.user as unknown as AuthUser | null;
if (!authUser) {
return reply.status(401).send({ error: "Not authenticated" });
}
const newRefreshToken = app.jwt.sign(
{ sub: user.id, jti: newTokenId },
{ expiresIn: `${refreshTtlDays}d`, key: app.config.refreshSecret }
);
const parsed = updateProfileSchema.safeParse(request.body);
if (!parsed.success) {
return reply.status(400).send({
error: parsed.error.errors[0]?.message ?? "Invalid input",
code: "VALIDATION_ERROR"
});
}
return reply
.setCookie("access_token", newAccessToken, app.config.cookieOptions)
.setCookie("refresh_token", newRefreshToken, app.config.refreshCookieOptions)
.send({ ok: true });
} catch {
return reply.status(401).send({ error: "Invalid refresh token", code: "INVALID_REFRESH_TOKEN" });
}
}
);
const { currentPassword, newPassword } = parsed.data;
const [user] = await db.select().from(users).where(eq(users.id, authUser.id));
// ---------------------------------------------------------------------------
// POST /auth/logout - Logout (revoke refresh token)
// ---------------------------------------------------------------------------
app.post(
"/auth/logout",
{
config: { rateLimit: authRateLimitConfig },
},
async (request, reply) => {
const refreshTokenCookie = request.cookies.refresh_token;
if (!user) {
return reply.status(404).send({ error: "User not found" });
}
if (refreshTokenCookie) {
try {
const decoded = app.jwt.verify<{ jti: string }>(refreshTokenCookie, { key: app.config.refreshSecret });
const updates: Partial<typeof users.$inferInsert> = {
updatedAt: new Date(),
};
// Revoke the refresh token
await db.update(refreshTokens).set({ revoked: true }).where(eq(refreshTokens.tokenId, decoded.jti));
} catch {
// Invalid token, ignore
}
}
// Update password if provided
if (newPassword) {
if (!currentPassword) {
return reply.status(400).send({ error: "Current password required", code: "CURRENT_PASSWORD_REQUIRED" });
}
return reply
.clearCookie("access_token", app.config.cookieOptions)
.clearCookie("refresh_token", app.config.refreshCookieOptions)
.send({ ok: true });
}
);
if (!user.passwordHash) {
return reply.status(400).send({ error: "Cannot change password for SSO account", code: "SSO_ACCOUNT" });
}
// ---------------------------------------------------------------------------
// GET /auth/me - Get current user profile
// ---------------------------------------------------------------------------
app.get("/auth/me", { preHandler: requireAuth }, async (request, reply) => {
const authUser = request.user as unknown as AuthUser | null;
if (!authUser) {
return reply.status(401).send({ error: "Not authenticated" });
}
const valid = await argon2.verify(user.passwordHash, currentPassword, ARGON2_OPTIONS);
if (!valid) {
return reply.status(401).send({ error: "Current password is incorrect", code: "INVALID_PASSWORD" });
}
const [user] = await db.select().from(users).where(eq(users.id, authUser.id));
if (!user) {
return reply.status(404).send({ error: "User not found" });
}
updates.passwordHash = await argon2.hash(newPassword, ARGON2_OPTIONS);
}
return {
id: user.id,
username: user.username,
avatarUrl: user.avatarUrl,
authProvider: user.authProvider,
createdAt: user.createdAt,
lastLoginAt: user.lastLoginAt,
};
});
await db.update(users).set(updates).where(eq(users.id, user.id));
// ---------------------------------------------------------------------------
// PUT /auth/me - Update current user profile
// ---------------------------------------------------------------------------
app.put<{ Body: z.infer<typeof updateProfileSchema> }>(
"/auth/me",
{
preHandler: requireAuth,
config: { rateLimit: authRateLimitConfig },
},
async (request, reply) => {
const authUser = request.user as unknown as AuthUser | null;
if (!authUser) {
return reply.status(401).send({ error: "Not authenticated" });
}
return { ok: true, message: "Profile updated" };
});
const parsed = updateProfileSchema.safeParse(request.body);
if (!parsed.success) {
return reply.status(400).send({
error: parsed.error.errors[0]?.message ?? "Invalid input",
code: "VALIDATION_ERROR",
});
}
// ---------------------------------------------------------------------------
// POST /auth/avatar - Upload user avatar
// ---------------------------------------------------------------------------
app.post("/auth/avatar", {
preHandler: requireAuth,
config: { rateLimit: authRateLimitConfig },
}, async (request, reply) => {
const authUser = request.user as unknown as AuthUser | null;
if (!authUser) {
return reply.status(401).send({ error: "Not authenticated" });
}
const { currentPassword, newPassword } = parsed.data;
const [user] = await db.select().from(users).where(eq(users.id, authUser.id));
const data = await request.file();
if (!data) {
return reply.status(400).send({ error: "No file uploaded" });
}
if (!user) {
return reply.status(404).send({ error: "User not found" });
}
// Validate file type
const allowedTypes = ["image/jpeg", "image/png", "image/webp", "image/gif"];
if (!allowedTypes.includes(data.mimetype)) {
return reply.status(400).send({ error: "Invalid file type. Allowed: JPEG, PNG, WebP, GIF" });
}
const updates: Partial<typeof users.$inferInsert> = {
updatedAt: new Date(),
};
// Generate unique filename
const ext = data.filename.split(".").pop() || "jpg";
const filename = `avatar_${authUser.id}_${Date.now()}.${ext}`;
// Save file
const fs = await import("fs/promises");
const path = await import("path");
const imagesDir = path.join(process.cwd(), "data", "images");
await fs.mkdir(imagesDir, { recursive: true });
const buffer = await data.toBuffer();
await fs.writeFile(path.join(imagesDir, filename), buffer);
// Update password if provided
if (newPassword) {
if (!currentPassword) {
return reply.status(400).send({ error: "Current password required", code: "CURRENT_PASSWORD_REQUIRED" });
}
// Delete old avatar if exists
const [user] = await db.select().from(users).where(eq(users.id, authUser.id));
if (user?.avatarUrl) {
try {
await fs.unlink(path.join(imagesDir, user.avatarUrl));
} catch {
// Ignore if file doesn't exist
}
}
if (!user.passwordHash) {
return reply.status(400).send({ error: "Cannot change password for SSO account", code: "SSO_ACCOUNT" });
}
// Update user
await db.update(users).set({ avatarUrl: filename, updatedAt: new Date() }).where(eq(users.id, authUser.id));
const valid = await argon2.verify(user.passwordHash, currentPassword, ARGON2_OPTIONS);
if (!valid) {
return reply.status(401).send({ error: "Current password is incorrect", code: "INVALID_PASSWORD" });
}
return { ok: true, avatarUrl: filename };
});
updates.passwordHash = await argon2.hash(newPassword, ARGON2_OPTIONS);
}
// ---------------------------------------------------------------------------
// DELETE /auth/avatar - Delete user avatar
// ---------------------------------------------------------------------------
app.delete("/auth/avatar", {
preHandler: requireAuth,
config: { rateLimit: authRateLimitConfig },
}, async (request, reply) => {
const authUser = request.user as unknown as AuthUser | null;
if (!authUser) {
return reply.status(401).send({ error: "Not authenticated" });
}
await db.update(users).set(updates).where(eq(users.id, user.id));
const [user] = await db.select().from(users).where(eq(users.id, authUser.id));
if (!user?.avatarUrl) {
return reply.status(404).send({ error: "No avatar to delete" });
}
return { ok: true, message: "Profile updated" };
}
);
// Delete file
const fs = await import("fs/promises");
const path = await import("path");
try {
await fs.unlink(path.join(process.cwd(), "data", "images", user.avatarUrl));
} catch {
// Ignore if file doesn't exist
}
// ---------------------------------------------------------------------------
// POST /auth/avatar - Upload user avatar
// ---------------------------------------------------------------------------
app.post(
"/auth/avatar",
{
preHandler: requireAuth,
config: { rateLimit: authRateLimitConfig },
},
async (request, reply) => {
const authUser = request.user as unknown as AuthUser | null;
if (!authUser) {
return reply.status(401).send({ error: "Not authenticated" });
}
// Update user
await db.update(users).set({ avatarUrl: null, updatedAt: new Date() }).where(eq(users.id, authUser.id));
const data = await request.file();
if (!data) {
return reply.status(400).send({ error: "No file uploaded" });
}
return { ok: true };
});
// Validate file type
const allowedTypes = ["image/jpeg", "image/png", "image/webp", "image/gif"];
if (!allowedTypes.includes(data.mimetype)) {
return reply.status(400).send({ error: "Invalid file type. Allowed: JPEG, PNG, WebP, GIF" });
}
// Generate unique filename
const ext = data.filename.split(".").pop() || "jpg";
const filename = `avatar_${authUser.id}_${Date.now()}.${ext}`;
// Save file
const fs = await import("node:fs/promises");
const path = await import("node:path");
const imagesDir = path.join(process.cwd(), "data", "images");
await fs.mkdir(imagesDir, { recursive: true });
const buffer = await data.toBuffer();
await fs.writeFile(path.join(imagesDir, filename), buffer);
// Delete old avatar if exists
const [user] = await db.select().from(users).where(eq(users.id, authUser.id));
if (user?.avatarUrl) {
try {
await fs.unlink(path.join(imagesDir, user.avatarUrl));
} catch {
// Ignore if file doesn't exist
}
}
// Update user
await db.update(users).set({ avatarUrl: filename, updatedAt: new Date() }).where(eq(users.id, authUser.id));
return { ok: true, avatarUrl: filename };
}
);
// ---------------------------------------------------------------------------
// DELETE /auth/avatar - Delete user avatar
// ---------------------------------------------------------------------------
app.delete(
"/auth/avatar",
{
preHandler: requireAuth,
config: { rateLimit: authRateLimitConfig },
},
async (request, reply) => {
const authUser = request.user as unknown as AuthUser | null;
if (!authUser) {
return reply.status(401).send({ error: "Not authenticated" });
}
const [user] = await db.select().from(users).where(eq(users.id, authUser.id));
if (!user?.avatarUrl) {
return reply.status(404).send({ error: "No avatar to delete" });
}
// Delete file
const fs = await import("node:fs/promises");
const path = await import("node:path");
try {
await fs.unlink(path.join(process.cwd(), "data", "images", user.avatarUrl));
} catch {
// Ignore if file doesn't exist
}
// Update user
await db.update(users).set({ avatarUrl: null, updatedAt: new Date() }).where(eq(users.id, authUser.id));
return { ok: true };
}
);
}
backend/src/routes/doses.ts
+240 -268
View File
@@ -1,9 +1,9 @@
import { FastifyInstance } from "fastify";
import { and, eq } from "drizzle-orm";
import type { FastifyInstance, FastifyReply, FastifyRequest } from "fastify";
import { z } from "zod";
import { db } from "../db/client.js";
import { doseTracking, shareTokens } from "../db/schema.js";
import { eq, and, inArray } from "drizzle-orm";
import { requireAuth, getAnonymousUserId } from "../plugins/auth.js";
import { getAnonymousUserId, requireAuth } from "../plugins/auth.js";
import { env } from "../plugins/env.js";
import type { AuthUser } from "../types/fastify.js";
@@ -11,324 +11,296 @@ import type { AuthUser } from "../types/fastify.js";
// Validation Schemas
// =============================================================================
const markDoseSchema = z.object({
doseId: z.string().min(1, "doseId is required"),
doseId: z.string().min(1, "doseId is required"),
});
const shareDoseSchema = z.object({
doseId: z.string().min(1, "doseId is required"),
doseId: z.string().min(1, "doseId is required"),
});
const dismissDosesSchema = z.object({
doseIds: z.array(z.string().min(1)).min(1, "At least one doseId is required"),
doseIds: z.array(z.string().min(1)).min(1, "At least one doseId is required"),
});
// Helper to get user ID from request
// Returns anonymous user ID when auth is disabled
async function getUserId(request: any, reply: any): Promise<number> {
// If auth is disabled, use the anonymous user
if (!env.AUTH_ENABLED) {
return getAnonymousUserId();
}
const authUser = request.user as unknown as AuthUser | null;
if (!authUser) {
reply.status(401).send({ error: "Not authenticated" });
throw new Error("AUTH_REQUIRED");
}
return authUser.id;
async function getUserId(request: FastifyRequest, reply: FastifyReply): Promise<number> {
// If auth is disabled, use the anonymous user
if (!env.AUTH_ENABLED) {
return getAnonymousUserId();
}
const authUser = request.user as unknown as AuthUser | null;
if (!authUser) {
reply.status(401).send({ error: "Not authenticated" });
throw new Error("AUTH_REQUIRED");
}
return authUser.id;
}
// =============================================================================
// Dose Tracking Routes
// =============================================================================
export async function doseRoutes(app: FastifyInstance) {
// ---------------------------------------------------------------------------
// GET /doses/taken - PROTECTED: Get all taken doses for the user
// ---------------------------------------------------------------------------
app.get(
"/doses/taken",
{ preHandler: requireAuth },
async (request, reply) => {
const userId = await getUserId(request, reply);
// ---------------------------------------------------------------------------
// GET /doses/taken - PROTECTED: Get all taken doses for the user
// ---------------------------------------------------------------------------
app.get("/doses/taken", { preHandler: requireAuth }, async (request, reply) => {
const userId = await getUserId(request, reply);
// Get all taken doses for this user (no time limit)
const doses = await db.select()
.from(doseTracking)
.where(eq(doseTracking.userId, userId));
// Get all taken doses for this user (no time limit)
const doses = await db.select().from(doseTracking).where(eq(doseTracking.userId, userId));
return {
doses: doses.map((d) => ({
doseId: d.doseId,
takenAt: d.takenAt?.getTime() ?? Date.now(),
markedBy: d.markedBy,
dismissed: d.dismissed ?? false,
})),
};
}
);
return {
doses: doses.map((d) => ({
doseId: d.doseId,
takenAt: d.takenAt?.getTime() ?? Date.now(),
markedBy: d.markedBy,
dismissed: d.dismissed ?? false,
})),
};
});
// ---------------------------------------------------------------------------
// POST /doses/taken - PROTECTED: Mark a dose as taken
// ---------------------------------------------------------------------------
app.post<{ Body: z.infer<typeof markDoseSchema> }>(
"/doses/taken",
{ preHandler: requireAuth },
async (request, reply) => {
const userId = await getUserId(request, reply);
// ---------------------------------------------------------------------------
// POST /doses/taken - PROTECTED: Mark a dose as taken
// ---------------------------------------------------------------------------
app.post<{ Body: z.infer<typeof markDoseSchema> }>(
"/doses/taken",
{ preHandler: requireAuth },
async (request, reply) => {
const userId = await getUserId(request, reply);
const parsed = markDoseSchema.safeParse(request.body);
if (!parsed.success) {
return reply.status(400).send({
error: parsed.error.errors[0]?.message ?? "Invalid input",
});
}
const parsed = markDoseSchema.safeParse(request.body);
if (!parsed.success) {
return reply.status(400).send({
error: parsed.error.errors[0]?.message ?? "Invalid input",
});
}
const { doseId } = parsed.data;
const { doseId } = parsed.data;
// Check if already marked
const [existing] = await db.select()
.from(doseTracking)
.where(
and(
eq(doseTracking.userId, userId),
eq(doseTracking.doseId, doseId)
)
);
// Check if already marked
const [existing] = await db
.select()
.from(doseTracking)
.where(and(eq(doseTracking.userId, userId), eq(doseTracking.doseId, doseId)));
if (existing) {
return { success: true, message: "Already marked" };
}
if (existing) {
return { success: true, message: "Already marked" };
}
// Insert new record
await db.insert(doseTracking).values({
userId,
doseId,
markedBy: null, // Marked by the user themselves
});
// Insert new record
await db.insert(doseTracking).values({
userId,
doseId,
markedBy: null, // Marked by the user themselves
});
return { success: true };
}
);
return { success: true };
}
);
// ---------------------------------------------------------------------------
// DELETE /doses/taken/:doseId - PROTECTED: Unmark a dose
// ---------------------------------------------------------------------------
app.delete<{ Params: { doseId: string } }>(
"/doses/taken/:doseId",
{ preHandler: requireAuth },
async (request, reply) => {
const userId = await getUserId(request, reply);
// ---------------------------------------------------------------------------
// DELETE /doses/taken/:doseId - PROTECTED: Unmark a dose
// ---------------------------------------------------------------------------
app.delete<{ Params: { doseId: string } }>(
"/doses/taken/:doseId",
{ preHandler: requireAuth },
async (request, reply) => {
const userId = await getUserId(request, reply);
const { doseId } = request.params;
const { doseId } = request.params;
await db.delete(doseTracking).where(
and(
eq(doseTracking.userId, userId),
eq(doseTracking.doseId, doseId)
)
);
// Check if this dose was dismissed
const [existing] = await db
.select()
.from(doseTracking)
.where(and(eq(doseTracking.userId, userId), eq(doseTracking.doseId, doseId)));
return { success: true };
}
);
if (existing?.dismissed) {
// Already dismissed - keep the record as-is
// The dose stays dismissed, we just acknowledge the undo request
} else {
// Not dismissed - delete the record entirely
await db.delete(doseTracking).where(and(eq(doseTracking.userId, userId), eq(doseTracking.doseId, doseId)));
}
// ---------------------------------------------------------------------------
// POST /doses/dismiss - PROTECTED: Dismiss missed doses without deducting stock
// ---------------------------------------------------------------------------
app.post<{ Body: z.infer<typeof dismissDosesSchema> }>(
"/doses/dismiss",
{ preHandler: requireAuth },
async (request, reply) => {
const userId = await getUserId(request, reply);
return { success: true };
}
);
const parsed = dismissDosesSchema.safeParse(request.body);
if (!parsed.success) {
return reply.status(400).send({
error: parsed.error.errors[0]?.message ?? "Invalid input",
});
}
// ---------------------------------------------------------------------------
// POST /doses/dismiss - PROTECTED: Dismiss missed doses without deducting stock
// ---------------------------------------------------------------------------
app.post<{ Body: z.infer<typeof dismissDosesSchema> }>(
"/doses/dismiss",
{ preHandler: requireAuth },
async (request, reply) => {
const userId = await getUserId(request, reply);
const { doseIds } = parsed.data;
const parsed = dismissDosesSchema.safeParse(request.body);
if (!parsed.success) {
return reply.status(400).send({
error: parsed.error.errors[0]?.message ?? "Invalid input",
});
}
// Insert dismissed records for each dose that doesn't exist yet
let dismissedCount = 0;
for (const doseId of doseIds) {
// Check if already exists (taken or dismissed)
const [existing] = await db.select()
.from(doseTracking)
.where(
and(
eq(doseTracking.userId, userId),
eq(doseTracking.doseId, doseId)
)
);
const { doseIds } = parsed.data;
if (existing) {
// Already exists - update to dismissed if not already
if (!existing.dismissed) {
await db.update(doseTracking)
.set({ dismissed: true })
.where(
and(
eq(doseTracking.userId, userId),
eq(doseTracking.doseId, doseId)
)
);
dismissedCount++;
}
} else {
// Create new dismissed record
await db.insert(doseTracking).values({
userId,
doseId,
markedBy: null,
dismissed: true,
});
dismissedCount++;
}
}
// Insert dismissed records for each dose that doesn't exist yet
let dismissedCount = 0;
for (const doseId of doseIds) {
// Check if already exists (taken or dismissed)
const [existing] = await db
.select()
.from(doseTracking)
.where(and(eq(doseTracking.userId, userId), eq(doseTracking.doseId, doseId)));
return { success: true, dismissedCount };
}
);
if (existing) {
// Already exists - update to dismissed if not already
if (!existing.dismissed) {
await db
.update(doseTracking)
.set({ dismissed: true })
.where(and(eq(doseTracking.userId, userId), eq(doseTracking.doseId, doseId)));
dismissedCount++;
}
} else {
// Create new dismissed record
await db.insert(doseTracking).values({
userId,
doseId,
markedBy: null,
dismissed: true,
});
dismissedCount++;
}
}
// ---------------------------------------------------------------------------
// DELETE /doses/dismiss - PROTECTED: Clear all dismissed doses (un-dismiss)
// ---------------------------------------------------------------------------
app.delete(
"/doses/dismiss",
{ preHandler: requireAuth },
async (request, reply) => {
const userId = await getUserId(request, reply);
return { success: true, dismissedCount };
}
);
// Delete all dismissed-only records (not taken ones)
// For taken+dismissed, just remove the dismissed flag
const dismissed = await db.select()
.from(doseTracking)
.where(
and(
eq(doseTracking.userId, userId),
eq(doseTracking.dismissed, true)
)
);
// ---------------------------------------------------------------------------
// DELETE /doses/dismiss - PROTECTED: Clear all dismissed doses (un-dismiss)
// ---------------------------------------------------------------------------
app.delete("/doses/dismiss", { preHandler: requireAuth }, async (request, reply) => {
const userId = await getUserId(request, reply);
for (const d of dismissed) {
if (d.markedBy !== null || d.takenAt) {
// This was also marked as taken - just remove dismissed flag
await db.update(doseTracking)
.set({ dismissed: false })
.where(eq(doseTracking.id, d.id));
} else {
// This was only dismissed - delete it
await db.delete(doseTracking)
.where(eq(doseTracking.id, d.id));
}
}
// Delete all dismissed-only records (not taken ones)
// For taken+dismissed, just remove the dismissed flag
const dismissed = await db
.select()
.from(doseTracking)
.where(and(eq(doseTracking.userId, userId), eq(doseTracking.dismissed, true)));
return { success: true, clearedCount: dismissed.length };
}
);
for (const d of dismissed) {
if (d.markedBy !== null || d.takenAt) {
// This was also marked as taken - just remove dismissed flag
await db.update(doseTracking).set({ dismissed: false }).where(eq(doseTracking.id, d.id));
} else {
// This was only dismissed - delete it
await db.delete(doseTracking).where(eq(doseTracking.id, d.id));
}
}
// ---------------------------------------------------------------------------
// GET /share/:token/doses - PUBLIC: Get taken doses for a share link
// ---------------------------------------------------------------------------
app.get<{ Params: { token: string } }>(
"/share/:token/doses",
async (request, reply) => {
const { token } = request.params;
return { success: true, clearedCount: dismissed.length };
});
// Find share token
const [share] = await db.select().from(shareTokens).where(eq(shareTokens.token, token));
if (!share) {
return reply.notFound("Share link not found");
}
// ---------------------------------------------------------------------------
// GET /share/:token/doses - PUBLIC: Get taken doses for a share link
// ---------------------------------------------------------------------------
app.get<{ Params: { token: string } }>("/share/:token/doses", async (request, reply) => {
const { token } = request.params;
// Get all taken doses for this user (no time limit)
const doses = await db.select()
.from(doseTracking)
.where(eq(doseTracking.userId, share.userId));
// Find share token
const [share] = await db.select().from(shareTokens).where(eq(shareTokens.token, token));
if (!share) {
return reply.notFound("Share link not found");
}
return {
doses: doses.map((d) => ({
doseId: d.doseId,
takenAt: d.takenAt?.getTime() ?? Date.now(),
markedBy: d.markedBy,
dismissed: d.dismissed ?? false,
})),
};
}
);
// Get all taken doses for this user (no time limit)
const doses = await db.select().from(doseTracking).where(eq(doseTracking.userId, share.userId));
// ---------------------------------------------------------------------------
// POST /share/:token/doses - PUBLIC: Mark a dose as taken via share link
// ---------------------------------------------------------------------------
app.post<{ Params: { token: string }; Body: z.infer<typeof shareDoseSchema> }>(
"/share/:token/doses",
async (request, reply) => {
const { token } = request.params;
return {
doses: doses.map((d) => ({
doseId: d.doseId,
takenAt: d.takenAt?.getTime() ?? Date.now(),
markedBy: d.markedBy,
dismissed: d.dismissed ?? false,
})),
};
});
const parsed = shareDoseSchema.safeParse(request.body);
if (!parsed.success) {
return reply.status(400).send({
error: parsed.error.errors[0]?.message ?? "Invalid input",
});
}
// ---------------------------------------------------------------------------
// POST /share/:token/doses - PUBLIC: Mark a dose as taken via share link
// ---------------------------------------------------------------------------
app.post<{ Params: { token: string }; Body: z.infer<typeof shareDoseSchema> }>(
"/share/:token/doses",
async (request, reply) => {
const { token } = request.params;
const { doseId } = parsed.data;
const parsed = shareDoseSchema.safeParse(request.body);
if (!parsed.success) {
return reply.status(400).send({
error: parsed.error.errors[0]?.message ?? "Invalid input",
});
}
// Find share token
const [share] = await db.select().from(shareTokens).where(eq(shareTokens.token, token));
if (!share) {
return reply.notFound("Share link not found");
}
const { doseId } = parsed.data;
// Check if already marked
const [existing] = await db.select()
.from(doseTracking)
.where(
and(
eq(doseTracking.userId, share.userId),
eq(doseTracking.doseId, doseId)
)
);
// Find share token
const [share] = await db.select().from(shareTokens).where(eq(shareTokens.token, token));
if (!share) {
return reply.notFound("Share link not found");
}
if (existing) {
return { success: true, message: "Already marked" };
}
// Check if already marked
const [existing] = await db
.select()
.from(doseTracking)
.where(and(eq(doseTracking.userId, share.userId), eq(doseTracking.doseId, doseId)));
// Insert new record - marked by the takenBy person
await db.insert(doseTracking).values({
userId: share.userId,
doseId,
markedBy: share.takenBy, // e.g. "Daniel"
});
if (existing) {
return { success: true, message: "Already marked" };
}
return { success: true };
}
);
// Insert new record - marked by the takenBy person
await db.insert(doseTracking).values({
userId: share.userId,
doseId,
markedBy: share.takenBy, // e.g. "Daniel"
});
// ---------------------------------------------------------------------------
// DELETE /share/:token/doses/:doseId - PUBLIC: Unmark a dose via share link
// ---------------------------------------------------------------------------
app.delete<{ Params: { token: string; doseId: string } }>(
"/share/:token/doses/:doseId",
async (request, reply) => {
const { token, doseId } = request.params;
return { success: true };
}
);
// Find share token
const [share] = await db.select().from(shareTokens).where(eq(shareTokens.token, token));
if (!share) {
return reply.notFound("Share link not found");
}
// ---------------------------------------------------------------------------
// DELETE /share/:token/doses/:doseId - PUBLIC: Unmark a dose via share link
// ---------------------------------------------------------------------------
app.delete<{ Params: { token: string; doseId: string } }>("/share/:token/doses/:doseId", async (request, reply) => {
const { token, doseId } = request.params;
await db.delete(doseTracking).where(
and(
eq(doseTracking.userId, share.userId),
eq(doseTracking.doseId, doseId)
)
);
// Find share token
const [share] = await db.select().from(shareTokens).where(eq(shareTokens.token, token));
if (!share) {
return reply.notFound("Share link not found");
}
return { success: true };
}
);
// Check if this dose was dismissed
const [existing] = await db
.select()
.from(doseTracking)
.where(and(eq(doseTracking.userId, share.userId), eq(doseTracking.doseId, doseId)));
if (existing?.dismissed) {
// Already dismissed - keep the record as-is
} else {
// Not dismissed - delete the record entirely
await db.delete(doseTracking).where(and(eq(doseTracking.userId, share.userId), eq(doseTracking.doseId, doseId)));
}
return { success: true };
});
}
backend/src/routes/export.ts
+504 -412
View File
@@ -1,14 +1,14 @@
import { FastifyInstance } from "fastify";
import { z } from "zod";
import { randomBytes } from "crypto";
import { db } from "../db/client.js";
import { medications, userSettings, doseTracking, shareTokens } from "../db/schema.js";
import { randomBytes } from "node:crypto";
import { existsSync, mkdirSync, readFileSync, unlinkSync, writeFileSync } from "node:fs";
import { extname, resolve } from "node:path";
import { eq } from "drizzle-orm";
import { requireAuth, getAnonymousUserId } from "../plugins/auth.js";
import type { FastifyInstance } from "fastify";
import { z } from "zod";
import { db } from "../db/client.js";
import { doseTracking, medications, shareTokens, userSettings } from "../db/schema.js";
import { getAnonymousUserId, requireAuth } from "../plugins/auth.js";
import { env } from "../plugins/env.js";
import type { AuthUser } from "../types/fastify.js";
import { resolve, extname } from "path";
import { existsSync, readFileSync, writeFileSync, unlinkSync, mkdirSync } from "fs";
const IMAGES_DIR = resolve(process.cwd(), "data/images");
@@ -22,83 +22,89 @@ const EXPORT_VERSION = "1.0";
// =============================================================================
const scheduleSchema = z.object({
usage: z.number().nonnegative(),
every: z.number().int().min(1),
start: z.string(), // ISO datetime string
remind: z.boolean().optional().default(false),
usage: z.number().nonnegative(),
every: z.number().int().min(1),
start: z.string(), // ISO datetime string
remind: z.boolean().optional().default(false),
});
const inventorySchema = z.object({
packCount: z.number().int().min(0).default(1),
blistersPerPack: z.number().int().min(1).default(1),
pillsPerBlister: z.number().int().min(1).default(1),
looseTablets: z.number().int().min(0).default(0),
packCount: z.number().int().min(0).default(1),
blistersPerPack: z.number().int().min(1).default(1),
pillsPerBlister: z.number().int().min(1).default(1),
looseTablets: z.number().int().min(0).default(0),
stockAdjustment: z.number().int().default(0), // Manual stock correction
});
const medicationExportSchema = z.object({
_exportId: z.string(),
name: z.string().min(1),
genericName: z.string().nullable().optional(),
takenBy: z.array(z.string()).default([]),
inventory: inventorySchema,
pillWeightMg: z.number().int().nullable().optional(),
schedules: z.array(scheduleSchema).default([]),
expiryDate: z.string().nullable().optional(),
notes: z.string().nullable().optional(),
intakeRemindersEnabled: z.boolean().default(false),
image: z.string().nullable().optional(), // base64 data URL or null
_exportId: z.string(),
name: z.string().min(1),
genericName: z.string().nullable().optional(),
takenBy: z.array(z.string()).default([]),
inventory: inventorySchema,
pillWeightMg: z.number().int().nullable().optional(),
schedules: z.array(scheduleSchema).default([]),
expiryDate: z.string().nullable().optional(),
notes: z.string().nullable().optional(),
intakeRemindersEnabled: z.boolean().default(false),
image: z.string().nullable().optional(), // base64 data URL or null
lastStockCorrectionAt: z.string().nullable().optional(), // ISO datetime of last stock correction
});
const doseHistorySchema = z.object({
medicationRef: z.string(), // References _exportId
scheduleIndex: z.number().int().min(0),
scheduledTime: z.string(), // ISO datetime
takenAt: z.string(), // ISO datetime
markedBy: z.string().nullable().optional(),
medicationRef: z.string(), // References _exportId
scheduleIndex: z.number().int().min(0),
scheduledTime: z.string(), // ISO datetime
takenAt: z.string(), // ISO datetime
markedBy: z.string().nullable().optional(),
dismissed: z.boolean().default(false),
takenByPerson: z.string().nullable().optional(), // Person suffix from dose ID (e.g., "Daniel")
});
const shareLinkSchema = z.object({
takenBy: z.string().min(1),
scheduleDays: z.number().int().min(1).default(30),
expiresAt: z.string().nullable().optional(), // ISO datetime
regenerateToken: z.boolean().default(true),
takenBy: z.string().min(1),
scheduleDays: z.number().int().min(1).default(30),
expiresAt: z.string().nullable().optional(), // ISO datetime
regenerateToken: z.boolean().default(true),
});
const settingsExportSchema = z.object({
// Email notifications
emailEnabled: z.boolean().default(false),
notificationEmail: z.string().nullable().optional(),
emailStockReminders: z.boolean().default(true),
emailIntakeReminders: z.boolean().default(true),
// Push notifications
shoutrrrEnabled: z.boolean().optional(),
shoutrrrUrl: z.string().nullable().optional(),
shoutrrrStockReminders: z.boolean().default(true),
shoutrrrIntakeReminders: z.boolean().default(true),
// Reminder settings
reminderDaysBefore: z.number().int().default(7),
repeatDailyReminders: z.boolean().default(false),
skipRemindersForTakenDoses: z.boolean().default(false),
repeatRemindersEnabled: z.boolean().default(false),
reminderRepeatIntervalMinutes: z.number().int().default(30),
maxNaggingReminders: z.number().int().default(5),
// Stock thresholds
lowStockDays: z.number().int().default(30),
normalStockDays: z.number().int().default(90),
highStockDays: z.number().int().default(180),
// UI preferences
language: z.string().default("en"),
stockCalculationMode: z.enum(["automatic", "manual"]).default("automatic"),
}).optional();
const settingsExportSchema = z
.object({
// Email notifications
emailEnabled: z.boolean().default(false),
notificationEmail: z.string().nullable().optional(),
emailStockReminders: z.boolean().default(true),
emailIntakeReminders: z.boolean().default(true),
// Push notifications
shoutrrrEnabled: z.boolean().optional(),
shoutrrrUrl: z.string().nullable().optional(),
shoutrrrStockReminders: z.boolean().default(true),
shoutrrrIntakeReminders: z.boolean().default(true),
// Reminder settings
reminderDaysBefore: z.number().int().default(7),
repeatDailyReminders: z.boolean().default(false),
skipRemindersForTakenDoses: z.boolean().default(false),
repeatRemindersEnabled: z.boolean().default(false),
reminderRepeatIntervalMinutes: z.number().int().default(30),
maxNaggingReminders: z.number().int().default(5),
// Stock thresholds
lowStockDays: z.number().int().default(30),
normalStockDays: z.number().int().default(90),
highStockDays: z.number().int().default(180),
// UI preferences
language: z.string().default("en"),
stockCalculationMode: z.enum(["automatic", "manual"]).default("automatic"),
})
.optional();
const importDataSchema = z.object({
version: z.string(),
exportedAt: z.string(),
includeSensitiveData: z.boolean().default(false),
medications: z.array(medicationExportSchema).default([]),
doseHistory: z.array(doseHistorySchema).default([]),
settings: settingsExportSchema,
shareLinks: z.array(shareLinkSchema).default([]),
version: z.string(),
exportedAt: z.string(),
includeSensitiveData: z.boolean().default(false),
medications: z.array(medicationExportSchema).default([]),
doseHistory: z.array(doseHistorySchema).default([]),
settings: settingsExportSchema,
shareLinks: z.array(shareLinkSchema).default([]),
});
// =============================================================================
@@ -107,393 +113,479 @@ const importDataSchema = z.object({
// Helper to get user ID from request
async function getUserId(request: any, reply: any): Promise<number> {
if (!env.AUTH_ENABLED) {
return getAnonymousUserId();
}
const authUser = request.user as unknown as AuthUser | null;
if (!authUser) {
reply.status(401).send({ error: "Not authenticated" });
throw new Error("AUTH_REQUIRED");
}
return authUser.id;
if (!env.AUTH_ENABLED) {
return getAnonymousUserId();
}
const authUser = request.user as unknown as AuthUser | null;
if (!authUser) {
reply.status(401).send({ error: "Not authenticated" });
throw new Error("AUTH_REQUIRED");
}
return authUser.id;
}
// Parse takenByJson safely
function parseTakenByJson(takenByJson: string | null | undefined): string[] {
if (!takenByJson) return [];
try {
const parsed = JSON.parse(takenByJson);
return Array.isArray(parsed) ? parsed.filter((s: unknown) => typeof s === "string" && s.trim()) : [];
} catch {
return [];
}
if (!takenByJson) return [];
try {
const parsed = JSON.parse(takenByJson);
return Array.isArray(parsed) ? parsed.filter((s: unknown) => typeof s === "string" && s.trim()) : [];
} catch {
return [];
}
}
// Parse blisters from DB format to export format
function parseBlistersForExport(row: typeof medications.$inferSelect): Array<{ usage: number; every: number; start: string; remind: boolean }> {
try {
const usage = JSON.parse(row.usageJson || "[]") as number[];
const every = JSON.parse(row.everyJson || "[]") as number[];
const start = JSON.parse(row.startJson || "[]") as string[];
const len = Math.min(usage.length, every.length, start.length);
const schedules: Array<{ usage: number; every: number; start: string; remind: boolean }> = [];
for (let i = 0; i < len; i++) {
schedules.push({
usage: usage[i],
every: every[i],
start: start[i],
remind: row.intakeRemindersEnabled ?? false,
});
}
return schedules;
} catch {
return [];
}
function parseBlistersForExport(
row: typeof medications.$inferSelect
): Array<{ usage: number; every: number; start: string; remind: boolean }> {
try {
const usage = JSON.parse(row.usageJson || "[]") as number[];
const every = JSON.parse(row.everyJson || "[]") as number[];
const start = JSON.parse(row.startJson || "[]") as string[];
const len = Math.min(usage.length, every.length, start.length);
const schedules: Array<{ usage: number; every: number; start: string; remind: boolean }> = [];
for (let i = 0; i < len; i++) {
schedules.push({
usage: usage[i],
every: every[i],
start: start[i],
remind: row.intakeRemindersEnabled ?? false,
});
}
return schedules;
} catch {
return [];
}
}
// Read image file and convert to base64 data URL
function imageToBase64(imageUrl: string | null): string | null {
if (!imageUrl) return null;
const imagePath = resolve(IMAGES_DIR, imageUrl);
if (!existsSync(imagePath)) return null;
try {
const imageBuffer = readFileSync(imagePath);
const ext = extname(imageUrl).toLowerCase();
const mimeTypes: Record<string, string> = {
".jpg": "image/jpeg",
".jpeg": "image/jpeg",
".png": "image/png",
".webp": "image/webp",
".gif": "image/gif",
};
const mimeType = mimeTypes[ext] || "image/jpeg";
return `data:${mimeType};base64,${imageBuffer.toString("base64")}`;
} catch {
return null;
}
if (!imageUrl) return null;
const imagePath = resolve(IMAGES_DIR, imageUrl);
if (!existsSync(imagePath)) return null;
try {
const imageBuffer = readFileSync(imagePath);
const ext = extname(imageUrl).toLowerCase();
const mimeTypes: Record<string, string> = {
".jpg": "image/jpeg",
".jpeg": "image/jpeg",
".png": "image/png",
".webp": "image/webp",
".gif": "image/gif",
};
const mimeType = mimeTypes[ext] || "image/jpeg";
return `data:${mimeType};base64,${imageBuffer.toString("base64")}`;
} catch {
return null;
}
}
// Save base64 image to file and return filename
function base64ToImage(base64: string, medicationId: number): string | null {
if (!base64 || !base64.startsWith("data:")) return null;
try {
// Parse data URL: "data:image/jpeg;base64,/9j/4AAQ..."
const matches = base64.match(/^data:image\/(\w+);base64,(.+)$/);
if (!matches) return null;
const ext = matches[1] === "jpeg" ? "jpg" : matches[1];
const data = matches[2];
const buffer = Buffer.from(data, "base64");
const filename = `med-${medicationId}-${Date.now()}.${ext}`;
const filepath = resolve(IMAGES_DIR, filename);
// Ensure images directory exists
if (!existsSync(IMAGES_DIR)) {
mkdirSync(IMAGES_DIR, { recursive: true });
}
writeFileSync(filepath, buffer);
return filename;
} catch {
return null;
}
if (!base64 || !base64.startsWith("data:")) return null;
try {
// Parse data URL: "data:image/jpeg;base64,/9j/4AAQ..."
const matches = base64.match(/^data:image\/(\w+);base64,(.+)$/);
if (!matches) return null;
const ext = matches[1] === "jpeg" ? "jpg" : matches[1];
const data = matches[2];
const buffer = Buffer.from(data, "base64");
const filename = `med-${medicationId}-${Date.now()}.${ext}`;
const filepath = resolve(IMAGES_DIR, filename);
// Ensure images directory exists
if (!existsSync(IMAGES_DIR)) {
mkdirSync(IMAGES_DIR, { recursive: true });
}
writeFileSync(filepath, buffer);
return filename;
} catch {
return null;
}
}
// Parse dose ID to extract medication ID and timestamp
// Format: "{medicationId}-{blisterIndex}-{timestampMs}"
function parseDoseId(doseId: string): { medicationId: number; blisterIndex: number; timestampMs: number } | null {
const parts = doseId.split("-");
if (parts.length < 3) return null;
const medicationId = parseInt(parts[0], 10);
const blisterIndex = parseInt(parts[1], 10);
const timestampMs = parseInt(parts[2], 10);
if (isNaN(medicationId) || isNaN(blisterIndex) || isNaN(timestampMs)) return null;
return { medicationId, blisterIndex, timestampMs };
// Format: "{medicationId}-{blisterIndex}-{timestampMs}" or "{medicationId}-{blisterIndex}-{timestampMs}-{person}"
function parseDoseId(
doseId: string
): { medicationId: number; blisterIndex: number; timestampMs: number; person: string | null } | null {
const parts = doseId.split("-");
if (parts.length < 3) return null;
const medicationId = parseInt(parts[0], 10);
const blisterIndex = parseInt(parts[1], 10);
const timestampMs = parseInt(parts[2], 10);
if (Number.isNaN(medicationId) || Number.isNaN(blisterIndex) || Number.isNaN(timestampMs)) return null;
// Check if there's a person suffix (4th part onwards, could be multi-part name)
const person = parts.length > 3 ? parts.slice(3).join("-") : null;
return { medicationId, blisterIndex, timestampMs, person };
}
// Build dose ID from parts
function buildDoseId(medicationId: number, blisterIndex: number, timestampMs: number): string {
return `${medicationId}-${blisterIndex}-${timestampMs}`;
// Build dose ID from parts (with optional person suffix)
function buildDoseId(medicationId: number, blisterIndex: number, timestampMs: number, person?: string | null): string {
const base = `${medicationId}-${blisterIndex}-${timestampMs}`;
return person ? `${base}-${person}` : base;
}
// =============================================================================
// Export Routes
// =============================================================================
export async function exportRoutes(app: FastifyInstance) {
// All export routes require auth
app.addHook("preHandler", requireAuth);
// All export routes require auth
app.addHook("preHandler", requireAuth);
// ---------------------------------------------------------------------------
// GET /export - Export all user data
// ---------------------------------------------------------------------------
app.get<{ Querystring: { includeSensitive?: string } }>(
"/export",
async (request, reply) => {
const userId = await getUserId(request, reply);
const includeSensitive = request.query.includeSensitive === "true";
// ---------------------------------------------------------------------------
// GET /export - Export all user data
// ---------------------------------------------------------------------------
app.get<{ Querystring: { includeSensitive?: string; includeImages?: string } }>("/export", async (request, reply) => {
const userId = await getUserId(request, reply);
const includeSensitive = request.query.includeSensitive === "true";
const includeImages = request.query.includeImages !== "false"; // Default to true
// 1. Load all medications
const meds = await db.select().from(medications).where(eq(medications.userId, userId)).orderBy(medications.id);
// Build medication ID to export ID mapping
const medIdToExportId = new Map<number, string>();
const exportMedications = meds.map((med, index) => {
const exportId = `med-${index + 1}`;
medIdToExportId.set(med.id, exportId);
return {
_exportId: exportId,
name: med.name,
genericName: med.genericName,
takenBy: parseTakenByJson(med.takenByJson),
inventory: {
packCount: med.packCount ?? 1,
blistersPerPack: med.blistersPerPack ?? 1,
pillsPerBlister: med.pillsPerBlister ?? 1,
looseTablets: med.looseTablets ?? 0,
},
pillWeightMg: med.pillWeightMg,
schedules: parseBlistersForExport(med),
expiryDate: med.expiryDate,
notes: med.notes,
intakeRemindersEnabled: med.intakeRemindersEnabled ?? false,
image: imageToBase64(med.imageUrl),
};
});
// 1. Load all medications
const meds = await db.select().from(medications).where(eq(medications.userId, userId)).orderBy(medications.id);
// 2. Load all dose tracking entries
const doses = await db.select().from(doseTracking).where(eq(doseTracking.userId, userId));
const exportDoseHistory = doses.map((dose) => {
const parsed = parseDoseId(dose.doseId);
if (!parsed) return null;
const exportId = medIdToExportId.get(parsed.medicationId);
if (!exportId) return null; // Orphaned dose, skip
return {
medicationRef: exportId,
scheduleIndex: parsed.blisterIndex,
scheduledTime: new Date(parsed.timestampMs).toISOString(),
takenAt: dose.takenAt?.toISOString() ?? new Date().toISOString(),
markedBy: dose.markedBy,
};
}).filter((d): d is NonNullable<typeof d> => d !== null);
// Build medication ID to export ID mapping
const medIdToExportId = new Map<number, string>();
const exportMedications = meds.map((med, index) => {
const exportId = `med-${index + 1}`;
medIdToExportId.set(med.id, exportId);
// 3. Load user settings
const [settings] = await db.select().from(userSettings).where(eq(userSettings.userId, userId));
const exportSettings = settings ? {
emailEnabled: settings.emailEnabled,
notificationEmail: settings.notificationEmail,
emailStockReminders: settings.emailStockReminders,
emailIntakeReminders: settings.emailIntakeReminders,
// Only include sensitive data if requested
shoutrrrEnabled: includeSensitive ? settings.shoutrrrEnabled : undefined,
shoutrrrUrl: includeSensitive ? settings.shoutrrrUrl : undefined,
shoutrrrStockReminders: settings.shoutrrrStockReminders,
shoutrrrIntakeReminders: settings.shoutrrrIntakeReminders,
reminderDaysBefore: settings.reminderDaysBefore,
repeatDailyReminders: settings.repeatDailyReminders,
skipRemindersForTakenDoses: settings.skipRemindersForTakenDoses,
repeatRemindersEnabled: settings.repeatRemindersEnabled,
reminderRepeatIntervalMinutes: settings.reminderRepeatIntervalMinutes,
maxNaggingReminders: settings.maxNaggingReminders,
lowStockDays: settings.lowStockDays,
normalStockDays: settings.normalStockDays,
highStockDays: settings.highStockDays,
language: settings.language,
stockCalculationMode: settings.stockCalculationMode,
} : undefined;
// Safely convert lastStockCorrectionAt to ISO string
let lastStockCorrectionAtIso: string | null = null;
if (med.lastStockCorrectionAt) {
try {
if (med.lastStockCorrectionAt instanceof Date && !Number.isNaN(med.lastStockCorrectionAt.getTime())) {
lastStockCorrectionAtIso = med.lastStockCorrectionAt.toISOString();
} else if (typeof med.lastStockCorrectionAt === "number" || typeof med.lastStockCorrectionAt === "string") {
const d = new Date(med.lastStockCorrectionAt);
lastStockCorrectionAtIso = !Number.isNaN(d.getTime()) ? d.toISOString() : null;
}
} catch {
lastStockCorrectionAtIso = null;
}
}
// 4. Load share links
const shares = await db.select().from(shareTokens).where(eq(shareTokens.userId, userId));
const exportShareLinks = shares.map((share) => ({
takenBy: share.takenBy,
scheduleDays: share.scheduleDays,
expiresAt: share.expiresAt?.toISOString() ?? null,
regenerateToken: true, // Always regenerate tokens on import for security
}));
return {
_exportId: exportId,
name: med.name,
genericName: med.genericName,
takenBy: parseTakenByJson(med.takenByJson),
inventory: {
packCount: med.packCount ?? 1,
blistersPerPack: med.blistersPerPack ?? 1,
pillsPerBlister: med.pillsPerBlister ?? 1,
looseTablets: med.looseTablets ?? 0,
stockAdjustment: med.stockAdjustment ?? 0,
},
pillWeightMg: med.pillWeightMg,
schedules: parseBlistersForExport(med),
expiryDate: med.expiryDate,
notes: med.notes,
intakeRemindersEnabled: med.intakeRemindersEnabled ?? false,
image: includeImages ? imageToBase64(med.imageUrl) : null,
lastStockCorrectionAt: lastStockCorrectionAtIso,
};
});
// Build export object
const exportData = {
version: EXPORT_VERSION,
exportedAt: new Date().toISOString(),
includeSensitiveData: includeSensitive,
medications: exportMedications,
doseHistory: exportDoseHistory,
settings: exportSettings,
shareLinks: exportShareLinks,
};
// 2. Load all dose tracking entries
const doses = await db.select().from(doseTracking).where(eq(doseTracking.userId, userId));
// Set download headers
const filename = `medassist-export-${new Date().toISOString().split("T")[0]}.json`;
reply.header("Content-Type", "application/json");
reply.header("Content-Disposition", `attachment; filename="${filename}"`);
return exportData;
}
);
const exportDoseHistory = doses
.map((dose) => {
const parsed = parseDoseId(dose.doseId);
if (!parsed) return null;
// ---------------------------------------------------------------------------
// POST /import - Import user data (replaces all existing data!)
// ---------------------------------------------------------------------------
app.post(
"/import",
async (request, reply) => {
const userId = await getUserId(request, reply);
const exportId = medIdToExportId.get(parsed.medicationId);
if (!exportId) return null; // Orphaned dose, skip
// 1. Parse and validate import data
const parsed = importDataSchema.safeParse(request.body);
if (!parsed.success) {
return reply.status(400).send({
error: "Invalid import data format",
details: parsed.error.format(),
});
}
// Safely convert takenAt to ISO string
let takenAtIso: string;
try {
if (dose.takenAt instanceof Date && !Number.isNaN(dose.takenAt.getTime())) {
takenAtIso = dose.takenAt.toISOString();
} else if (typeof dose.takenAt === "number" || typeof dose.takenAt === "string") {
const d = new Date(dose.takenAt);
takenAtIso = !Number.isNaN(d.getTime()) ? d.toISOString() : new Date().toISOString();
} else {
takenAtIso = new Date().toISOString();
}
} catch {
takenAtIso = new Date().toISOString();
}
const importData = parsed.data;
// Safely convert scheduled time
let scheduledTimeIso: string;
try {
const d = new Date(parsed.timestampMs);
scheduledTimeIso = !Number.isNaN(d.getTime()) ? d.toISOString() : new Date().toISOString();
} catch {
scheduledTimeIso = new Date().toISOString();
}
// 2. Delete all existing user data (in correct order to respect foreign keys)
// Note: CASCADE delete should handle this, but let's be explicit
// First, delete images for existing medications
const existingMeds = await db.select().from(medications).where(eq(medications.userId, userId));
for (const med of existingMeds) {
if (med.imageUrl) {
const imagePath = resolve(IMAGES_DIR, med.imageUrl);
if (existsSync(imagePath)) {
try { unlinkSync(imagePath); } catch { /* ignore */ }
}
}
}
return {
medicationRef: exportId,
scheduleIndex: parsed.blisterIndex,
scheduledTime: scheduledTimeIso,
takenAt: takenAtIso,
markedBy: dose.markedBy,
dismissed: dose.dismissed ?? false,
takenByPerson: parsed.person,
};
})
.filter((d): d is NonNullable<typeof d> => d !== null);
// Delete in order: doses, share tokens, medications, settings
await db.delete(doseTracking).where(eq(doseTracking.userId, userId));
await db.delete(shareTokens).where(eq(shareTokens.userId, userId));
await db.delete(medications).where(eq(medications.userId, userId));
await db.delete(userSettings).where(eq(userSettings.userId, userId));
// 3. Load user settings
const [settings] = await db.select().from(userSettings).where(eq(userSettings.userId, userId));
// 3. Import medications and build ID mapping
const exportIdToNewId = new Map<string, number>();
for (const med of importData.medications) {
// Convert schedules back to JSON arrays
const usageJson = JSON.stringify(med.schedules.map((s) => s.usage));
const everyJson = JSON.stringify(med.schedules.map((s) => s.every));
const startJson = JSON.stringify(med.schedules.map((s) => s.start));
const takenByJson = JSON.stringify(med.takenBy);
// Check if any schedule has remind enabled
const intakeRemindersEnabled = med.schedules.some((s) => s.remind) || med.intakeRemindersEnabled;
const exportSettings = settings
? {
emailEnabled: settings.emailEnabled,
notificationEmail: settings.notificationEmail,
emailStockReminders: settings.emailStockReminders,
emailIntakeReminders: settings.emailIntakeReminders,
// Only include sensitive data if requested
shoutrrrEnabled: includeSensitive ? settings.shoutrrrEnabled : undefined,
shoutrrrUrl: includeSensitive ? settings.shoutrrrUrl : undefined,
shoutrrrStockReminders: settings.shoutrrrStockReminders,
shoutrrrIntakeReminders: settings.shoutrrrIntakeReminders,
reminderDaysBefore: settings.reminderDaysBefore,
repeatDailyReminders: settings.repeatDailyReminders,
skipRemindersForTakenDoses: settings.skipRemindersForTakenDoses,
repeatRemindersEnabled: settings.repeatRemindersEnabled,
reminderRepeatIntervalMinutes: settings.reminderRepeatIntervalMinutes,
maxNaggingReminders: settings.maxNaggingReminders,
lowStockDays: settings.lowStockDays,
normalStockDays: settings.normalStockDays,
highStockDays: settings.highStockDays,
language: settings.language,
stockCalculationMode: settings.stockCalculationMode,
}
: undefined;
const [inserted] = await db.insert(medications).values({
userId,
name: med.name,
genericName: med.genericName || null,
takenByJson,
packCount: med.inventory.packCount,
blistersPerPack: med.inventory.blistersPerPack,
pillsPerBlister: med.inventory.pillsPerBlister,
looseTablets: med.inventory.looseTablets,
pillWeightMg: med.pillWeightMg || null,
usageJson,
everyJson,
startJson,
expiryDate: med.expiryDate || null,
notes: med.notes || null,
intakeRemindersEnabled,
imageUrl: null, // Will be set after image is saved
}).returning();
// 4. Load share links
const shares = await db.select().from(shareTokens).where(eq(shareTokens.userId, userId));
// Save mapping
exportIdToNewId.set(med._exportId, inserted.id);
const exportShareLinks = shares.map((share) => {
// Safely convert expiresAt to ISO string
let expiresAtIso: string | null = null;
if (share.expiresAt) {
try {
if (share.expiresAt instanceof Date && !Number.isNaN(share.expiresAt.getTime())) {
expiresAtIso = share.expiresAt.toISOString();
} else if (typeof share.expiresAt === "number" || typeof share.expiresAt === "string") {
const d = new Date(share.expiresAt);
expiresAtIso = !Number.isNaN(d.getTime()) ? d.toISOString() : null;
}
} catch {
expiresAtIso = null;
}
}
// Save image if present
if (med.image) {
const imageUrl = base64ToImage(med.image, inserted.id);
if (imageUrl) {
await db.update(medications)
.set({ imageUrl })
.where(eq(medications.id, inserted.id));
}
}
}
return {
takenBy: share.takenBy,
scheduleDays: share.scheduleDays,
expiresAt: expiresAtIso,
regenerateToken: true, // Always regenerate tokens on import for security
};
});
// 4. Import dose history with remapped medication IDs
for (const dose of importData.doseHistory) {
const newMedId = exportIdToNewId.get(dose.medicationRef);
if (!newMedId) continue; // Skip orphaned doses
// Convert ISO timestamp back to milliseconds for dose ID
const timestampMs = new Date(dose.scheduledTime).getTime();
const doseId = buildDoseId(newMedId, dose.scheduleIndex, timestampMs);
await db.insert(doseTracking).values({
userId,
doseId,
takenAt: new Date(dose.takenAt),
markedBy: dose.markedBy || null,
});
}
// Build export object
const exportData = {
version: EXPORT_VERSION,
exportedAt: new Date().toISOString(),
includeSensitiveData: includeSensitive,
medications: exportMedications,
doseHistory: exportDoseHistory,
settings: exportSettings,
shareLinks: exportShareLinks,
};
// 5. Import settings
if (importData.settings) {
await db.insert(userSettings).values({
userId,
emailEnabled: importData.settings.emailEnabled ?? false,
notificationEmail: importData.settings.notificationEmail || null,
emailStockReminders: importData.settings.emailStockReminders ?? true,
emailIntakeReminders: importData.settings.emailIntakeReminders ?? true,
shoutrrrEnabled: importData.settings.shoutrrrEnabled ?? false,
shoutrrrUrl: importData.settings.shoutrrrUrl || null,
shoutrrrStockReminders: importData.settings.shoutrrrStockReminders ?? true,
shoutrrrIntakeReminders: importData.settings.shoutrrrIntakeReminders ?? true,
reminderDaysBefore: importData.settings.reminderDaysBefore ?? 7,
repeatDailyReminders: importData.settings.repeatDailyReminders ?? false,
skipRemindersForTakenDoses: importData.settings.skipRemindersForTakenDoses ?? false,
repeatRemindersEnabled: importData.settings.repeatRemindersEnabled ?? false,
reminderRepeatIntervalMinutes: importData.settings.reminderRepeatIntervalMinutes ?? 30,
maxNaggingReminders: importData.settings.maxNaggingReminders ?? 5,
lowStockDays: importData.settings.lowStockDays ?? 30,
normalStockDays: importData.settings.normalStockDays ?? 90,
highStockDays: importData.settings.highStockDays ?? 180,
language: importData.settings.language ?? "en",
stockCalculationMode: importData.settings.stockCalculationMode ?? "automatic",
});
}
// Set download headers
const filename = `medassist-export-${new Date().toISOString().split("T")[0]}.json`;
reply.header("Content-Type", "application/json");
reply.header("Content-Disposition", `attachment; filename="${filename}"`);
// 6. Import share links (with new tokens)
for (const share of importData.shareLinks) {
// Always generate new token for security
const token = randomBytes(8).toString("hex");
await db.insert(shareTokens).values({
userId,
token,
takenBy: share.takenBy,
scheduleDays: share.scheduleDays,
expiresAt: share.expiresAt ? new Date(share.expiresAt) : null,
});
}
return exportData;
});
return {
success: true,
imported: {
medications: importData.medications.length,
doseHistory: importData.doseHistory.length,
settings: importData.settings ? 1 : 0,
shareLinks: importData.shareLinks.length,
},
};
}
);
// ---------------------------------------------------------------------------
// POST /import - Import user data (replaces all existing data!)
// ---------------------------------------------------------------------------
app.post(
"/import",
{
config: {
// Increase body limit to 50MB to handle exports with base64 images
rawBody: true,
},
bodyLimit: 50 * 1024 * 1024, // 50 MB
},
async (request, reply) => {
const userId = await getUserId(request, reply);
// 1. Parse and validate import data
const parsed = importDataSchema.safeParse(request.body);
if (!parsed.success) {
return reply.status(400).send({
error: "Invalid import data format",
details: parsed.error.format(),
});
}
const importData = parsed.data;
// 2. Delete all existing user data (in correct order to respect foreign keys)
// Note: CASCADE delete should handle this, but let's be explicit
// First, delete images for existing medications
const existingMeds = await db.select().from(medications).where(eq(medications.userId, userId));
for (const med of existingMeds) {
if (med.imageUrl) {
const imagePath = resolve(IMAGES_DIR, med.imageUrl);
if (existsSync(imagePath)) {
try {
unlinkSync(imagePath);
} catch {
/* ignore */
}
}
}
}
// Delete in order: doses, share tokens, medications, settings
await db.delete(doseTracking).where(eq(doseTracking.userId, userId));
await db.delete(shareTokens).where(eq(shareTokens.userId, userId));
await db.delete(medications).where(eq(medications.userId, userId));
await db.delete(userSettings).where(eq(userSettings.userId, userId));
// 3. Import medications and build ID mapping
const exportIdToNewId = new Map<string, number>();
for (const med of importData.medications) {
// Convert schedules back to JSON arrays
const usageJson = JSON.stringify(med.schedules.map((s) => s.usage));
const everyJson = JSON.stringify(med.schedules.map((s) => s.every));
const startJson = JSON.stringify(med.schedules.map((s) => s.start));
const takenByJson = JSON.stringify(med.takenBy);
// Check if any schedule has remind enabled
const intakeRemindersEnabled = med.schedules.some((s) => s.remind) || med.intakeRemindersEnabled;
const [inserted] = await db
.insert(medications)
.values({
userId,
name: med.name,
genericName: med.genericName || null,
takenByJson,
packCount: med.inventory.packCount,
blistersPerPack: med.inventory.blistersPerPack,
pillsPerBlister: med.inventory.pillsPerBlister,
looseTablets: med.inventory.looseTablets,
stockAdjustment: med.inventory.stockAdjustment ?? 0,
lastStockCorrectionAt: med.lastStockCorrectionAt ? new Date(med.lastStockCorrectionAt) : null,
pillWeightMg: med.pillWeightMg || null,
usageJson,
everyJson,
startJson,
expiryDate: med.expiryDate || null,
notes: med.notes || null,
intakeRemindersEnabled,
imageUrl: null, // Will be set after image is saved
})
.returning();
// Save mapping
exportIdToNewId.set(med._exportId, inserted.id);
// Save image if present
if (med.image) {
const imageUrl = base64ToImage(med.image, inserted.id);
if (imageUrl) {
await db.update(medications).set({ imageUrl }).where(eq(medications.id, inserted.id));
}
}
}
// 4. Import dose history with remapped medication IDs
for (const dose of importData.doseHistory) {
const newMedId = exportIdToNewId.get(dose.medicationRef);
if (!newMedId) continue; // Skip orphaned doses
// Convert ISO timestamp back to milliseconds for dose ID
const timestampMs = new Date(dose.scheduledTime).getTime();
// Rebuild dose ID with optional person suffix
const doseId = buildDoseId(newMedId, dose.scheduleIndex, timestampMs, dose.takenByPerson);
await db.insert(doseTracking).values({
userId,
doseId,
takenAt: new Date(dose.takenAt),
markedBy: dose.markedBy || null,
dismissed: dose.dismissed ?? false,
});
}
// 5. Import settings
if (importData.settings) {
await db.insert(userSettings).values({
userId,
emailEnabled: importData.settings.emailEnabled ?? false,
notificationEmail: importData.settings.notificationEmail || null,
emailStockReminders: importData.settings.emailStockReminders ?? true,
emailIntakeReminders: importData.settings.emailIntakeReminders ?? true,
shoutrrrEnabled: importData.settings.shoutrrrEnabled ?? false,
shoutrrrUrl: importData.settings.shoutrrrUrl || null,
shoutrrrStockReminders: importData.settings.shoutrrrStockReminders ?? true,
shoutrrrIntakeReminders: importData.settings.shoutrrrIntakeReminders ?? true,
reminderDaysBefore: importData.settings.reminderDaysBefore ?? 7,
repeatDailyReminders: importData.settings.repeatDailyReminders ?? false,
skipRemindersForTakenDoses: importData.settings.skipRemindersForTakenDoses ?? false,
repeatRemindersEnabled: importData.settings.repeatRemindersEnabled ?? false,
reminderRepeatIntervalMinutes: importData.settings.reminderRepeatIntervalMinutes ?? 30,
maxNaggingReminders: importData.settings.maxNaggingReminders ?? 5,
lowStockDays: importData.settings.lowStockDays ?? 30,
normalStockDays: importData.settings.normalStockDays ?? 90,
highStockDays: importData.settings.highStockDays ?? 180,
language: importData.settings.language ?? "en",
stockCalculationMode: importData.settings.stockCalculationMode ?? "automatic",
});
}
// 6. Import share links (with new tokens)
for (const share of importData.shareLinks) {
// Always generate new token for security
const token = randomBytes(8).toString("hex");
await db.insert(shareTokens).values({
userId,
token,
takenBy: share.takenBy,
scheduleDays: share.scheduleDays,
expiresAt: share.expiresAt ? new Date(share.expiresAt) : null,
});
}
return {
success: true,
imported: {
medications: importData.medications.length,
doseHistory: importData.doseHistory.length,
settings: importData.settings ? 1 : 0,
shareLinks: importData.shareLinks.length,
},
};
}
);
}
backend/src/routes/health.ts
+17 -6
View File
@@ -1,9 +1,20 @@
import { FastifyInstance } from "fastify";
import { readFileSync } from "node:fs";
import { dirname, resolve } from "node:path";
import { fileURLToPath } from "node:url";
import type { FastifyInstance } from "fastify";
// Read version from package.json at startup
const __dirname = dirname(fileURLToPath(import.meta.url));
const packageJsonPath = resolve(__dirname, "../../package.json");
const packageJson = JSON.parse(readFileSync(packageJsonPath, "utf-8"));
const backendVersion = packageJson.version || "unknown";
export async function healthRoutes(app: FastifyInstance) {
app.get("/health", async () => ({
status: "ok",
smtpConfigured: Boolean(process.env.SMTP_HOST),
shoutrrrConfigured: Boolean(process.env.SHOUTRRR_URL),
}));
// Exempt from rate limit - lightweight health check
app.get("/health", { config: { rateLimit: false } }, async () => ({
status: "ok",
version: backendVersion,
smtpConfigured: Boolean(process.env.SMTP_HOST),
shoutrrrConfigured: Boolean(process.env.SHOUTRRR_URL),
}));
}
backend/src/routes/medications.ts
+492 -340
View File
@@ -1,399 +1,551 @@
import { FastifyInstance } from "fastify";
import { createWriteStream, existsSync, unlinkSync } from "node:fs";
import { extname, resolve } from "node:path";
import { pipeline } from "node:stream/promises";
import { and, eq, like } from "drizzle-orm";
import type { FastifyInstance, FastifyReply, FastifyRequest } from "fastify";
import { z } from "zod";
import { db } from "../db/client.js";
import { medications, doseTracking } from "../db/schema.js";
import { eq, and, like, sql } from "drizzle-orm";
import { createWriteStream, existsSync, unlinkSync } from "fs";
import { resolve, extname } from "path";
import { pipeline } from "stream/promises";
import { requireAuth, getAnonymousUserId } from "../plugins/auth.js";
import { doseTracking, medications } from "../db/schema.js";
import { getAnonymousUserId, requireAuth } from "../plugins/auth.js";
import { env } from "../plugins/env.js";
import type { AuthUser } from "../types/fastify.js";
import { parseLocalDateTime } from "../utils/scheduler-utils.js";
const IMAGES_DIR = resolve(process.cwd(), "data/images");
const blisterSchema = z.object({
usage: z.number().nonnegative(),
every: z.number().int().min(1),
start: z.string().datetime(),
usage: z.number().nonnegative(),
every: z.number().int().min(1),
start: z.string().datetime({ local: true }),
});
const medicationSchema = z.object({
name: z.string().trim().min(1).max(100),
genericName: z.string().trim().max(100).nullable().optional(),
takenBy: z.array(z.string().trim().max(100)).default([]), // Array of person names
packCount: z.number().int().min(0).default(1),
blistersPerPack: z.number().int().min(1).default(1),
pillsPerBlister: z.number().int().min(1).default(1),
looseTablets: z.number().int().min(0).default(0),
pillWeightMg: z.number().int().min(1).nullable().optional(),
expiryDate: z.string().nullable().optional(),
notes: z.string().max(2000).nullable().optional(),
intakeRemindersEnabled: z.boolean().default(false),
blisters: z.array(blisterSchema).min(1).max(12),
name: z.string().trim().min(1).max(100),
genericName: z.string().trim().max(100).nullable().optional(),
takenBy: z.array(z.string().trim().max(100)).default([]), // Array of person names
packCount: z.number().int().min(0).default(1),
blistersPerPack: z.number().int().min(1).default(1),
pillsPerBlister: z.number().int().min(1).default(1),
looseTablets: z.number().int().min(0).default(0),
pillWeightMg: z.number().int().min(1).nullable().optional(),
expiryDate: z.string().nullable().optional(),
notes: z.string().max(2000).nullable().optional(),
intakeRemindersEnabled: z.boolean().default(false),
blisters: z.array(blisterSchema).min(1).max(12),
});
function zipBlisters(usage: number[], every: number[], start: string[]) {
const len = Math.min(usage.length, every.length, start.length);
const blisters: Array<{ usage: number; every: number; start: string }> = [];
for (let i = 0; i < len; i++) {
blisters.push({ usage: usage[i], every: every[i], start: start[i] });
}
return blisters;
const len = Math.min(usage.length, every.length, start.length);
const blisters: Array<{ usage: number; every: number; start: string }> = [];
for (let i = 0; i < len; i++) {
blisters.push({ usage: usage[i], every: every[i], start: start[i] });
}
return blisters;
}
function parseBlisters(row: typeof medications.$inferSelect) {
try {
const usage = JSON.parse(row.usageJson) as number[];
const every = JSON.parse(row.everyJson) as number[];
const start = JSON.parse(row.startJson) as string[];
return zipBlisters(usage, every, start);
} catch (err) {
return [];
}
try {
const usage = JSON.parse(row.usageJson) as number[];
const every = JSON.parse(row.everyJson) as number[];
const start = JSON.parse(row.startJson) as string[];
return zipBlisters(usage, every, start);
} catch (_err) {
return [];
}
}
function parseTakenByJson(takenByJson: string | null | undefined): string[] {
if (!takenByJson) return [];
try {
const parsed = JSON.parse(takenByJson);
return Array.isArray(parsed) ? parsed.filter((s: unknown) => typeof s === "string" && s.trim()) : [];
} catch {
return [];
}
if (!takenByJson) return [];
try {
const parsed = JSON.parse(takenByJson);
return Array.isArray(parsed) ? parsed.filter((s: unknown) => typeof s === "string" && s.trim()) : [];
} catch {
return [];
}
}
export async function medicationRoutes(app: FastifyInstance) {
// All medication routes require auth
app.addHook("preHandler", requireAuth);
// All medication routes require auth
app.addHook("preHandler", requireAuth);
// Helper to get user ID from request
// Returns anonymous user ID when auth is disabled
async function getUserId(request: any, reply: any): Promise<number> {
// If auth is disabled, use the anonymous user
if (!env.AUTH_ENABLED) {
return getAnonymousUserId();
}
const authUser = request.user as unknown as AuthUser | null;
if (!authUser) {
// This should never happen if requireAuth worked, but be safe
reply.status(401).send({ error: "User not authenticated", code: "AUTH_REQUIRED" });
throw new Error("AUTH_REQUIRED");
}
return authUser.id;
}
// Helper to get user ID from request
// Returns anonymous user ID when auth is disabled
async function getUserId(request: FastifyRequest, reply: FastifyReply): Promise<number> {
// If auth is disabled, use the anonymous user
if (!env.AUTH_ENABLED) {
return getAnonymousUserId();
}
app.get("/medications", async (request, reply) => {
const userId = await getUserId(request, reply);
const rows = await db.select().from(medications).where(eq(medications.userId, userId)).orderBy(medications.id);
return rows.map((row) => ({
id: row.id,
name: row.name,
genericName: row.genericName,
takenBy: parseTakenByJson(row.takenByJson),
packCount: row.packCount ?? 1,
blistersPerPack: row.blistersPerPack ?? 1,
pillsPerBlister: row.pillsPerBlister ?? 1,
looseTablets: row.looseTablets ?? 0,
pillWeightMg: row.pillWeightMg,
blisters: parseBlisters(row),
imageUrl: row.imageUrl,
expiryDate: row.expiryDate,
notes: row.notes,
intakeRemindersEnabled: row.intakeRemindersEnabled ?? false,
updatedAt: row.updatedAt,
}));
});
const authUser = request.user as unknown as AuthUser | null;
if (!authUser) {
// This should never happen if requireAuth worked, but be safe
reply.status(401).send({ error: "User not authenticated", code: "AUTH_REQUIRED" });
throw new Error("AUTH_REQUIRED");
}
return authUser.id;
}
app.post("/medications", async (req, reply) => {
const parsed = medicationSchema.safeParse(req.body);
if (!parsed.success) return reply.status(400).send(parsed.error.format());
app.get("/medications", async (request, reply) => {
const userId = await getUserId(request, reply);
const rows = await db.select().from(medications).where(eq(medications.userId, userId)).orderBy(medications.id);
return rows.map((row) => ({
id: row.id,
name: row.name,
genericName: row.genericName,
takenBy: parseTakenByJson(row.takenByJson),
packCount: row.packCount ?? 1,
blistersPerPack: row.blistersPerPack ?? 1,
pillsPerBlister: row.pillsPerBlister ?? 1,
looseTablets: row.looseTablets ?? 0,
stockAdjustment: row.stockAdjustment ?? 0,
lastStockCorrectionAt: row.lastStockCorrectionAt?.toISOString() ?? null,
pillWeightMg: row.pillWeightMg,
blisters: parseBlisters(row),
imageUrl: row.imageUrl,
expiryDate: row.expiryDate,
notes: row.notes,
intakeRemindersEnabled: row.intakeRemindersEnabled ?? false,
dismissedUntil: row.dismissedUntil ?? null,
updatedAt: row.updatedAt,
}));
});
const userId = await getUserId(req, reply);
const { name, genericName, takenBy, packCount, blistersPerPack, pillsPerBlister, looseTablets, pillWeightMg, expiryDate, notes, intakeRemindersEnabled, blisters } = parsed.data;
const usageJson = JSON.stringify(blisters.map((s) => s.usage));
const everyJson = JSON.stringify(blisters.map((s) => s.every));
const startJson = JSON.stringify(blisters.map((s) => s.start));
const takenByJson = JSON.stringify(takenBy || []);
app.post("/medications", async (req, reply) => {
const parsed = medicationSchema.safeParse(req.body);
if (!parsed.success) return reply.status(400).send(parsed.error.format());
const [inserted] = await db
.insert(medications)
.values({
userId,
name,
genericName: genericName || null,
takenByJson,
packCount,
blistersPerPack,
pillsPerBlister,
looseTablets,
pillWeightMg: pillWeightMg || null,
expiryDate: expiryDate || null,
notes: notes || null,
intakeRemindersEnabled: intakeRemindersEnabled ?? false,
usageJson,
everyJson,
startJson,
})
.returning();
const userId = await getUserId(req, reply);
const {
name,
genericName,
takenBy,
packCount,
blistersPerPack,
pillsPerBlister,
looseTablets,
pillWeightMg,
expiryDate,
notes,
intakeRemindersEnabled,
blisters,
} = parsed.data;
const usageJson = JSON.stringify(blisters.map((s) => s.usage));
const everyJson = JSON.stringify(blisters.map((s) => s.every));
const startJson = JSON.stringify(blisters.map((s) => s.start));
const takenByJson = JSON.stringify(takenBy || []);
return {
id: inserted.id,
name: inserted.name,
genericName: inserted.genericName,
takenBy: parseTakenByJson(inserted.takenByJson),
packCount: inserted.packCount,
blistersPerPack: inserted.blistersPerPack,
pillsPerBlister: inserted.pillsPerBlister,
looseTablets: inserted.looseTablets,
pillWeightMg: inserted.pillWeightMg,
blisters,
imageUrl: inserted.imageUrl,
expiryDate: inserted.expiryDate,
notes: inserted.notes,
intakeRemindersEnabled: inserted.intakeRemindersEnabled,
updatedAt: inserted.updatedAt,
};
});
const [inserted] = await db
.insert(medications)
.values({
userId,
name,
genericName: genericName || null,
takenByJson,
packCount,
blistersPerPack,
pillsPerBlister,
looseTablets,
pillWeightMg: pillWeightMg || null,
expiryDate: expiryDate || null,
notes: notes || null,
intakeRemindersEnabled: intakeRemindersEnabled ?? false,
usageJson,
everyJson,
startJson,
})
.returning();
app.put<{ Params: { id: string } }>("/medications/:id", async (req, reply) => {
const parsed = medicationSchema.safeParse(req.body);
if (!parsed.success) return reply.status(400).send(parsed.error.format());
const idNum = Number(req.params.id);
if (Number.isNaN(idNum)) return reply.badRequest("Invalid id");
return {
id: inserted.id,
name: inserted.name,
genericName: inserted.genericName,
takenBy: parseTakenByJson(inserted.takenByJson),
packCount: inserted.packCount,
blistersPerPack: inserted.blistersPerPack,
pillsPerBlister: inserted.pillsPerBlister,
looseTablets: inserted.looseTablets,
stockAdjustment: inserted.stockAdjustment ?? 0,
lastStockCorrectionAt: inserted.lastStockCorrectionAt?.toISOString() ?? null,
pillWeightMg: inserted.pillWeightMg,
blisters,
imageUrl: inserted.imageUrl,
expiryDate: inserted.expiryDate,
notes: inserted.notes,
intakeRemindersEnabled: inserted.intakeRemindersEnabled,
updatedAt: inserted.updatedAt,
};
});
const userId = await getUserId(req, reply);
// Verify ownership
const [existing] = await db.select().from(medications).where(and(eq(medications.id, idNum), eq(medications.userId, userId)));
if (!existing) return reply.notFound();
app.put<{ Params: { id: string } }>("/medications/:id", async (req, reply) => {
const parsed = medicationSchema.safeParse(req.body);
if (!parsed.success) return reply.status(400).send(parsed.error.format());
const idNum = Number(req.params.id);
if (Number.isNaN(idNum)) return reply.badRequest("Invalid id");
const { name, genericName, takenBy, packCount, blistersPerPack, pillsPerBlister, looseTablets, pillWeightMg, expiryDate, notes, intakeRemindersEnabled, blisters } = parsed.data;
const usageJson = JSON.stringify(blisters.map((s) => s.usage));
const everyJson = JSON.stringify(blisters.map((s) => s.every));
const startJson = JSON.stringify(blisters.map((s) => s.start));
const takenByJson = JSON.stringify(takenBy || []);
const userId = await getUserId(req, reply);
const result = await db
.update(medications)
.set({
name,
genericName: genericName || null,
takenByJson,
packCount,
blistersPerPack,
pillsPerBlister,
looseTablets,
pillWeightMg: pillWeightMg || null,
expiryDate: expiryDate || null,
notes: notes || null,
intakeRemindersEnabled: intakeRemindersEnabled ?? false,
usageJson,
everyJson,
startJson,
updatedAt: new Date(),
})
.where(and(eq(medications.id, idNum), eq(medications.userId, userId)))
.returning();
// Verify ownership
const [existing] = await db
.select()
.from(medications)
.where(and(eq(medications.id, idNum), eq(medications.userId, userId)));
if (!existing) return reply.notFound();
if (!result.length) return reply.notFound();
const {
name,
genericName,
takenBy,
packCount,
blistersPerPack,
pillsPerBlister,
looseTablets,
pillWeightMg,
expiryDate,
notes,
intakeRemindersEnabled,
blisters,
} = parsed.data;
const usageJson = JSON.stringify(blisters.map((s) => s.usage));
const everyJson = JSON.stringify(blisters.map((s) => s.every));
const startJson = JSON.stringify(blisters.map((s) => s.start));
const takenByJson = JSON.stringify(takenBy || []);
// Clean up dose tracking entries that are before the earliest start date
// This ensures consistency when the user changes the start date
const earliestStart = Math.min(...blisters.map(b => new Date(b.start).getTime()));
if (!Number.isNaN(earliestStart)) {
// Get all dose tracking entries for this medication and filter out invalid ones
const allDoses = await db.select().from(doseTracking)
.where(and(
eq(doseTracking.userId, userId),
like(doseTracking.doseId, `${idNum}-%`)
));
// Find doses with timestamps before the earliest start date
const dosesToDelete = allDoses.filter(dose => {
const parts = dose.doseId.split("-");
if (parts.length >= 3) {
const timestamp = parseInt(parts[2], 10);
return !Number.isNaN(timestamp) && timestamp < earliestStart;
}
return false;
});
// Delete invalid doses
for (const dose of dosesToDelete) {
await db.delete(doseTracking).where(eq(doseTracking.id, dose.id));
}
}
const result = await db
.update(medications)
.set({
name,
genericName: genericName || null,
takenByJson,
packCount,
blistersPerPack,
pillsPerBlister,
looseTablets,
pillWeightMg: pillWeightMg || null,
expiryDate: expiryDate || null,
notes: notes || null,
intakeRemindersEnabled: intakeRemindersEnabled ?? false,
usageJson,
everyJson,
startJson,
updatedAt: new Date(),
})
.where(and(eq(medications.id, idNum), eq(medications.userId, userId)))
.returning();
return {
id: result[0].id,
name: result[0].name,
genericName: result[0].genericName,
takenBy: parseTakenByJson(result[0].takenByJson),
packCount: result[0].packCount,
blistersPerPack: result[0].blistersPerPack,
pillsPerBlister: result[0].pillsPerBlister,
looseTablets: result[0].looseTablets,
pillWeightMg: result[0].pillWeightMg,
blisters,
imageUrl: result[0].imageUrl,
expiryDate: result[0].expiryDate,
notes: result[0].notes,
intakeRemindersEnabled: result[0].intakeRemindersEnabled,
updatedAt: result[0].updatedAt,
};
});
if (!result.length) return reply.notFound();
app.delete<{ Params: { id: string } }>("/medications/:id", async (req, reply) => {
const idNum = Number(req.params.id);
if (Number.isNaN(idNum)) return reply.badRequest("Invalid id");
// Clean up dose tracking entries that are before the earliest start date
// This ensures consistency when the user changes the start date
const earliestStart = Math.min(...blisters.map((b) => parseLocalDateTime(b.start).getTime()));
if (!Number.isNaN(earliestStart)) {
// Get all dose tracking entries for this medication and filter out invalid ones
const allDoses = await db
.select()
.from(doseTracking)
.where(and(eq(doseTracking.userId, userId), like(doseTracking.doseId, `${idNum}-%`)));
const userId = await getUserId(req, reply);
// Find doses with timestamps before the earliest start date
const dosesToDelete = allDoses.filter((dose) => {
const parts = dose.doseId.split("-");
if (parts.length >= 3) {
const timestamp = parseInt(parts[2], 10);
return !Number.isNaN(timestamp) && timestamp < earliestStart;
}
return false;
});
// Delete associated image if exists (with ownership check)
const [existing] = await db.select().from(medications).where(and(eq(medications.id, idNum), eq(medications.userId, userId)));
if (!existing) return reply.notFound();
if (existing.imageUrl) {
const imagePath = resolve(IMAGES_DIR, existing.imageUrl);
if (existsSync(imagePath)) unlinkSync(imagePath);
}
// Delete invalid doses
for (const dose of dosesToDelete) {
await db.delete(doseTracking).where(eq(doseTracking.id, dose.id));
}
}
const deleted = await db.delete(medications).where(and(eq(medications.id, idNum), eq(medications.userId, userId))).returning();
if (!deleted.length) return reply.notFound();
return reply.status(204).send();
});
return {
id: result[0].id,
name: result[0].name,
genericName: result[0].genericName,
takenBy: parseTakenByJson(result[0].takenByJson),
packCount: result[0].packCount,
blistersPerPack: result[0].blistersPerPack,
pillsPerBlister: result[0].pillsPerBlister,
looseTablets: result[0].looseTablets,
stockAdjustment: result[0].stockAdjustment ?? 0,
lastStockCorrectionAt: result[0].lastStockCorrectionAt?.toISOString() ?? null,
pillWeightMg: result[0].pillWeightMg,
blisters,
imageUrl: result[0].imageUrl,
expiryDate: result[0].expiryDate,
notes: result[0].notes,
intakeRemindersEnabled: result[0].intakeRemindersEnabled,
updatedAt: result[0].updatedAt,
};
});
// Upload medication image
app.post<{ Params: { id: string } }>("/medications/:id/image", async (req, reply) => {
const idNum = Number(req.params.id);
if (Number.isNaN(idNum)) return reply.badRequest("Invalid id");
// Stock correction endpoint - only updates stockAdjustment, preserves looseTablets
// Also sets lastStockCorrectionAt so consumed doses before this point don't count
app.patch<{ Params: { id: string }; Body: { stockAdjustment: number } }>(
"/medications/:id/stock-adjustment",
async (req, reply) => {
const idNum = Number(req.params.id);
if (Number.isNaN(idNum)) return reply.badRequest("Invalid id");
const userId = await getUserId(req, reply);
const [existing] = await db.select().from(medications).where(and(eq(medications.id, idNum), eq(medications.userId, userId)));
if (!existing) return reply.notFound();
const userId = await getUserId(req, reply);
const data = await req.file();
if (!data) return reply.badRequest("No file uploaded");
// Verify ownership
const [existing] = await db
.select()
.from(medications)
.where(and(eq(medications.id, idNum), eq(medications.userId, userId)));
if (!existing) return reply.notFound();
const allowedTypes = ["image/jpeg", "image/png", "image/webp", "image/gif"];
if (!allowedTypes.includes(data.mimetype)) {
return reply.badRequest("Invalid file type. Allowed: JPEG, PNG, WebP, GIF");
}
const { stockAdjustment } = req.body as { stockAdjustment: number };
if (typeof stockAdjustment !== "number") return reply.badRequest("stockAdjustment must be a number");
const ext = extname(data.filename) || ".jpg";
const filename = `med-${idNum}-${Date.now()}${ext}`;
const filepath = resolve(IMAGES_DIR, filename);
const result = await db
.update(medications)
.set({
stockAdjustment,
lastStockCorrectionAt: new Date(), // Mark when correction was made
updatedAt: new Date(),
})
.where(and(eq(medications.id, idNum), eq(medications.userId, userId)))
.returning();
await pipeline(data.file, createWriteStream(filepath));
if (!result.length) return reply.notFound();
// Delete old image if exists
if (existing.imageUrl) {
const oldPath = resolve(IMAGES_DIR, existing.imageUrl);
if (existsSync(oldPath)) unlinkSync(oldPath);
}
return {
id: result[0].id,
stockAdjustment: result[0].stockAdjustment ?? 0,
lastStockCorrectionAt: result[0].lastStockCorrectionAt?.toISOString() ?? null,
updatedAt: result[0].updatedAt,
};
}
);
await db.update(medications).set({ imageUrl: filename, updatedAt: new Date() }).where(and(eq(medications.id, idNum), eq(medications.userId, userId)));
app.delete<{ Params: { id: string } }>("/medications/:id", async (req, reply) => {
const idNum = Number(req.params.id);
if (Number.isNaN(idNum)) return reply.badRequest("Invalid id");
return { success: true, imageUrl: filename };
});
const userId = await getUserId(req, reply);
// Delete medication image
app.delete<{ Params: { id: string } }>("/medications/:id/image", async (req, reply) => {
const idNum = Number(req.params.id);
if (Number.isNaN(idNum)) return reply.badRequest("Invalid id");
// Delete associated image if exists (with ownership check)
const [existing] = await db
.select()
.from(medications)
.where(and(eq(medications.id, idNum), eq(medications.userId, userId)));
if (!existing) return reply.notFound();
const userId = await getUserId(req, reply);
const [existing] = await db.select().from(medications).where(and(eq(medications.id, idNum), eq(medications.userId, userId)));
if (!existing) return reply.notFound();
if (existing.imageUrl) {
const imagePath = resolve(IMAGES_DIR, existing.imageUrl);
if (existsSync(imagePath)) unlinkSync(imagePath);
}
if (existing.imageUrl) {
const filepath = resolve(IMAGES_DIR, existing.imageUrl);
if (existsSync(filepath)) unlinkSync(filepath);
}
const deleted = await db
.delete(medications)
.where(and(eq(medications.id, idNum), eq(medications.userId, userId)))
.returning();
if (!deleted.length) return reply.notFound();
return reply.status(204).send();
});
await db.update(medications).set({ imageUrl: null, updatedAt: new Date() }).where(and(eq(medications.id, idNum), eq(medications.userId, userId)));
return reply.status(204).send();
});
// Upload medication image
app.post<{ Params: { id: string } }>("/medications/:id/image", async (req, reply) => {
const idNum = Number(req.params.id);
if (Number.isNaN(idNum)) return reply.badRequest("Invalid id");
app.post("/medications/usage", async (req, reply) => {
const schema = z.object({ startDate: z.string().datetime(), endDate: z.string().datetime() });
const parsed = schema.safeParse(req.body);
if (!parsed.success) return reply.status(400).send(parsed.error.format());
const { startDate, endDate } = parsed.data;
const start = new Date(startDate);
const end = new Date(endDate);
if (Number.isNaN(start.getTime()) || Number.isNaN(end.getTime()) || end <= start) {
return reply.badRequest("Invalid date range");
}
const userId = await getUserId(req, reply);
const [existing] = await db
.select()
.from(medications)
.where(and(eq(medications.id, idNum), eq(medications.userId, userId)));
if (!existing) return reply.notFound();
const userId = await getUserId(req, reply);
const rows = await db.select().from(medications).where(eq(medications.userId, userId)).orderBy(medications.id);
const now = new Date();
const payload = rows.map((row) => {
const blisters = parseBlisters(row);
const usageTotal = calculateUsageInRange(blisters, start, end);
const pillsPerBlister = row.pillsPerBlister ?? 1;
const packCount = row.packCount ?? 1;
const blistersPerPack = row.blistersPerPack ?? 1;
const looseTablets = row.looseTablets ?? 0;
const originalTotalPills = packCount * blistersPerPack * pillsPerBlister + looseTablets;
const data = await req.file();
if (!data) return reply.badRequest("No file uploaded");
// Calculate consumption up to now (same logic as frontend)
let consumedUntilNow = 0;
blisters.forEach((blister) => {
const blisterStart = new Date(blister.start);
if (Number.isNaN(blisterStart.getTime()) || blisterStart > now) return;
const msPerDay = 86400000;
const period = Math.max(1, blister.every) * msPerDay;
const occurrences = Math.floor((now.getTime() - blisterStart.getTime()) / period) + 1;
consumedUntilNow += occurrences * blister.usage;
});
const currentPills = Math.max(0, originalTotalPills - consumedUntilNow);
const blistersNeeded = pillsPerBlister > 0 ? Math.ceil(usageTotal / pillsPerBlister) : 0;
// Calculate current stock using realistic consumption order (loose first, then blisters)
const consumed = originalTotalPills - currentPills;
const looseConsumed = Math.min(consumed, looseTablets);
const loosePillsRemaining = looseTablets - looseConsumed;
const blisterPillsConsumed = consumed - looseConsumed;
const originalBlisterPills = originalTotalPills - looseTablets;
const blisterPillsRemaining = Math.max(0, originalBlisterPills - blisterPillsConsumed);
const fullBlisters = pillsPerBlister > 0 ? Math.floor(blisterPillsRemaining / pillsPerBlister) : 0;
const openBlisterPills = pillsPerBlister > 0 ? blisterPillsRemaining % pillsPerBlister : 0;
const loosePills = loosePillsRemaining + openBlisterPills; // Combine open blister + remaining loose
const enough = currentPills >= usageTotal;
return {
medicationId: row.id,
medicationName: row.name,
totalPills: currentPills,
plannerUsage: usageTotal,
blisterSize: pillsPerBlister,
blistersNeeded,
fullBlisters,
loosePills,
enough,
};
});
const allowedTypes = ["image/jpeg", "image/png", "image/webp", "image/gif"];
if (!allowedTypes.includes(data.mimetype)) {
return reply.badRequest("Invalid file type. Allowed: JPEG, PNG, WebP, GIF");
}
return payload;
});
const ext = extname(data.filename) || ".jpg";
const filename = `med-${idNum}-${Date.now()}${ext}`;
const filepath = resolve(IMAGES_DIR, filename);
await pipeline(data.file, createWriteStream(filepath));
// Delete old image if exists
if (existing.imageUrl) {
const oldPath = resolve(IMAGES_DIR, existing.imageUrl);
if (existsSync(oldPath)) unlinkSync(oldPath);
}
await db
.update(medications)
.set({ imageUrl: filename, updatedAt: new Date() })
.where(and(eq(medications.id, idNum), eq(medications.userId, userId)));
return { success: true, imageUrl: filename };
});
// Delete medication image
app.delete<{ Params: { id: string } }>("/medications/:id/image", async (req, reply) => {
const idNum = Number(req.params.id);
if (Number.isNaN(idNum)) return reply.badRequest("Invalid id");
const userId = await getUserId(req, reply);
const [existing] = await db
.select()
.from(medications)
.where(and(eq(medications.id, idNum), eq(medications.userId, userId)));
if (!existing) return reply.notFound();
if (existing.imageUrl) {
const filepath = resolve(IMAGES_DIR, existing.imageUrl);
if (existsSync(filepath)) unlinkSync(filepath);
}
await db
.update(medications)
.set({ imageUrl: null, updatedAt: new Date() })
.where(and(eq(medications.id, idNum), eq(medications.userId, userId)));
return reply.status(204).send();
});
app.post("/medications/usage", async (req, reply) => {
const schema = z.object({ startDate: z.string().datetime(), endDate: z.string().datetime() });
const parsed = schema.safeParse(req.body);
if (!parsed.success) return reply.status(400).send(parsed.error.format());
const { startDate, endDate } = parsed.data;
const start = new Date(startDate);
const end = new Date(endDate);
if (Number.isNaN(start.getTime()) || Number.isNaN(end.getTime()) || end <= start) {
return reply.badRequest("Invalid date range");
}
const userId = await getUserId(req, reply);
const rows = await db.select().from(medications).where(eq(medications.userId, userId)).orderBy(medications.id);
const now = new Date();
const payload = rows.map((row) => {
const blisters = parseBlisters(row);
const usageTotal = calculateUsageInRange(blisters, start, end);
const pillsPerBlister = row.pillsPerBlister ?? 1;
const packCount = row.packCount ?? 1;
const blistersPerPack = row.blistersPerPack ?? 1;
const looseTablets = row.looseTablets ?? 0;
const stockAdjustment = row.stockAdjustment ?? 0;
const originalTotalPills = packCount * blistersPerPack * pillsPerBlister + looseTablets + stockAdjustment;
// Calculate consumption up to now (same logic as frontend)
let consumedUntilNow = 0;
blisters.forEach((blister) => {
const blisterStart = parseLocalDateTime(blister.start);
if (Number.isNaN(blisterStart.getTime()) || blisterStart > now) return;
const msPerDay = 86400000;
const period = Math.max(1, blister.every) * msPerDay;
const occurrences = Math.floor((now.getTime() - blisterStart.getTime()) / period) + 1;
consumedUntilNow += occurrences * blister.usage;
});
const currentPills = Math.max(0, originalTotalPills - consumedUntilNow);
const blistersNeeded = pillsPerBlister > 0 ? Math.ceil(usageTotal / pillsPerBlister) : 0;
// Calculate current stock using realistic consumption order (loose first, then blisters)
const consumed = originalTotalPills - currentPills;
const looseConsumed = Math.min(consumed, looseTablets);
const loosePillsRemaining = looseTablets - looseConsumed;
const blisterPillsConsumed = consumed - looseConsumed;
const originalBlisterPills = originalTotalPills - looseTablets;
const blisterPillsRemaining = Math.max(0, originalBlisterPills - blisterPillsConsumed);
const fullBlisters = pillsPerBlister > 0 ? Math.floor(blisterPillsRemaining / pillsPerBlister) : 0;
const openBlisterPills = pillsPerBlister > 0 ? blisterPillsRemaining % pillsPerBlister : 0;
const loosePills = loosePillsRemaining + openBlisterPills; // Combine open blister + remaining loose
const enough = currentPills >= usageTotal;
return {
medicationId: row.id,
medicationName: row.name,
totalPills: currentPills,
plannerUsage: usageTotal,
blisterSize: pillsPerBlister,
blistersNeeded,
fullBlisters,
loosePills,
enough,
};
});
return payload;
});
// ---------------------------------------------------------------------------
// POST /medications/dismiss-until - Set dismissedUntil date for multiple medications
// This is more robust than storing individual dose IDs (which can change with schedule updates)
// ---------------------------------------------------------------------------
const dismissUntilSchema = z.object({
medicationIds: z.array(z.number().int().positive()).min(1),
until: z.string().regex(/^\d{4}-\d{2}-\d{2}$/, "Date must be in YYYY-MM-DD format"),
});
app.post<{ Body: z.infer<typeof dismissUntilSchema> }>("/medications/dismiss-until", async (req, reply) => {
const parsed = dismissUntilSchema.safeParse(req.body);
if (!parsed.success) {
return reply.status(400).send({ error: parsed.error.errors[0]?.message ?? "Invalid input" });
}
const userId = await getUserId(req, reply);
const { medicationIds, until } = parsed.data;
// Update dismissedUntil for all specified medications owned by this user
let updatedCount = 0;
for (const medId of medicationIds) {
const result = await db
.update(medications)
.set({ dismissedUntil: until })
.where(and(eq(medications.id, medId), eq(medications.userId, userId)));
if (result.rowsAffected > 0) {
updatedCount++;
}
}
return { success: true, updatedCount };
});
// ---------------------------------------------------------------------------
// DELETE /medications/:id/dismiss-until - Clear dismissedUntil for a medication
// ---------------------------------------------------------------------------
app.delete<{ Params: { id: string } }>("/medications/:id/dismiss-until", async (req, reply) => {
const medId = parseInt(req.params.id, 10);
if (Number.isNaN(medId)) {
return reply.status(400).send({ error: "Invalid medication ID" });
}
const userId = await getUserId(req, reply);
await db
.update(medications)
.set({ dismissedUntil: null })
.where(and(eq(medications.id, medId), eq(medications.userId, userId)));
return { success: true };
});
}
function calculateUsageInRange(blisters: Array<{ usage: number; every: number; start: string }>, start: Date, end: Date) {
let total = 0;
blisters.forEach((blister) => {
const blisterStart = new Date(blister.start);
if (Number.isNaN(blisterStart.getTime())) return;
// iterate occurrences from blisterStart up to end
for (let dt = new Date(blisterStart); dt < end; dt.setDate(dt.getDate() + blister.every)) {
if (dt >= start && dt < end) total += blister.usage;
}
});
return Number(total.toFixed(2));
}
function calculateUsageInRange(
blisters: Array<{ usage: number; every: number; start: string }>,
start: Date,
end: Date
) {
let total = 0;
blisters.forEach((blister) => {
const blisterStart = parseLocalDateTime(blister.start);
if (Number.isNaN(blisterStart.getTime())) return;
// iterate occurrences from blisterStart up to end
for (let dt = new Date(blisterStart); dt < end; dt.setDate(dt.getDate() + blister.every)) {
if (dt >= start && dt < end) total += blister.usage;
}
});
return Number(total.toFixed(2));
}
backend/src/routes/oidc.ts
+243 -252
View File
@@ -1,9 +1,9 @@
import { FastifyInstance, FastifyReply, FastifyRequest } from "fastify";
import { createHash, randomBytes } from "node:crypto";
import { eq } from "drizzle-orm";
import type { FastifyInstance, FastifyReply } from "fastify";
import * as client from "openid-client";
import { randomBytes, createHash } from "crypto";
import { db } from "../db/client.js";
import { users, refreshTokens } from "../db/schema.js";
import { eq, sql } from "drizzle-orm";
import { refreshTokens, users } from "../db/schema.js";
import { env } from "../plugins/env.js";
// =============================================================================
@@ -12,299 +12,290 @@ import { env } from "../plugins/env.js";
let oidcConfig: client.Configuration | null = null;
async function getOIDCConfig(): Promise<client.Configuration> {
if (oidcConfig) return oidcConfig;
if (!env.OIDC_ISSUER_URL || !env.OIDC_CLIENT_ID || !env.OIDC_CLIENT_SECRET) {
throw new Error("OIDC not configured");
}
if (oidcConfig) return oidcConfig;
oidcConfig = await client.discovery(
new URL(env.OIDC_ISSUER_URL),
env.OIDC_CLIENT_ID,
env.OIDC_CLIENT_SECRET
);
return oidcConfig;
if (!env.OIDC_ISSUER_URL || !env.OIDC_CLIENT_ID || !env.OIDC_CLIENT_SECRET) {
throw new Error("OIDC not configured");
}
oidcConfig = await client.discovery(new URL(env.OIDC_ISSUER_URL), env.OIDC_CLIENT_ID, env.OIDC_CLIENT_SECRET);
return oidcConfig;
}
// =============================================================================
// PKCE Helpers
// =============================================================================
function generateCodeVerifier(): string {
return randomBytes(32).toString("base64url");
return randomBytes(32).toString("base64url");
}
function generateCodeChallenge(verifier: string): string {
return createHash("sha256").update(verifier).digest("base64url");
return createHash("sha256").update(verifier).digest("base64url");
}
function generateState(): string {
return randomBytes(16).toString("hex");
return randomBytes(16).toString("hex");
}
// =============================================================================
// Helpers
// =============================================================================
function getFrontendUrl(): string {
return env.CORS_ORIGINS.split(",")[0] || "http://localhost:5173";
return env.CORS_ORIGINS.split(",")[0] || "http://localhost:5173";
}
// =============================================================================
// OIDC Routes
// =============================================================================
export async function oidcRoutes(app: FastifyInstance) {
if (!env.OIDC_ENABLED) {
// Register a disabled route that returns an error
app.get("/auth/oidc/login", async (request, reply) => {
return reply.status(400).send({ error: "OIDC authentication is not enabled" });
});
app.get("/auth/oidc/callback", async (request, reply) => {
return reply.status(400).send({ error: "OIDC authentication is not enabled" });
});
return;
}
if (!env.OIDC_ENABLED) {
// Register a disabled route that returns an error
app.get("/auth/oidc/login", async (_request, reply) => {
return reply.status(400).send({ error: "OIDC authentication is not enabled" });
});
app.get("/auth/oidc/callback", async (_request, reply) => {
return reply.status(400).send({ error: "OIDC authentication is not enabled" });
});
return;
}
// ---------------------------------------------------------------------------
// GET /auth/oidc/login - Initiates OIDC flow
// ---------------------------------------------------------------------------
app.get("/auth/oidc/login", async (request, reply) => {
try {
const config = await getOIDCConfig();
// Generate PKCE values
const codeVerifier = generateCodeVerifier();
const codeChallenge = generateCodeChallenge(codeVerifier);
const state = generateState();
// Store PKCE verifier and state in signed cookies (short-lived)
reply.setCookie("oidc_code_verifier", codeVerifier, {
httpOnly: true,
secure: env.NODE_ENV === "production",
sameSite: "lax",
path: "/",
maxAge: 600, // 10 minutes
signed: true,
});
reply.setCookie("oidc_state", state, {
httpOnly: true,
secure: env.NODE_ENV === "production",
sameSite: "lax",
path: "/",
maxAge: 600,
signed: true,
});
// Build authorization URL
const redirectUri = env.OIDC_REDIRECT_URI!;
const scope = env.OIDC_SCOPES;
const authUrl = client.buildAuthorizationUrl(config, {
redirect_uri: redirectUri,
scope,
state,
code_challenge: codeChallenge,
code_challenge_method: "S256",
});
return reply.redirect(authUrl.href);
} catch (err: any) {
console.error("[OIDC] Login error:", err);
return reply.redirect(`${getFrontendUrl()}/?error=oidc_init_failed`);
}
});
// ---------------------------------------------------------------------------
// GET /auth/oidc/login - Initiates OIDC flow
// ---------------------------------------------------------------------------
app.get("/auth/oidc/login", async (_request, reply) => {
try {
const config = await getOIDCConfig();
// ---------------------------------------------------------------------------
// GET /auth/oidc/callback - Handles callback from OIDC provider
// ---------------------------------------------------------------------------
app.get<{ Querystring: { code?: string; state?: string; error?: string; error_description?: string } }>(
"/auth/oidc/callback",
async (request, reply) => {
const { code, state, error, error_description } = request.query;
// Handle OIDC provider errors
if (error) {
console.error(`[OIDC] Provider error: ${error} - ${error_description}`);
return reply.redirect(`${getFrontendUrl()}/?error=oidc_${error}`);
}
if (!code || !state) {
return reply.redirect(`${getFrontendUrl()}/?error=oidc_missing_params`);
}
// Verify state
const storedState = request.unsignCookie(request.cookies.oidc_state || "");
if (!storedState.valid || storedState.value !== state) {
console.error("[OIDC] State mismatch");
return reply.redirect(`${getFrontendUrl()}/?error=oidc_state_mismatch`);
}
// Get code verifier
const storedVerifier = request.unsignCookie(request.cookies.oidc_code_verifier || "");
if (!storedVerifier.valid || !storedVerifier.value) {
console.error("[OIDC] Missing code verifier");
return reply.redirect(`${getFrontendUrl()}/?error=oidc_missing_verifier`);
}
try {
const config = await getOIDCConfig();
const redirectUri = env.OIDC_REDIRECT_URI!;
// Exchange code for tokens
const tokens = await client.authorizationCodeGrant(config, new URL(request.url, `http://${request.headers.host}`), {
pkceCodeVerifier: storedVerifier.value,
expectedState: state,
});
// Get user info
const sub = tokens.claims()?.sub;
if (!sub) {
console.error("[OIDC] Missing sub claim in token");
return reply.redirect(`${getFrontendUrl()}/?error=oidc_missing_sub`);
}
const userInfo = await client.fetchUserInfo(config, tokens.access_token, sub);
// Extract username from configured claim
const usernameClaim = env.OIDC_USERNAME_CLAIM;
let username = (userInfo as any)[usernameClaim] || userInfo.preferred_username || userInfo.email || userInfo.sub;
const oidcSubject = userInfo.sub;
if (!username || !oidcSubject) {
console.error("[OIDC] Missing required user info:", { username, oidcSubject });
return reply.redirect(`${getFrontendUrl()}/?error=oidc_missing_user_info`);
}
// Clean cookies
reply.clearCookie("oidc_code_verifier", { path: "/" });
reply.clearCookie("oidc_state", { path: "/" });
// Find or create user
let user = await findOrCreateOIDCUser(username, oidcSubject, reply);
if (!user) {
return reply.redirect(`${getFrontendUrl()}/?error=oidc_user_creation_failed`);
}
// Update last login
await db.update(users)
.set({ lastLoginAt: new Date() })
.where(eq(users.id, user.id));
// Issue JWT tokens (same as local auth)
const accessToken = await generateAccessToken(app, user.id, user.username);
const { refreshToken, tokenId, expiresAt } = await generateRefreshToken(app, user.id);
// Store refresh token
await db.insert(refreshTokens).values({
userId: user.id,
tokenId,
expiresAt,
});
// Set cookies (use app's centralized cookie options)
console.log(`[OIDC] Setting cookies for user ${user.username}, NODE_ENV=${env.NODE_ENV}, secure=${app.config.cookieOptions.secure}`);
setAuthCookies(app, reply, accessToken, refreshToken);
// Redirect to frontend dashboard
// In dev: CORS_ORIGINS contains the frontend URL
const frontendUrl = env.CORS_ORIGINS.split(",")[0] || "http://localhost:5173";
return reply.redirect(`${frontendUrl}/dashboard`);
} catch (err: any) {
console.error("[OIDC] Callback error:", err);
return reply.redirect(`${getFrontendUrl()}/?error=oidc_callback_failed`);
}
}
);
// Generate PKCE values
const codeVerifier = generateCodeVerifier();
const codeChallenge = generateCodeChallenge(codeVerifier);
const state = generateState();
// Store PKCE verifier and state in signed cookies (short-lived)
reply.setCookie("oidc_code_verifier", codeVerifier, {
httpOnly: true,
secure: env.NODE_ENV === "production",
sameSite: "lax",
path: "/",
maxAge: 600, // 10 minutes
signed: true,
});
reply.setCookie("oidc_state", state, {
httpOnly: true,
secure: env.NODE_ENV === "production",
sameSite: "lax",
path: "/",
maxAge: 600,
signed: true,
});
// Build authorization URL
const redirectUri = env.OIDC_REDIRECT_URI!;
const scope = env.OIDC_SCOPES;
const authUrl = client.buildAuthorizationUrl(config, {
redirect_uri: redirectUri,
scope,
state,
code_challenge: codeChallenge,
code_challenge_method: "S256",
});
return reply.redirect(authUrl.href);
} catch (err: any) {
console.error("[OIDC] Login error:", err);
return reply.redirect(`${getFrontendUrl()}/?error=oidc_init_failed`);
}
});
// ---------------------------------------------------------------------------
// GET /auth/oidc/callback - Handles callback from OIDC provider
// ---------------------------------------------------------------------------
app.get<{ Querystring: { code?: string; state?: string; error?: string; error_description?: string } }>(
"/auth/oidc/callback",
async (request, reply) => {
const { code, state, error, error_description } = request.query;
// Handle OIDC provider errors
if (error) {
console.error(`[OIDC] Provider error: ${error} - ${error_description}`);
return reply.redirect(`${getFrontendUrl()}/?error=oidc_${error}`);
}
if (!code || !state) {
return reply.redirect(`${getFrontendUrl()}/?error=oidc_missing_params`);
}
// Verify state
const storedState = request.unsignCookie(request.cookies.oidc_state || "");
if (!storedState.valid || storedState.value !== state) {
console.error("[OIDC] State mismatch");
return reply.redirect(`${getFrontendUrl()}/?error=oidc_state_mismatch`);
}
// Get code verifier
const storedVerifier = request.unsignCookie(request.cookies.oidc_code_verifier || "");
if (!storedVerifier.valid || !storedVerifier.value) {
console.error("[OIDC] Missing code verifier");
return reply.redirect(`${getFrontendUrl()}/?error=oidc_missing_verifier`);
}
try {
const config = await getOIDCConfig();
const _redirectUri = env.OIDC_REDIRECT_URI!;
// Exchange code for tokens
const tokens = await client.authorizationCodeGrant(
config,
new URL(request.url, `http://${request.headers.host}`),
{
pkceCodeVerifier: storedVerifier.value,
expectedState: state,
}
);
// Get user info
const sub = tokens.claims()?.sub;
if (!sub) {
console.error("[OIDC] Missing sub claim in token");
return reply.redirect(`${getFrontendUrl()}/?error=oidc_missing_sub`);
}
const userInfo = await client.fetchUserInfo(config, tokens.access_token, sub);
// Extract username from configured claim
const usernameClaim = env.OIDC_USERNAME_CLAIM;
const username =
(userInfo as any)[usernameClaim] || userInfo.preferred_username || userInfo.email || userInfo.sub;
const oidcSubject = userInfo.sub;
if (!username || !oidcSubject) {
console.error("[OIDC] Missing required user info:", { username, oidcSubject });
return reply.redirect(`${getFrontendUrl()}/?error=oidc_missing_user_info`);
}
// Clean cookies
reply.clearCookie("oidc_code_verifier", { path: "/" });
reply.clearCookie("oidc_state", { path: "/" });
// Find or create user
const user = await findOrCreateOIDCUser(username, oidcSubject, reply);
if (!user) {
return reply.redirect(`${getFrontendUrl()}/?error=oidc_user_creation_failed`);
}
// Update last login
await db.update(users).set({ lastLoginAt: new Date() }).where(eq(users.id, user.id));
// Issue JWT tokens (same as local auth)
const accessToken = await generateAccessToken(app, user.id, user.username);
const { refreshToken, tokenId, expiresAt } = await generateRefreshToken(app, user.id);
// Store refresh token
await db.insert(refreshTokens).values({
userId: user.id,
tokenId,
expiresAt,
});
// Set cookies (use app's centralized cookie options)
console.log(
`[OIDC] Setting cookies for user ${user.username}, NODE_ENV=${env.NODE_ENV}, secure=${app.config.cookieOptions.secure}`
);
setAuthCookies(app, reply, accessToken, refreshToken);
// Redirect to frontend dashboard
// In dev: CORS_ORIGINS contains the frontend URL
const frontendUrl = env.CORS_ORIGINS.split(",")[0] || "http://localhost:5173";
return reply.redirect(`${frontendUrl}/dashboard`);
} catch (err: any) {
console.error("[OIDC] Callback error:", err);
return reply.redirect(`${getFrontendUrl()}/?error=oidc_callback_failed`);
}
}
);
}
// =============================================================================
// User Management
// =============================================================================
async function findOrCreateOIDCUser(
username: string,
oidcSubject: string,
reply: FastifyReply
username: string,
oidcSubject: string,
_reply: FastifyReply
): Promise<{ id: number; username: string } | null> {
// First, try to find user by OIDC subject (most reliable)
const [existingBySubject] = await db.select()
.from(users)
.where(eq(users.oidcSubject, oidcSubject));
if (existingBySubject) {
return { id: existingBySubject.id, username: existingBySubject.username };
}
// Check if username already exists (potential collision)
const [existingByUsername] = await db.select()
.from(users)
.where(eq(users.username, username));
if (existingByUsername) {
// Username collision! Check if it's a local user without OIDC linked
if (existingByUsername.authProvider === "local" && !existingByUsername.oidcSubject) {
// Local user exists without SSO - link this OIDC account to existing user
await db.update(users)
.set({ oidcSubject: oidcSubject })
.where(eq(users.id, existingByUsername.id));
console.log(`[OIDC] Linked OIDC to existing local user: ${username}`);
return { id: existingByUsername.id, username: existingByUsername.username };
} else if (existingByUsername.oidcSubject && existingByUsername.oidcSubject !== oidcSubject) {
// User already has a DIFFERENT OIDC subject - create new user with suffix
username = `${username}_sso`;
console.log(`[OIDC] Username collision (different OIDC subject), using: ${username}`);
}
}
// Check if auto-create is enabled
if (!env.OIDC_AUTO_CREATE_USERS) {
console.error(`[OIDC] User creation disabled and user not found: ${username}`);
return null;
}
// Create new OIDC user
const [newUser] = await db.insert(users)
.values({
username,
passwordHash: null,
authProvider: "oidc",
oidcSubject: oidcSubject,
isActive: true,
})
.returning({ id: users.id, username: users.username });
console.log(`[OIDC] Created new user: ${newUser.username} (ID: ${newUser.id})`);
return newUser;
// First, try to find user by OIDC subject (most reliable)
const [existingBySubject] = await db.select().from(users).where(eq(users.oidcSubject, oidcSubject));
if (existingBySubject) {
return { id: existingBySubject.id, username: existingBySubject.username };
}
// Check if username already exists (potential collision)
const [existingByUsername] = await db.select().from(users).where(eq(users.username, username));
if (existingByUsername) {
// Username collision! Check if it's a local user without OIDC linked
if (existingByUsername.authProvider === "local" && !existingByUsername.oidcSubject) {
// Local user exists without SSO - link this OIDC account to existing user
await db.update(users).set({ oidcSubject: oidcSubject }).where(eq(users.id, existingByUsername.id));
console.log(`[OIDC] Linked OIDC to existing local user: ${username}`);
return { id: existingByUsername.id, username: existingByUsername.username };
} else if (existingByUsername.oidcSubject && existingByUsername.oidcSubject !== oidcSubject) {
// User already has a DIFFERENT OIDC subject - create new user with suffix
username = `${username}_sso`;
console.log(`[OIDC] Username collision (different OIDC subject), using: ${username}`);
}
}
// Check if auto-create is enabled
if (!env.OIDC_AUTO_CREATE_USERS) {
console.error(`[OIDC] User creation disabled and user not found: ${username}`);
return null;
}
// Create new OIDC user
const [newUser] = await db
.insert(users)
.values({
username,
passwordHash: null,
authProvider: "oidc",
oidcSubject: oidcSubject,
isActive: true,
})
.returning({ id: users.id, username: users.username });
console.log(`[OIDC] Created new user: ${newUser.username} (ID: ${newUser.id})`);
return newUser;
}
// =============================================================================
// JWT Token Generation (reused from auth.ts logic)
// =============================================================================
async function generateAccessToken(app: FastifyInstance, userId: number, username: string): Promise<string> {
return app.jwt.sign(
{ sub: userId, username },
{ expiresIn: `${env.ACCESS_TOKEN_TTL_MINUTES}m` }
);
return app.jwt.sign({ sub: userId, username }, { expiresIn: `${env.ACCESS_TOKEN_TTL_MINUTES}m` });
}
async function generateRefreshToken(
app: FastifyInstance,
userId: number
app: FastifyInstance,
userId: number
): Promise<{ refreshToken: string; tokenId: string; expiresAt: Date }> {
const tokenId = randomBytes(32).toString("hex");
const expiresAt = new Date(Date.now() + env.REFRESH_TOKEN_TTL_DAYS * 24 * 60 * 60 * 1000);
const refreshToken = app.jwt.sign(
{ sub: userId, jti: tokenId, type: "refresh" },
{ expiresIn: `${env.REFRESH_TOKEN_TTL_DAYS}d` }
);
return { refreshToken, tokenId, expiresAt };
const tokenId = randomBytes(32).toString("hex");
const expiresAt = new Date(Date.now() + env.REFRESH_TOKEN_TTL_DAYS * 24 * 60 * 60 * 1000);
const refreshToken = app.jwt.sign(
{ sub: userId, jti: tokenId, type: "refresh" },
{ expiresIn: `${env.REFRESH_TOKEN_TTL_DAYS}d` }
);
return { refreshToken, tokenId, expiresAt };
}
function setAuthCookies(app: FastifyInstance, reply: FastifyReply, accessToken: string, refreshToken: string) {
// Use the same cookie options as regular auth for consistency
reply.setCookie("access_token", accessToken, app.config.cookieOptions);
reply.setCookie("refresh_token", refreshToken, app.config.refreshCookieOptions);
// Use the same cookie options as regular auth for consistency
reply.setCookie("access_token", accessToken, app.config.cookieOptions);
reply.setCookie("refresh_token", refreshToken, app.config.refreshCookieOptions);
}
backend/src/routes/planner.ts
+315 -296
View File
@@ -1,153 +1,163 @@
import { FastifyInstance } from "fastify";
import type { FastifyInstance, FastifyRequest } from "fastify";
import nodemailer from "nodemailer";
import { updateReminderSentTime, updateUserReminderSentTime } from "../services/reminder-scheduler.js";
import { loadUserSettings, sendShoutrrrNotification } from "./settings.js";
import { getDateLocale, getTranslations, t, type Language } from "../i18n/translations.js";
import type { AuthUser } from "../types/fastify.js";
import { requireAuth, getAnonymousUserId } from "../plugins/auth.js";
import { getDateLocale, getTranslations, type Language, t } from "../i18n/translations.js";
import { getAnonymousUserId, requireAuth } from "../plugins/auth.js";
import { env } from "../plugins/env.js";
import { updateReminderSentTime, updateUserReminderSentTime } from "../services/reminder-scheduler.js";
import type { AuthUser } from "../types/fastify.js";
import { loadUserSettings, sendShoutrrrNotification } from "./settings.js";
// Escape HTML to prevent XSS in email templates
function escapeHtml(text: string): string {
const htmlEscapes: Record<string, string> = {
'&': '&amp;',
'<': '&lt;',
'>': '&gt;',
'"': '&quot;',
"'": '&#39;',
};
return text.replace(/[&<>"']/g, char => htmlEscapes[char] || char);
const htmlEscapes: Record<string, string> = {
"&": "&amp;",
"<": "&lt;",
">": "&gt;",
'"': "&quot;",
"'": "&#39;",
};
return text.replace(/[&<>"']/g, (char) => htmlEscapes[char] || char);
}
type PlannerRow = {
medicationId: number;
medicationName: string;
totalPills: number;
plannerUsage: number;
blisterSize: number;
blistersNeeded: number;
fullBlisters: number;
loosePills: number;
enough: boolean;
medicationId: number;
medicationName: string;
totalPills: number;
plannerUsage: number;
blisterSize: number;
blistersNeeded: number;
fullBlisters: number;
loosePills: number;
enough: boolean;
};
type SendEmailBody = {
email: string;
from: string;
until: string;
rows: PlannerRow[];
language?: Language; // Optional: passed from frontend for unauthenticated requests
email: string;
from: string;
until: string;
rows: PlannerRow[];
language?: Language; // Optional: passed from frontend for unauthenticated requests
};
type LowStockItem = {
name: string;
medsLeft: number;
daysLeft: number | null;
depletionDate: string | null;
name: string;
medsLeft: number;
daysLeft: number | null;
depletionDate: string | null;
};
type ReminderEmailBody = {
email: string;
lowStock: LowStockItem[];
language?: Language; // Optional: passed from frontend for unauthenticated requests
email: string;
lowStock: LowStockItem[];
language?: Language; // Optional: passed from frontend for unauthenticated requests
};
export async function plannerRoutes(app: FastifyInstance) {
// Add auth hook for all planner routes
app.addHook("preHandler", requireAuth);
// Add auth hook for all planner routes
app.addHook("preHandler", requireAuth);
// Helper to get user ID from request
async function getUserId(request: any): Promise<number> {
if (!env.AUTH_ENABLED) {
return getAnonymousUserId();
}
const authUser = request.user as AuthUser | null;
if (!authUser?.id) {
throw new Error("User not authenticated");
}
return authUser.id;
}
// Helper to get user ID from request
async function getUserId(request: FastifyRequest): Promise<number> {
if (!env.AUTH_ENABLED) {
return getAnonymousUserId();
}
const authUser = request.user as unknown as AuthUser | null;
if (!authUser?.id) {
throw new Error("User not authenticated");
}
return authUser.id;
}
app.post<{ Body: SendEmailBody }>("/planner/send-email", async (request, reply) => {
const { email, from, until, rows, language: bodyLanguage } = request.body;
app.post<{ Body: SendEmailBody }>("/planner/send-email", async (request, reply) => {
const { email, from, until, rows, language: bodyLanguage } = request.body;
if (!email || !rows || rows.length === 0) {
return reply.status(400).send({ error: "Missing email or planner data" });
}
if (!email || !rows || rows.length === 0) {
return reply.status(400).send({ error: "Missing email or planner data" });
}
const smtpHost = process.env.SMTP_HOST;
const smtpUser = process.env.SMTP_USER;
const smtpPass = process.env.SMTP_TOKEN || process.env.SMTP_PASS; // Token takes precedence
const smtpPort = parseInt(process.env.SMTP_PORT ?? "587");
const smtpSecure = process.env.SMTP_SECURE === "true";
const smtpFrom = process.env.SMTP_FROM ?? smtpUser;
const smtpHost = process.env.SMTP_HOST;
const smtpUser = process.env.SMTP_USER;
const smtpPass = process.env.SMTP_TOKEN || process.env.SMTP_PASS; // Token takes precedence
const smtpPort = parseInt(process.env.SMTP_PORT ?? "587", 10);
const smtpSecure = process.env.SMTP_SECURE === "true";
const smtpFrom = process.env.SMTP_FROM ?? smtpUser;
if (!smtpHost || !smtpUser) {
return reply.status(400).send({ error: "SMTP not configured" });
}
if (!smtpHost || !smtpUser) {
return reply.status(400).send({ error: "SMTP not configured" });
}
// Get locale from user settings or use the language passed in the body
let language: Language = bodyLanguage || "en";
const authUser = request.user as unknown as AuthUser | null;
if (authUser?.id) {
const userSettings = await loadUserSettings(authUser.id);
language = userSettings.language;
}
const locale = getDateLocale(language);
// Get locale from user settings or use the language passed in the body
let language: Language = bodyLanguage || "en";
const authUser = request.user as unknown as AuthUser | null;
if (authUser?.id) {
const userSettings = await loadUserSettings(authUser.id);
language = userSettings.language;
}
const locale = getDateLocale(language);
// Format dates for display
const fromDate = new Date(from).toLocaleDateString(locale, {
year: "numeric",
month: "long",
day: "numeric",
});
const untilDate = new Date(until).toLocaleDateString(locale, {
year: "numeric",
month: "long",
day: "numeric",
});
// Format dates for display - escape to prevent XSS even though toLocaleDateString should be safe
const fromDate = escapeHtml(
new Date(from).toLocaleDateString(locale, {
year: "numeric",
month: "long",
day: "numeric",
})
);
const untilDate = escapeHtml(
new Date(until).toLocaleDateString(locale, {
year: "numeric",
month: "long",
day: "numeric",
})
);
// Build HTML table with horizontal scroll for mobile
const tableRows = rows
.map(
(row) => `
// Build HTML table with horizontal scroll for mobile
// Escape/coerce all user-provided values to prevent XSS
const tableRows = rows
.map((row) => {
const safeName = escapeHtml(row.medicationName);
const safeTotalPills = Number(row.totalPills) || 0;
const safePlannerUsage = Number(row.plannerUsage) || 0;
const safeBlistersNeeded = Number(row.blistersNeeded) || 0;
const safeBlisterSize = Number(row.blisterSize) || 0;
const safeFullBlisters = Number(row.fullBlisters) || 0;
const safeLoosePills = Number(row.loosePills) || 0;
return `
<tr>
<td style="padding: 10px 12px; border-bottom: 1px solid #e5e7eb; white-space: nowrap;">${escapeHtml(row.medicationName)}</td>
<td style="padding: 10px 12px; border-bottom: 1px solid #e5e7eb; text-align: center; white-space: nowrap;"><strong>${row.totalPills}</strong></td>
<td style="padding: 10px 12px; border-bottom: 1px solid #e5e7eb; text-align: center; white-space: nowrap;"><strong>${row.plannerUsage}</strong></td>
<td style="padding: 10px 12px; border-bottom: 1px solid #e5e7eb; text-align: center; white-space: nowrap;">${row.blistersNeeded} × ${row.blisterSize}</td>
<td style="padding: 10px 12px; border-bottom: 1px solid #e5e7eb; text-align: center; white-space: nowrap;">${row.fullBlisters}${row.loosePills > 0 ? ` (+${row.loosePills})` : ""}</td>
<td style="padding: 10px 12px; border-bottom: 1px solid #e5e7eb; white-space: nowrap;">${safeName}</td>
<td style="padding: 10px 12px; border-bottom: 1px solid #e5e7eb; text-align: center; white-space: nowrap;"><strong>${safeTotalPills}</strong></td>
<td style="padding: 10px 12px; border-bottom: 1px solid #e5e7eb; text-align: center; white-space: nowrap;"><strong>${safePlannerUsage}</strong></td>
<td style="padding: 10px 12px; border-bottom: 1px solid #e5e7eb; text-align: center; white-space: nowrap;">${safeBlistersNeeded} × ${safeBlisterSize}</td>
<td style="padding: 10px 12px; border-bottom: 1px solid #e5e7eb; text-align: center; white-space: nowrap;">${safeFullBlisters}${safeLoosePills > 0 ? ` (+${safeLoosePills})` : ""}</td>
<td style="padding: 10px 12px; border-bottom: 1px solid #e5e7eb; text-align: center; white-space: nowrap;">
<span style="display: inline-block; padding: 4px 10px; border-radius: 12px; font-size: 12px; font-weight: 600; ${
row.enough
? "background: #d1fae5; color: #065f46;"
: "background: #fee2e2; color: #991b1b;"
}">
row.enough ? "background: #d1fae5; color: #065f46;" : "background: #fee2e2; color: #991b1b;"
}">
${row.enough ? "✓ OK" : "✗ Out of Stock"}
</span>
</td>
</tr>
`
)
.join("");
`;
})
.join("");
const outOfStockCount = rows.filter((r) => !r.enough).length;
const summaryText =
outOfStockCount > 0
? `⚠️ ${outOfStockCount} medication${outOfStockCount > 1 ? "s" : ""} will be out of stock during this period.`
: "✓ All medications have sufficient supply for this period.";
const outOfStockCount = rows.filter((r) => !r.enough).length;
const summaryText =
outOfStockCount > 0
? `⚠️ ${outOfStockCount} medication${outOfStockCount > 1 ? "s" : ""} will be out of stock during this period.`
: "✓ All medications have sufficient supply for this period.";
const html = `
const html = `
<div style="font-family: system-ui, -apple-system, sans-serif; max-width: 100%; margin: 0 auto; padding: 12px; background: #f9fafb;">
<div style="background: white; border-radius: 12px; padding: 16px; box-shadow: 0 1px 3px rgba(0,0,0,0.1);">
<h2 style="color: #1f2937; margin: 0 0 8px; font-size: 18px;">MedAssist-ng - Demand Calculator</h2>
<p style="color: #6b7280; margin: 0 0 16px; font-size: 13px;">Supply overview from <strong>${fromDate}</strong> to <strong>${untilDate}</strong></p>
<div style="padding: 10px 14px; border-radius: 8px; margin-bottom: 16px; ${
outOfStockCount > 0
? "background: #fef2f2; border: 1px solid #fecaca;"
: "background: #f0fdf4; border: 1px solid #bbf7d0;"
}">
outOfStockCount > 0
? "background: #fef2f2; border: 1px solid #fecaca;"
: "background: #f0fdf4; border: 1px solid #bbf7d0;"
}">
<p style="margin: 0; color: ${outOfStockCount > 0 ? "#991b1b" : "#166534"}; font-weight: 500; font-size: 13px;">
${summaryText}
</p>
@@ -177,7 +187,7 @@ export async function plannerRoutes(app: FastifyInstance) {
</div>
`;
const plainText = `MedAssist-ng - Demand Calculator
const plainText = `MedAssist-ng - Demand Calculator
Supply overview from ${fromDate} to ${untilDate}
${summaryText}
@@ -187,79 +197,79 @@ ${rows.map((r) => `${r.medicationName}: ${r.totalPills} pills in stock, ${r.plan
---
Sent from MedAssist-ng Medication Planner`;
try {
const transporter = nodemailer.createTransport({
host: smtpHost,
port: smtpPort,
secure: smtpSecure,
auth: {
user: smtpUser,
pass: smtpPass ?? "",
},
});
try {
const transporter = nodemailer.createTransport({
host: smtpHost,
port: smtpPort,
secure: smtpSecure,
auth: {
user: smtpUser,
pass: smtpPass ?? "",
},
});
await transporter.sendMail({
from: smtpFrom,
to: email,
subject: `MedAssist-ng - Supply Overview (${fromDate} - ${untilDate})`,
text: plainText,
html,
});
await transporter.sendMail({
from: smtpFrom,
to: email,
subject: `MedAssist-ng - Supply Overview (${fromDate} - ${untilDate})`,
text: plainText,
html,
});
return reply.send({ success: true, message: "Email sent successfully" });
} catch (error) {
const errorMessage = error instanceof Error ? error.message : "Unknown error";
return reply.status(500).send({ error: `Failed to send email: ${errorMessage}` });
}
});
return reply.send({ success: true, message: "Email sent successfully" });
} catch (error) {
const errorMessage = error instanceof Error ? error.message : "Unknown error";
return reply.status(500).send({ error: `Failed to send email: ${errorMessage}` });
}
});
// Reminder notification for low stock medications (supports email and push)
app.post<{ Body: ReminderEmailBody }>("/reminder/send-email", async (request, reply) => {
const { email, lowStock, language: bodyLanguage } = request.body;
// Reminder notification for low stock medications (supports email and push)
app.post<{ Body: ReminderEmailBody }>("/reminder/send-email", async (request, reply) => {
const { email, lowStock } = request.body;
if (!lowStock || lowStock.length === 0) {
return reply.status(400).send({ error: "Missing low stock data" });
}
if (!lowStock || lowStock.length === 0) {
return reply.status(400).send({ error: "Missing low stock data" });
}
// Load user settings
const userId = await getUserId(request);
const userSettings = await loadUserSettings(userId);
const notificationSettings = {
emailEnabled: userSettings.emailEnabled,
shoutrrrEnabled: userSettings.shoutrrrEnabled,
shoutrrrUrl: userSettings.shoutrrrUrl || "",
};
const results: { email?: boolean; push?: boolean; errors: string[] } = { errors: [] };
// Load user settings
const userId = await getUserId(request);
const userSettings = await loadUserSettings(userId);
const notificationSettings = {
emailEnabled: userSettings.emailEnabled,
shoutrrrEnabled: userSettings.shoutrrrEnabled,
shoutrrrUrl: userSettings.shoutrrrUrl || "",
};
// Separate empty from low stock medications
const emptyMeds = lowStock.filter(r => r.medsLeft <= 0);
const lowMeds = lowStock.filter(r => r.medsLeft > 0);
const results: { email?: boolean; push?: boolean; errors: string[] } = { errors: [] };
// Send email if enabled
if (notificationSettings.emailEnabled && email) {
const smtpHost = process.env.SMTP_HOST;
const smtpUser = process.env.SMTP_USER;
const smtpPass = process.env.SMTP_TOKEN || process.env.SMTP_PASS; // Token takes precedence
const smtpPort = parseInt(process.env.SMTP_PORT ?? "587");
const smtpSecure = process.env.SMTP_SECURE === "true";
const smtpFrom = process.env.SMTP_FROM ?? smtpUser;
// Separate empty from low stock medications
const emptyMeds = lowStock.filter((r) => r.medsLeft <= 0);
const lowMeds = lowStock.filter((r) => r.medsLeft > 0);
if (smtpHost && smtpUser) {
// Build subject line based on what we have
let subjectText: string;
if (emptyMeds.length > 0 && lowMeds.length > 0) {
subjectText = `🚨 ${emptyMeds.length} Empty, ⚠️ ${lowMeds.length} Running Low`;
} else if (emptyMeds.length > 0) {
subjectText = `🚨 ${emptyMeds.length} Medication${emptyMeds.length > 1 ? "s" : ""} Empty`;
} else {
subjectText = `⚠️ ${lowMeds.length} Medication${lowMeds.length > 1 ? "s" : ""} Running Low`;
}
// Send email if enabled
if (notificationSettings.emailEnabled && email) {
const smtpHost = process.env.SMTP_HOST;
const smtpUser = process.env.SMTP_USER;
const smtpPass = process.env.SMTP_TOKEN || process.env.SMTP_PASS; // Token takes precedence
const smtpPort = parseInt(process.env.SMTP_PORT ?? "587", 10);
const smtpSecure = process.env.SMTP_SECURE === "true";
const smtpFrom = process.env.SMTP_FROM ?? smtpUser;
// Build alert box based on what we have
let alertHtml: string;
if (emptyMeds.length > 0 && lowMeds.length > 0) {
alertHtml = `
if (smtpHost && smtpUser) {
// Build subject line based on what we have
let subjectText: string;
if (emptyMeds.length > 0 && lowMeds.length > 0) {
subjectText = `🚨 ${emptyMeds.length} Empty, ⚠️ ${lowMeds.length} Running Low`;
} else if (emptyMeds.length > 0) {
subjectText = `🚨 ${emptyMeds.length} Medication${emptyMeds.length > 1 ? "s" : ""} Empty`;
} else {
subjectText = `⚠️ ${lowMeds.length} Medication${lowMeds.length > 1 ? "s" : ""} Running Low`;
}
// Build alert box based on what we have
let alertHtml: string;
if (emptyMeds.length > 0 && lowMeds.length > 0) {
alertHtml = `
<div style="padding: 10px 14px; border-radius: 8px; margin-bottom: 12px; background: #fef2f2; border: 1px solid #dc2626;">
<p style="margin: 0; color: #dc2626; font-weight: 600; font-size: 13px;">
🚨 ${emptyMeds.length} medication${emptyMeds.length > 1 ? "s" : ""} EMPTY - reorder immediately!
@@ -270,49 +280,54 @@ Sent from MedAssist-ng Medication Planner`;
⚠️ ${lowMeds.length} medication${lowMeds.length > 1 ? "s" : ""} running low - reorder soon
</p>
</div>`;
} else if (emptyMeds.length > 0) {
alertHtml = `
} else if (emptyMeds.length > 0) {
alertHtml = `
<div style="padding: 10px 14px; border-radius: 8px; margin-bottom: 16px; background: #fef2f2; border: 1px solid #dc2626;">
<p style="margin: 0; color: #dc2626; font-weight: 600; font-size: 13px;">
🚨 ${emptyMeds.length} medication${emptyMeds.length > 1 ? "s" : ""} EMPTY - reorder immediately!
</p>
</div>`;
} else {
alertHtml = `
} else {
alertHtml = `
<div style="padding: 10px 14px; border-radius: 8px; margin-bottom: 16px; background: #fffbeb; border: 1px solid #f59e0b;">
<p style="margin: 0; color: #b45309; font-weight: 500; font-size: 13px;">
⚠️ ${lowMeds.length} medication${lowMeds.length > 1 ? "s" : ""} running low - reorder soon
</p>
</div>`;
}
}
// Build table rows with status indicator
const buildTableRow = (row: LowStockItem) => {
const isEmpty = row.medsLeft <= 0;
const statusIcon = isEmpty ? "🚨" : "⚠️";
const rowBg = isEmpty ? "#fef2f2" : "white";
return `
// Build table rows with status indicator
const buildTableRow = (row: LowStockItem) => {
const isEmpty = row.medsLeft <= 0;
const statusIcon = isEmpty ? "🚨" : "⚠️";
const rowBg = isEmpty ? "#fef2f2" : "white";
// Escape user-provided strings and coerce numbers to prevent XSS
const safeName = escapeHtml(row.name);
const safeMedsLeft = Number(row.medsLeft) || 0;
const safeDaysLeft = Number(row.daysLeft) || 0;
const safeDepletionDate = row.depletionDate ? escapeHtml(String(row.depletionDate)) : "-";
return `
<tr style="background: ${rowBg};">
<td style="padding: 10px 12px; border-bottom: 1px solid #e5e7eb; white-space: nowrap;">${statusIcon} ${escapeHtml(row.name)}</td>
<td style="padding: 10px 12px; border-bottom: 1px solid #e5e7eb; text-align: center; white-space: nowrap; ${isEmpty ? "color: #dc2626; font-weight: 600;" : ""}"><strong>${row.medsLeft}</strong></td>
<td style="padding: 10px 12px; border-bottom: 1px solid #e5e7eb; text-align: center; white-space: nowrap;">${row.daysLeft ?? 0}</td>
<td style="padding: 10px 12px; border-bottom: 1px solid #e5e7eb; text-align: center; white-space: nowrap;">${isEmpty ? "<strong>NOW</strong>" : (row.depletionDate ?? "-")}</td>
<td style="padding: 10px 12px; border-bottom: 1px solid #e5e7eb; white-space: nowrap;">${statusIcon} ${safeName}</td>
<td style="padding: 10px 12px; border-bottom: 1px solid #e5e7eb; text-align: center; white-space: nowrap; ${isEmpty ? "color: #dc2626; font-weight: 600;" : ""}"><strong>${safeMedsLeft}</strong></td>
<td style="padding: 10px 12px; border-bottom: 1px solid #e5e7eb; text-align: center; white-space: nowrap;">${safeDaysLeft}</td>
<td style="padding: 10px 12px; border-bottom: 1px solid #e5e7eb; text-align: center; white-space: nowrap;">${isEmpty ? "<strong>NOW</strong>" : safeDepletionDate}</td>
</tr>`;
};
const tableRows = lowStock.map(buildTableRow).join("");
};
// Build description text
let descriptionText: string;
if (emptyMeds.length > 0 && lowMeds.length > 0) {
descriptionText = "The following medications need to be reordered:";
} else if (emptyMeds.length > 0) {
descriptionText = "The following medications are EMPTY and need to be reordered immediately:";
} else {
descriptionText = "The following medications are running low and need to be reordered:";
}
const tableRows = lowStock.map(buildTableRow).join("");
const html = `
// Build description text
let descriptionText: string;
if (emptyMeds.length > 0 && lowMeds.length > 0) {
descriptionText = "The following medications need to be reordered:";
} else if (emptyMeds.length > 0) {
descriptionText = "The following medications are EMPTY and need to be reordered immediately:";
} else {
descriptionText = "The following medications are running low and need to be reordered:";
}
const html = `
<div style="font-family: system-ui, -apple-system, sans-serif; max-width: 100%; margin: 0 auto; padding: 12px; background: #f9fafb;">
<div style="background: white; border-radius: 12px; padding: 16px; box-shadow: 0 1px 3px rgba(0,0,0,0.1);">
<h2 style="color: #1f2937; margin: 0 0 8px; font-size: 18px;">${emptyMeds.length > 0 ? "🚨" : "⚠️"} MedAssist-ng - Reorder Reminder</h2>
@@ -342,120 +357,124 @@ Sent from MedAssist-ng Medication Planner`;
</div>
`;
// Build plain text with sections
let plainTextContent: string;
if (emptyMeds.length > 0 && lowMeds.length > 0) {
plainTextContent = `🚨 EMPTY (reorder immediately):
// Build plain text with sections
let plainTextContent: string;
if (emptyMeds.length > 0 && lowMeds.length > 0) {
plainTextContent = `🚨 EMPTY (reorder immediately):
${emptyMeds.map((r) => `${r.name}`).join("\n")}
⚠️ RUNNING LOW (reorder soon):
${lowMeds.map((r) => `${r.name}: ${r.medsLeft} pills left, ${r.daysLeft ?? 0} days remaining`).join("\n")}`;
} else if (emptyMeds.length > 0) {
plainTextContent = `🚨 EMPTY (reorder immediately):
} else if (emptyMeds.length > 0) {
plainTextContent = `🚨 EMPTY (reorder immediately):
${emptyMeds.map((r) => `${r.name}`).join("\n")}`;
} else {
plainTextContent = `⚠️ Running low:
} else {
plainTextContent = `⚠️ Running low:
${lowMeds.map((r) => `${r.name}: ${r.medsLeft} pills left, ${r.daysLeft ?? 0} days remaining, runs out ${r.depletionDate ?? "soon"}`).join("\n")}`;
}
}
const plainText = `MedAssist-ng - Reorder Reminder
const plainText = `MedAssist-ng - Reorder Reminder
${plainTextContent}
---
Sent from MedAssist-ng Medication Planner`;
try {
const transporter = nodemailer.createTransport({
host: smtpHost,
port: smtpPort,
secure: smtpSecure,
auth: {
user: smtpUser,
pass: smtpPass ?? "",
},
});
try {
const transporter = nodemailer.createTransport({
host: smtpHost,
port: smtpPort,
secure: smtpSecure,
auth: {
user: smtpUser,
pass: smtpPass ?? "",
},
});
await transporter.sendMail({
from: smtpFrom,
to: email,
subject: `MedAssist-ng - ${subjectText}`,
text: plainText,
html,
});
await transporter.sendMail({
from: smtpFrom,
to: email,
subject: `MedAssist-ng - ${subjectText}`,
text: plainText,
html,
});
results.email = true;
} catch (error) {
const errorMessage = error instanceof Error ? error.message : "Unknown error";
results.errors.push(`Email: ${errorMessage}`);
}
}
}
results.email = true;
} catch (error) {
const errorMessage = error instanceof Error ? error.message : "Unknown error";
results.errors.push(`Email: ${errorMessage}`);
}
}
}
// Send push notification if enabled
if (notificationSettings.shoutrrrEnabled && notificationSettings.shoutrrrUrl) {
// Get translations based on user language (default to 'en')
const tr = getTranslations((userSettings.language as Language) || "en");
// Build clear title
const titleParts: string[] = [];
if (emptyMeds.length > 0) {
titleParts.push(`🚨 ${emptyMeds.length} ${tr.push.empty}`);
}
if (lowMeds.length > 0) {
titleParts.push(`⚠️ ${lowMeds.length} ${tr.push.low}`);
}
const title = `MedAssist: ${titleParts.join(", ")} - ${tr.push.reorderNow}`;
// Build clear message with sections
const messageParts: string[] = [];
if (emptyMeds.length > 0) {
messageParts.push(`🚨 ${tr.push.emptySection}:`);
emptyMeds.forEach(r => messageParts.push(`${r.name}`));
}
if (lowMeds.length > 0) {
if (emptyMeds.length > 0) messageParts.push("");
messageParts.push(`⚠️ ${tr.push.lowSection}:`);
lowMeds.forEach(r => messageParts.push(`${r.name}: ${t(tr.push.pillsLeft, { count: r.medsLeft })}, ${t(tr.push.daysLeft, { count: r.daysLeft ?? 0 })}`));
}
const message = messageParts.join("\n");
// Send push notification if enabled
if (notificationSettings.shoutrrrEnabled && notificationSettings.shoutrrrUrl) {
// Get translations based on user language (default to 'en')
const tr = getTranslations((userSettings.language as Language) || "en");
try {
const pushResult = await sendShoutrrrNotification(notificationSettings.shoutrrrUrl, title, message);
if (pushResult.success) {
results.push = true;
} else {
results.errors.push(`Push: ${pushResult.error}`);
}
} catch (error) {
const errorMessage = error instanceof Error ? error.message : "Unknown error";
results.errors.push(`Push: ${errorMessage}`);
}
}
// Build clear title
const titleParts: string[] = [];
if (emptyMeds.length > 0) {
titleParts.push(`🚨 ${emptyMeds.length} ${tr.push.empty}`);
}
if (lowMeds.length > 0) {
titleParts.push(`⚠️ ${lowMeds.length} ${tr.push.low}`);
}
const title = `MedAssist: ${titleParts.join(", ")} - ${tr.push.reorderNow}`;
// Update the reminder state to record this notification was sent
if (results.email || results.push) {
const channel = results.email && results.push ? "both" : results.email ? "email" : "push";
updateReminderSentTime("stock", channel);
// Also update user settings in database so frontend can display the info
await updateUserReminderSentTime(userId, "stock", channel);
}
// Build clear message with sections
const messageParts: string[] = [];
if (emptyMeds.length > 0) {
messageParts.push(`🚨 ${tr.push.emptySection}:`);
emptyMeds.forEach((r) => messageParts.push(`${r.name}`));
}
if (lowMeds.length > 0) {
if (emptyMeds.length > 0) messageParts.push("");
messageParts.push(`⚠️ ${tr.push.lowSection}:`);
lowMeds.forEach((r) =>
messageParts.push(
`${r.name}: ${t(tr.push.pillsLeft, { count: r.medsLeft })}, ${t(tr.push.daysLeft, { count: r.daysLeft ?? 0 })}`
)
);
}
const message = messageParts.join("\n");
// Build response message
const sentChannels: string[] = [];
if (results.email) sentChannels.push("email");
if (results.push) sentChannels.push("push");
try {
const pushResult = await sendShoutrrrNotification(notificationSettings.shoutrrrUrl, title, message);
if (pushResult.success) {
results.push = true;
} else {
results.errors.push(`Push: ${pushResult.error}`);
}
} catch (error) {
const errorMessage = error instanceof Error ? error.message : "Unknown error";
results.errors.push(`Push: ${errorMessage}`);
}
}
if (sentChannels.length > 0) {
return reply.send({
success: true,
message: `Reminder sent via ${sentChannels.join(" and ")}`
});
} else if (results.errors.length > 0) {
return reply.status(500).send({ error: results.errors.join("; ") });
} else {
return reply.status(400).send({ error: "No notification channels configured" });
}
});
// Update the reminder state to record this notification was sent
if (results.email || results.push) {
const channel = results.email && results.push ? "both" : results.email ? "email" : "push";
updateReminderSentTime("stock", channel);
// Also update user settings in database so frontend can display the info
await updateUserReminderSentTime(userId, "stock", channel);
}
// Build response message
const sentChannels: string[] = [];
if (results.email) sentChannels.push("email");
if (results.push) sentChannels.push("push");
if (sentChannels.length > 0) {
return reply.send({
success: true,
message: `Reminder sent via ${sentChannels.join(" and ")}`,
});
} else if (results.errors.length > 0) {
return reply.status(500).send({ error: results.errors.join("; ") });
} else {
return reply.status(400).send({ error: "No notification channels configured" });
}
});
}
backend/src/routes/refills.ts
+105 -98
View File
@@ -1,124 +1,131 @@
import { FastifyInstance } from "fastify";
import { and, desc, eq } from "drizzle-orm";
import type { FastifyInstance, FastifyReply, FastifyRequest } from "fastify";
import { z } from "zod";
import { db } from "../db/client.js";
import { medications, refillHistory } from "../db/schema.js";
import { eq, and, desc } from "drizzle-orm";
import { requireAuth, getAnonymousUserId } from "../plugins/auth.js";
import { getAnonymousUserId, requireAuth } from "../plugins/auth.js";
import { env } from "../plugins/env.js";
import type { AuthUser } from "../types/fastify.js";
const refillSchema = z.object({
packsAdded: z.number().int().min(0).default(0),
loosePillsAdded: z.number().int().min(0).default(0),
}).refine(data => data.packsAdded > 0 || data.loosePillsAdded > 0, {
message: "Must add at least one pack or some loose pills",
});
const refillSchema = z
.object({
packsAdded: z.number().int().min(0).default(0),
loosePillsAdded: z.number().int().min(0).default(0),
})
.refine((data) => data.packsAdded > 0 || data.loosePillsAdded > 0, {
message: "Must add at least one pack or some loose pills",
});
export async function refillRoutes(app: FastifyInstance) {
// All refill routes require auth
app.addHook("preHandler", requireAuth);
// All refill routes require auth
app.addHook("preHandler", requireAuth);
// Helper to get user ID from request
async function getUserId(request: any, reply: any): Promise<number> {
if (!env.AUTH_ENABLED) {
return getAnonymousUserId();
}
const authUser = request.user as unknown as AuthUser | null;
if (!authUser) {
reply.status(401).send({ error: "User not authenticated", code: "AUTH_REQUIRED" });
throw new Error("AUTH_REQUIRED");
}
return authUser.id;
}
// Helper to get user ID from request
async function getUserId(request: FastifyRequest, reply: FastifyReply): Promise<number> {
if (!env.AUTH_ENABLED) {
return getAnonymousUserId();
}
const authUser = request.user as unknown as AuthUser | null;
if (!authUser) {
reply.status(401).send({ error: "User not authenticated", code: "AUTH_REQUIRED" });
throw new Error("AUTH_REQUIRED");
}
return authUser.id;
}
// POST /medications/:id/refill - Add stock to medication
app.post<{ Params: { id: string } }>("/medications/:id/refill", async (req, reply) => {
const parsed = refillSchema.safeParse(req.body);
if (!parsed.success) return reply.status(400).send(parsed.error.format());
// POST /medications/:id/refill - Add stock to medication
app.post<{ Params: { id: string } }>("/medications/:id/refill", async (req, reply) => {
const parsed = refillSchema.safeParse(req.body);
if (!parsed.success) return reply.status(400).send(parsed.error.format());
const medId = Number(req.params.id);
if (Number.isNaN(medId)) return reply.badRequest("Invalid medication id");
const medId = Number(req.params.id);
if (Number.isNaN(medId)) return reply.badRequest("Invalid medication id");
const userId = await getUserId(req, reply);
const userId = await getUserId(req, reply);
// Verify ownership
const [med] = await db.select().from(medications).where(
and(eq(medications.id, medId), eq(medications.userId, userId))
);
if (!med) return reply.notFound("Medication not found");
// Verify ownership
const [med] = await db
.select()
.from(medications)
.where(and(eq(medications.id, medId), eq(medications.userId, userId)));
if (!med) return reply.notFound("Medication not found");
const { packsAdded, loosePillsAdded } = parsed.data;
const { packsAdded, loosePillsAdded } = parsed.data;
// Update medication stock
const newPackCount = med.packCount + packsAdded;
const newLooseTablets = med.looseTablets + loosePillsAdded;
// Update medication stock
const newPackCount = med.packCount + packsAdded;
const newLooseTablets = med.looseTablets + loosePillsAdded;
await db.update(medications)
.set({
packCount: newPackCount,
looseTablets: newLooseTablets,
updatedAt: new Date(),
})
.where(and(eq(medications.id, medId), eq(medications.userId, userId)));
await db
.update(medications)
.set({
packCount: newPackCount,
looseTablets: newLooseTablets,
updatedAt: new Date(),
})
.where(and(eq(medications.id, medId), eq(medications.userId, userId)));
// Create refill history entry
const [refill] = await db.insert(refillHistory)
.values({
medicationId: medId,
userId,
packsAdded,
loosePillsAdded,
})
.returning();
// Create refill history entry
const [refill] = await db
.insert(refillHistory)
.values({
medicationId: medId,
userId,
packsAdded,
loosePillsAdded,
})
.returning();
// Calculate pills added for response
const pillsPerPack = med.blistersPerPack * med.pillsPerBlister;
const totalPillsAdded = (packsAdded * pillsPerPack) + loosePillsAdded;
// Calculate pills added for response
const pillsPerPack = med.blistersPerPack * med.pillsPerBlister;
const totalPillsAdded = packsAdded * pillsPerPack + loosePillsAdded;
return {
success: true,
refill: {
id: refill.id,
packsAdded,
loosePillsAdded,
totalPillsAdded,
refillDate: refill.refillDate,
},
newStock: {
packCount: newPackCount,
looseTablets: newLooseTablets,
totalPills: newPackCount * pillsPerPack + newLooseTablets,
},
};
});
return {
success: true,
refill: {
id: refill.id,
packsAdded,
loosePillsAdded,
totalPillsAdded,
refillDate: refill.refillDate,
},
newStock: {
packCount: newPackCount,
looseTablets: newLooseTablets,
totalPills: newPackCount * pillsPerPack + newLooseTablets,
},
};
});
// GET /medications/:id/refills - Get refill history for a medication
app.get<{ Params: { id: string } }>("/medications/:id/refills", async (req, reply) => {
const medId = Number(req.params.id);
if (Number.isNaN(medId)) return reply.badRequest("Invalid medication id");
// GET /medications/:id/refills - Get refill history for a medication
app.get<{ Params: { id: string } }>("/medications/:id/refills", async (req, reply) => {
const medId = Number(req.params.id);
if (Number.isNaN(medId)) return reply.badRequest("Invalid medication id");
const userId = await getUserId(req, reply);
const userId = await getUserId(req, reply);
// Verify ownership
const [med] = await db.select().from(medications).where(
and(eq(medications.id, medId), eq(medications.userId, userId))
);
if (!med) return reply.notFound("Medication not found");
// Verify ownership
const [med] = await db
.select()
.from(medications)
.where(and(eq(medications.id, medId), eq(medications.userId, userId)));
if (!med) return reply.notFound("Medication not found");
// Get refill history, newest first
const refills = await db.select()
.from(refillHistory)
.where(eq(refillHistory.medicationId, medId))
.orderBy(desc(refillHistory.refillDate));
// Get refill history, newest first
const refills = await db
.select()
.from(refillHistory)
.where(eq(refillHistory.medicationId, medId))
.orderBy(desc(refillHistory.refillDate));
const pillsPerPack = med.blistersPerPack * med.pillsPerBlister;
const pillsPerPack = med.blistersPerPack * med.pillsPerBlister;
return refills.map(r => ({
id: r.id,
packsAdded: r.packsAdded,
loosePillsAdded: r.loosePillsAdded,
totalPillsAdded: (r.packsAdded * pillsPerPack) + r.loosePillsAdded,
refillDate: r.refillDate,
}));
});
return refills.map((r) => ({
id: r.id,
packsAdded: r.packsAdded,
loosePillsAdded: r.loosePillsAdded,
totalPillsAdded: r.packsAdded * pillsPerPack + r.loosePillsAdded,
refillDate: r.refillDate,
}));
});
}
backend/src/routes/settings.ts
+453 -399
View File
@@ -1,337 +1,348 @@
import { FastifyInstance } from "fastify";
import { eq } from "drizzle-orm";
import type { FastifyInstance } from "fastify";
import nodemailer from "nodemailer";
import { db } from "../db/client.js";
import { userSettings } from "../db/schema.js";
import { eq } from "drizzle-orm";
import { requireAuth, getAnonymousUserId } from "../plugins/auth.js";
import type { Language } from "../i18n/translations.js";
import { getAnonymousUserId, requireAuth } from "../plugins/auth.js";
import { env } from "../plugins/env.js";
import type { AuthUser } from "../types/fastify.js";
import type { Language } from "../i18n/translations.js";
// Exported type for use in schedulers
export type UserSettings = {
userId: number;
emailEnabled: boolean;
notificationEmail: string | null;
emailStockReminders: boolean;
emailIntakeReminders: boolean;
shoutrrrEnabled: boolean;
shoutrrrUrl: string | null;
shoutrrrStockReminders: boolean;
shoutrrrIntakeReminders: boolean;
reminderDaysBefore: number;
repeatDailyReminders: boolean;
skipRemindersForTakenDoses: boolean;
repeatRemindersEnabled: boolean;
reminderRepeatIntervalMinutes: number;
maxNaggingReminders: number;
lowStockDays: number;
normalStockDays: number;
highStockDays: number;
language: Language;
stockCalculationMode: "automatic" | "manual";
lastAutoEmailSent: string | null;
lastNotificationType: string | null;
lastNotificationChannel: string | null;
userId: number;
emailEnabled: boolean;
notificationEmail: string | null;
emailStockReminders: boolean;
emailIntakeReminders: boolean;
shoutrrrEnabled: boolean;
shoutrrrUrl: string | null;
shoutrrrStockReminders: boolean;
shoutrrrIntakeReminders: boolean;
reminderDaysBefore: number;
repeatDailyReminders: boolean;
skipRemindersForTakenDoses: boolean;
repeatRemindersEnabled: boolean;
reminderRepeatIntervalMinutes: number;
maxNaggingReminders: number;
lowStockDays: number;
normalStockDays: number;
highStockDays: number;
language: Language;
stockCalculationMode: "automatic" | "manual";
lastAutoEmailSent: string | null;
lastNotificationType: string | null;
lastNotificationChannel: string | null;
lastReminderMedName: string | null;
lastReminderTakenBy: string | null;
};
type SettingsBody = {
emailEnabled: boolean;
notificationEmail: string;
reminderDaysBefore: number;
repeatDailyReminders: boolean;
lowStockDays: number;
normalStockDays: number;
highStockDays: number;
shoutrrrEnabled: boolean;
shoutrrrUrl: string;
emailStockReminders: boolean;
emailIntakeReminders: boolean;
shoutrrrStockReminders: boolean;
shoutrrrIntakeReminders: boolean;
skipRemindersForTakenDoses: boolean;
repeatRemindersEnabled: boolean;
reminderRepeatIntervalMinutes: number;
maxNaggingReminders: number;
language: string;
stockCalculationMode: "automatic" | "manual";
emailEnabled: boolean;
notificationEmail: string;
reminderDaysBefore: number;
repeatDailyReminders: boolean;
lowStockDays: number;
normalStockDays: number;
highStockDays: number;
shoutrrrEnabled: boolean;
shoutrrrUrl: string;
emailStockReminders: boolean;
emailIntakeReminders: boolean;
shoutrrrStockReminders: boolean;
shoutrrrIntakeReminders: boolean;
skipRemindersForTakenDoses: boolean;
repeatRemindersEnabled: boolean;
reminderRepeatIntervalMinutes: number;
maxNaggingReminders: number;
language: string;
stockCalculationMode: "automatic" | "manual";
};
type TestEmailBody = {
email: string;
email: string;
};
type TestShoutrrrBody = {
url: string;
url: string;
};
// Helper to parse boolean env vars
function envBool(key: string, defaultVal: boolean): boolean {
const val = process.env[key];
if (val === undefined) return defaultVal;
return val === "true" || val === "1";
const val = process.env[key];
if (val === undefined) return defaultVal;
return val === "true" || val === "1";
}
// Helper to parse integer env vars
function envInt(key: string, defaultVal: number): number {
const val = process.env[key];
if (val === undefined) return defaultVal;
const parsed = parseInt(val, 10);
return isNaN(parsed) ? defaultVal : parsed;
const val = process.env[key];
if (val === undefined) return defaultVal;
const parsed = parseInt(val, 10);
return Number.isNaN(parsed) ? defaultVal : parsed;
}
// Default settings for new users - read from ENV with fallbacks
function getDefaultSettings() {
return {
emailEnabled: envBool("DEFAULT_EMAIL_ENABLED", false),
notificationEmail: process.env.DEFAULT_NOTIFICATION_EMAIL || null,
emailStockReminders: envBool("DEFAULT_EMAIL_STOCK_REMINDERS", true),
emailIntakeReminders: envBool("DEFAULT_EMAIL_INTAKE_REMINDERS", true),
shoutrrrEnabled: envBool("DEFAULT_SHOUTRRR_ENABLED", false),
shoutrrrUrl: process.env.DEFAULT_SHOUTRRR_URL || null,
shoutrrrStockReminders: envBool("DEFAULT_SHOUTRRR_STOCK_REMINDERS", true),
shoutrrrIntakeReminders: envBool("DEFAULT_SHOUTRRR_INTAKE_REMINDERS", true),
reminderDaysBefore: envInt("REMINDER_DAYS_BEFORE", 7),
repeatDailyReminders: envBool("DEFAULT_REPEAT_DAILY_REMINDERS", false),
skipRemindersForTakenDoses: envBool("DEFAULT_SKIP_REMINDERS_FOR_TAKEN_DOSES", false),
repeatRemindersEnabled: envBool("DEFAULT_REPEAT_REMINDERS_ENABLED", false),
reminderRepeatIntervalMinutes: envInt("DEFAULT_REMINDER_REPEAT_INTERVAL_MINUTES", 30),
maxNaggingReminders: envInt("DEFAULT_MAX_NAGGING_REMINDERS", 5),
lowStockDays: envInt("DEFAULT_LOW_STOCK_DAYS", 30),
normalStockDays: envInt("DEFAULT_NORMAL_STOCK_DAYS", 90),
highStockDays: envInt("DEFAULT_HIGH_STOCK_DAYS", 180),
language: (process.env.DEFAULT_LANGUAGE as "en" | "de") || "en",
stockCalculationMode: (process.env.DEFAULT_STOCK_CALCULATION_MODE as "automatic" | "manual") || "automatic",
lastAutoEmailSent: null,
lastNotificationType: null,
lastNotificationChannel: null,
};
return {
emailEnabled: envBool("DEFAULT_EMAIL_ENABLED", false),
notificationEmail: process.env.DEFAULT_NOTIFICATION_EMAIL || null,
emailStockReminders: envBool("DEFAULT_EMAIL_STOCK_REMINDERS", true),
emailIntakeReminders: envBool("DEFAULT_EMAIL_INTAKE_REMINDERS", true),
shoutrrrEnabled: envBool("DEFAULT_SHOUTRRR_ENABLED", false),
shoutrrrUrl: process.env.DEFAULT_SHOUTRRR_URL || null,
shoutrrrStockReminders: envBool("DEFAULT_SHOUTRRR_STOCK_REMINDERS", true),
shoutrrrIntakeReminders: envBool("DEFAULT_SHOUTRRR_INTAKE_REMINDERS", true),
reminderDaysBefore: envInt("REMINDER_DAYS_BEFORE", 7),
repeatDailyReminders: envBool("DEFAULT_REPEAT_DAILY_REMINDERS", false),
skipRemindersForTakenDoses: envBool("DEFAULT_SKIP_REMINDERS_FOR_TAKEN_DOSES", false),
repeatRemindersEnabled: envBool("DEFAULT_REPEAT_REMINDERS_ENABLED", false),
reminderRepeatIntervalMinutes: envInt("DEFAULT_REMINDER_REPEAT_INTERVAL_MINUTES", 30),
maxNaggingReminders: envInt("DEFAULT_MAX_NAGGING_REMINDERS", 5),
lowStockDays: envInt("DEFAULT_LOW_STOCK_DAYS", 30),
normalStockDays: envInt("DEFAULT_NORMAL_STOCK_DAYS", 90),
highStockDays: envInt("DEFAULT_HIGH_STOCK_DAYS", 180),
language: (process.env.DEFAULT_LANGUAGE as "en" | "de") || "en",
stockCalculationMode: (process.env.DEFAULT_STOCK_CALCULATION_MODE as "automatic" | "manual") || "automatic",
lastAutoEmailSent: null,
lastNotificationType: null,
lastNotificationChannel: null,
lastReminderMedName: null,
lastReminderTakenBy: null,
};
}
// Helper to get or create user settings
async function getOrCreateUserSettings(userId: number) {
let [settings] = await db.select().from(userSettings).where(eq(userSettings.userId, userId));
if (!settings) {
// Create default settings for user (using ENV defaults)
[settings] = await db.insert(userSettings).values({
userId,
...getDefaultSettings(),
}).returning();
}
return settings;
let [settings] = await db.select().from(userSettings).where(eq(userSettings.userId, userId));
if (!settings) {
// Create default settings for user (using ENV defaults)
[settings] = await db
.insert(userSettings)
.values({
userId,
...getDefaultSettings(),
})
.returning();
}
return settings;
}
// Export for use in reminder scheduler
export async function loadUserSettings(userId: number): Promise<UserSettings> {
const settings = await getOrCreateUserSettings(userId);
return {
userId: settings.userId,
emailEnabled: settings.emailEnabled,
notificationEmail: settings.notificationEmail,
emailStockReminders: settings.emailStockReminders,
emailIntakeReminders: settings.emailIntakeReminders,
shoutrrrEnabled: settings.shoutrrrEnabled,
shoutrrrUrl: settings.shoutrrrUrl,
shoutrrrStockReminders: settings.shoutrrrStockReminders,
shoutrrrIntakeReminders: settings.shoutrrrIntakeReminders,
reminderDaysBefore: settings.reminderDaysBefore,
repeatDailyReminders: settings.repeatDailyReminders,
skipRemindersForTakenDoses: settings.skipRemindersForTakenDoses ?? false,
repeatRemindersEnabled: settings.repeatRemindersEnabled ?? false,
reminderRepeatIntervalMinutes: settings.reminderRepeatIntervalMinutes ?? 30,
maxNaggingReminders: settings.maxNaggingReminders ?? 5,
lowStockDays: settings.lowStockDays,
normalStockDays: settings.normalStockDays,
highStockDays: settings.highStockDays,
language: settings.language as Language,
stockCalculationMode: (settings.stockCalculationMode as "automatic" | "manual") ?? "automatic",
lastAutoEmailSent: settings.lastAutoEmailSent,
lastNotificationType: settings.lastNotificationType,
lastNotificationChannel: settings.lastNotificationChannel,
};
const settings = await getOrCreateUserSettings(userId);
return {
userId: settings.userId,
emailEnabled: settings.emailEnabled,
notificationEmail: settings.notificationEmail,
emailStockReminders: settings.emailStockReminders,
emailIntakeReminders: settings.emailIntakeReminders,
shoutrrrEnabled: settings.shoutrrrEnabled,
shoutrrrUrl: settings.shoutrrrUrl,
shoutrrrStockReminders: settings.shoutrrrStockReminders,
shoutrrrIntakeReminders: settings.shoutrrrIntakeReminders,
reminderDaysBefore: settings.reminderDaysBefore,
repeatDailyReminders: settings.repeatDailyReminders,
skipRemindersForTakenDoses: settings.skipRemindersForTakenDoses ?? false,
repeatRemindersEnabled: settings.repeatRemindersEnabled ?? false,
reminderRepeatIntervalMinutes: settings.reminderRepeatIntervalMinutes ?? 30,
maxNaggingReminders: settings.maxNaggingReminders ?? 5,
lowStockDays: settings.lowStockDays,
normalStockDays: settings.normalStockDays,
highStockDays: settings.highStockDays,
language: settings.language as Language,
stockCalculationMode: (settings.stockCalculationMode as "automatic" | "manual") ?? "automatic",
lastAutoEmailSent: settings.lastAutoEmailSent,
lastNotificationType: settings.lastNotificationType,
lastNotificationChannel: settings.lastNotificationChannel,
lastReminderMedName: settings.lastReminderMedName ?? null,
lastReminderTakenBy: settings.lastReminderTakenBy ?? null,
};
}
// Get all users with settings for scheduler
export async function getAllUserSettings(): Promise<UserSettings[]> {
const allSettings = await db.select().from(userSettings);
return allSettings.map(settings => ({
userId: settings.userId,
emailEnabled: settings.emailEnabled,
notificationEmail: settings.notificationEmail,
emailStockReminders: settings.emailStockReminders,
emailIntakeReminders: settings.emailIntakeReminders,
shoutrrrEnabled: settings.shoutrrrEnabled,
shoutrrrUrl: settings.shoutrrrUrl,
shoutrrrStockReminders: settings.shoutrrrStockReminders,
shoutrrrIntakeReminders: settings.shoutrrrIntakeReminders,
reminderDaysBefore: settings.reminderDaysBefore,
repeatDailyReminders: settings.repeatDailyReminders,
skipRemindersForTakenDoses: settings.skipRemindersForTakenDoses ?? false,
repeatRemindersEnabled: settings.repeatRemindersEnabled ?? false,
reminderRepeatIntervalMinutes: settings.reminderRepeatIntervalMinutes ?? 30,
maxNaggingReminders: settings.maxNaggingReminders ?? 5,
lowStockDays: settings.lowStockDays,
normalStockDays: settings.normalStockDays,
highStockDays: settings.highStockDays,
language: settings.language as Language,
stockCalculationMode: (settings.stockCalculationMode as "automatic" | "manual") ?? "automatic",
lastAutoEmailSent: settings.lastAutoEmailSent,
lastNotificationType: settings.lastNotificationType,
lastNotificationChannel: settings.lastNotificationChannel,
}));
const allSettings = await db.select().from(userSettings);
return allSettings.map((settings) => ({
userId: settings.userId,
emailEnabled: settings.emailEnabled,
notificationEmail: settings.notificationEmail,
emailStockReminders: settings.emailStockReminders,
emailIntakeReminders: settings.emailIntakeReminders,
shoutrrrEnabled: settings.shoutrrrEnabled,
shoutrrrUrl: settings.shoutrrrUrl,
shoutrrrStockReminders: settings.shoutrrrStockReminders,
shoutrrrIntakeReminders: settings.shoutrrrIntakeReminders,
reminderDaysBefore: settings.reminderDaysBefore,
repeatDailyReminders: settings.repeatDailyReminders,
skipRemindersForTakenDoses: settings.skipRemindersForTakenDoses ?? false,
repeatRemindersEnabled: settings.repeatRemindersEnabled ?? false,
reminderRepeatIntervalMinutes: settings.reminderRepeatIntervalMinutes ?? 30,
maxNaggingReminders: settings.maxNaggingReminders ?? 5,
lowStockDays: settings.lowStockDays,
normalStockDays: settings.normalStockDays,
highStockDays: settings.highStockDays,
language: settings.language as Language,
stockCalculationMode: (settings.stockCalculationMode as "automatic" | "manual") ?? "automatic",
lastAutoEmailSent: settings.lastAutoEmailSent,
lastNotificationType: settings.lastNotificationType,
lastNotificationChannel: settings.lastNotificationChannel,
lastReminderMedName: settings.lastReminderMedName ?? null,
lastReminderTakenBy: settings.lastReminderTakenBy ?? null,
}));
}
export async function settingsRoutes(app: FastifyInstance) {
// All settings routes require auth
app.addHook("preHandler", requireAuth);
// All settings routes require auth
app.addHook("preHandler", requireAuth);
// Helper to get user ID from request
// Returns anonymous user ID when auth is disabled
async function getUserId(request: any, reply: any): Promise<number> {
// If auth is disabled, use the anonymous user
if (!env.AUTH_ENABLED) {
return getAnonymousUserId();
}
const authUser = request.user as unknown as AuthUser | null;
if (!authUser) {
reply.status(401).send({ error: "Not authenticated" });
throw new Error("AUTH_REQUIRED");
}
return authUser.id;
}
// Helper to get user ID from request
// Returns anonymous user ID when auth is disabled
async function getUserId(request: any, reply: any): Promise<number> {
// If auth is disabled, use the anonymous user
if (!env.AUTH_ENABLED) {
return getAnonymousUserId();
}
// Get settings for current user
app.get("/settings", async (request, reply) => {
const userId = await getUserId(request, reply);
const authUser = request.user as unknown as AuthUser | null;
if (!authUser) {
reply.status(401).send({ error: "Not authenticated" });
throw new Error("AUTH_REQUIRED");
}
return authUser.id;
}
const settings = await getOrCreateUserSettings(userId);
return reply.send({
// User notification settings (from DB)
emailEnabled: settings.emailEnabled,
notificationEmail: settings.notificationEmail ?? "",
reminderDaysBefore: settings.reminderDaysBefore,
repeatDailyReminders: settings.repeatDailyReminders,
lowStockDays: settings.lowStockDays,
normalStockDays: settings.normalStockDays,
highStockDays: settings.highStockDays,
shoutrrrEnabled: settings.shoutrrrEnabled,
shoutrrrUrl: settings.shoutrrrUrl ?? "",
emailStockReminders: settings.emailStockReminders,
emailIntakeReminders: settings.emailIntakeReminders,
shoutrrrStockReminders: settings.shoutrrrStockReminders,
shoutrrrIntakeReminders: settings.shoutrrrIntakeReminders,
skipRemindersForTakenDoses: settings.skipRemindersForTakenDoses,
repeatRemindersEnabled: settings.repeatRemindersEnabled ?? false,
reminderRepeatIntervalMinutes: settings.reminderRepeatIntervalMinutes ?? 30,
maxNaggingReminders: settings.maxNaggingReminders ?? 5,
language: settings.language,
stockCalculationMode: settings.stockCalculationMode ?? "automatic",
// SMTP settings (from .env - shared/server-configured)
smtpHost: process.env.SMTP_HOST ?? "",
smtpPort: parseInt(process.env.SMTP_PORT ?? "587"),
smtpUser: process.env.SMTP_USER ?? "",
smtpFrom: process.env.SMTP_FROM ?? "",
smtpSecure: process.env.SMTP_SECURE === "true",
hasSmtpPassword: !!(process.env.SMTP_TOKEN || process.env.SMTP_PASS),
// Reminder state for this user
lastAutoEmailSent: settings.lastAutoEmailSent,
lastNotificationType: settings.lastNotificationType,
lastNotificationChannel: settings.lastNotificationChannel,
// Server settings (from .env, read-only)
expiryWarningDays: parseInt(process.env.EXPIRY_WARNING_DAYS ?? "30", 10),
});
});
// Get settings for current user
app.get("/settings", async (request, reply) => {
const userId = await getUserId(request, reply);
// Update settings for current user
app.put<{ Body: SettingsBody }>("/settings", async (request, reply) => {
const userId = await getUserId(request, reply);
const settings = await getOrCreateUserSettings(userId);
const body = request.body;
// Check if any stock reminders are configured
const hasEmailStock = body.emailEnabled && body.emailStockReminders && body.notificationEmail;
const hasShoutrrrStock = body.shoutrrrEnabled && body.shoutrrrStockReminders && body.shoutrrrUrl;
const hasAnyStockReminder = hasEmailStock || hasShoutrrrStock;
// Disable repeatDailyReminders if no stock reminders are configured
const repeatDailyReminders = hasAnyStockReminder ? (body.repeatDailyReminders ?? false) : false;
return reply.send({
// User notification settings (from DB)
emailEnabled: settings.emailEnabled,
notificationEmail: settings.notificationEmail ?? "",
reminderDaysBefore: settings.reminderDaysBefore,
repeatDailyReminders: settings.repeatDailyReminders,
lowStockDays: settings.lowStockDays,
normalStockDays: settings.normalStockDays,
highStockDays: settings.highStockDays,
shoutrrrEnabled: settings.shoutrrrEnabled,
shoutrrrUrl: settings.shoutrrrUrl ?? "",
emailStockReminders: settings.emailStockReminders,
emailIntakeReminders: settings.emailIntakeReminders,
shoutrrrStockReminders: settings.shoutrrrStockReminders,
shoutrrrIntakeReminders: settings.shoutrrrIntakeReminders,
skipRemindersForTakenDoses: settings.skipRemindersForTakenDoses,
repeatRemindersEnabled: settings.repeatRemindersEnabled ?? false,
reminderRepeatIntervalMinutes: settings.reminderRepeatIntervalMinutes ?? 30,
maxNaggingReminders: settings.maxNaggingReminders ?? 5,
language: settings.language,
stockCalculationMode: settings.stockCalculationMode ?? "automatic",
// SMTP settings (from .env - shared/server-configured)
smtpHost: process.env.SMTP_HOST ?? "",
smtpPort: parseInt(process.env.SMTP_PORT ?? "587", 10),
smtpUser: process.env.SMTP_USER ?? "",
smtpFrom: process.env.SMTP_FROM ?? "",
smtpSecure: process.env.SMTP_SECURE === "true",
hasSmtpPassword: !!(process.env.SMTP_TOKEN || process.env.SMTP_PASS),
// Reminder state for this user
lastAutoEmailSent: settings.lastAutoEmailSent,
lastNotificationType: settings.lastNotificationType,
lastNotificationChannel: settings.lastNotificationChannel,
lastReminderMedName: settings.lastReminderMedName ?? null,
lastReminderTakenBy: settings.lastReminderTakenBy ?? null,
// Server settings (from .env, read-only)
expiryWarningDays: parseInt(process.env.EXPIRY_WARNING_DAYS ?? "30", 10),
});
});
// Update or insert user settings
const existingSettings = await db.select().from(userSettings).where(eq(userSettings.userId, userId));
const settingsData = {
emailEnabled: body.emailEnabled,
notificationEmail: body.notificationEmail || null,
emailStockReminders: body.emailStockReminders ?? true,
emailIntakeReminders: body.emailIntakeReminders ?? true,
shoutrrrEnabled: body.shoutrrrEnabled ?? false,
shoutrrrUrl: body.shoutrrrUrl || null,
shoutrrrStockReminders: body.shoutrrrStockReminders ?? true,
shoutrrrIntakeReminders: body.shoutrrrIntakeReminders ?? true,
reminderDaysBefore: body.reminderDaysBefore,
repeatDailyReminders,
skipRemindersForTakenDoses: body.skipRemindersForTakenDoses ?? false,
repeatRemindersEnabled: body.repeatRemindersEnabled ?? false,
reminderRepeatIntervalMinutes: body.reminderRepeatIntervalMinutes ?? 30,
maxNaggingReminders: body.maxNaggingReminders ?? 5,
lowStockDays: body.lowStockDays ?? 30,
normalStockDays: body.normalStockDays ?? 90,
highStockDays: body.highStockDays ?? 180,
language: body.language ?? "en",
stockCalculationMode: body.stockCalculationMode ?? "automatic",
updatedAt: new Date(),
};
// Update settings for current user
app.put<{ Body: SettingsBody }>("/settings", async (request, reply) => {
const userId = await getUserId(request, reply);
if (existingSettings.length > 0) {
await db.update(userSettings)
.set(settingsData)
.where(eq(userSettings.userId, userId));
} else {
await db.insert(userSettings).values({
userId: userId,
...settingsData,
});
}
const body = request.body;
return reply.send({ success: true });
});
// Check if any stock reminders are configured
const hasEmailStock = body.emailEnabled && body.emailStockReminders && body.notificationEmail;
const hasShoutrrrStock = body.shoutrrrEnabled && body.shoutrrrStockReminders && body.shoutrrrUrl;
const hasAnyStockReminder = hasEmailStock || hasShoutrrrStock;
// Test email - use SMTP settings from process.env
app.post<{ Body: TestEmailBody }>("/settings/test-email", async (request, reply) => {
const { email } = request.body;
const smtpHost = process.env.SMTP_HOST;
const smtpUser = process.env.SMTP_USER;
const smtpPass = process.env.SMTP_TOKEN || process.env.SMTP_PASS;
const smtpPort = parseInt(process.env.SMTP_PORT ?? "587");
const smtpSecure = process.env.SMTP_SECURE === "true";
const smtpFrom = process.env.SMTP_FROM ?? smtpUser;
// Disable repeatDailyReminders if no stock reminders are configured
const repeatDailyReminders = hasAnyStockReminder ? (body.repeatDailyReminders ?? false) : false;
if (!smtpHost || !smtpUser) {
return reply.status(400).send({ error: "SMTP not configured" });
}
// Update or insert user settings
const existingSettings = await db.select().from(userSettings).where(eq(userSettings.userId, userId));
try {
const transporter = nodemailer.createTransport({
host: smtpHost,
port: smtpPort,
secure: smtpSecure,
auth: {
user: smtpUser,
pass: smtpPass ?? "",
},
});
const settingsData = {
emailEnabled: body.emailEnabled,
notificationEmail: body.notificationEmail || null,
emailStockReminders: body.emailStockReminders ?? true,
emailIntakeReminders: body.emailIntakeReminders ?? true,
shoutrrrEnabled: body.shoutrrrEnabled ?? false,
shoutrrrUrl: body.shoutrrrUrl || null,
shoutrrrStockReminders: body.shoutrrrStockReminders ?? true,
shoutrrrIntakeReminders: body.shoutrrrIntakeReminders ?? true,
reminderDaysBefore: body.reminderDaysBefore,
repeatDailyReminders,
skipRemindersForTakenDoses: body.skipRemindersForTakenDoses ?? false,
repeatRemindersEnabled: body.repeatRemindersEnabled ?? false,
reminderRepeatIntervalMinutes: body.reminderRepeatIntervalMinutes ?? 30,
maxNaggingReminders: body.maxNaggingReminders ?? 5,
lowStockDays: body.lowStockDays ?? 30,
normalStockDays: body.normalStockDays ?? 90,
highStockDays: body.highStockDays ?? 180,
language: body.language ?? "en",
stockCalculationMode: body.stockCalculationMode ?? "automatic",
updatedAt: new Date(),
};
await transporter.sendMail({
from: smtpFrom,
to: email,
subject: "MedAssist-ng - Test Email",
text: "This is a test email from MedAssist-ng. If you received this, your email configuration is working correctly!",
html: `
if (existingSettings.length > 0) {
await db.update(userSettings).set(settingsData).where(eq(userSettings.userId, userId));
} else {
await db.insert(userSettings).values({
userId: userId,
...settingsData,
});
}
return reply.send({ success: true });
});
// Test email - use SMTP settings from process.env
app.post<{ Body: TestEmailBody }>("/settings/test-email", async (request, reply) => {
const { email } = request.body;
const smtpHost = process.env.SMTP_HOST;
const smtpUser = process.env.SMTP_USER;
const smtpPass = process.env.SMTP_TOKEN || process.env.SMTP_PASS;
const smtpPort = parseInt(process.env.SMTP_PORT ?? "587", 10);
const smtpSecure = process.env.SMTP_SECURE === "true";
const smtpFrom = process.env.SMTP_FROM ?? smtpUser;
if (!smtpHost || !smtpUser) {
return reply.status(400).send({ error: "SMTP not configured" });
}
try {
const transporter = nodemailer.createTransport({
host: smtpHost,
port: smtpPort,
secure: smtpSecure,
auth: {
user: smtpUser,
pass: smtpPass ?? "",
},
});
await transporter.sendMail({
from: smtpFrom,
to: email,
subject: "MedAssist-ng - Test Email",
text: "This is a test email from MedAssist-ng. If you received this, your email configuration is working correctly!",
html: `
<div style="font-family: system-ui, sans-serif; max-width: 600px; margin: 0 auto; padding: 20px;">
<h2 style="color: #2563eb;">MedAssist-ng - Test Email</h2>
<p>This is a test email from MedAssist-ng.</p>
@@ -340,137 +351,180 @@ export async function settingsRoutes(app: FastifyInstance) {
<p style="color: #6b7280; font-size: 14px;">Sent from MedAssist-ng Medication Planner</p>
</div>
`,
});
});
return reply.send({ success: true, message: "Test email sent successfully" });
} catch (error) {
const errorMessage = error instanceof Error ? error.message : "Unknown error";
return reply.status(500).send({ error: `Failed to send email: ${errorMessage}` });
}
});
return reply.send({ success: true, message: "Test email sent successfully" });
} catch (error) {
const errorMessage = error instanceof Error ? error.message : "Unknown error";
return reply.status(500).send({ error: `Failed to send email: ${errorMessage}` });
}
});
// Test Shoutrrr/ntfy notification
app.post<{ Body: TestShoutrrrBody }>("/settings/test-shoutrrr", async (request, reply) => {
const { url } = request.body;
if (!url) {
return reply.status(400).send({ error: "Notification URL is required" });
}
// Test Shoutrrr/ntfy notification
app.post<{ Body: TestShoutrrrBody }>("/settings/test-shoutrrr", async (request, reply) => {
const { url } = request.body;
try {
const result = await sendShoutrrrNotification(url, "MedAssist-ng Test", "This is a test notification from MedAssist-ng. If you received this, your notification configuration is working correctly!");
if (result.success) {
return reply.send({ success: true, message: "Test notification sent successfully" });
} else {
return reply.status(500).send({ error: result.error });
}
} catch (error) {
const errorMessage = error instanceof Error ? error.message : "Unknown error";
return reply.status(500).send({ error: `Failed to send notification: ${errorMessage}` });
}
});
if (!url) {
return reply.status(400).send({ error: "Notification URL is required" });
}
try {
const result = await sendShoutrrrNotification(
url,
"MedAssist-ng Test",
"This is a test notification from MedAssist-ng. If you received this, your notification configuration is working correctly!"
);
if (result.success) {
return reply.send({ success: true, message: "Test notification sent successfully" });
} else {
return reply.status(500).send({ error: result.error });
}
} catch (error) {
const errorMessage = error instanceof Error ? error.message : "Unknown error";
return reply.status(500).send({ error: `Failed to send notification: ${errorMessage}` });
}
});
}
// Validate URL to prevent SSRF attacks
function isAllowedNotificationUrl(urlStr: string): { allowed: boolean; error?: string } {
try {
// Convert ntfy:// to https:// for parsing
const normalizedUrl = urlStr.startsWith("ntfy://")
? urlStr.replace("ntfy://", "https://")
: urlStr;
const parsed = new URL(normalizedUrl);
// Only allow http and https protocols
if (!['http:', 'https:'].includes(parsed.protocol)) {
return { allowed: false, error: "Only HTTP/HTTPS protocols are allowed" };
}
// Block private/internal IP addresses
const hostname = parsed.hostname.toLowerCase();
// Block localhost
if (hostname === 'localhost' || hostname === '127.0.0.1' || hostname === '::1') {
return { allowed: false, error: "Localhost URLs are not allowed" };
}
// Block private IP ranges (basic check)
const ipMatch = hostname.match(/^(\d+)\.(\d+)\.(\d+)\.(\d+)$/);
if (ipMatch) {
const [, a, b] = ipMatch.map(Number);
// 10.x.x.x, 172.16-31.x.x, 192.168.x.x, 169.254.x.x (link-local)
if (a === 10 || a === 127 || (a === 172 && b >= 16 && b <= 31) ||
(a === 192 && b === 168) || (a === 169 && b === 254)) {
return { allowed: false, error: "Private IP addresses are not allowed" };
}
}
// Block common internal hostnames
if (hostname.endsWith('.local') || hostname.endsWith('.internal') ||
hostname.endsWith('.lan') || hostname === 'metadata.google.internal') {
return { allowed: false, error: "Internal hostnames are not allowed" };
}
return { allowed: true };
} catch {
return { allowed: false, error: "Invalid URL format" };
}
// Validate and sanitize URL to prevent SSRF attacks
// Returns a reconstructed URL from validated components to break taint tracking
function sanitizeNotificationUrl(
urlStr: string
): { url: string; isNtfy: boolean; auth?: { user: string; pass: string } } | { error: string } {
try {
// Convert ntfy:// to https:// for parsing, track if it was ntfy
const isNtfy = urlStr.startsWith("ntfy://");
const normalizedUrl = isNtfy ? urlStr.replace("ntfy://", "https://") : urlStr;
const parsed = new URL(normalizedUrl);
// Only allow http and https protocols
if (!["http:", "https:"].includes(parsed.protocol)) {
return { error: "Only HTTP/HTTPS protocols are allowed" };
}
// Block private/internal IP addresses
const hostname = parsed.hostname.toLowerCase();
// Block localhost
if (hostname === "localhost" || hostname === "127.0.0.1" || hostname === "::1") {
return { error: "Localhost URLs are not allowed" };
}
// Block private IP ranges (basic check)
const ipMatch = hostname.match(/^(\d+)\.(\d+)\.(\d+)\.(\d+)$/);
if (ipMatch) {
const [, a, b] = ipMatch.map(Number);
// 10.x.x.x, 172.16-31.x.x, 192.168.x.x, 169.254.x.x (link-local)
if (
a === 10 ||
a === 127 ||
(a === 172 && b >= 16 && b <= 31) ||
(a === 192 && b === 168) ||
(a === 169 && b === 254)
) {
return { error: "Private IP addresses are not allowed" };
}
}
// Block common internal hostnames
if (
hostname.endsWith(".local") ||
hostname.endsWith(".internal") ||
hostname.endsWith(".lan") ||
hostname === "metadata.google.internal"
) {
return { error: "Internal hostnames are not allowed" };
}
// Reconstruct URL from validated components - this breaks taint tracking
// because we're building a new string from validated parts, not passing through user input
const reconstructedUrl = `${parsed.protocol}//${parsed.host}${parsed.pathname}${parsed.search}`;
// Extract auth credentials separately for ntfy (they're in the URL but not in host)
const auth =
isNtfy && parsed.username && parsed.password ? { user: parsed.username, pass: parsed.password } : undefined;
return { url: reconstructedUrl, isNtfy, auth };
} catch {
return { error: "Invalid URL format" };
}
}
// Send notification via Shoutrrr-compatible URL (supports ntfy, Discord, Telegram, etc.)
export async function sendShoutrrrNotification(urlStr: string, title: string, message: string): Promise<{ success: boolean; error?: string }> {
try {
// Validate URL to prevent SSRF
const validation = isAllowedNotificationUrl(urlStr);
if (!validation.allowed) {
return { success: false, error: validation.error };
}
let targetUrl: string;
let method = "POST";
let headers: Record<string, string> = {};
let body: string | undefined;
export async function sendShoutrrrNotification(
urlStr: string,
title: string,
message: string
): Promise<{ success: boolean; error?: string }> {
try {
// Validate and sanitize URL to prevent SSRF - this reconstructs the URL
// from validated components, breaking taint tracking
const validation = sanitizeNotificationUrl(urlStr);
if ("error" in validation) {
return { success: false, error: validation.error };
}
// Remove emojis from title for header compatibility
const cleanTitle = title.replace(/[\u{1F300}-\u{1F9FF}]|[\u{2600}-\u{26FF}]|[\u{2700}-\u{27BF}]|[\u{FE00}-\u{FE0F}]|[\u{2000}-\u{206F}]||/gu, "").trim();
// Use ONLY the reconstructed URL from validation - never the original urlStr
const { url: sanitizedUrl, isNtfy, auth } = validation;
if (urlStr.startsWith("ntfy://")) {
const parsed = new URL(urlStr.replace("ntfy://", "https://"));
targetUrl = `https://${parsed.host}${parsed.pathname}`;
headers = { "Title": cleanTitle, "Tags": "pill" };
body = message;
if (parsed.username && parsed.password) {
headers["Authorization"] = "Basic " + Buffer.from(`${parsed.username}:${parsed.password}`).toString("base64");
}
} else if (urlStr.startsWith("https://ntfy.") || urlStr.includes("ntfy.sh") || urlStr.includes("/ntfy/")) {
targetUrl = urlStr;
headers = { "Title": cleanTitle, "Tags": "pill" };
body = message;
} else if (urlStr.startsWith("http://") || urlStr.startsWith("https://")) {
targetUrl = urlStr;
headers = { "Content-Type": "application/json" };
body = JSON.stringify({ title, message, text: `${title}\n\n${message}` });
} else {
return { success: false, error: "Unsupported URL format. Use ntfy:// or https:// URL" };
}
let targetUrl: string;
const method = "POST";
let headers: Record<string, string> = {};
let body: string | undefined;
const response = await fetch(targetUrl, {
method,
headers,
body,
});
// Remove emojis from title for header compatibility
const cleanTitle = title
.replace(
/[\u{1F300}-\u{1F9FF}]|[\u{2600}-\u{26FF}]|[\u{2700}-\u{27BF}]|[\u{FE00}-\u{FE0F}]|[\u{2000}-\u{206F}]||/gu,
""
)
.trim();
if (response.ok) {
return { success: true };
} else {
const errorText = await response.text();
return { success: false, error: `HTTP ${response.status}: ${errorText}` };
}
} catch (error) {
const errorMessage = error instanceof Error ? error.message : "Unknown error";
return { success: false, error: errorMessage };
}
// Determine notification type based on validation result and URL pattern
const isNtfyUrl = isNtfy || sanitizedUrl.includes("ntfy.sh") || sanitizedUrl.includes("/ntfy/");
if (isNtfyUrl) {
targetUrl = sanitizedUrl;
headers = { Title: cleanTitle, Tags: "pill" };
body = message;
// Add auth if present (extracted during sanitization)
if (auth) {
headers.Authorization = `Basic ${Buffer.from(`${auth.user}:${auth.pass}`).toString("base64")}`;
}
} else if (sanitizedUrl.startsWith("http://") || sanitizedUrl.startsWith("https://")) {
targetUrl = sanitizedUrl;
headers = { "Content-Type": "application/json" };
body = JSON.stringify({ title, message, text: `${title}\n\n${message}` });
} else {
return { success: false, error: "Unsupported URL format. Use ntfy:// or https:// URL" };
}
// SSRF protection: targetUrl is reconstructed from sanitizeNotificationUrl() which validates:
// - Only http/https protocols allowed
// - Blocks localhost (localhost, 127.0.0.1, ::1)
// - Blocks private IPs (10.x.x.x, 172.16-31.x.x, 192.168.x.x, 169.254.x.x)
// - Blocks internal hostnames (.local, .internal, .lan, metadata.google.internal)
// - redirect: "error" prevents redirect-based bypass attacks
// This is an intentional feature: users configure their own external notification services
// lgtm [js/request-forgery]
const response = await fetch(targetUrl, {
method,
headers,
body,
redirect: "error", // Don't follow redirects that could bypass validation
});
if (response.ok) {
return { success: true };
} else {
const errorText = await response.text();
return { success: false, error: `HTTP ${response.status}: ${errorText}` };
}
} catch (error) {
const errorMessage = error instanceof Error ? error.message : "Unknown error";
return { success: false, error: errorMessage };
}
}
backend/src/routes/share.ts
+176 -177
View File
@@ -1,10 +1,10 @@
import { FastifyInstance } from "fastify";
import { randomBytes } from "node:crypto";
import { eq } from "drizzle-orm";
import type { FastifyInstance, FastifyReply, FastifyRequest } from "fastify";
import { z } from "zod";
import { randomBytes } from "crypto";
import { db } from "../db/client.js";
import { medications, shareTokens, userSettings, users } from "../db/schema.js";
import { eq, and, sql } from "drizzle-orm";
import { requireAuth, optionalAuth, getAnonymousUserId } from "../plugins/auth.js";
import { getAnonymousUserId, requireAuth } from "../plugins/auth.js";
import { env } from "../plugins/env.js";
import type { AuthUser } from "../types/fastify.js";
@@ -15,212 +15,211 @@ const SHARE_TOKEN_VALIDITY_MS = 365 * 24 * 60 * 60 * 1000;
// Validation Schemas
// =============================================================================
const createShareSchema = z.object({
takenBy: z.string().min(1, "takenBy is required"),
scheduleDays: z.number().int().min(1).max(365).default(30),
takenBy: z.string().min(1, "takenBy is required"),
scheduleDays: z.number().int().min(1).max(365).default(30),
});
// Helper to get user ID from request
// Returns anonymous user ID when auth is disabled
async function getUserId(request: any, reply: any): Promise<number> {
// If auth is disabled, use the anonymous user
if (!env.AUTH_ENABLED) {
return getAnonymousUserId();
}
const authUser = request.user as unknown as AuthUser | null;
if (!authUser) {
reply.status(401).send({ error: "Not authenticated" });
throw new Error("AUTH_REQUIRED");
}
return authUser.id;
async function getUserId(request: FastifyRequest, reply: FastifyReply): Promise<number> {
// If auth is disabled, use the anonymous user
if (!env.AUTH_ENABLED) {
return getAnonymousUserId();
}
const authUser = request.user as unknown as AuthUser | null;
if (!authUser) {
reply.status(401).send({ error: "Not authenticated" });
throw new Error("AUTH_REQUIRED");
}
return authUser.id;
}
// Helper to parse takenByJson
function parseTakenByJson(takenByJson: string | null | undefined): string[] {
if (!takenByJson) return [];
try {
const parsed = JSON.parse(takenByJson);
return Array.isArray(parsed) ? parsed.filter((s: unknown) => typeof s === "string" && s.trim()) : [];
} catch {
return [];
}
if (!takenByJson) return [];
try {
const parsed = JSON.parse(takenByJson);
return Array.isArray(parsed) ? parsed.filter((s: unknown) => typeof s === "string" && s.trim()) : [];
} catch {
return [];
}
}
// =============================================================================
// Share Routes
// =============================================================================
export async function shareRoutes(app: FastifyInstance) {
// ---------------------------------------------------------------------------
// GET /share/:token - PUBLIC: Get shared schedule by token
// ---------------------------------------------------------------------------
app.get<{ Params: { token: string } }>("/share/:token", async (request, reply) => {
const { token } = request.params;
// ---------------------------------------------------------------------------
// GET /share/:token - PUBLIC: Get shared schedule by token
// ---------------------------------------------------------------------------
app.get<{ Params: { token: string } }>("/share/:token", async (request, reply) => {
const { token } = request.params;
// Find share token
const [share] = await db.select().from(shareTokens).where(eq(shareTokens.token, token));
if (!share) {
return reply.status(404).send({
error: "Share link not found",
code: "NOT_FOUND"
});
}
// Find share token
const [share] = await db.select().from(shareTokens).where(eq(shareTokens.token, token));
if (!share) {
return reply.status(404).send({
error: "Share link not found",
code: "NOT_FOUND",
});
}
// Check if token has expired
if (share.expiresAt && share.expiresAt.getTime() < Date.now()) {
// Get the username of the owner to show in the expired message
const [owner] = await db.select({ username: users.username }).from(users).where(eq(users.id, share.userId));
return reply.status(410).send({
error: "Share link has expired",
code: "EXPIRED",
ownerUsername: owner?.username ?? "the owner",
takenBy: share.takenBy,
expiredAt: share.expiresAt.toISOString(),
});
}
// Check if token has expired
if (share.expiresAt && share.expiresAt.getTime() < Date.now()) {
// Get the username of the owner to show in the expired message
const [owner] = await db.select({ username: users.username }).from(users).where(eq(users.id, share.userId));
return reply.status(410).send({
error: "Share link has expired",
code: "EXPIRED",
ownerUsername: owner?.username ?? "the owner",
takenBy: share.takenBy,
expiredAt: share.expiresAt.toISOString(),
});
}
// Get user settings for stock thresholds
const [settings] = await db.select().from(userSettings).where(eq(userSettings.userId, share.userId));
// Get user settings for stock thresholds
const [settings] = await db.select().from(userSettings).where(eq(userSettings.userId, share.userId));
// Get the username of the owner who created this share link
const [owner] = await db.select({ username: users.username }).from(users).where(eq(users.id, share.userId));
// Get the username of the owner who created this share link
const [owner] = await db.select({ username: users.username }).from(users).where(eq(users.id, share.userId));
// Get medications for this user filtered by takenBy (search in JSON array)
// Use SQLite JSON function to check if takenBy is in the array
const allMeds = await db.select().from(medications).where(eq(medications.userId, share.userId));
// Filter medications where takenByJson array contains the share.takenBy value
const meds = allMeds.filter((med) => {
const takenByArray = parseTakenByJson(med.takenByJson);
return takenByArray.includes(share.takenBy);
});
// Get medications for this user filtered by takenBy (search in JSON array)
// Use SQLite JSON function to check if takenBy is in the array
const allMeds = await db.select().from(medications).where(eq(medications.userId, share.userId));
// Parse blisters and build schedule data
const medicationsWithBlisters = meds.map((med) => {
let blisters: { usage: number; every: number; start: string }[] = [];
try {
const usageArr = JSON.parse(med.usageJson || "[]");
const everyArr = JSON.parse(med.everyJson || "[]");
const startArr = JSON.parse(med.startJson || "[]");
blisters = usageArr.map((usage: number, i: number) => ({
usage,
every: everyArr[i] ?? 1,
start: startArr[i] ?? new Date().toISOString(),
}));
} catch {
blisters = [];
}
// Filter medications where takenByJson array contains the share.takenBy value
const meds = allMeds.filter((med) => {
const takenByArray = parseTakenByJson(med.takenByJson);
return takenByArray.includes(share.takenBy);
});
// Parse takenBy JSON array
const takenByArray = parseTakenByJson(med.takenByJson);
// Parse blisters and build schedule data
const medicationsWithBlisters = meds.map((med) => {
let blisters: { usage: number; every: number; start: string }[] = [];
try {
const usageArr = JSON.parse(med.usageJson || "[]");
const everyArr = JSON.parse(med.everyJson || "[]");
const startArr = JSON.parse(med.startJson || "[]");
blisters = usageArr.map((usage: number, i: number) => ({
usage,
every: everyArr[i] ?? 1,
start: startArr[i] ?? new Date().toISOString(),
}));
} catch {
blisters = [];
}
const totalPills = med.packCount * med.blistersPerPack * med.pillsPerBlister + med.looseTablets;
return {
id: med.id,
name: med.name,
genericName: med.genericName,
pillWeightMg: med.pillWeightMg,
imageUrl: med.imageUrl,
totalPills,
packCount: med.packCount,
blistersPerPack: med.blistersPerPack,
looseTablets: med.looseTablets,
pillsPerBlister: med.pillsPerBlister,
takenBy: takenByArray,
blisters,
};
});
// Parse takenBy JSON array
const takenByArray = parseTakenByJson(med.takenByJson);
return {
takenBy: share.takenBy,
sharedBy: owner?.username ?? null,
scheduleDays: share.scheduleDays,
medications: medicationsWithBlisters,
stockThresholds: {
lowStockDays: settings?.lowStockDays ?? 30,
},
};
});
const totalPills =
med.packCount * med.blistersPerPack * med.pillsPerBlister + med.looseTablets + (med.stockAdjustment ?? 0);
return {
id: med.id,
name: med.name,
genericName: med.genericName,
pillWeightMg: med.pillWeightMg,
imageUrl: med.imageUrl,
totalPills,
packCount: med.packCount,
blistersPerPack: med.blistersPerPack,
looseTablets: med.looseTablets,
pillsPerBlister: med.pillsPerBlister,
takenBy: takenByArray,
blisters,
dismissedUntil: med.dismissedUntil,
};
});
// ---------------------------------------------------------------------------
// POST /share - PROTECTED: Create a new share link
// ---------------------------------------------------------------------------
app.post<{ Body: z.infer<typeof createShareSchema> }>(
"/share",
{ preHandler: requireAuth },
async (request, reply) => {
const userId = await getUserId(request, reply);
return {
takenBy: share.takenBy,
sharedBy: owner?.username ?? null,
scheduleDays: share.scheduleDays,
medications: medicationsWithBlisters,
stockThresholds: {
lowStockDays: settings?.lowStockDays ?? 30,
},
};
});
const parsed = createShareSchema.safeParse(request.body);
if (!parsed.success) {
return reply.status(400).send({
error: parsed.error.errors[0]?.message ?? "Invalid input",
code: "VALIDATION_ERROR",
});
}
// ---------------------------------------------------------------------------
// POST /share - PROTECTED: Create a new share link
// ---------------------------------------------------------------------------
app.post<{ Body: z.infer<typeof createShareSchema> }>(
"/share",
{ preHandler: requireAuth },
async (request, reply) => {
const userId = await getUserId(request, reply);
const { takenBy, scheduleDays } = parsed.data;
const parsed = createShareSchema.safeParse(request.body);
if (!parsed.success) {
return reply.status(400).send({
error: parsed.error.errors[0]?.message ?? "Invalid input",
code: "VALIDATION_ERROR",
});
}
// Check if user has medications for this takenBy (search in JSON array)
const allMeds = await db.select().from(medications).where(eq(medications.userId, userId));
const medsForPerson = allMeds.filter((med) => {
const takenByArray = parseTakenByJson(med.takenByJson);
return takenByArray.includes(takenBy);
});
const { takenBy, scheduleDays } = parsed.data;
if (medsForPerson.length === 0) {
return reply.status(400).send({
error: "No medications found for this person",
code: "NO_MEDICATIONS",
});
}
// Check if user has medications for this takenBy (search in JSON array)
const allMeds = await db.select().from(medications).where(eq(medications.userId, userId));
const medsForPerson = allMeds.filter((med) => {
const takenByArray = parseTakenByJson(med.takenByJson);
return takenByArray.includes(takenBy);
});
// Generate unique token (8 bytes = 16 hex chars)
const token = randomBytes(8).toString("hex");
// Set expiration date (1 year from now)
const expiresAt = new Date(Date.now() + SHARE_TOKEN_VALIDITY_MS);
if (medsForPerson.length === 0) {
return reply.status(400).send({
error: "No medications found for this person",
code: "NO_MEDICATIONS",
});
}
// Create share token
await db.insert(shareTokens).values({
userId: userId,
token,
takenBy,
scheduleDays,
expiresAt,
});
// Generate unique token (8 bytes = 16 hex chars)
const token = randomBytes(8).toString("hex");
return {
token,
shareUrl: `/share/${token}`,
expiresAt: expiresAt.toISOString(),
};
}
);
// Set expiration date (1 year from now)
const expiresAt = new Date(Date.now() + SHARE_TOKEN_VALIDITY_MS);
// ---------------------------------------------------------------------------
// GET /share/people - PROTECTED: Get list of unique takenBy values
// ---------------------------------------------------------------------------
app.get(
"/share/people",
{ preHandler: requireAuth },
async (request, reply) => {
const userId = await getUserId(request, reply);
// Create share token
await db.insert(shareTokens).values({
userId: userId,
token,
takenBy,
scheduleDays,
expiresAt,
});
// Get all unique takenBy values for this user (from JSON arrays)
const meds = await db.select({ takenByJson: medications.takenByJson })
.from(medications)
.where(eq(medications.userId, userId));
return {
token,
shareUrl: `/share/${token}`,
expiresAt: expiresAt.toISOString(),
};
}
);
// Collect all unique person names from all takenByJson arrays
const allPeople = new Set<string>();
for (const med of meds) {
const takenByArray = parseTakenByJson(med.takenByJson);
for (const person of takenByArray) {
if (person) allPeople.add(person);
}
}
// ---------------------------------------------------------------------------
// GET /share/people - PROTECTED: Get list of unique takenBy values
// ---------------------------------------------------------------------------
app.get("/share/people", { preHandler: requireAuth }, async (request, reply) => {
const userId = await getUserId(request, reply);
return { people: [...allPeople].sort() };
}
);
// Get all unique takenBy values for this user (from JSON arrays)
const meds = await db
.select({ takenByJson: medications.takenByJson })
.from(medications)
.where(eq(medications.userId, userId));
// Collect all unique person names from all takenByJson arrays
const allPeople = new Set<string>();
for (const med of meds) {
const takenByArray = parseTakenByJson(med.takenByJson);
for (const person of takenByArray) {
if (person) allPeople.add(person);
}
}
return { people: [...allPeople].sort() };
});
}
backend/src/services/intake-reminder-scheduler.ts
+560 -407
View File
File diff suppressed because it is too large Load Diff
backend/src/services/reminder-scheduler.ts
+307 -272
View File
@@ -1,27 +1,26 @@
import nodemailer from "nodemailer";
import { existsSync, readFileSync, writeFileSync } from "node:fs";
import { resolve } from "node:path";
import { eq } from "drizzle-orm";
import nodemailer from "nodemailer";
import { db } from "../db/client.js";
import { medications, userSettings } from "../db/schema.js";
import { readFileSync, writeFileSync, existsSync } from "fs";
import { resolve } from "path";
import { loadUserSettings, getAllUserSettings, sendShoutrrrNotification, type UserSettings } from "../routes/settings.js";
import { getTranslations, t, type Language } from "../i18n/translations.js";
import { getTranslations, type Language, t } from "../i18n/translations.js";
import { getAllUserSettings, sendShoutrrrNotification, type UserSettings } from "../routes/settings.js";
// Import shared utilities
import {
getTimezone,
formatInTimezone,
getCurrentHourInTimezone,
getTodayInTimezone,
getNextScheduledTime,
getMsUntilNextCheck,
parseBlisters,
calculateDailyUsage,
calculateDepletionInfo,
parseReminderState,
createDefaultReminderState,
type Blister,
type ReminderState,
type Blister,
calculateDepletionInfo,
createDefaultReminderState,
formatInTimezone,
getCurrentHourInTimezone,
getMsUntilNextCheck,
getNextScheduledTime,
getTimezone,
getTodayInTimezone,
parseBlisters,
parseReminderState,
type ReminderState,
} from "../utils/scheduler-utils.js";
const REMINDER_HOUR = parseInt(process.env.REMINDER_HOUR ?? "6", 10); // Default 6:00 AM local time
@@ -29,103 +28,121 @@ const REMINDER_HOUR = parseInt(process.env.REMINDER_HOUR ?? "6", 10); // Default
const reminderStateFile = resolve(process.cwd(), "data", "reminder-state.json");
function loadReminderState(): ReminderState {
try {
if (existsSync(reminderStateFile)) {
return parseReminderState(readFileSync(reminderStateFile, "utf-8"));
}
} catch {
// ignore
}
return createDefaultReminderState();
try {
if (existsSync(reminderStateFile)) {
return parseReminderState(readFileSync(reminderStateFile, "utf-8"));
}
} catch {
// ignore
}
return createDefaultReminderState();
}
function saveReminderState(state: ReminderState): void {
writeFileSync(reminderStateFile, JSON.stringify(state, null, 2));
writeFileSync(reminderStateFile, JSON.stringify(state, null, 2));
}
export function getReminderState(): ReminderState {
return loadReminderState();
return loadReminderState();
}
export function updateReminderSentTime(type: "stock" | "intake" = "stock", channel: "email" | "push" | "both" = "email"): void {
const state = loadReminderState();
const today = getTodayInTimezone();
saveReminderState({
...state,
lastAutoEmailSent: new Date().toISOString(),
lastAutoEmailDate: today,
lastNotificationType: type,
lastNotificationChannel: channel,
});
export function updateReminderSentTime(
type: "stock" | "intake" = "stock",
channel: "email" | "push" | "both" = "email"
): void {
const state = loadReminderState();
const today = getTodayInTimezone();
saveReminderState({
...state,
lastAutoEmailSent: new Date().toISOString(),
lastAutoEmailDate: today,
lastNotificationType: type,
lastNotificationChannel: channel,
});
}
// Update user settings in database when reminder is sent
export async function updateUserReminderSentTime(
userId: number,
type: "stock" | "intake" = "stock",
channel: "email" | "push" | "both" = "email"
userId: number,
type: "stock" | "intake" = "stock",
channel: "email" | "push" | "both" = "email",
medName?: string,
takenBy?: string
): Promise<void> {
const now = new Date().toISOString();
await db.update(userSettings)
.set({
lastAutoEmailSent: now,
lastNotificationType: type,
lastNotificationChannel: channel,
})
.where(eq(userSettings.userId, userId));
const now = new Date().toISOString();
await db
.update(userSettings)
.set({
lastAutoEmailSent: now,
lastNotificationType: type,
lastNotificationChannel: channel,
lastReminderMedName: medName ?? null,
lastReminderTakenBy: takenBy ?? null,
})
.where(eq(userSettings.userId, userId));
}
function parseBlistersFromRow(row: { usageJson: string; everyJson: string; startJson: string }): Blister[] {
return parseBlisters(row);
return parseBlisters(row);
}
type LowStockItem = {
name: string;
medsLeft: number;
daysLeft: number | null;
depletionDate: string | null;
name: string;
medsLeft: number;
daysLeft: number | null;
depletionDate: string | null;
};
async function getMedicationsNeedingReminder(userId: number, reminderDaysBefore: number, language: Language): Promise<LowStockItem[]> {
const rows = await db.select().from(medications).where(eq(medications.userId, userId)).orderBy(medications.id);
const lowStock: LowStockItem[] = [];
for (const row of rows) {
const blisters = parseBlistersFromRow(row);
const totalPills = row.packCount * row.blistersPerPack * row.pillsPerBlister + row.looseTablets;
const { daysLeft, depletionDate } = calculateDepletionInfo({ count: totalPills, blisters }, language);
// Check if medication runs out within reminderDaysBefore days
if (daysLeft !== null && daysLeft <= reminderDaysBefore) {
lowStock.push({
name: row.name,
medsLeft: totalPills,
daysLeft,
depletionDate,
});
}
}
return lowStock;
async function getMedicationsNeedingReminder(
userId: number,
reminderDaysBefore: number,
language: Language
): Promise<LowStockItem[]> {
const rows = await db.select().from(medications).where(eq(medications.userId, userId)).orderBy(medications.id);
const lowStock: LowStockItem[] = [];
for (const row of rows) {
const blisters = parseBlistersFromRow(row);
const totalPills =
row.packCount * row.blistersPerPack * row.pillsPerBlister + row.looseTablets + (row.stockAdjustment ?? 0);
const { daysLeft, depletionDate } = calculateDepletionInfo({ count: totalPills, blisters }, language);
// Check if medication runs out within reminderDaysBefore days
if (daysLeft !== null && daysLeft <= reminderDaysBefore) {
lowStock.push({
name: row.name,
medsLeft: totalPills,
daysLeft,
depletionDate,
});
}
}
return lowStock;
}
async function sendReminderEmail(email: string, lowStock: LowStockItem[], language: Language, isRepeatDaily: boolean = false): Promise<{ success: boolean; error?: string }> {
const smtpHost = process.env.SMTP_HOST;
const smtpUser = process.env.SMTP_USER;
const smtpPass = process.env.SMTP_TOKEN || process.env.SMTP_PASS; // Token takes precedence
const smtpPort = parseInt(process.env.SMTP_PORT ?? "587");
const smtpSecure = process.env.SMTP_SECURE === "true";
const smtpFrom = process.env.SMTP_FROM ?? smtpUser;
async function sendReminderEmail(
email: string,
lowStock: LowStockItem[],
language: Language,
isRepeatDaily: boolean = false
): Promise<{ success: boolean; error?: string }> {
const smtpHost = process.env.SMTP_HOST;
const smtpUser = process.env.SMTP_USER;
const smtpPass = process.env.SMTP_TOKEN || process.env.SMTP_PASS; // Token takes precedence
const smtpPort = parseInt(process.env.SMTP_PORT ?? "587", 10);
const smtpSecure = process.env.SMTP_SECURE === "true";
const smtpFrom = process.env.SMTP_FROM ?? smtpUser;
if (!smtpHost || !smtpUser) {
return { success: false, error: "SMTP not configured" };
}
if (!smtpHost || !smtpUser) {
return { success: false, error: "SMTP not configured" };
}
const tr = getTranslations(language);
const tableRows = lowStock
.map(
(row) => `
const tr = getTranslations(language);
const tableRows = lowStock
.map(
(row) => `
<tr>
<td style="padding: 10px 12px; border-bottom: 1px solid #e5e7eb; white-space: nowrap;">${row.name}</td>
<td style="padding: 10px 12px; border-bottom: 1px solid #e5e7eb; text-align: center; white-space: nowrap;"><strong>${row.medsLeft}</strong></td>
@@ -133,14 +150,15 @@ async function sendReminderEmail(email: string, lowStock: LowStockItem[], langua
<td style="padding: 10px 12px; border-bottom: 1px solid #e5e7eb; text-align: center; white-space: nowrap;">${row.depletionDate ?? "-"}</td>
</tr>
`
)
.join("");
)
.join("");
const alertText = lowStock.length === 1
? tr.stockReminder.alertSingle
: t(tr.stockReminder.alertMultiple, { count: lowStock.length });
const alertText =
lowStock.length === 1
? tr.stockReminder.alertSingle
: t(tr.stockReminder.alertMultiple, { count: lowStock.length });
const html = `
const html = `
<div style="font-family: system-ui, -apple-system, sans-serif; max-width: 100%; margin: 0 auto; padding: 12px; background: #f9fafb;">
<div style="background: white; border-radius: 12px; padding: 16px; box-shadow: 0 1px 3px rgba(0,0,0,0.1);">
<h2 style="color: #1f2937; margin: 0 0 8px; font-size: 18px;">${tr.stockReminder.title}</h2>
@@ -177,7 +195,7 @@ async function sendReminderEmail(email: string, lowStock: LowStockItem[], langua
</div>
`;
const plainText = `${tr.stockReminder.title}
const plainText = `${tr.stockReminder.title}
${tr.stockReminder.description}
@@ -186,204 +204,221 @@ ${lowStock.map((r) => `${r.name}: ${r.medsLeft} ${tr.common.pills}, ${r.daysLeft
---
${tr.stockReminder.footer}${isRepeatDaily ? `\n\n${tr.stockReminder.repeatDailyNote}` : ""}`;
const subjectPlural = lowStock.length === 1 ? "" : (language === "de" ? "e" : "s");
const subject = t(tr.stockReminder.subject, { count: lowStock.length, s: subjectPlural, e: subjectPlural });
const subjectPlural = lowStock.length === 1 ? "" : language === "de" ? "e" : "s";
const subject = t(tr.stockReminder.subject, { count: lowStock.length, s: subjectPlural, e: subjectPlural });
try {
const transporter = nodemailer.createTransport({
host: smtpHost,
port: smtpPort,
secure: smtpSecure,
auth: {
user: smtpUser,
pass: smtpPass ?? "",
},
});
try {
const transporter = nodemailer.createTransport({
host: smtpHost,
port: smtpPort,
secure: smtpSecure,
auth: {
user: smtpUser,
pass: smtpPass ?? "",
},
});
await transporter.sendMail({
from: smtpFrom,
to: email,
subject: `⚠️ ${subject}`,
text: plainText,
html,
});
await transporter.sendMail({
from: smtpFrom,
to: email,
subject: `⚠️ ${subject}`,
text: plainText,
html,
});
return { success: true };
} catch (error) {
const errorMessage = error instanceof Error ? error.message : "Unknown error";
return { success: false, error: errorMessage };
}
return { success: true };
} catch (error) {
const errorMessage = error instanceof Error ? error.message : "Unknown error";
return { success: false, error: errorMessage };
}
}
async function checkAndSendReminder(logger: { info: (msg: string) => void; error: (msg: string) => void }): Promise<void> {
// Get all user settings to iterate over each user
const allUserSettings = await getAllUserSettings();
if (allUserSettings.length === 0) {
logger.info("[Reminder] No users with settings found");
return;
}
async function checkAndSendReminder(logger: {
info: (msg: string) => void;
error: (msg: string) => void;
}): Promise<void> {
// Get all user settings to iterate over each user
const allUserSettings = await getAllUserSettings();
for (const userSettings of allUserSettings) {
await checkAndSendReminderForUser(userSettings, logger);
}
if (allUserSettings.length === 0) {
logger.info("[Reminder] No users with settings found");
return;
}
for (const userSettings of allUserSettings) {
await checkAndSendReminderForUser(userSettings, logger);
}
}
async function checkAndSendReminderForUser(
settings: UserSettings & { userId: number },
logger: { info: (msg: string) => void; error: (msg: string) => void }
settings: UserSettings & { userId: number },
logger: { info: (msg: string) => void; error: (msg: string) => void }
): Promise<void> {
const language = settings.language;
const tr = getTranslations(language);
// Check if any stock reminder notifications are enabled (granular check)
const emailEnabled = settings.emailEnabled && settings.notificationEmail && settings.emailStockReminders;
const shoutrrrEnabled = settings.shoutrrrEnabled && settings.shoutrrrUrl && settings.shoutrrrStockReminders;
if (!emailEnabled && !shoutrrrEnabled) {
return; // No stock reminder notifications enabled for this user
}
const language = settings.language;
const tr = getTranslations(language);
const state = loadReminderState();
const today = getTodayInTimezone(); // YYYY-MM-DD in configured timezone
const userStateKey = `user_${settings.userId}`;
// Check if any stock reminder notifications are enabled (granular check)
const emailEnabled = settings.emailEnabled && settings.notificationEmail && settings.emailStockReminders;
const shoutrrrEnabled = settings.shoutrrrEnabled && settings.shoutrrrUrl && settings.shoutrrrStockReminders;
// Get all medications that need a reminder for this user
const allLowStock = await getMedicationsNeedingReminder(settings.userId, settings.reminderDaysBefore, language);
if (allLowStock.length === 0) {
return; // No low stock for this user
}
if (!emailEnabled && !shoutrrrEnabled) {
return; // No stock reminder notifications enabled for this user
}
// Simple per-user tracking - check if we already sent today
const userNotifiedKey = `${userStateKey}_${today}`;
if (state.notifiedMedications.includes(userNotifiedKey) && !settings.repeatDailyReminders) {
return; // Already notified this user today
}
const state = loadReminderState();
const today = getTodayInTimezone(); // YYYY-MM-DD in configured timezone
const userStateKey = `user_${settings.userId}`;
logger.info(`[Reminder] User ${settings.userId}: Sending reminder for ${allLowStock.length} medications...`);
let emailSuccess = false;
let shoutrrrSuccess = false;
// Send email if enabled
if (emailEnabled) {
const result = await sendReminderEmail(settings.notificationEmail!, allLowStock, language, settings.repeatDailyReminders);
emailSuccess = result.success;
if (result.success) {
logger.info(`[Reminder] User ${settings.userId}: Email sent successfully to ${settings.notificationEmail}`);
} else {
logger.error(`[Reminder] User ${settings.userId}: Failed to send email: ${result.error}`);
}
}
// Send Shoutrrr notification if enabled
if (shoutrrrEnabled) {
// Separate empty from low stock medications
const emptyMeds = allLowStock.filter(m => m.medsLeft <= 0);
const lowMeds = allLowStock.filter(m => m.medsLeft > 0);
// Build clear title
const titleParts: string[] = [];
if (emptyMeds.length > 0) {
titleParts.push(`🚨 ${emptyMeds.length} ${tr.push.empty || "Empty"}`);
}
if (lowMeds.length > 0) {
titleParts.push(`⚠️ ${lowMeds.length} ${tr.push.low || "Low"}`);
}
const title = `MedAssist: ${titleParts.join(", ")} - ${tr.push.reorderNow || "Reorder Now!"}`;
// Build clear message with sections
const messageParts: string[] = [];
if (emptyMeds.length > 0) {
messageParts.push(`🚨 ${tr.push.emptySection || "EMPTY (reorder immediately)"}:`);
emptyMeds.forEach(m => messageParts.push(`${m.name}`));
}
if (lowMeds.length > 0) {
if (emptyMeds.length > 0) messageParts.push("");
messageParts.push(`⚠️ ${tr.push.lowSection || "RUNNING LOW (reorder soon)"}:`);
lowMeds.forEach(m => messageParts.push(`${m.name}: ${t(tr.push.pillsLeft, { count: m.medsLeft })}, ${t(tr.push.daysLeft, { count: m.daysLeft ?? 0 })}`));
}
if (settings.repeatDailyReminders) {
messageParts.push("");
messageParts.push(tr.push.repeatDailyNote);
}
const message = messageParts.join("\n");
const result = await sendShoutrrrNotification(settings.shoutrrrUrl!, title, message);
shoutrrrSuccess = result.success;
if (result.success) {
logger.info(`[Reminder] User ${settings.userId}: Push notification sent successfully`);
} else {
logger.error(`[Reminder] User ${settings.userId}: Failed to send push notification: ${result.error}`);
}
}
// Update state if any notification was sent successfully
if (emailSuccess || shoutrrrSuccess) {
const currentState = loadReminderState();
const channel = emailSuccess && shoutrrrSuccess ? "both" : emailSuccess ? "email" : "push";
saveReminderState({
lastAutoEmailSent: new Date().toISOString(),
lastAutoEmailDate: today,
notifiedMedications: [...new Set([...currentState.notifiedMedications, userNotifiedKey])],
nextScheduledCheck: currentState.nextScheduledCheck,
lastNotificationType: "stock",
lastNotificationChannel: channel,
});
// Also update user settings in database so frontend can display the info
await updateUserReminderSentTime(settings.userId, "stock", channel);
}
// Get all medications that need a reminder for this user
const allLowStock = await getMedicationsNeedingReminder(settings.userId, settings.reminderDaysBefore, language);
if (allLowStock.length === 0) {
return; // No low stock for this user
}
// Simple per-user tracking - check if we already sent today
const userNotifiedKey = `${userStateKey}_${today}`;
if (state.notifiedMedications.includes(userNotifiedKey) && !settings.repeatDailyReminders) {
return; // Already notified this user today
}
logger.info(`[Reminder] User ${settings.userId}: Sending reminder for ${allLowStock.length} medications...`);
let emailSuccess = false;
let shoutrrrSuccess = false;
// Send email if enabled
if (emailEnabled) {
const result = await sendReminderEmail(
settings.notificationEmail!,
allLowStock,
language,
settings.repeatDailyReminders
);
emailSuccess = result.success;
if (result.success) {
logger.info(`[Reminder] User ${settings.userId}: Email sent successfully to ${settings.notificationEmail}`);
} else {
logger.error(`[Reminder] User ${settings.userId}: Failed to send email: ${result.error}`);
}
}
// Send Shoutrrr notification if enabled
if (shoutrrrEnabled) {
// Separate empty from low stock medications
const emptyMeds = allLowStock.filter((m) => m.medsLeft <= 0);
const lowMeds = allLowStock.filter((m) => m.medsLeft > 0);
// Build clear title
const titleParts: string[] = [];
if (emptyMeds.length > 0) {
titleParts.push(`🚨 ${emptyMeds.length} ${tr.push.empty || "Empty"}`);
}
if (lowMeds.length > 0) {
titleParts.push(`⚠️ ${lowMeds.length} ${tr.push.low || "Low"}`);
}
const title = `MedAssist: ${titleParts.join(", ")} - ${tr.push.reorderNow || "Reorder Now!"}`;
// Build clear message with sections
const messageParts: string[] = [];
if (emptyMeds.length > 0) {
messageParts.push(`🚨 ${tr.push.emptySection || "EMPTY (reorder immediately)"}:`);
emptyMeds.forEach((m) => messageParts.push(` ${m.name}`));
}
if (lowMeds.length > 0) {
if (emptyMeds.length > 0) messageParts.push("");
messageParts.push(`⚠️ ${tr.push.lowSection || "RUNNING LOW (reorder soon)"}:`);
lowMeds.forEach((m) =>
messageParts.push(
`${m.name}: ${t(tr.push.pillsLeft, { count: m.medsLeft })}, ${t(tr.push.daysLeft, { count: m.daysLeft ?? 0 })}`
)
);
}
if (settings.repeatDailyReminders) {
messageParts.push("");
messageParts.push(tr.push.repeatDailyNote);
}
const message = messageParts.join("\n");
const result = await sendShoutrrrNotification(settings.shoutrrrUrl!, title, message);
shoutrrrSuccess = result.success;
if (result.success) {
logger.info(`[Reminder] User ${settings.userId}: Push notification sent successfully`);
} else {
logger.error(`[Reminder] User ${settings.userId}: Failed to send push notification: ${result.error}`);
}
}
// Update state if any notification was sent successfully
if (emailSuccess || shoutrrrSuccess) {
const currentState = loadReminderState();
const channel = emailSuccess && shoutrrrSuccess ? "both" : emailSuccess ? "email" : "push";
saveReminderState({
lastAutoEmailSent: new Date().toISOString(),
lastAutoEmailDate: today,
notifiedMedications: [...new Set([...currentState.notifiedMedications, userNotifiedKey])],
nextScheduledCheck: currentState.nextScheduledCheck,
lastNotificationType: "stock",
lastNotificationChannel: channel,
});
// Also update user settings in database so frontend can display the info
// For stock reminders, show the first medication name
const firstMed = allLowStock[0];
const medNames = allLowStock.length > 1 ? `${firstMed.name} (+${allLowStock.length - 1})` : firstMed?.name;
await updateUserReminderSentTime(settings.userId, "stock", channel, medNames);
}
}
let schedulerTimeout: NodeJS.Timeout | null = null;
function scheduleNextCheck(logger: { info: (msg: string) => void; error: (msg: string) => void }): void {
const msUntilNext = getMsUntilNextCheck(REMINDER_HOUR);
const nextTime = getNextScheduledTime(REMINDER_HOUR);
// Save next scheduled time to state
const state = loadReminderState();
saveReminderState({
...state,
nextScheduledCheck: nextTime.toISOString(),
});
logger.info(`[Reminder] Next check scheduled for ${formatInTimezone(nextTime)} (${getTimezone()}) (in ${Math.round(msUntilNext / 1000 / 60)} minutes)`);
schedulerTimeout = setTimeout(() => {
checkAndSendReminder(logger).catch((err) => logger.error(`[Reminder] Error: ${err}`));
// Schedule the next check after this one completes
scheduleNextCheck(logger);
}, msUntilNext);
const msUntilNext = getMsUntilNextCheck(REMINDER_HOUR);
const nextTime = getNextScheduledTime(REMINDER_HOUR);
// Save next scheduled time to state
const state = loadReminderState();
saveReminderState({
...state,
nextScheduledCheck: nextTime.toISOString(),
});
logger.info(
`[Reminder] Next check scheduled for ${formatInTimezone(nextTime)} (${getTimezone()}) (in ${Math.round(msUntilNext / 1000 / 60)} minutes)`
);
schedulerTimeout = setTimeout(() => {
checkAndSendReminder(logger).catch((err) => logger.error(`[Reminder] Error: ${err}`));
// Schedule the next check after this one completes
scheduleNextCheck(logger);
}, msUntilNext);
}
export function startReminderScheduler(logger: { info: (msg: string) => void; error: (msg: string) => void }): void {
logger.info(`[Reminder] Starting reminder scheduler (timezone: ${getTimezone()})...`);
// Check if we need to run immediately (missed today's check)
const state = loadReminderState();
const today = getTodayInTimezone();
const currentHour = getCurrentHourInTimezone();
// If it's past REMINDER_HOUR today in the configured timezone and we haven't checked today, run immediately
if (currentHour >= REMINDER_HOUR && state.lastAutoEmailDate !== today) {
logger.info("[Reminder] Missed today's check, running now...");
checkAndSendReminder(logger).catch((err) => logger.error(`[Reminder] Error: ${err}`));
}
// Schedule next check at REMINDER_HOUR
scheduleNextCheck(logger);
logger.info(`[Reminder] Scheduler started - daily check at ${REMINDER_HOUR}:00 ${getTimezone()}`);
logger.info(`[Reminder] Starting reminder scheduler (timezone: ${getTimezone()})...`);
// Check if we need to run immediately (missed today's check)
const state = loadReminderState();
const today = getTodayInTimezone();
const currentHour = getCurrentHourInTimezone();
// If it's past REMINDER_HOUR today in the configured timezone and we haven't checked today, run immediately
if (currentHour >= REMINDER_HOUR && state.lastAutoEmailDate !== today) {
logger.info("[Reminder] Missed today's check, running now...");
checkAndSendReminder(logger).catch((err) => logger.error(`[Reminder] Error: ${err}`));
}
// Schedule next check at REMINDER_HOUR
scheduleNextCheck(logger);
logger.info(`[Reminder] Scheduler started - daily check at ${REMINDER_HOUR}:00 ${getTimezone()}`);
}
export function stopReminderScheduler(): void {
if (schedulerTimeout) {
clearTimeout(schedulerTimeout);
schedulerTimeout = null;
}
if (schedulerTimeout) {
clearTimeout(schedulerTimeout);
schedulerTimeout = null;
}
}
backend/src/test/auth.test.ts
+626 -626
View File
File diff suppressed because it is too large Load Diff
backend/src/test/database.test.ts
+520 -534
View File
File diff suppressed because it is too large Load Diff
backend/src/test/doses.test.ts
+505 -463
View File
File diff suppressed because it is too large Load Diff
backend/src/test/e2e-routes.test.ts
+1774 -1783
View File
File diff suppressed because it is too large Load Diff
backend/src/test/env.test.ts
+326 -305
View File
@@ -1,4 +1,4 @@
import { describe, it, expect, vi, beforeEach, afterEach } from "vitest";
import { describe, expect, it, vi } from "vitest";
import { z } from "zod";
// Mock process.exit to prevent tests from exiting
@@ -7,359 +7,380 @@ vi.spyOn(process, "exit").mockImplementation(mockExit as any);
// Re-create the schema from env.ts for testing
const EnvSchema = z.object({
NODE_ENV: z.enum(["development", "production", "test"]).default("production"),
PORT: z.string().transform((v) => parseInt(v, 10)).default("3000"),
CORS_ORIGINS: z.string().default("http://localhost:5173,http://localhost:4173"),
LOG_LEVEL: z.string().default("info"),
AUTH_ENABLED: z.string().transform((v) => v === "true").default("false"),
REGISTRATION_ENABLED: z.string().transform((v) => v === "true").default("false"),
JWT_SECRET: z.string().min(10).optional(),
REFRESH_SECRET: z.string().min(10).optional(),
COOKIE_SECRET: z.string().min(10).optional(),
ACCESS_TOKEN_TTL_MINUTES: z.string().transform((v) => parseInt(v, 10)).default("15"),
REFRESH_TOKEN_TTL_DAYS: z.string().transform((v) => parseInt(v, 10)).default("7"),
OIDC_ENABLED: z.string().transform((v) => v === "true").default("false"),
OIDC_ISSUER_URL: z.string().url().optional(),
OIDC_CLIENT_ID: z.string().optional(),
OIDC_CLIENT_SECRET: z.string().optional(),
OIDC_REDIRECT_URI: z.string().url().optional(),
OIDC_SCOPES: z.string().default("openid profile email"),
OIDC_AUTO_CREATE_USERS: z.string().transform((v) => v === "true").default("true"),
OIDC_USERNAME_CLAIM: z.string().default("preferred_username"),
OIDC_PROVIDER_NAME: z.string().default("SSO"),
NODE_ENV: z.enum(["development", "production", "test"]).default("production"),
PORT: z
.string()
.transform((v) => parseInt(v, 10))
.default("3000"),
CORS_ORIGINS: z.string().default("http://localhost:5173,http://localhost:4173"),
LOG_LEVEL: z.string().default("info"),
AUTH_ENABLED: z
.string()
.transform((v) => v === "true")
.default("false"),
REGISTRATION_ENABLED: z
.string()
.transform((v) => v === "true")
.default("false"),
JWT_SECRET: z.string().min(10).optional(),
REFRESH_SECRET: z.string().min(10).optional(),
COOKIE_SECRET: z.string().min(10).optional(),
ACCESS_TOKEN_TTL_MINUTES: z
.string()
.transform((v) => parseInt(v, 10))
.default("15"),
REFRESH_TOKEN_TTL_DAYS: z
.string()
.transform((v) => parseInt(v, 10))
.default("7"),
OIDC_ENABLED: z
.string()
.transform((v) => v === "true")
.default("false"),
OIDC_ISSUER_URL: z.string().url().optional(),
OIDC_CLIENT_ID: z.string().optional(),
OIDC_CLIENT_SECRET: z.string().optional(),
OIDC_REDIRECT_URI: z.string().url().optional(),
OIDC_SCOPES: z.string().default("openid profile email"),
OIDC_AUTO_CREATE_USERS: z
.string()
.transform((v) => v === "true")
.default("true"),
OIDC_USERNAME_CLAIM: z.string().default("preferred_username"),
OIDC_PROVIDER_NAME: z.string().default("SSO"),
});
// Validation functions from env.ts
function validateAuthSecrets(parsed: z.infer<typeof EnvSchema>): string[] {
const missing: string[] = [];
if (parsed.AUTH_ENABLED) {
if (!parsed.JWT_SECRET) missing.push("JWT_SECRET");
if (!parsed.REFRESH_SECRET) missing.push("REFRESH_SECRET");
if (!parsed.COOKIE_SECRET) missing.push("COOKIE_SECRET");
}
return missing;
const missing: string[] = [];
if (parsed.AUTH_ENABLED) {
if (!parsed.JWT_SECRET) missing.push("JWT_SECRET");
if (!parsed.REFRESH_SECRET) missing.push("REFRESH_SECRET");
if (!parsed.COOKIE_SECRET) missing.push("COOKIE_SECRET");
}
return missing;
}
function validateOidcConfig(parsed: z.infer<typeof EnvSchema>): string[] {
const missing: string[] = [];
if (parsed.OIDC_ENABLED) {
if (!parsed.OIDC_ISSUER_URL) missing.push("OIDC_ISSUER_URL");
if (!parsed.OIDC_CLIENT_ID) missing.push("OIDC_CLIENT_ID");
if (!parsed.OIDC_CLIENT_SECRET) missing.push("OIDC_CLIENT_SECRET");
if (!parsed.OIDC_REDIRECT_URI) missing.push("OIDC_REDIRECT_URI");
}
return missing;
const missing: string[] = [];
if (parsed.OIDC_ENABLED) {
if (!parsed.OIDC_ISSUER_URL) missing.push("OIDC_ISSUER_URL");
if (!parsed.OIDC_CLIENT_ID) missing.push("OIDC_CLIENT_ID");
if (!parsed.OIDC_CLIENT_SECRET) missing.push("OIDC_CLIENT_SECRET");
if (!parsed.OIDC_REDIRECT_URI) missing.push("OIDC_REDIRECT_URI");
}
return missing;
}
describe("EnvSchema", () => {
describe("default values", () => {
it("should use default values when env vars are empty", () => {
const result = EnvSchema.parse({});
expect(result.NODE_ENV).toBe("production");
expect(result.PORT).toBe(3000);
expect(result.CORS_ORIGINS).toBe("http://localhost:5173,http://localhost:4173");
expect(result.LOG_LEVEL).toBe("info");
expect(result.AUTH_ENABLED).toBe(false);
expect(result.REGISTRATION_ENABLED).toBe(false);
expect(result.ACCESS_TOKEN_TTL_MINUTES).toBe(15);
expect(result.REFRESH_TOKEN_TTL_DAYS).toBe(7);
expect(result.OIDC_ENABLED).toBe(false);
expect(result.OIDC_SCOPES).toBe("openid profile email");
expect(result.OIDC_AUTO_CREATE_USERS).toBe(true);
expect(result.OIDC_USERNAME_CLAIM).toBe("preferred_username");
expect(result.OIDC_PROVIDER_NAME).toBe("SSO");
});
});
describe("default values", () => {
it("should use default values when env vars are empty", () => {
const result = EnvSchema.parse({});
describe("NODE_ENV validation", () => {
it("should accept development", () => {
const result = EnvSchema.parse({ NODE_ENV: "development" });
expect(result.NODE_ENV).toBe("development");
});
expect(result.NODE_ENV).toBe("production");
expect(result.PORT).toBe(3000);
expect(result.CORS_ORIGINS).toBe("http://localhost:5173,http://localhost:4173");
expect(result.LOG_LEVEL).toBe("info");
expect(result.AUTH_ENABLED).toBe(false);
expect(result.REGISTRATION_ENABLED).toBe(false);
expect(result.ACCESS_TOKEN_TTL_MINUTES).toBe(15);
expect(result.REFRESH_TOKEN_TTL_DAYS).toBe(7);
expect(result.OIDC_ENABLED).toBe(false);
expect(result.OIDC_SCOPES).toBe("openid profile email");
expect(result.OIDC_AUTO_CREATE_USERS).toBe(true);
expect(result.OIDC_USERNAME_CLAIM).toBe("preferred_username");
expect(result.OIDC_PROVIDER_NAME).toBe("SSO");
});
});
it("should accept production", () => {
const result = EnvSchema.parse({ NODE_ENV: "production" });
expect(result.NODE_ENV).toBe("production");
});
describe("NODE_ENV validation", () => {
it("should accept development", () => {
const result = EnvSchema.parse({ NODE_ENV: "development" });
expect(result.NODE_ENV).toBe("development");
});
it("should accept test", () => {
const result = EnvSchema.parse({ NODE_ENV: "test" });
expect(result.NODE_ENV).toBe("test");
});
it("should accept production", () => {
const result = EnvSchema.parse({ NODE_ENV: "production" });
expect(result.NODE_ENV).toBe("production");
});
it("should reject invalid NODE_ENV values", () => {
expect(() => EnvSchema.parse({ NODE_ENV: "staging" })).toThrow();
expect(() => EnvSchema.parse({ NODE_ENV: "invalid" })).toThrow();
});
});
it("should accept test", () => {
const result = EnvSchema.parse({ NODE_ENV: "test" });
expect(result.NODE_ENV).toBe("test");
});
describe("PORT transformation", () => {
it("should transform string PORT to number", () => {
const result = EnvSchema.parse({ PORT: "8080" });
expect(result.PORT).toBe(8080);
});
it("should reject invalid NODE_ENV values", () => {
expect(() => EnvSchema.parse({ NODE_ENV: "staging" })).toThrow();
expect(() => EnvSchema.parse({ NODE_ENV: "invalid" })).toThrow();
});
});
it("should use default port when not provided", () => {
const result = EnvSchema.parse({});
expect(result.PORT).toBe(3000);
});
});
describe("PORT transformation", () => {
it("should transform string PORT to number", () => {
const result = EnvSchema.parse({ PORT: "8080" });
expect(result.PORT).toBe(8080);
});
describe("boolean transformations", () => {
it("should transform AUTH_ENABLED=true to boolean true", () => {
const result = EnvSchema.parse({ AUTH_ENABLED: "true" });
expect(result.AUTH_ENABLED).toBe(true);
});
it("should use default port when not provided", () => {
const result = EnvSchema.parse({});
expect(result.PORT).toBe(3000);
});
});
it("should transform AUTH_ENABLED=false to boolean false", () => {
const result = EnvSchema.parse({ AUTH_ENABLED: "false" });
expect(result.AUTH_ENABLED).toBe(false);
});
describe("boolean transformations", () => {
it("should transform AUTH_ENABLED=true to boolean true", () => {
const result = EnvSchema.parse({ AUTH_ENABLED: "true" });
expect(result.AUTH_ENABLED).toBe(true);
});
it("should treat non-true string as false", () => {
const result = EnvSchema.parse({ AUTH_ENABLED: "yes" });
expect(result.AUTH_ENABLED).toBe(false);
});
it("should transform AUTH_ENABLED=false to boolean false", () => {
const result = EnvSchema.parse({ AUTH_ENABLED: "false" });
expect(result.AUTH_ENABLED).toBe(false);
});
it("should transform REGISTRATION_ENABLED correctly", () => {
expect(EnvSchema.parse({ REGISTRATION_ENABLED: "true" }).REGISTRATION_ENABLED).toBe(true);
expect(EnvSchema.parse({ REGISTRATION_ENABLED: "false" }).REGISTRATION_ENABLED).toBe(false);
});
it("should treat non-true string as false", () => {
const result = EnvSchema.parse({ AUTH_ENABLED: "yes" });
expect(result.AUTH_ENABLED).toBe(false);
});
it("should transform OIDC_ENABLED correctly", () => {
expect(EnvSchema.parse({ OIDC_ENABLED: "true" }).OIDC_ENABLED).toBe(true);
expect(EnvSchema.parse({ OIDC_ENABLED: "false" }).OIDC_ENABLED).toBe(false);
});
it("should transform REGISTRATION_ENABLED correctly", () => {
expect(EnvSchema.parse({ REGISTRATION_ENABLED: "true" }).REGISTRATION_ENABLED).toBe(true);
expect(EnvSchema.parse({ REGISTRATION_ENABLED: "false" }).REGISTRATION_ENABLED).toBe(false);
});
it("should transform OIDC_AUTO_CREATE_USERS correctly", () => {
expect(EnvSchema.parse({ OIDC_AUTO_CREATE_USERS: "true" }).OIDC_AUTO_CREATE_USERS).toBe(true);
expect(EnvSchema.parse({ OIDC_AUTO_CREATE_USERS: "false" }).OIDC_AUTO_CREATE_USERS).toBe(false);
});
});
it("should transform OIDC_ENABLED correctly", () => {
expect(EnvSchema.parse({ OIDC_ENABLED: "true" }).OIDC_ENABLED).toBe(true);
expect(EnvSchema.parse({ OIDC_ENABLED: "false" }).OIDC_ENABLED).toBe(false);
});
describe("JWT secret validation", () => {
it("should accept JWT_SECRET with 10+ characters", () => {
const result = EnvSchema.parse({ JWT_SECRET: "1234567890" });
expect(result.JWT_SECRET).toBe("1234567890");
});
it("should transform OIDC_AUTO_CREATE_USERS correctly", () => {
expect(EnvSchema.parse({ OIDC_AUTO_CREATE_USERS: "true" }).OIDC_AUTO_CREATE_USERS).toBe(true);
expect(EnvSchema.parse({ OIDC_AUTO_CREATE_USERS: "false" }).OIDC_AUTO_CREATE_USERS).toBe(false);
});
});
it("should reject JWT_SECRET with less than 10 characters", () => {
expect(() => EnvSchema.parse({ JWT_SECRET: "123456789" })).toThrow();
});
describe("JWT secret validation", () => {
it("should accept JWT_SECRET with 10+ characters", () => {
const result = EnvSchema.parse({ JWT_SECRET: "1234567890" });
expect(result.JWT_SECRET).toBe("1234567890");
});
it("should allow optional JWT_SECRET", () => {
const result = EnvSchema.parse({});
expect(result.JWT_SECRET).toBeUndefined();
});
});
it("should reject JWT_SECRET with less than 10 characters", () => {
expect(() => EnvSchema.parse({ JWT_SECRET: "123456789" })).toThrow();
});
describe("TTL transformations", () => {
it("should transform ACCESS_TOKEN_TTL_MINUTES to number", () => {
const result = EnvSchema.parse({ ACCESS_TOKEN_TTL_MINUTES: "30" });
expect(result.ACCESS_TOKEN_TTL_MINUTES).toBe(30);
});
it("should allow optional JWT_SECRET", () => {
const result = EnvSchema.parse({});
expect(result.JWT_SECRET).toBeUndefined();
});
});
it("should transform REFRESH_TOKEN_TTL_DAYS to number", () => {
const result = EnvSchema.parse({ REFRESH_TOKEN_TTL_DAYS: "14" });
expect(result.REFRESH_TOKEN_TTL_DAYS).toBe(14);
});
});
describe("TTL transformations", () => {
it("should transform ACCESS_TOKEN_TTL_MINUTES to number", () => {
const result = EnvSchema.parse({ ACCESS_TOKEN_TTL_MINUTES: "30" });
expect(result.ACCESS_TOKEN_TTL_MINUTES).toBe(30);
});
describe("OIDC URL validation", () => {
it("should accept valid OIDC_ISSUER_URL", () => {
const result = EnvSchema.parse({ OIDC_ISSUER_URL: "https://auth.example.com" });
expect(result.OIDC_ISSUER_URL).toBe("https://auth.example.com");
});
it("should transform REFRESH_TOKEN_TTL_DAYS to number", () => {
const result = EnvSchema.parse({ REFRESH_TOKEN_TTL_DAYS: "14" });
expect(result.REFRESH_TOKEN_TTL_DAYS).toBe(14);
});
});
it("should reject invalid OIDC_ISSUER_URL", () => {
expect(() => EnvSchema.parse({ OIDC_ISSUER_URL: "not-a-url" })).toThrow();
});
describe("OIDC URL validation", () => {
it("should accept valid OIDC_ISSUER_URL", () => {
const result = EnvSchema.parse({ OIDC_ISSUER_URL: "https://auth.example.com" });
expect(result.OIDC_ISSUER_URL).toBe("https://auth.example.com");
});
it("should accept valid OIDC_REDIRECT_URI", () => {
const result = EnvSchema.parse({ OIDC_REDIRECT_URI: "https://app.example.com/callback" });
expect(result.OIDC_REDIRECT_URI).toBe("https://app.example.com/callback");
});
it("should reject invalid OIDC_ISSUER_URL", () => {
expect(() => EnvSchema.parse({ OIDC_ISSUER_URL: "not-a-url" })).toThrow();
});
it("should reject invalid OIDC_REDIRECT_URI", () => {
expect(() => EnvSchema.parse({ OIDC_REDIRECT_URI: "invalid" })).toThrow();
});
});
it("should accept valid OIDC_REDIRECT_URI", () => {
const result = EnvSchema.parse({ OIDC_REDIRECT_URI: "https://app.example.com/callback" });
expect(result.OIDC_REDIRECT_URI).toBe("https://app.example.com/callback");
});
describe("CORS_ORIGINS parsing", () => {
it("should accept comma-separated origins", () => {
const result = EnvSchema.parse({ CORS_ORIGINS: "http://a.com,http://b.com" });
expect(result.CORS_ORIGINS).toBe("http://a.com,http://b.com");
});
it("should reject invalid OIDC_REDIRECT_URI", () => {
expect(() => EnvSchema.parse({ OIDC_REDIRECT_URI: "invalid" })).toThrow();
});
});
it("should accept single origin", () => {
const result = EnvSchema.parse({ CORS_ORIGINS: "http://localhost:3000" });
expect(result.CORS_ORIGINS).toBe("http://localhost:3000");
});
});
describe("CORS_ORIGINS parsing", () => {
it("should accept comma-separated origins", () => {
const result = EnvSchema.parse({ CORS_ORIGINS: "http://a.com,http://b.com" });
expect(result.CORS_ORIGINS).toBe("http://a.com,http://b.com");
});
it("should accept single origin", () => {
const result = EnvSchema.parse({ CORS_ORIGINS: "http://localhost:3000" });
expect(result.CORS_ORIGINS).toBe("http://localhost:3000");
});
});
});
describe("Auth validation", () => {
it("should require secrets when AUTH_ENABLED=true", () => {
const parsed = EnvSchema.parse({ AUTH_ENABLED: "true" });
const missing = validateAuthSecrets(parsed);
expect(missing).toContain("JWT_SECRET");
expect(missing).toContain("REFRESH_SECRET");
expect(missing).toContain("COOKIE_SECRET");
});
it("should require secrets when AUTH_ENABLED=true", () => {
const parsed = EnvSchema.parse({ AUTH_ENABLED: "true" });
const missing = validateAuthSecrets(parsed);
expect(missing).toContain("JWT_SECRET");
expect(missing).toContain("REFRESH_SECRET");
expect(missing).toContain("COOKIE_SECRET");
});
it("should not require secrets when AUTH_ENABLED=false", () => {
const parsed = EnvSchema.parse({ AUTH_ENABLED: "false" });
const missing = validateAuthSecrets(parsed);
expect(missing).toHaveLength(0);
});
it("should not require secrets when AUTH_ENABLED=false", () => {
const parsed = EnvSchema.parse({ AUTH_ENABLED: "false" });
const missing = validateAuthSecrets(parsed);
expect(missing).toHaveLength(0);
});
it("should pass validation with all secrets provided", () => {
const parsed = EnvSchema.parse({
AUTH_ENABLED: "true",
JWT_SECRET: "super-secret-jwt-key-12345",
REFRESH_SECRET: "super-secret-refresh-key-12345",
COOKIE_SECRET: "super-secret-cookie-key-12345",
});
const missing = validateAuthSecrets(parsed);
expect(missing).toHaveLength(0);
});
it("should pass validation with all secrets provided", () => {
const parsed = EnvSchema.parse({
AUTH_ENABLED: "true",
JWT_SECRET: "super-secret-jwt-key-12345",
REFRESH_SECRET: "super-secret-refresh-key-12345",
COOKIE_SECRET: "super-secret-cookie-key-12345",
});
const missing = validateAuthSecrets(parsed);
expect(missing).toHaveLength(0);
});
it("should identify which specific secrets are missing", () => {
const parsed = EnvSchema.parse({
AUTH_ENABLED: "true",
JWT_SECRET: "super-secret-jwt-key-12345",
// REFRESH_SECRET missing
COOKIE_SECRET: "super-secret-cookie-key-12345",
});
const missing = validateAuthSecrets(parsed);
expect(missing).toHaveLength(1);
expect(missing).toContain("REFRESH_SECRET");
});
it("should identify which specific secrets are missing", () => {
const parsed = EnvSchema.parse({
AUTH_ENABLED: "true",
JWT_SECRET: "super-secret-jwt-key-12345",
// REFRESH_SECRET missing
COOKIE_SECRET: "super-secret-cookie-key-12345",
});
const missing = validateAuthSecrets(parsed);
expect(missing).toHaveLength(1);
expect(missing).toContain("REFRESH_SECRET");
});
});
describe("OIDC validation", () => {
it("should require all OIDC settings when OIDC_ENABLED=true", () => {
const parsed = EnvSchema.parse({ OIDC_ENABLED: "true" });
const missing = validateOidcConfig(parsed);
expect(missing).toContain("OIDC_ISSUER_URL");
expect(missing).toContain("OIDC_CLIENT_ID");
expect(missing).toContain("OIDC_CLIENT_SECRET");
expect(missing).toContain("OIDC_REDIRECT_URI");
});
it("should require all OIDC settings when OIDC_ENABLED=true", () => {
const parsed = EnvSchema.parse({ OIDC_ENABLED: "true" });
const missing = validateOidcConfig(parsed);
expect(missing).toContain("OIDC_ISSUER_URL");
expect(missing).toContain("OIDC_CLIENT_ID");
expect(missing).toContain("OIDC_CLIENT_SECRET");
expect(missing).toContain("OIDC_REDIRECT_URI");
});
it("should not require OIDC settings when OIDC_ENABLED=false", () => {
const parsed = EnvSchema.parse({ OIDC_ENABLED: "false" });
const missing = validateOidcConfig(parsed);
expect(missing).toHaveLength(0);
});
it("should not require OIDC settings when OIDC_ENABLED=false", () => {
const parsed = EnvSchema.parse({ OIDC_ENABLED: "false" });
const missing = validateOidcConfig(parsed);
expect(missing).toHaveLength(0);
});
it("should pass validation with all OIDC settings provided", () => {
const parsed = EnvSchema.parse({
OIDC_ENABLED: "true",
OIDC_ISSUER_URL: "https://auth.example.com",
OIDC_CLIENT_ID: "my-client-id",
OIDC_CLIENT_SECRET: "my-client-secret",
OIDC_REDIRECT_URI: "https://app.example.com/callback",
});
const missing = validateOidcConfig(parsed);
expect(missing).toHaveLength(0);
});
it("should pass validation with all OIDC settings provided", () => {
const parsed = EnvSchema.parse({
OIDC_ENABLED: "true",
OIDC_ISSUER_URL: "https://auth.example.com",
OIDC_CLIENT_ID: "my-client-id",
OIDC_CLIENT_SECRET: "my-client-secret",
OIDC_REDIRECT_URI: "https://app.example.com/callback",
});
const missing = validateOidcConfig(parsed);
expect(missing).toHaveLength(0);
});
it("should identify which specific OIDC settings are missing", () => {
const parsed = EnvSchema.parse({
OIDC_ENABLED: "true",
OIDC_ISSUER_URL: "https://auth.example.com",
OIDC_CLIENT_ID: "my-client-id",
// OIDC_CLIENT_SECRET missing
// OIDC_REDIRECT_URI missing
});
const missing = validateOidcConfig(parsed);
expect(missing).toHaveLength(2);
expect(missing).toContain("OIDC_CLIENT_SECRET");
expect(missing).toContain("OIDC_REDIRECT_URI");
});
it("should identify which specific OIDC settings are missing", () => {
const parsed = EnvSchema.parse({
OIDC_ENABLED: "true",
OIDC_ISSUER_URL: "https://auth.example.com",
OIDC_CLIENT_ID: "my-client-id",
// OIDC_CLIENT_SECRET missing
// OIDC_REDIRECT_URI missing
});
const missing = validateOidcConfig(parsed);
expect(missing).toHaveLength(2);
expect(missing).toContain("OIDC_CLIENT_SECRET");
expect(missing).toContain("OIDC_REDIRECT_URI");
});
});
describe("Full configuration scenarios", () => {
it("should parse minimal config (auth disabled)", () => {
const result = EnvSchema.parse({});
expect(result.AUTH_ENABLED).toBe(false);
expect(result.OIDC_ENABLED).toBe(false);
});
it("should parse minimal config (auth disabled)", () => {
const result = EnvSchema.parse({});
expect(result.AUTH_ENABLED).toBe(false);
expect(result.OIDC_ENABLED).toBe(false);
});
it("should parse full production config with auth enabled", () => {
const env = {
NODE_ENV: "production",
PORT: "8080",
CORS_ORIGINS: "https://myapp.com",
LOG_LEVEL: "warn",
AUTH_ENABLED: "true",
REGISTRATION_ENABLED: "false",
JWT_SECRET: "production-jwt-secret-key-12345",
REFRESH_SECRET: "production-refresh-secret-key-12345",
COOKIE_SECRET: "production-cookie-secret-key-12345",
ACCESS_TOKEN_TTL_MINUTES: "30",
REFRESH_TOKEN_TTL_DAYS: "14",
};
const result = EnvSchema.parse(env);
expect(result.NODE_ENV).toBe("production");
expect(result.PORT).toBe(8080);
expect(result.CORS_ORIGINS).toBe("https://myapp.com");
expect(result.LOG_LEVEL).toBe("warn");
expect(result.AUTH_ENABLED).toBe(true);
expect(result.REGISTRATION_ENABLED).toBe(false);
expect(result.ACCESS_TOKEN_TTL_MINUTES).toBe(30);
expect(result.REFRESH_TOKEN_TTL_DAYS).toBe(14);
// Should pass auth validation
const missing = validateAuthSecrets(result);
expect(missing).toHaveLength(0);
});
it("should parse full production config with auth enabled", () => {
const env = {
NODE_ENV: "production",
PORT: "8080",
CORS_ORIGINS: "https://myapp.com",
LOG_LEVEL: "warn",
AUTH_ENABLED: "true",
REGISTRATION_ENABLED: "false",
JWT_SECRET: "production-jwt-secret-key-12345",
REFRESH_SECRET: "production-refresh-secret-key-12345",
COOKIE_SECRET: "production-cookie-secret-key-12345",
ACCESS_TOKEN_TTL_MINUTES: "30",
REFRESH_TOKEN_TTL_DAYS: "14",
};
it("should parse config with OIDC SSO enabled", () => {
const env = {
AUTH_ENABLED: "true",
JWT_SECRET: "production-jwt-secret-key-12345",
REFRESH_SECRET: "production-refresh-secret-key-12345",
COOKIE_SECRET: "production-cookie-secret-key-12345",
OIDC_ENABLED: "true",
OIDC_ISSUER_URL: "https://authelia.example.com",
OIDC_CLIENT_ID: "medassist",
OIDC_CLIENT_SECRET: "super-secret-oidc-secret",
OIDC_REDIRECT_URI: "https://medassist.example.com/api/auth/oidc/callback",
OIDC_SCOPES: "openid profile email groups",
OIDC_USERNAME_CLAIM: "email",
OIDC_PROVIDER_NAME: "Authelia",
};
const result = EnvSchema.parse(env);
expect(result.OIDC_ENABLED).toBe(true);
expect(result.OIDC_ISSUER_URL).toBe("https://authelia.example.com");
expect(result.OIDC_SCOPES).toBe("openid profile email groups");
expect(result.OIDC_USERNAME_CLAIM).toBe("email");
expect(result.OIDC_PROVIDER_NAME).toBe("Authelia");
// Should pass both validations
expect(validateAuthSecrets(result)).toHaveLength(0);
expect(validateOidcConfig(result)).toHaveLength(0);
});
const result = EnvSchema.parse(env);
it("should parse development config", () => {
const env = {
NODE_ENV: "development",
PORT: "3000",
LOG_LEVEL: "debug",
AUTH_ENABLED: "false",
};
const result = EnvSchema.parse(env);
expect(result.NODE_ENV).toBe("development");
expect(result.LOG_LEVEL).toBe("debug");
expect(result.AUTH_ENABLED).toBe(false);
});
expect(result.NODE_ENV).toBe("production");
expect(result.PORT).toBe(8080);
expect(result.CORS_ORIGINS).toBe("https://myapp.com");
expect(result.LOG_LEVEL).toBe("warn");
expect(result.AUTH_ENABLED).toBe(true);
expect(result.REGISTRATION_ENABLED).toBe(false);
expect(result.ACCESS_TOKEN_TTL_MINUTES).toBe(30);
expect(result.REFRESH_TOKEN_TTL_DAYS).toBe(14);
// Should pass auth validation
const missing = validateAuthSecrets(result);
expect(missing).toHaveLength(0);
});
it("should parse config with OIDC SSO enabled", () => {
const env = {
AUTH_ENABLED: "true",
JWT_SECRET: "production-jwt-secret-key-12345",
REFRESH_SECRET: "production-refresh-secret-key-12345",
COOKIE_SECRET: "production-cookie-secret-key-12345",
OIDC_ENABLED: "true",
OIDC_ISSUER_URL: "https://authelia.example.com",
OIDC_CLIENT_ID: "medassist",
OIDC_CLIENT_SECRET: "super-secret-oidc-secret",
OIDC_REDIRECT_URI: "https://medassist.example.com/api/auth/oidc/callback",
OIDC_SCOPES: "openid profile email groups",
OIDC_USERNAME_CLAIM: "email",
OIDC_PROVIDER_NAME: "Authelia",
};
const result = EnvSchema.parse(env);
expect(result.OIDC_ENABLED).toBe(true);
expect(result.OIDC_ISSUER_URL).toBe("https://authelia.example.com");
expect(result.OIDC_SCOPES).toBe("openid profile email groups");
expect(result.OIDC_USERNAME_CLAIM).toBe("email");
expect(result.OIDC_PROVIDER_NAME).toBe("Authelia");
// Should pass both validations
expect(validateAuthSecrets(result)).toHaveLength(0);
expect(validateOidcConfig(result)).toHaveLength(0);
});
it("should parse development config", () => {
const env = {
NODE_ENV: "development",
PORT: "3000",
LOG_LEVEL: "debug",
AUTH_ENABLED: "false",
};
const result = EnvSchema.parse(env);
expect(result.NODE_ENV).toBe("development");
expect(result.LOG_LEVEL).toBe("debug");
expect(result.AUTH_ENABLED).toBe(false);
});
});
backend/src/test/export.test.ts
+717 -725
View File
File diff suppressed because it is too large Load Diff
backend/src/test/integration.test.ts
+986 -816
View File
File diff suppressed because it is too large Load Diff
backend/src/test/medications.test.ts
+562 -563
View File
File diff suppressed because it is too large Load Diff
backend/src/test/planner.test.ts
+623 -631
View File
File diff suppressed because it is too large Load Diff
backend/src/test/refills.test.ts
+315 -313
View File
@@ -2,14 +2,14 @@
* Tests for /medications/:id/refill and /medications/:id/refills API endpoints.
* Tests adding refills to medication stock and retrieving refill history.
*/
import { describe, it, expect, beforeAll, afterAll, beforeEach } from "vitest";
import { afterAll, beforeAll, beforeEach, describe, expect, it } from "vitest";
import {
buildTestApp,
closeTestApp,
clearTestData,
createTestUser,
createTestMedication,
TestContext,
buildTestApp,
clearTestData,
closeTestApp,
createTestMedication,
createTestUser,
type TestContext,
} from "./setup.js";
// Store userId at module level so routes can access it
@@ -20,96 +20,98 @@ let currentUserId = 1;
// =============================================================================
async function registerRefillRoutes(ctx: TestContext) {
const { app, client } = ctx;
const { app, client } = ctx;
// POST /medications/:id/refill - Add stock and record history
app.post<{ Params: { id: string }; Body: { packsAdded?: number; loosePillsAdded?: number } }>(
"/medications/:id/refill",
async (request, reply) => {
const userId = currentUserId;
const medId = parseInt(request.params.id, 10);
const { packsAdded = 0, loosePillsAdded = 0 } = request.body || {};
// POST /medications/:id/refill - Add stock and record history
app.post<{ Params: { id: string }; Body: { packsAdded?: number; loosePillsAdded?: number } }>(
"/medications/:id/refill",
async (request, reply) => {
const userId = currentUserId;
const medId = parseInt(request.params.id, 10);
const { packsAdded = 0, loosePillsAdded = 0 } = request.body || {};
// Validate input
if (packsAdded < 0 || loosePillsAdded < 0) {
return reply.status(400).send({ error: "packsAdded and loosePillsAdded must be non-negative" });
}
if (packsAdded === 0 && loosePillsAdded === 0) {
return reply.status(400).send({ error: "At least one of packsAdded or loosePillsAdded must be greater than 0" });
}
// Validate input
if (packsAdded < 0 || loosePillsAdded < 0) {
return reply.status(400).send({ error: "packsAdded and loosePillsAdded must be non-negative" });
}
if (packsAdded === 0 && loosePillsAdded === 0) {
return reply
.status(400)
.send({ error: "At least one of packsAdded or loosePillsAdded must be greater than 0" });
}
// Check medication exists and belongs to user
const medResult = await client.execute({
sql: `SELECT id, pack_count, loose_tablets, blisters_per_pack, pills_per_blister
// Check medication exists and belongs to user
const medResult = await client.execute({
sql: `SELECT id, pack_count, loose_tablets, blisters_per_pack, pills_per_blister
FROM medications WHERE id = ? AND user_id = ?`,
args: [medId, userId],
});
args: [medId, userId],
});
if (medResult.rows.length === 0) {
return reply.status(404).send({ error: "Medication not found" });
}
if (medResult.rows.length === 0) {
return reply.status(404).send({ error: "Medication not found" });
}
const med = medResult.rows[0];
const newPackCount = (med.pack_count as number) + packsAdded;
const newLooseTablets = (med.loose_tablets as number) + loosePillsAdded;
const pillsPerPack = (med.blisters_per_pack as number) * (med.pills_per_blister as number);
const totalPillsAdded = packsAdded * pillsPerPack + loosePillsAdded;
const med = medResult.rows[0];
const newPackCount = (med.pack_count as number) + packsAdded;
const newLooseTablets = (med.loose_tablets as number) + loosePillsAdded;
const pillsPerPack = (med.blisters_per_pack as number) * (med.pills_per_blister as number);
const totalPillsAdded = packsAdded * pillsPerPack + loosePillsAdded;
// Update medication stock
await client.execute({
sql: `UPDATE medications SET pack_count = ?, loose_tablets = ? WHERE id = ?`,
args: [newPackCount, newLooseTablets, medId],
});
// Update medication stock
await client.execute({
sql: `UPDATE medications SET pack_count = ?, loose_tablets = ? WHERE id = ?`,
args: [newPackCount, newLooseTablets, medId],
});
// Record refill history
await client.execute({
sql: `INSERT INTO refill_history (medication_id, user_id, packs_added, loose_pills_added)
// Record refill history
await client.execute({
sql: `INSERT INTO refill_history (medication_id, user_id, packs_added, loose_pills_added)
VALUES (?, ?, ?, ?)`,
args: [medId, userId, packsAdded, loosePillsAdded],
});
args: [medId, userId, packsAdded, loosePillsAdded],
});
return {
success: true,
pillsAdded: totalPillsAdded,
newPackCount,
newLooseTablets,
};
}
);
return {
success: true,
pillsAdded: totalPillsAdded,
newPackCount,
newLooseTablets,
};
}
);
// GET /medications/:id/refills - Get refill history
app.get<{ Params: { id: string } }>("/medications/:id/refills", async (request, reply) => {
const userId = currentUserId;
const medId = parseInt(request.params.id, 10);
// GET /medications/:id/refills - Get refill history
app.get<{ Params: { id: string } }>("/medications/:id/refills", async (request, reply) => {
const userId = currentUserId;
const medId = parseInt(request.params.id, 10);
// Check medication exists and belongs to user
const medResult = await client.execute({
sql: `SELECT id FROM medications WHERE id = ? AND user_id = ?`,
args: [medId, userId],
});
// Check medication exists and belongs to user
const medResult = await client.execute({
sql: `SELECT id FROM medications WHERE id = ? AND user_id = ?`,
args: [medId, userId],
});
if (medResult.rows.length === 0) {
return reply.status(404).send({ error: "Medication not found" });
}
if (medResult.rows.length === 0) {
return reply.status(404).send({ error: "Medication not found" });
}
// Get refill history, newest first
const refillResult = await client.execute({
sql: `SELECT id, packs_added, loose_pills_added, refill_date
// Get refill history, newest first
const refillResult = await client.execute({
sql: `SELECT id, packs_added, loose_pills_added, refill_date
FROM refill_history
WHERE medication_id = ? AND user_id = ?
ORDER BY refill_date DESC`,
args: [medId, userId],
});
args: [medId, userId],
});
return {
refills: refillResult.rows.map((r) => ({
id: r.id,
packsAdded: r.packs_added,
loosePillsAdded: r.loose_pills_added,
refillDate: r.refill_date,
})),
};
});
return {
refills: refillResult.rows.map((r) => ({
id: r.id,
packsAdded: r.packs_added,
loosePillsAdded: r.loose_pills_added,
refillDate: r.refill_date,
})),
};
});
}
// =============================================================================
@@ -117,278 +119,278 @@ async function registerRefillRoutes(ctx: TestContext) {
// =============================================================================
describe("Refill API", () => {
let ctx: TestContext;
let userId: number;
let medId: number;
let ctx: TestContext;
let userId: number;
let medId: number;
beforeAll(async () => {
ctx = await buildTestApp();
await registerRefillRoutes(ctx);
await ctx.app.ready();
});
beforeAll(async () => {
ctx = await buildTestApp();
await registerRefillRoutes(ctx);
await ctx.app.ready();
});
afterAll(async () => {
await closeTestApp(ctx);
});
afterAll(async () => {
await closeTestApp(ctx);
});
beforeEach(async () => {
await clearTestData(ctx.client);
// Create test user
userId = await createTestUser(ctx.client, { username: "testuser" });
// Update the module-level userId so routes use the correct one
currentUserId = userId;
// Create a test medication with 1 pack (10 blisters × 10 pills = 100 pills/pack)
medId = await createTestMedication(ctx.client, {
userId,
name: "Test Med",
packCount: 1,
blistersPerPack: 10,
pillsPerBlister: 10,
looseTablets: 5,
});
});
beforeEach(async () => {
await clearTestData(ctx.client);
// Create test user
userId = await createTestUser(ctx.client, { username: "testuser" });
// Update the module-level userId so routes use the correct one
currentUserId = userId;
// Create a test medication with 1 pack (10 blisters × 10 pills = 100 pills/pack)
medId = await createTestMedication(ctx.client, {
userId,
name: "Test Med",
packCount: 1,
blistersPerPack: 10,
pillsPerBlister: 10,
looseTablets: 5,
});
});
// ---------------------------------------------------------------------------
// POST /medications/:id/refill
// ---------------------------------------------------------------------------
// ---------------------------------------------------------------------------
// POST /medications/:id/refill
// ---------------------------------------------------------------------------
describe("POST /medications/:id/refill", () => {
it("should add packs to medication stock", async () => {
const response = await ctx.app.inject({
method: "POST",
url: `/medications/${medId}/refill`,
payload: { packsAdded: 2 },
});
describe("POST /medications/:id/refill", () => {
it("should add packs to medication stock", async () => {
const response = await ctx.app.inject({
method: "POST",
url: `/medications/${medId}/refill`,
payload: { packsAdded: 2 },
});
expect(response.statusCode).toBe(200);
const data = response.json();
expect(data.success).toBe(true);
expect(data.pillsAdded).toBe(200); // 2 packs × 100 pills
expect(data.newPackCount).toBe(3); // 1 + 2
expect(response.statusCode).toBe(200);
const data = response.json();
expect(data.success).toBe(true);
expect(data.pillsAdded).toBe(200); // 2 packs × 100 pills
expect(data.newPackCount).toBe(3); // 1 + 2
// Verify in database
const result = await ctx.client.execute({
sql: `SELECT pack_count FROM medications WHERE id = ?`,
args: [medId],
});
expect(result.rows[0].pack_count).toBe(3);
});
// Verify in database
const result = await ctx.client.execute({
sql: `SELECT pack_count FROM medications WHERE id = ?`,
args: [medId],
});
expect(result.rows[0].pack_count).toBe(3);
});
it("should add loose pills to medication stock", async () => {
const response = await ctx.app.inject({
method: "POST",
url: `/medications/${medId}/refill`,
payload: { loosePillsAdded: 15 },
});
it("should add loose pills to medication stock", async () => {
const response = await ctx.app.inject({
method: "POST",
url: `/medications/${medId}/refill`,
payload: { loosePillsAdded: 15 },
});
expect(response.statusCode).toBe(200);
const data = response.json();
expect(data.success).toBe(true);
expect(data.pillsAdded).toBe(15);
expect(data.newLooseTablets).toBe(20); // 5 + 15
expect(response.statusCode).toBe(200);
const data = response.json();
expect(data.success).toBe(true);
expect(data.pillsAdded).toBe(15);
expect(data.newLooseTablets).toBe(20); // 5 + 15
// Verify in database
const result = await ctx.client.execute({
sql: `SELECT loose_tablets FROM medications WHERE id = ?`,
args: [medId],
});
expect(result.rows[0].loose_tablets).toBe(20);
});
// Verify in database
const result = await ctx.client.execute({
sql: `SELECT loose_tablets FROM medications WHERE id = ?`,
args: [medId],
});
expect(result.rows[0].loose_tablets).toBe(20);
});
it("should add both packs and loose pills", async () => {
const response = await ctx.app.inject({
method: "POST",
url: `/medications/${medId}/refill`,
payload: { packsAdded: 1, loosePillsAdded: 10 },
});
it("should add both packs and loose pills", async () => {
const response = await ctx.app.inject({
method: "POST",
url: `/medications/${medId}/refill`,
payload: { packsAdded: 1, loosePillsAdded: 10 },
});
expect(response.statusCode).toBe(200);
const data = response.json();
expect(data.success).toBe(true);
expect(data.pillsAdded).toBe(110); // 1 pack (100) + 10 loose
expect(data.newPackCount).toBe(2);
expect(data.newLooseTablets).toBe(15);
});
expect(response.statusCode).toBe(200);
const data = response.json();
expect(data.success).toBe(true);
expect(data.pillsAdded).toBe(110); // 1 pack (100) + 10 loose
expect(data.newPackCount).toBe(2);
expect(data.newLooseTablets).toBe(15);
});
it("should record refill in history", async () => {
await ctx.app.inject({
method: "POST",
url: `/medications/${medId}/refill`,
payload: { packsAdded: 2, loosePillsAdded: 5 },
});
it("should record refill in history", async () => {
await ctx.app.inject({
method: "POST",
url: `/medications/${medId}/refill`,
payload: { packsAdded: 2, loosePillsAdded: 5 },
});
// Check history
const result = await ctx.client.execute({
sql: `SELECT packs_added, loose_pills_added FROM refill_history WHERE medication_id = ?`,
args: [medId],
});
expect(result.rows.length).toBe(1);
expect(result.rows[0].packs_added).toBe(2);
expect(result.rows[0].loose_pills_added).toBe(5);
});
// Check history
const result = await ctx.client.execute({
sql: `SELECT packs_added, loose_pills_added FROM refill_history WHERE medication_id = ?`,
args: [medId],
});
expect(result.rows.length).toBe(1);
expect(result.rows[0].packs_added).toBe(2);
expect(result.rows[0].loose_pills_added).toBe(5);
});
it("should reject refill with zero amounts", async () => {
const response = await ctx.app.inject({
method: "POST",
url: `/medications/${medId}/refill`,
payload: { packsAdded: 0, loosePillsAdded: 0 },
});
it("should reject refill with zero amounts", async () => {
const response = await ctx.app.inject({
method: "POST",
url: `/medications/${medId}/refill`,
payload: { packsAdded: 0, loosePillsAdded: 0 },
});
expect(response.statusCode).toBe(400);
expect(response.json().error).toContain("At least one");
});
expect(response.statusCode).toBe(400);
expect(response.json().error).toContain("At least one");
});
it("should reject refill with negative amounts", async () => {
const response = await ctx.app.inject({
method: "POST",
url: `/medications/${medId}/refill`,
payload: { packsAdded: -1 },
});
it("should reject refill with negative amounts", async () => {
const response = await ctx.app.inject({
method: "POST",
url: `/medications/${medId}/refill`,
payload: { packsAdded: -1 },
});
expect(response.statusCode).toBe(400);
expect(response.json().error).toContain("non-negative");
});
expect(response.statusCode).toBe(400);
expect(response.json().error).toContain("non-negative");
});
it("should return 404 for non-existent medication", async () => {
const response = await ctx.app.inject({
method: "POST",
url: `/medications/99999/refill`,
payload: { packsAdded: 1 },
});
it("should return 404 for non-existent medication", async () => {
const response = await ctx.app.inject({
method: "POST",
url: `/medications/99999/refill`,
payload: { packsAdded: 1 },
});
expect(response.statusCode).toBe(404);
expect(response.json().error).toBe("Medication not found");
});
});
expect(response.statusCode).toBe(404);
expect(response.json().error).toBe("Medication not found");
});
});
// ---------------------------------------------------------------------------
// GET /medications/:id/refills
// ---------------------------------------------------------------------------
// ---------------------------------------------------------------------------
// GET /medications/:id/refills
// ---------------------------------------------------------------------------
describe("GET /medications/:id/refills", () => {
it("should return empty array when no refills", async () => {
const response = await ctx.app.inject({
method: "GET",
url: `/medications/${medId}/refills`,
});
describe("GET /medications/:id/refills", () => {
it("should return empty array when no refills", async () => {
const response = await ctx.app.inject({
method: "GET",
url: `/medications/${medId}/refills`,
});
expect(response.statusCode).toBe(200);
expect(response.json()).toEqual({ refills: [] });
});
expect(response.statusCode).toBe(200);
expect(response.json()).toEqual({ refills: [] });
});
it("should return refill history newest first", async () => {
// Add two refills with different values so we can identify them
await ctx.app.inject({
method: "POST",
url: `/medications/${medId}/refill`,
payload: { packsAdded: 1, loosePillsAdded: 0 },
});
it("should return refill history newest first", async () => {
// Add two refills with different values so we can identify them
await ctx.app.inject({
method: "POST",
url: `/medications/${medId}/refill`,
payload: { packsAdded: 1, loosePillsAdded: 0 },
});
// Increase delay to ensure different timestamps (SQLite datetime has second precision)
await new Promise((r) => setTimeout(r, 1100));
// Increase delay to ensure different timestamps (SQLite datetime has second precision)
await new Promise((r) => setTimeout(r, 1100));
await ctx.app.inject({
method: "POST",
url: `/medications/${medId}/refill`,
payload: { packsAdded: 0, loosePillsAdded: 20 },
});
await ctx.app.inject({
method: "POST",
url: `/medications/${medId}/refill`,
payload: { packsAdded: 0, loosePillsAdded: 20 },
});
const response = await ctx.app.inject({
method: "GET",
url: `/medications/${medId}/refills`,
});
const response = await ctx.app.inject({
method: "GET",
url: `/medications/${medId}/refills`,
});
expect(response.statusCode).toBe(200);
const data = response.json();
expect(data.refills).toHaveLength(2);
// Newest first (loose pills - added second)
expect(data.refills[0].packsAdded).toBe(0);
expect(data.refills[0].loosePillsAdded).toBe(20);
// Older (packs - added first)
expect(data.refills[1].packsAdded).toBe(1);
expect(data.refills[1].loosePillsAdded).toBe(0);
expect(response.statusCode).toBe(200);
const data = response.json();
expect(data.refills).toHaveLength(2);
// Each entry should have an id and refillDate
for (const refill of data.refills) {
expect(refill.id).toBeTypeOf("number");
expect(refill.refillDate).toBeTruthy();
}
});
// Newest first (loose pills - added second)
expect(data.refills[0].packsAdded).toBe(0);
expect(data.refills[0].loosePillsAdded).toBe(20);
it("should return 404 for non-existent medication", async () => {
const response = await ctx.app.inject({
method: "GET",
url: `/medications/99999/refills`,
});
// Older (packs - added first)
expect(data.refills[1].packsAdded).toBe(1);
expect(data.refills[1].loosePillsAdded).toBe(0);
expect(response.statusCode).toBe(404);
expect(response.json().error).toBe("Medication not found");
});
});
// Each entry should have an id and refillDate
for (const refill of data.refills) {
expect(refill.id).toBeTypeOf("number");
expect(refill.refillDate).toBeTruthy();
}
});
// ---------------------------------------------------------------------------
// Cascade Delete Tests
// ---------------------------------------------------------------------------
it("should return 404 for non-existent medication", async () => {
const response = await ctx.app.inject({
method: "GET",
url: `/medications/99999/refills`,
});
describe("Cascade Delete", () => {
it("should delete refill history when medication is deleted", async () => {
// Add a refill
await ctx.app.inject({
method: "POST",
url: `/medications/${medId}/refill`,
payload: { packsAdded: 1 },
});
expect(response.statusCode).toBe(404);
expect(response.json().error).toBe("Medication not found");
});
});
// Verify refill exists
let result = await ctx.client.execute({
sql: `SELECT COUNT(*) as count FROM refill_history WHERE medication_id = ?`,
args: [medId],
});
expect(result.rows[0].count).toBe(1);
// ---------------------------------------------------------------------------
// Cascade Delete Tests
// ---------------------------------------------------------------------------
// Delete medication
await ctx.client.execute({
sql: `DELETE FROM medications WHERE id = ?`,
args: [medId],
});
describe("Cascade Delete", () => {
it("should delete refill history when medication is deleted", async () => {
// Add a refill
await ctx.app.inject({
method: "POST",
url: `/medications/${medId}/refill`,
payload: { packsAdded: 1 },
});
// Verify refill history was cascade deleted
result = await ctx.client.execute({
sql: `SELECT COUNT(*) as count FROM refill_history WHERE medication_id = ?`,
args: [medId],
});
expect(result.rows[0].count).toBe(0);
});
// Verify refill exists
let result = await ctx.client.execute({
sql: `SELECT COUNT(*) as count FROM refill_history WHERE medication_id = ?`,
args: [medId],
});
expect(result.rows[0].count).toBe(1);
it("should delete refill history when user is deleted", async () => {
// Add a refill
await ctx.app.inject({
method: "POST",
url: `/medications/${medId}/refill`,
payload: { packsAdded: 1 },
});
// Delete medication
await ctx.client.execute({
sql: `DELETE FROM medications WHERE id = ?`,
args: [medId],
});
// Verify refill exists
let result = await ctx.client.execute({
sql: `SELECT COUNT(*) as count FROM refill_history WHERE user_id = ?`,
args: [userId],
});
expect(result.rows[0].count).toBe(1);
// Verify refill history was cascade deleted
result = await ctx.client.execute({
sql: `SELECT COUNT(*) as count FROM refill_history WHERE medication_id = ?`,
args: [medId],
});
expect(result.rows[0].count).toBe(0);
});
// Delete user
await ctx.client.execute({
sql: `DELETE FROM users WHERE id = ?`,
args: [userId],
});
it("should delete refill history when user is deleted", async () => {
// Add a refill
await ctx.app.inject({
method: "POST",
url: `/medications/${medId}/refill`,
payload: { packsAdded: 1 },
});
// Verify refill history was cascade deleted
result = await ctx.client.execute({
sql: `SELECT COUNT(*) as count FROM refill_history WHERE user_id = ?`,
args: [userId],
});
expect(result.rows[0].count).toBe(0);
});
});
// Verify refill exists
let result = await ctx.client.execute({
sql: `SELECT COUNT(*) as count FROM refill_history WHERE user_id = ?`,
args: [userId],
});
expect(result.rows[0].count).toBe(1);
// Delete user
await ctx.client.execute({
sql: `DELETE FROM users WHERE id = ?`,
args: [userId],
});
// Verify refill history was cascade deleted
result = await ctx.client.execute({
sql: `SELECT COUNT(*) as count FROM refill_history WHERE user_id = ?`,
args: [userId],
});
expect(result.rows[0].count).toBe(0);
});
});
});
backend/src/test/server.test.ts
+442 -432
View File
@@ -1,499 +1,509 @@
import { describe, it, expect, vi, beforeEach, afterEach } from "vitest";
import Fastify from "fastify";
import { existsSync, rmSync } from "node:fs";
import { tmpdir } from "node:os";
import { resolve } from "node:path";
import cookie from "@fastify/cookie";
import cors from "@fastify/cors";
import sensible from "@fastify/sensible";
import cookie from "@fastify/cookie";
import { mkdirSync, rmSync, existsSync } from "fs";
import { resolve } from "path";
import { tmpdir } from "os";
import Fastify from "fastify";
import { afterEach, describe, expect, it } from "vitest";
// Import from utils to avoid index.ts import side effects (server start)
import {
parseCorsOrigins,
buildBaseCookieOptions,
buildRefreshCookieOptions,
buildAppConfig,
ensureImagesDirectory,
getJwtConfig,
buildAppConfig,
buildBaseCookieOptions,
buildRefreshCookieOptions,
ensureImagesDirectory,
getJwtConfig,
parseCorsOrigins,
} from "../utils/server-config.js";
describe("Index.ts Utility Functions", () => {
describe("parseCorsOrigins", () => {
it("should parse comma-separated origins", () => {
const origins = parseCorsOrigins("http://localhost:5173,http://localhost:4173");
expect(origins).toHaveLength(2);
expect(origins[0]).toBe("http://localhost:5173");
expect(origins[1]).toBe("http://localhost:4173");
});
describe("parseCorsOrigins", () => {
it("should parse comma-separated origins", () => {
const origins = parseCorsOrigins("http://localhost:5173,http://localhost:4173");
expect(origins).toHaveLength(2);
expect(origins[0]).toBe("http://localhost:5173");
expect(origins[1]).toBe("http://localhost:4173");
});
it("should handle single origin", () => {
const origins = parseCorsOrigins("https://myapp.example.com");
expect(origins).toHaveLength(1);
expect(origins[0]).toBe("https://myapp.example.com");
});
it("should handle single origin", () => {
const origins = parseCorsOrigins("https://myapp.example.com");
expect(origins).toHaveLength(1);
expect(origins[0]).toBe("https://myapp.example.com");
});
it("should filter out empty strings", () => {
const origins = parseCorsOrigins("http://localhost:5173,,http://localhost:4173,");
expect(origins).toHaveLength(2);
});
it("should filter out empty strings", () => {
const origins = parseCorsOrigins("http://localhost:5173,,http://localhost:4173,");
expect(origins).toHaveLength(2);
});
it("should trim whitespace", () => {
const origins = parseCorsOrigins(" http://localhost:5173 , http://localhost:4173 ");
expect(origins).toEqual(["http://localhost:5173", "http://localhost:4173"]);
});
it("should trim whitespace", () => {
const origins = parseCorsOrigins(" http://localhost:5173 , http://localhost:4173 ");
expect(origins).toEqual(["http://localhost:5173", "http://localhost:4173"]);
});
it("should return empty array for empty string", () => {
const origins = parseCorsOrigins("");
expect(origins).toHaveLength(0);
});
});
it("should return empty array for empty string", () => {
const origins = parseCorsOrigins("");
expect(origins).toHaveLength(0);
});
});
describe("buildBaseCookieOptions", () => {
it("should set secure=true in production", () => {
const options = buildBaseCookieOptions(15, true);
expect(options.secure).toBe(true);
expect(options.httpOnly).toBe(true);
expect(options.sameSite).toBe("lax");
expect(options.path).toBe("/");
});
describe("buildBaseCookieOptions", () => {
it("should set secure=true in production", () => {
const options = buildBaseCookieOptions(15, true);
expect(options.secure).toBe(true);
expect(options.httpOnly).toBe(true);
expect(options.sameSite).toBe("lax");
expect(options.path).toBe("/");
});
it("should set secure=false in development", () => {
const options = buildBaseCookieOptions(15, false);
expect(options.secure).toBe(false);
});
it("should set secure=false in development", () => {
const options = buildBaseCookieOptions(15, false);
expect(options.secure).toBe(false);
});
it("should calculate maxAge in seconds from minutes", () => {
const options = buildBaseCookieOptions(15, false);
expect(options.maxAge).toBe(15 * 60); // 900 seconds
});
it("should calculate maxAge in seconds from minutes", () => {
const options = buildBaseCookieOptions(15, false);
expect(options.maxAge).toBe(15 * 60); // 900 seconds
});
it("should handle custom TTL values", () => {
const options = buildBaseCookieOptions(30, false);
expect(options.maxAge).toBe(30 * 60); // 1800 seconds
});
});
it("should handle custom TTL values", () => {
const options = buildBaseCookieOptions(30, false);
expect(options.maxAge).toBe(30 * 60); // 1800 seconds
});
});
describe("buildRefreshCookieOptions", () => {
it("should extend base options with longer maxAge", () => {
const base = buildBaseCookieOptions(15, false);
const refresh = buildRefreshCookieOptions(base, 7);
expect(refresh.httpOnly).toBe(true);
expect(refresh.sameSite).toBe("lax");
expect(refresh.maxAge).toBe(7 * 24 * 60 * 60); // 7 days in seconds
});
describe("buildRefreshCookieOptions", () => {
it("should extend base options with longer maxAge", () => {
const base = buildBaseCookieOptions(15, false);
const refresh = buildRefreshCookieOptions(base, 7);
it("should calculate 14 days correctly", () => {
const base = buildBaseCookieOptions(15, false);
const refresh = buildRefreshCookieOptions(base, 14);
expect(refresh.maxAge).toBe(14 * 24 * 60 * 60); // 1209600 seconds
});
expect(refresh.httpOnly).toBe(true);
expect(refresh.sameSite).toBe("lax");
expect(refresh.maxAge).toBe(7 * 24 * 60 * 60); // 7 days in seconds
});
it("should preserve secure flag from base", () => {
const base = buildBaseCookieOptions(15, true);
const refresh = buildRefreshCookieOptions(base, 7);
expect(refresh.secure).toBe(true);
});
});
it("should calculate 14 days correctly", () => {
const base = buildBaseCookieOptions(15, false);
const refresh = buildRefreshCookieOptions(base, 14);
expect(refresh.maxAge).toBe(14 * 24 * 60 * 60); // 1209600 seconds
});
describe("buildAppConfig", () => {
it("should build complete config object", () => {
const config = buildAppConfig({
jwtSecret: "test-jwt-secret",
refreshSecret: "test-refresh-secret",
accessTtlMinutes: 15,
refreshTtlDays: 7,
isProduction: false,
});
it("should preserve secure flag from base", () => {
const base = buildBaseCookieOptions(15, true);
const refresh = buildRefreshCookieOptions(base, 7);
expect(refresh.secure).toBe(true);
});
});
expect(config.accessSecret).toBe("test-jwt-secret");
expect(config.refreshSecret).toBe("test-refresh-secret");
expect(config.accessTtl).toBe(15);
expect(config.refreshTtl).toBe(7);
expect(config.cookieOptions).toBeDefined();
expect(config.refreshCookieOptions).toBeDefined();
});
describe("buildAppConfig", () => {
it("should build complete config object", () => {
const config = buildAppConfig({
jwtSecret: "test-jwt-secret",
refreshSecret: "test-refresh-secret",
accessTtlMinutes: 15,
refreshTtlDays: 7,
isProduction: false,
});
it("should use empty strings for missing secrets", () => {
const config = buildAppConfig({
accessTtlMinutes: 15,
refreshTtlDays: 7,
isProduction: false,
});
expect(config.accessSecret).toBe("test-jwt-secret");
expect(config.refreshSecret).toBe("test-refresh-secret");
expect(config.accessTtl).toBe(15);
expect(config.refreshTtl).toBe(7);
expect(config.cookieOptions).toBeDefined();
expect(config.refreshCookieOptions).toBeDefined();
});
expect(config.accessSecret).toBe("");
expect(config.refreshSecret).toBe("");
});
it("should use empty strings for missing secrets", () => {
const config = buildAppConfig({
accessTtlMinutes: 15,
refreshTtlDays: 7,
isProduction: false,
});
it("should set secure cookies in production", () => {
const config = buildAppConfig({
accessTtlMinutes: 15,
refreshTtlDays: 7,
isProduction: true,
});
expect(config.accessSecret).toBe("");
expect(config.refreshSecret).toBe("");
});
expect(config.cookieOptions.secure).toBe(true);
expect(config.refreshCookieOptions.secure).toBe(true);
});
});
it("should set secure cookies in production", () => {
const config = buildAppConfig({
accessTtlMinutes: 15,
refreshTtlDays: 7,
isProduction: true,
});
describe("ensureImagesDirectory", () => {
const testDir = resolve(tmpdir(), `test-images-dir-${Date.now()}`);
expect(config.cookieOptions.secure).toBe(true);
expect(config.refreshCookieOptions.secure).toBe(true);
});
});
afterEach(() => {
try {
if (existsSync(testDir)) {
rmSync(testDir, { recursive: true, force: true });
}
} catch {
// ignore cleanup errors
}
});
describe("ensureImagesDirectory", () => {
const testDir = resolve(tmpdir(), `test-images-dir-${Date.now()}`);
it("should create directory if it does not exist", () => {
const imagesDir = ensureImagesDirectory(testDir);
expect(existsSync(imagesDir)).toBe(true);
expect(imagesDir).toContain("data/images");
});
afterEach(() => {
try {
if (existsSync(testDir)) {
rmSync(testDir, { recursive: true, force: true });
}
} catch {
// ignore cleanup errors
}
});
it("should return path if directory already exists", () => {
const firstCall = ensureImagesDirectory(testDir);
const secondCall = ensureImagesDirectory(testDir);
expect(firstCall).toBe(secondCall);
});
});
it("should create directory if it does not exist", () => {
const imagesDir = ensureImagesDirectory(testDir);
expect(existsSync(imagesDir)).toBe(true);
expect(imagesDir).toContain("data/images");
});
describe("getJwtConfig", () => {
it("should return real secret when auth enabled with secret", () => {
const config = getJwtConfig(true, "my-super-secret");
expect(config.secret).toBe("my-super-secret");
expect(config.cookie.cookieName).toBe("access_token");
expect(config.cookie.signed).toBe(false);
});
it("should return path if directory already exists", () => {
const firstCall = ensureImagesDirectory(testDir);
const secondCall = ensureImagesDirectory(testDir);
expect(firstCall).toBe(secondCall);
});
});
it("should return dummy secret when auth disabled", () => {
const config = getJwtConfig(false, undefined);
expect(config.secret).toBe("auth-disabled-no-secret-needed");
});
describe("getJwtConfig", () => {
it("should return real secret when auth enabled with secret", () => {
const config = getJwtConfig(true, "my-super-secret");
expect(config.secret).toBe("my-super-secret");
expect(config.cookie.cookieName).toBe("access_token");
expect(config.cookie.signed).toBe(false);
});
it("should return dummy secret when auth enabled but no secret", () => {
const config = getJwtConfig(true, undefined);
expect(config.secret).toBe("auth-disabled-no-secret-needed");
});
it("should return dummy secret when auth disabled", () => {
const config = getJwtConfig(false, undefined);
expect(config.secret).toBe("auth-disabled-no-secret-needed");
});
it("should return dummy secret when auth enabled with empty secret", () => {
const config = getJwtConfig(true, "");
expect(config.secret).toBe("auth-disabled-no-secret-needed");
});
});
it("should return dummy secret when auth enabled but no secret", () => {
const config = getJwtConfig(true, undefined);
expect(config.secret).toBe("auth-disabled-no-secret-needed");
});
it("should return dummy secret when auth enabled with empty secret", () => {
const config = getJwtConfig(true, "");
expect(config.secret).toBe("auth-disabled-no-secret-needed");
});
});
});
// Test the server bootstrap logic without starting the actual server
describe("Server Bootstrap", () => {
describe("Fastify App Configuration", () => {
it("should create a Fastify instance with logger", async () => {
const app = Fastify({
logger: {
level: "silent", // Disable logging for tests
},
});
describe("Fastify App Configuration", () => {
it("should create a Fastify instance with logger", async () => {
const app = Fastify({
logger: {
level: "silent", // Disable logging for tests
},
});
expect(app).toBeDefined();
expect(app.log).toBeDefined();
await app.close();
});
expect(app).toBeDefined();
expect(app.log).toBeDefined();
it("should register sensible plugin", async () => {
const app = Fastify({ logger: false });
await app.register(sensible);
// Sensible adds error helpers
expect(app.httpErrors).toBeDefined();
expect(app.httpErrors.notFound).toBeDefined();
await app.close();
});
await app.close();
});
it("should register cors plugin with multiple origins", async () => {
const origins = ["http://localhost:5173", "http://localhost:4173"];
const app = Fastify({ logger: false });
await app.register(cors, { origin: origins, credentials: true });
// Add a test route
app.get("/test", async () => ({ ok: true }));
await app.ready();
// Test CORS headers
const response = await app.inject({
method: "GET",
url: "/test",
headers: {
origin: "http://localhost:5173",
},
});
expect(response.headers["access-control-allow-origin"]).toBe("http://localhost:5173");
expect(response.headers["access-control-allow-credentials"]).toBe("true");
await app.close();
});
it("should register sensible plugin", async () => {
const app = Fastify({ logger: false });
await app.register(sensible);
it("should register cookie plugin", async () => {
const app = Fastify({ logger: false });
await app.register(cookie, { secret: "test-cookie-secret" });
// Add a test route that sets a cookie
app.get("/set-cookie", async (request, reply) => {
reply.setCookie("test", "value", { path: "/" });
return { ok: true };
});
await app.ready();
const response = await app.inject({
method: "GET",
url: "/set-cookie",
});
expect(response.headers["set-cookie"]).toBeDefined();
await app.close();
});
});
// Sensible adds error helpers
expect(app.httpErrors).toBeDefined();
expect(app.httpErrors.notFound).toBeDefined();
describe("Config Decorator", () => {
it("should create config with auth settings", async () => {
const app = Fastify({ logger: false });
const accessTtlMinutes = 15;
const refreshTtlDays = 7;
const baseCookieOptions = {
httpOnly: true,
sameSite: "lax" as const,
secure: false, // test environment
path: "/",
maxAge: accessTtlMinutes * 60,
};
const refreshCookieOptions = {
...baseCookieOptions,
maxAge: refreshTtlDays * 24 * 60 * 60,
};
app.decorate("config", {
accessSecret: "test-jwt-secret",
refreshSecret: "test-refresh-secret",
accessTtl: accessTtlMinutes,
refreshTtl: refreshTtlDays,
cookieOptions: baseCookieOptions,
refreshCookieOptions,
});
expect((app as any).config.accessTtl).toBe(15);
expect((app as any).config.refreshTtl).toBe(7);
expect((app as any).config.cookieOptions.httpOnly).toBe(true);
expect((app as any).config.refreshCookieOptions.maxAge).toBe(7 * 24 * 60 * 60);
await app.close();
});
await app.close();
});
it("should calculate cookie maxAge correctly", () => {
const accessTtlMinutes = 30;
const refreshTtlDays = 14;
const accessMaxAge = accessTtlMinutes * 60;
const refreshMaxAge = refreshTtlDays * 24 * 60 * 60;
expect(accessMaxAge).toBe(1800); // 30 minutes in seconds
expect(refreshMaxAge).toBe(1209600); // 14 days in seconds
});
});
it("should register cors plugin with multiple origins", async () => {
const origins = ["http://localhost:5173", "http://localhost:4173"];
describe("CORS Origins Parsing", () => {
it("should parse comma-separated origins", () => {
const originsEnv = "http://localhost:5173,http://localhost:4173";
const origins = originsEnv.split(",").map((o) => o.trim()).filter(Boolean);
expect(origins).toHaveLength(2);
expect(origins[0]).toBe("http://localhost:5173");
expect(origins[1]).toBe("http://localhost:4173");
});
const app = Fastify({ logger: false });
await app.register(cors, { origin: origins, credentials: true });
it("should handle single origin", () => {
const originsEnv = "https://myapp.example.com";
const origins = originsEnv.split(",").map((o) => o.trim()).filter(Boolean);
expect(origins).toHaveLength(1);
expect(origins[0]).toBe("https://myapp.example.com");
});
// Add a test route
app.get("/test", async () => ({ ok: true }));
it("should filter out empty strings", () => {
const originsEnv = "http://localhost:5173,,http://localhost:4173,";
const origins = originsEnv.split(",").map((o) => o.trim()).filter(Boolean);
expect(origins).toHaveLength(2);
});
await app.ready();
it("should trim whitespace", () => {
const originsEnv = " http://localhost:5173 , http://localhost:4173 ";
const origins = originsEnv.split(",").map((o) => o.trim()).filter(Boolean);
expect(origins).toEqual(["http://localhost:5173", "http://localhost:4173"]);
});
});
// Test CORS headers
const response = await app.inject({
method: "GET",
url: "/test",
headers: {
origin: "http://localhost:5173",
},
});
describe("Route Registration", () => {
it("should register multiple route plugins", async () => {
const app = Fastify({ logger: false });
// Mock route plugins
const healthRoutes = async (app: any) => {
app.get("/health", async () => ({ status: "ok" }));
};
const authRoutes = async (app: any) => {
app.post("/auth/login", async () => ({ token: "mock" }));
};
const medicationRoutes = async (app: any) => {
app.get("/medications", async () => []);
};
await app.register(healthRoutes);
await app.register(authRoutes);
await app.register(medicationRoutes);
await app.ready();
// Verify routes are registered
const routes = app.printRoutes();
expect(routes).toContain("health");
expect(routes).toContain("auth/login");
expect(routes).toContain("medications");
await app.close();
});
});
expect(response.headers["access-control-allow-origin"]).toBe("http://localhost:5173");
expect(response.headers["access-control-allow-credentials"]).toBe("true");
describe("Server Startup", () => {
it("should listen on specified port", async () => {
const app = Fastify({ logger: false });
app.get("/test", async () => ({ ok: true }));
// Use port 0 to get a random available port
const address = await app.listen({ port: 0, host: "127.0.0.1" });
expect(address).toContain("127.0.0.1");
await app.close();
});
await app.close();
});
it("should handle listen errors gracefully", async () => {
const app = Fastify({ logger: false });
// Try to listen on an invalid port
await expect(
app.listen({ port: -1, host: "127.0.0.1" })
).rejects.toThrow();
await app.close();
});
});
it("should register cookie plugin", async () => {
const app = Fastify({ logger: false });
await app.register(cookie, { secret: "test-cookie-secret" });
describe("Images Directory", () => {
it("should construct images directory path correctly", () => {
const resolve = (base: string, ...paths: string[]) => {
return [base, ...paths].join("/").replace(/\/+/g, "/");
};
const cwd = "/app";
const imagesDir = resolve(cwd, "data/images");
expect(imagesDir).toBe("/app/data/images");
});
});
// Add a test route that sets a cookie
app.get("/set-cookie", async (_request, reply) => {
reply.setCookie("test", "value", { path: "/" });
return { ok: true };
});
await app.ready();
const response = await app.inject({
method: "GET",
url: "/set-cookie",
});
expect(response.headers["set-cookie"]).toBeDefined();
await app.close();
});
});
describe("Config Decorator", () => {
it("should create config with auth settings", async () => {
const app = Fastify({ logger: false });
const accessTtlMinutes = 15;
const refreshTtlDays = 7;
const baseCookieOptions = {
httpOnly: true,
sameSite: "lax" as const,
secure: false, // test environment
path: "/",
maxAge: accessTtlMinutes * 60,
};
const refreshCookieOptions = {
...baseCookieOptions,
maxAge: refreshTtlDays * 24 * 60 * 60,
};
app.decorate("config", {
accessSecret: "test-jwt-secret",
refreshSecret: "test-refresh-secret",
accessTtl: accessTtlMinutes,
refreshTtl: refreshTtlDays,
cookieOptions: baseCookieOptions,
refreshCookieOptions,
});
expect((app as any).config.accessTtl).toBe(15);
expect((app as any).config.refreshTtl).toBe(7);
expect((app as any).config.cookieOptions.httpOnly).toBe(true);
expect((app as any).config.refreshCookieOptions.maxAge).toBe(7 * 24 * 60 * 60);
await app.close();
});
it("should calculate cookie maxAge correctly", () => {
const accessTtlMinutes = 30;
const refreshTtlDays = 14;
const accessMaxAge = accessTtlMinutes * 60;
const refreshMaxAge = refreshTtlDays * 24 * 60 * 60;
expect(accessMaxAge).toBe(1800); // 30 minutes in seconds
expect(refreshMaxAge).toBe(1209600); // 14 days in seconds
});
});
describe("CORS Origins Parsing", () => {
it("should parse comma-separated origins", () => {
const originsEnv = "http://localhost:5173,http://localhost:4173";
const origins = originsEnv
.split(",")
.map((o) => o.trim())
.filter(Boolean);
expect(origins).toHaveLength(2);
expect(origins[0]).toBe("http://localhost:5173");
expect(origins[1]).toBe("http://localhost:4173");
});
it("should handle single origin", () => {
const originsEnv = "https://myapp.example.com";
const origins = originsEnv
.split(",")
.map((o) => o.trim())
.filter(Boolean);
expect(origins).toHaveLength(1);
expect(origins[0]).toBe("https://myapp.example.com");
});
it("should filter out empty strings", () => {
const originsEnv = "http://localhost:5173,,http://localhost:4173,";
const origins = originsEnv
.split(",")
.map((o) => o.trim())
.filter(Boolean);
expect(origins).toHaveLength(2);
});
it("should trim whitespace", () => {
const originsEnv = " http://localhost:5173 , http://localhost:4173 ";
const origins = originsEnv
.split(",")
.map((o) => o.trim())
.filter(Boolean);
expect(origins).toEqual(["http://localhost:5173", "http://localhost:4173"]);
});
});
describe("Route Registration", () => {
it("should register multiple route plugins", async () => {
const app = Fastify({ logger: false });
// Mock route plugins
const healthRoutes = async (app: any) => {
app.get("/health", async () => ({ status: "ok" }));
};
const authRoutes = async (app: any) => {
app.post("/auth/login", async () => ({ token: "mock" }));
};
const medicationRoutes = async (app: any) => {
app.get("/medications", async () => []);
};
await app.register(healthRoutes);
await app.register(authRoutes);
await app.register(medicationRoutes);
await app.ready();
// Verify routes are registered
const routes = app.printRoutes();
expect(routes).toContain("health");
expect(routes).toContain("auth/login");
expect(routes).toContain("medications");
await app.close();
});
});
describe("Server Startup", () => {
it("should listen on specified port", async () => {
const app = Fastify({ logger: false });
app.get("/test", async () => ({ ok: true }));
// Use port 0 to get a random available port
const address = await app.listen({ port: 0, host: "127.0.0.1" });
expect(address).toContain("127.0.0.1");
await app.close();
});
it("should handle listen errors gracefully", async () => {
const app = Fastify({ logger: false });
// Try to listen on an invalid port
await expect(app.listen({ port: -1, host: "127.0.0.1" })).rejects.toThrow();
await app.close();
});
});
describe("Images Directory", () => {
it("should construct images directory path correctly", () => {
const resolve = (base: string, ...paths: string[]) => {
return [base, ...paths].join("/").replace(/\/+/g, "/");
};
const cwd = "/app";
const imagesDir = resolve(cwd, "data/images");
expect(imagesDir).toBe("/app/data/images");
});
});
});
describe("Cookie Options", () => {
describe("Production vs Development", () => {
it("should set secure=true in production", () => {
const isProduction = true;
const cookieOptions = {
httpOnly: true,
sameSite: "lax" as const,
secure: isProduction,
path: "/",
};
expect(cookieOptions.secure).toBe(true);
});
describe("Production vs Development", () => {
it("should set secure=true in production", () => {
const isProduction = true;
it("should set secure=false in development", () => {
const isProduction = false;
const cookieOptions = {
httpOnly: true,
sameSite: "lax" as const,
secure: isProduction,
path: "/",
};
expect(cookieOptions.secure).toBe(false);
});
});
const cookieOptions = {
httpOnly: true,
sameSite: "lax" as const,
secure: isProduction,
path: "/",
};
expect(cookieOptions.secure).toBe(true);
});
it("should set secure=false in development", () => {
const isProduction = false;
const cookieOptions = {
httpOnly: true,
sameSite: "lax" as const,
secure: isProduction,
path: "/",
};
expect(cookieOptions.secure).toBe(false);
});
});
});
describe("Rate Limiting", () => {
it("should configure rate limit settings", () => {
const rateLimitConfig = {
max: 100,
timeWindow: "1 minute",
};
expect(rateLimitConfig.max).toBe(100);
expect(rateLimitConfig.timeWindow).toBe("1 minute");
});
it("should configure rate limit settings", () => {
const rateLimitConfig = {
max: 300,
timeWindow: "1 minute",
};
expect(rateLimitConfig.max).toBe(300);
expect(rateLimitConfig.timeWindow).toBe("1 minute");
});
});
describe("JWT Configuration", () => {
it("should configure JWT with auth enabled", () => {
const authEnabled = true;
const jwtSecret = "my-super-secret-jwt-key";
const jwtConfig = {
secret: authEnabled && jwtSecret ? jwtSecret : "auth-disabled-no-secret-needed",
cookie: { cookieName: "access_token", signed: false },
};
expect(jwtConfig.secret).toBe(jwtSecret);
expect(jwtConfig.cookie.cookieName).toBe("access_token");
expect(jwtConfig.cookie.signed).toBe(false);
});
it("should configure JWT with auth enabled", () => {
const authEnabled = true;
const jwtSecret = "my-super-secret-jwt-key";
it("should use dummy secret with auth disabled", () => {
const authEnabled = false;
const jwtSecret = undefined;
const jwtConfig = {
secret: authEnabled && jwtSecret ? jwtSecret : "auth-disabled-no-secret-needed",
cookie: { cookieName: "access_token", signed: false },
};
expect(jwtConfig.secret).toBe("auth-disabled-no-secret-needed");
});
const jwtConfig = {
secret: authEnabled && jwtSecret ? jwtSecret : "auth-disabled-no-secret-needed",
cookie: { cookieName: "access_token", signed: false },
};
expect(jwtConfig.secret).toBe(jwtSecret);
expect(jwtConfig.cookie.cookieName).toBe("access_token");
expect(jwtConfig.cookie.signed).toBe(false);
});
it("should use dummy secret with auth disabled", () => {
const authEnabled = false;
const jwtSecret = undefined;
const jwtConfig = {
secret: authEnabled && jwtSecret ? jwtSecret : "auth-disabled-no-secret-needed",
cookie: { cookieName: "access_token", signed: false },
};
expect(jwtConfig.secret).toBe("auth-disabled-no-secret-needed");
});
});
describe("Multipart Configuration", () => {
it("should set file size limit to 10MB", () => {
const fileSizeLimit = 10 * 1024 * 1024;
expect(fileSizeLimit).toBe(10485760);
});
it("should set file size limit to 10MB", () => {
const fileSizeLimit = 10 * 1024 * 1024;
expect(fileSizeLimit).toBe(10485760);
});
});
backend/src/test/services.test.ts
+542 -532
View File
File diff suppressed because it is too large Load Diff
backend/src/test/settings.test.ts
+552 -549
View File
File diff suppressed because it is too large Load Diff
backend/src/test/setup.ts
+153 -179
View File
@@ -2,17 +2,17 @@
* Test setup and utilities for MedAssist backend API tests.
* Uses in-memory SQLite for isolation between test files.
*/
import Fastify, { FastifyInstance } from "fastify";
import { dirname, resolve } from "node:path";
import { fileURLToPath } from "node:url";
import cookie from "@fastify/cookie";
import jwt from "@fastify/jwt";
import sensible from "@fastify/sensible";
import fastifyMultipart from "@fastify/multipart";
import { createClient, Client } from "@libsql/client";
import sensible from "@fastify/sensible";
import { type Client, createClient } from "@libsql/client";
import { drizzle } from "drizzle-orm/libsql";
import { migrate } from "drizzle-orm/libsql/migrator";
import { beforeAll, afterAll, beforeEach } from "vitest";
import { resolve, dirname } from "path";
import { fileURLToPath } from "url";
import Fastify, { type FastifyInstance } from "fastify";
// Get migrations folder path
const __filename = fileURLToPath(import.meta.url);
@@ -26,9 +26,9 @@ export type TestDb = ReturnType<typeof drizzle>;
// Test App Builder
// =============================================================================
export interface TestContext {
app: FastifyInstance;
db: TestDb;
client: Client;
app: FastifyInstance;
db: TestDb;
client: Client;
}
/**
@@ -36,43 +36,43 @@ export interface TestContext {
* Each test file gets its own isolated database.
*/
export async function buildTestApp(): Promise<TestContext> {
// Create in-memory SQLite database
const client = createClient({ url: ":memory:" });
const db = drizzle(client);
// Create in-memory SQLite database
const client = createClient({ url: ":memory:" });
const db = drizzle(client);
// Run schema creation
await runTestMigrations(client);
// Run schema creation
await runTestMigrations(client);
// Create Fastify app with minimal plugins
const app = Fastify({ logger: false });
// Create Fastify app with minimal plugins
const app = Fastify({ logger: false });
await app.register(sensible);
await app.register(cookie, { secret: "test-cookie-secret" });
await app.register(jwt, {
secret: "test-jwt-secret",
cookie: { cookieName: "access_token", signed: false },
});
await app.register(fastifyMultipart, { limits: { fileSize: 10 * 1024 * 1024 } });
await app.register(sensible);
await app.register(cookie, { secret: "test-cookie-secret" });
await app.register(jwt, {
secret: "test-jwt-secret",
cookie: { cookieName: "access_token", signed: false },
});
await app.register(fastifyMultipart, { limits: { fileSize: 10 * 1024 * 1024 } });
// Decorate config (matches index.ts structure)
app.decorate("config", {
accessSecret: "test-jwt-secret",
refreshSecret: "test-refresh-secret",
accessTtl: 15,
refreshTtl: 7,
cookieOptions: { httpOnly: true, sameSite: "lax", secure: false, path: "/" },
refreshCookieOptions: { httpOnly: true, sameSite: "lax", secure: false, path: "/" },
});
// Decorate config (matches index.ts structure)
app.decorate("config", {
accessSecret: "test-jwt-secret",
refreshSecret: "test-refresh-secret",
accessTtl: 15,
refreshTtl: 7,
cookieOptions: { httpOnly: true, sameSite: "lax", secure: false, path: "/" },
refreshCookieOptions: { httpOnly: true, sameSite: "lax", secure: false, path: "/" },
});
return { app, db, client };
return { app, db, client };
}
/**
* Create test database schema using drizzle-kit migrations
*/
async function runTestMigrations(client: Client): Promise<void> {
const db = drizzle(client);
await migrate(db, { migrationsFolder });
const db = drizzle(client);
await migrate(db, { migrationsFolder });
}
// =============================================================================
@@ -80,193 +80,167 @@ async function runTestMigrations(client: Client): Promise<void> {
// =============================================================================
export interface CreateUserOptions {
username?: string;
authProvider?: string;
username?: string;
authProvider?: string;
}
/**
* Create a test user and return the ID
*/
export async function createTestUser(
client: Client,
options: CreateUserOptions = {}
): Promise<number> {
const { username = `user_${Date.now()}`, authProvider = "local" } = options;
export async function createTestUser(client: Client, options: CreateUserOptions = {}): Promise<number> {
const { username = `user_${Date.now()}`, authProvider = "local" } = options;
const result = await client.execute({
sql: `INSERT INTO users (username, auth_provider) VALUES (?, ?) RETURNING id`,
args: [username, authProvider],
});
const result = await client.execute({
sql: `INSERT INTO users (username, auth_provider) VALUES (?, ?) RETURNING id`,
args: [username, authProvider],
});
return result.rows[0].id as number;
return result.rows[0].id as number;
}
export interface CreateMedicationOptions {
userId: number;
name?: string;
genericName?: string;
takenBy?: string[];
packCount?: number;
blistersPerPack?: number;
pillsPerBlister?: number;
looseTablets?: number;
pillWeightMg?: number;
expiryDate?: string | null;
notes?: string | null;
intakeRemindersEnabled?: boolean;
/** Array of { usage, every, start } for each blister schedule */
blisters?: Array<{ usage: number; every: number; start: string }>;
userId: number;
name?: string;
genericName?: string;
takenBy?: string[];
packCount?: number;
blistersPerPack?: number;
pillsPerBlister?: number;
looseTablets?: number;
pillWeightMg?: number;
expiryDate?: string | null;
notes?: string | null;
intakeRemindersEnabled?: boolean;
/** Array of { usage, every, start } for each blister schedule */
blisters?: Array<{ usage: number; every: number; start: string }>;
}
/**
* Create a test medication and return the ID
*/
export async function createTestMedication(
client: Client,
options: CreateMedicationOptions
): Promise<number> {
const {
userId,
name = "Test Medication",
genericName = null,
takenBy = [],
packCount = 1,
blistersPerPack = 1,
pillsPerBlister = 10,
looseTablets = 0,
pillWeightMg = null,
expiryDate = null,
notes = null,
intakeRemindersEnabled = false,
blisters = [{ usage: 1, every: 1, start: new Date().toISOString() }],
} = options;
export async function createTestMedication(client: Client, options: CreateMedicationOptions): Promise<number> {
const {
userId,
name = "Test Medication",
genericName = null,
takenBy = [],
packCount = 1,
blistersPerPack = 1,
pillsPerBlister = 10,
looseTablets = 0,
pillWeightMg = null,
expiryDate = null,
notes = null,
intakeRemindersEnabled = false,
blisters = [{ usage: 1, every: 1, start: new Date().toISOString() }],
} = options;
// Extract arrays from blisters
const usageJson = JSON.stringify(blisters.map((b) => b.usage));
const everyJson = JSON.stringify(blisters.map((b) => b.every));
const startJson = JSON.stringify(blisters.map((b) => b.start));
const takenByJson = JSON.stringify(takenBy);
// Extract arrays from blisters
const usageJson = JSON.stringify(blisters.map((b) => b.usage));
const everyJson = JSON.stringify(blisters.map((b) => b.every));
const startJson = JSON.stringify(blisters.map((b) => b.start));
const takenByJson = JSON.stringify(takenBy);
const result = await client.execute({
sql: `INSERT INTO medications (
const result = await client.execute({
sql: `INSERT INTO medications (
user_id, name, generic_name, taken_by_json,
pack_count, blisters_per_pack, pills_per_blister, loose_tablets,
pill_weight_mg, usage_json, every_json, start_json, expiry_date, notes, intake_reminders_enabled
) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?) RETURNING id`,
args: [
userId,
name,
genericName,
takenByJson,
packCount,
blistersPerPack,
pillsPerBlister,
looseTablets,
pillWeightMg,
usageJson,
everyJson,
startJson,
expiryDate,
notes,
intakeRemindersEnabled ? 1 : 0,
],
});
args: [
userId,
name,
genericName,
takenByJson,
packCount,
blistersPerPack,
pillsPerBlister,
looseTablets,
pillWeightMg,
usageJson,
everyJson,
startJson,
expiryDate,
notes,
intakeRemindersEnabled ? 1 : 0,
],
});
return result.rows[0].id as number;
return result.rows[0].id as number;
}
export interface CreateShareTokenOptions {
userId: number;
takenBy: string;
token?: string;
scheduleDays?: number;
expiresAt?: number | null;
userId: number;
takenBy: string;
token?: string;
scheduleDays?: number;
expiresAt?: number | null;
}
/**
* Create a test share token and return the token string
*/
export async function createTestShareToken(
client: Client,
options: CreateShareTokenOptions
): Promise<string> {
const {
userId,
takenBy,
token = `test_token_${Date.now()}`,
scheduleDays = 30,
expiresAt = null,
} = options;
export async function createTestShareToken(client: Client, options: CreateShareTokenOptions): Promise<string> {
const { userId, takenBy, token = `test_token_${Date.now()}`, scheduleDays = 30, expiresAt = null } = options;
await client.execute({
sql: `INSERT INTO share_tokens (user_id, token, taken_by, schedule_days, expires_at)
await client.execute({
sql: `INSERT INTO share_tokens (user_id, token, taken_by, schedule_days, expires_at)
VALUES (?, ?, ?, ?, ?)`,
args: [userId, token, takenBy, scheduleDays, expiresAt],
});
args: [userId, token, takenBy, scheduleDays, expiresAt],
});
return token;
return token;
}
export interface CreateDoseTrackingOptions {
userId: number;
doseId: string;
markedBy?: string | null;
takenAt?: number;
userId: number;
doseId: string;
markedBy?: string | null;
takenAt?: number;
}
/**
* Create a dose tracking record
*/
export async function createTestDoseTracking(
client: Client,
options: CreateDoseTrackingOptions
): Promise<void> {
const {
userId,
doseId,
markedBy = null,
takenAt = Math.floor(Date.now() / 1000),
} = options;
export async function createTestDoseTracking(client: Client, options: CreateDoseTrackingOptions): Promise<void> {
const { userId, doseId, markedBy = null, takenAt = Math.floor(Date.now() / 1000) } = options;
await client.execute({
sql: `INSERT INTO dose_tracking (user_id, dose_id, marked_by, taken_at)
await client.execute({
sql: `INSERT INTO dose_tracking (user_id, dose_id, marked_by, taken_at)
VALUES (?, ?, ?, ?)`,
args: [userId, doseId, markedBy, takenAt],
});
args: [userId, doseId, markedBy, takenAt],
});
}
export interface UpdateUserSettingsOptions {
userId: number;
stockCalculationMode?: "automatic" | "manual";
lowStockDays?: number;
userId: number;
stockCalculationMode?: "automatic" | "manual";
lowStockDays?: number;
}
/**
* Create or update user settings
*/
export async function setUserSettings(
client: Client,
options: UpdateUserSettingsOptions
): Promise<void> {
const { userId, stockCalculationMode = "automatic", lowStockDays = 30 } = options;
export async function setUserSettings(client: Client, options: UpdateUserSettingsOptions): Promise<void> {
const { userId, stockCalculationMode = "automatic", lowStockDays = 30 } = options;
// Check if settings exist
const existing = await client.execute({
sql: `SELECT id FROM user_settings WHERE user_id = ?`,
args: [userId],
});
// Check if settings exist
const existing = await client.execute({
sql: `SELECT id FROM user_settings WHERE user_id = ?`,
args: [userId],
});
if (existing.rows.length > 0) {
await client.execute({
sql: `UPDATE user_settings SET stock_calculation_mode = ?, low_stock_days = ? WHERE user_id = ?`,
args: [stockCalculationMode, lowStockDays, userId],
});
} else {
await client.execute({
sql: `INSERT INTO user_settings (user_id, stock_calculation_mode, low_stock_days) VALUES (?, ?, ?)`,
args: [userId, stockCalculationMode, lowStockDays],
});
}
if (existing.rows.length > 0) {
await client.execute({
sql: `UPDATE user_settings SET stock_calculation_mode = ?, low_stock_days = ? WHERE user_id = ?`,
args: [stockCalculationMode, lowStockDays, userId],
});
} else {
await client.execute({
sql: `INSERT INTO user_settings (user_id, stock_calculation_mode, low_stock_days) VALUES (?, ?, ?)`,
args: [userId, stockCalculationMode, lowStockDays],
});
}
}
// =============================================================================
@@ -277,22 +251,22 @@ export async function setUserSettings(
* Close test app and database connections
*/
export async function closeTestApp(ctx: TestContext): Promise<void> {
await ctx.app.close();
ctx.client.close();
await ctx.app.close();
ctx.client.close();
}
/**
* Clear all data from test database (between tests)
*/
export async function clearTestData(client: Client): Promise<void> {
// Order matters due to foreign keys
await client.execute("DELETE FROM refill_history");
await client.execute("DELETE FROM dose_tracking");
await client.execute("DELETE FROM share_tokens");
await client.execute("DELETE FROM refresh_tokens");
await client.execute("DELETE FROM user_settings");
await client.execute("DELETE FROM medications");
await client.execute("DELETE FROM users");
// Order matters due to foreign keys
await client.execute("DELETE FROM refill_history");
await client.execute("DELETE FROM dose_tracking");
await client.execute("DELETE FROM share_tokens");
await client.execute("DELETE FROM refresh_tokens");
await client.execute("DELETE FROM user_settings");
await client.execute("DELETE FROM medications");
await client.execute("DELETE FROM users");
}
// =============================================================================
backend/src/test/share.test.ts
+513 -521
View File
File diff suppressed because it is too large Load Diff
backend/src/test/stock-calculation.test.ts
+521 -534
View File
File diff suppressed because it is too large Load Diff
backend/src/test/translations.test.ts
+115 -115
View File
@@ -1,136 +1,136 @@
/**
* Tests for translations module
*/
import { describe, it, expect } from "vitest";
import { getTranslations, t, getDateLocale, type Language } from "../i18n/translations.js";
import { describe, expect, it } from "vitest";
import { getDateLocale, getTranslations, type Language, t } from "../i18n/translations.js";
describe("Translations Module", () => {
describe("getTranslations", () => {
it("should return English translations for 'en'", () => {
const translations = getTranslations("en");
expect(translations.stockReminder.title).toContain("MedAssist-ng");
expect(translations.common.pills).toBe("pills");
});
describe("getTranslations", () => {
it("should return English translations for 'en'", () => {
const translations = getTranslations("en");
expect(translations.stockReminder.title).toContain("MedAssist-ng");
expect(translations.common.pills).toBe("pills");
});
it("should return German translations for 'de'", () => {
const translations = getTranslations("de");
expect(translations.stockReminder.title).toContain("MedAssist-ng");
expect(translations.common.pills).toBe("Tabletten");
});
it("should return German translations for 'de'", () => {
const translations = getTranslations("de");
expect(translations.stockReminder.title).toContain("MedAssist-ng");
expect(translations.common.pills).toBe("Tabletten");
});
it("should fallback to English for unknown language", () => {
const translations = getTranslations("fr" as Language);
expect(translations.common.pills).toBe("pills");
});
it("should fallback to English for unknown language", () => {
const translations = getTranslations("fr" as Language);
expect(translations.common.pills).toBe("pills");
});
it("should have all required keys in English", () => {
const translations = getTranslations("en");
// Stock reminder keys
expect(translations.stockReminder.subject).toBeDefined();
expect(translations.stockReminder.title).toBeDefined();
expect(translations.stockReminder.description).toBeDefined();
expect(translations.stockReminder.tableHeaders.medication).toBeDefined();
// Intake reminder keys
expect(translations.intakeReminder.subject).toBeDefined();
expect(translations.intakeReminder.title).toBeDefined();
expect(translations.intakeReminder.pills).toBeDefined();
expect(translations.intakeReminder.takenBy).toBeDefined();
// Push notification keys
expect(translations.push.stockTitle).toBeDefined();
expect(translations.push.intakeTitle).toBeDefined();
expect(translations.push.pillsLeft).toBeDefined();
expect(translations.push.emptySection).toBeDefined();
expect(translations.push.lowSection).toBeDefined();
});
it("should have all required keys in English", () => {
const translations = getTranslations("en");
it("should have all required keys in German", () => {
const translations = getTranslations("de");
// Stock reminder keys
expect(translations.stockReminder.subject).toBeDefined();
expect(translations.stockReminder.title).toBeDefined();
expect(translations.stockReminder.description).toBeDefined();
expect(translations.stockReminder.tableHeaders.medication).toBe("Medikament");
// Intake reminder keys
expect(translations.intakeReminder.subject).toBeDefined();
expect(translations.intakeReminder.pills).toBe("Tabletten");
expect(translations.intakeReminder.takenBy).toBe("für {name}");
});
});
// Stock reminder keys
expect(translations.stockReminder.subject).toBeDefined();
expect(translations.stockReminder.title).toBeDefined();
expect(translations.stockReminder.description).toBeDefined();
expect(translations.stockReminder.tableHeaders.medication).toBeDefined();
describe("t (template function)", () => {
it("should replace single placeholder", () => {
const result = t("Hello {name}!", { name: "World" });
expect(result).toBe("Hello World!");
});
// Intake reminder keys
expect(translations.intakeReminder.subject).toBeDefined();
expect(translations.intakeReminder.title).toBeDefined();
expect(translations.intakeReminder.pills).toBeDefined();
expect(translations.intakeReminder.takenBy).toBeDefined();
it("should replace multiple placeholders", () => {
const result = t("{count} {type} running low", { count: 3, type: "medications" });
expect(result).toBe("3 medications running low");
});
// Push notification keys
expect(translations.push.stockTitle).toBeDefined();
expect(translations.push.intakeTitle).toBeDefined();
expect(translations.push.pillsLeft).toBeDefined();
expect(translations.push.emptySection).toBeDefined();
expect(translations.push.lowSection).toBeDefined();
});
it("should replace same placeholder multiple times", () => {
const result = t("{name} and {name} again", { name: "test" });
expect(result).toBe("test and test again");
});
it("should have all required keys in German", () => {
const translations = getTranslations("de");
it("should leave unmatched placeholders", () => {
const result = t("Hello {name}!", {});
expect(result).toBe("Hello {name}!");
});
// Stock reminder keys
expect(translations.stockReminder.subject).toBeDefined();
expect(translations.stockReminder.title).toBeDefined();
expect(translations.stockReminder.description).toBeDefined();
expect(translations.stockReminder.tableHeaders.medication).toBe("Medikament");
it("should handle numeric values", () => {
const result = t("{count} pills left", { count: 42 });
expect(result).toBe("42 pills left");
});
// Intake reminder keys
expect(translations.intakeReminder.subject).toBeDefined();
expect(translations.intakeReminder.pills).toBe("Tabletten");
expect(translations.intakeReminder.takenBy).toBe("für {name}");
});
});
it("should handle empty params object", () => {
const result = t("No placeholders here", {});
expect(result).toBe("No placeholders here");
});
describe("t (template function)", () => {
it("should replace single placeholder", () => {
const result = t("Hello {name}!", { name: "World" });
expect(result).toBe("Hello World!");
});
it("should work with real translation strings", () => {
const translations = getTranslations("en");
// Stock reminder subject
const subject = t(translations.stockReminder.subject, { count: 3, s: "s" });
expect(subject).toBe("MedAssist-ng Auto-Reminder: 3 Medications Running Low");
// Intake reminder description
const description = t(translations.intakeReminder.description, { minutes: 30 });
expect(description).toBe("Time to take your medication in 30 minutes:");
// Push notification
const push = t(translations.push.pillsAt, { count: 2, time: "08:00" });
expect(push).toBe("2 pills at 08:00");
});
it("should replace multiple placeholders", () => {
const result = t("{count} {type} running low", { count: 3, type: "medications" });
expect(result).toBe("3 medications running low");
});
it("should work with German translations", () => {
const translations = getTranslations("de");
const subject = t(translations.stockReminder.subject, { count: 2, e: "e" });
expect(subject).toBe("MedAssist-ng Auto-Erinnerung: 2 Medikamente wird knapp");
const takenBy = t(translations.intakeReminder.takenBy, { name: "Daniel" });
expect(takenBy).toBe("für Daniel");
});
});
it("should replace same placeholder multiple times", () => {
const result = t("{name} and {name} again", { name: "test" });
expect(result).toBe("test and test again");
});
describe("getDateLocale", () => {
it("should return 'en-US' for English", () => {
expect(getDateLocale("en")).toBe("en-US");
});
it("should leave unmatched placeholders", () => {
const result = t("Hello {name}!", {});
expect(result).toBe("Hello {name}!");
});
it("should return 'de-DE' for German", () => {
expect(getDateLocale("de")).toBe("de-DE");
});
it("should handle numeric values", () => {
const result = t("{count} pills left", { count: 42 });
expect(result).toBe("42 pills left");
});
it("should return 'en-US' for unknown language", () => {
expect(getDateLocale("fr" as Language)).toBe("en-US");
});
});
it("should handle empty params object", () => {
const result = t("No placeholders here", {});
expect(result).toBe("No placeholders here");
});
it("should work with real translation strings", () => {
const translations = getTranslations("en");
// Stock reminder subject
const subject = t(translations.stockReminder.subject, { count: 3, s: "s" });
expect(subject).toBe("MedAssist-ng Auto-Reminder: 3 Medications Running Low");
// Intake reminder description
const description = t(translations.intakeReminder.description, { minutes: 30 });
expect(description).toBe("Time to take your medication in 30 minutes:");
// Push notification
const push = t(translations.push.pillsAt, { count: 2, time: "08:00" });
expect(push).toBe("2 pills at 08:00");
});
it("should work with German translations", () => {
const translations = getTranslations("de");
const subject = t(translations.stockReminder.subject, { count: 2, e: "e" });
expect(subject).toBe("MedAssist-ng Auto-Erinnerung: 2 Medikamente wird knapp");
const takenBy = t(translations.intakeReminder.takenBy, { name: "Daniel" });
expect(takenBy).toBe("für Daniel");
});
});
describe("getDateLocale", () => {
it("should return 'en-US' for English", () => {
expect(getDateLocale("en")).toBe("en-US");
});
it("should return 'de-DE' for German", () => {
expect(getDateLocale("de")).toBe("de-DE");
});
it("should return 'en-US' for unknown language", () => {
expect(getDateLocale("fr" as Language)).toBe("en-US");
});
});
});
backend/src/types/fastify.d.ts
Vendored
+22 -22
View File
@@ -3,32 +3,32 @@ import "@fastify/jwt";
// User type for authenticated requests
export interface AuthUser {
id: number;
username: string;
role: string;
id: number;
username: string;
role: string;
}
declare module "fastify" {
interface FastifyInstance {
config: {
accessSecret: string;
refreshSecret: string;
accessTtl: number;
refreshTtl: number;
cookieOptions: import("@fastify/cookie").CookieSerializeOptions;
refreshCookieOptions: import("@fastify/cookie").CookieSerializeOptions;
};
}
interface FastifyRequest {
user?: AuthUser | null;
}
interface FastifyInstance {
config: {
accessSecret: string;
refreshSecret: string;
accessTtl: number;
refreshTtl: number;
cookieOptions: import("@fastify/cookie").CookieSerializeOptions;
refreshCookieOptions: import("@fastify/cookie").CookieSerializeOptions;
};
}
interface FastifyRequest {
user?: AuthUser | null;
}
}
declare module "@fastify/jwt" {
interface FastifyJWT {
// Allow flexible payload for access and refresh tokens
payload: Record<string, unknown>;
user: Record<string, unknown>;
}
interface FastifyJWT {
// Allow flexible payload for access and refresh tokens
payload: Record<string, unknown>;
user: Record<string, unknown>;
}
}
backend/src/utils/scheduler-utils.ts
+350 -319
View File
@@ -13,138 +13,166 @@ export type Blister = { usage: number; every: number; start: string };
/** Get current timezone from TZ env variable or default to UTC */
export function getTimezone(): string {
return process.env.TZ || "UTC";
return process.env.TZ || "UTC";
}
/** Format a date in the configured timezone */
export function formatInTimezone(date: Date, tz?: string): string {
return date.toLocaleString("de-DE", {
timeZone: tz ?? getTimezone(),
day: "2-digit",
month: "2-digit",
year: "numeric",
hour: "2-digit",
minute: "2-digit"
});
return date.toLocaleString("de-DE", {
timeZone: tz ?? getTimezone(),
day: "2-digit",
month: "2-digit",
year: "numeric",
hour: "2-digit",
minute: "2-digit",
});
}
/** Get current hour in the configured timezone */
export function getCurrentHourInTimezone(tz?: string): number {
const now = new Date();
const timeStr = now.toLocaleString("en-US", {
timeZone: tz ?? getTimezone(),
hour: "numeric",
hour12: false
});
return parseInt(timeStr, 10);
const now = new Date();
const timeStr = now.toLocaleString("en-US", {
timeZone: tz ?? getTimezone(),
hour: "numeric",
hour12: false,
});
return parseInt(timeStr, 10);
}
/** Get today's date string in the configured timezone (YYYY-MM-DD) */
export function getTodayInTimezone(tz?: string): string {
const now = new Date();
const parts = now.toLocaleDateString("en-CA", { timeZone: tz ?? getTimezone() }).split("-");
return parts.join("-"); // YYYY-MM-DD format
const now = new Date();
const parts = now.toLocaleDateString("en-CA", { timeZone: tz ?? getTimezone() }).split("-");
return parts.join("-"); // YYYY-MM-DD format
}
/** Calculate the next scheduled time for a given reminder hour */
export function getNextScheduledTime(reminderHour: number, tz?: string): Date {
const now = new Date();
const timezone = tz ?? getTimezone();
// Get current time components in the target timezone
const formatter = new Intl.DateTimeFormat("en-US", {
timeZone: timezone,
year: "numeric",
month: "2-digit",
day: "2-digit",
hour: "2-digit",
minute: "2-digit",
hour12: false
});
const parts = formatter.formatToParts(now);
const getPart = (type: string) => parts.find(p => p.type === type)?.value || "0";
const currentHour = parseInt(getPart("hour"), 10);
const currentMinute = parseInt(getPart("minute"), 10);
// Calculate if we need tomorrow
const needTomorrow = currentHour > reminderHour || (currentHour === reminderHour && currentMinute > 0);
// Handle month overflow simply by adding a day to now if needed
let targetDate: Date;
if (needTomorrow) {
targetDate = new Date(now.getTime() + 24 * 60 * 60 * 1000);
} else {
targetDate = new Date(now);
}
// Get the target date's date string in the timezone
const targetFormatter = new Intl.DateTimeFormat("en-CA", {
timeZone: timezone,
year: "numeric",
month: "2-digit",
day: "2-digit"
});
const [targetYear, targetMonth, targetDay] = targetFormatter.format(targetDate).split("-").map(Number);
// Now we need to find the UTC time that corresponds to reminderHour:00 on targetDate in the target timezone
// Use a search approach: start with a guess and adjust
const guessUtc = new Date(Date.UTC(targetYear, targetMonth - 1, targetDay, reminderHour, 0, 0, 0));
// Check what hour this UTC time corresponds to in the target timezone
const checkFormatter = new Intl.DateTimeFormat("en-US", {
timeZone: timezone,
hour: "2-digit",
hour12: false
});
// Adjust based on the difference
const guessHour = parseInt(checkFormatter.format(guessUtc), 10);
const hourDiff = guessHour - reminderHour;
// Apply correction (if guessHour is higher, we need to subtract time)
const correctedUtc = new Date(guessUtc.getTime() - hourDiff * 60 * 60 * 1000);
return correctedUtc;
const now = new Date();
const timezone = tz ?? getTimezone();
// Get current time components in the target timezone
const formatter = new Intl.DateTimeFormat("en-US", {
timeZone: timezone,
year: "numeric",
month: "2-digit",
day: "2-digit",
hour: "2-digit",
minute: "2-digit",
hour12: false,
});
const parts = formatter.formatToParts(now);
const getPart = (type: string) => parts.find((p) => p.type === type)?.value || "0";
const currentHour = parseInt(getPart("hour"), 10);
const currentMinute = parseInt(getPart("minute"), 10);
// Calculate if we need tomorrow
const needTomorrow = currentHour > reminderHour || (currentHour === reminderHour && currentMinute > 0);
// Handle month overflow simply by adding a day to now if needed
let targetDate: Date;
if (needTomorrow) {
targetDate = new Date(now.getTime() + 24 * 60 * 60 * 1000);
} else {
targetDate = new Date(now);
}
// Get the target date's date string in the timezone
const targetFormatter = new Intl.DateTimeFormat("en-CA", {
timeZone: timezone,
year: "numeric",
month: "2-digit",
day: "2-digit",
});
const [targetYear, targetMonth, targetDay] = targetFormatter.format(targetDate).split("-").map(Number);
// Now we need to find the UTC time that corresponds to reminderHour:00 on targetDate in the target timezone
// Use a search approach: start with a guess and adjust
const guessUtc = new Date(Date.UTC(targetYear, targetMonth - 1, targetDay, reminderHour, 0, 0, 0));
// Check what hour this UTC time corresponds to in the target timezone
const checkFormatter = new Intl.DateTimeFormat("en-US", {
timeZone: timezone,
hour: "2-digit",
hour12: false,
});
// Adjust based on the difference
const guessHour = parseInt(checkFormatter.format(guessUtc), 10);
const hourDiff = guessHour - reminderHour;
// Apply correction (if guessHour is higher, we need to subtract time)
const correctedUtc = new Date(guessUtc.getTime() - hourDiff * 60 * 60 * 1000);
return correctedUtc;
}
/** Calculate milliseconds until next check at the given reminder hour */
export function getMsUntilNextCheck(reminderHour: number, tz?: string): number {
const next = getNextScheduledTime(reminderHour, tz);
return next.getTime() - Date.now();
const next = getNextScheduledTime(reminderHour, tz);
return next.getTime() - Date.now();
}
// =============================================================================
// Blister/medication parsing utilities
// =============================================================================
/**
* Parse an ISO datetime string to local timestamp.
* Extracts date/time components directly from the string to avoid
* timezone conversion issues with Z suffix.
*
* "2026-01-23T20:55:00" treated as local time 20:55
* "2026-01-23T20:55:00.000Z" also treated as local time 20:55 (Z ignored)
*/
export function parseLocalDateTime(isoString: string): Date {
// Extract components: YYYY-MM-DDTHH:MM:SS (ignore Z and milliseconds)
const match = isoString.match(/^(\d{4})-(\d{2})-(\d{2})T(\d{2}):(\d{2}):?(\d{2})?/);
if (!match) {
// Fallback to Date parsing if format doesn't match
return new Date(isoString);
}
const [, year, month, day, hour, minute, second] = match;
// Create date using local time interpretation (no UTC conversion)
return new Date(
parseInt(year, 10),
parseInt(month, 10) - 1, // Month is 0-indexed
parseInt(day, 10),
parseInt(hour, 10),
parseInt(minute, 10),
parseInt(second ?? "0", 10)
);
}
/** Parse blister schedules from JSON columns */
export function parseBlisters(row: { usageJson: string; everyJson: string; startJson: string }): Blister[] {
try {
const usage = JSON.parse(row.usageJson) as number[];
const every = JSON.parse(row.everyJson) as number[];
const start = JSON.parse(row.startJson) as string[];
const len = Math.min(usage.length, every.length, start.length);
const blisters: Blister[] = [];
for (let i = 0; i < len; i++) {
blisters.push({ usage: usage[i], every: every[i], start: start[i] });
}
return blisters;
} catch {
return [];
}
try {
const usage = JSON.parse(row.usageJson) as number[];
const every = JSON.parse(row.everyJson) as number[];
const start = JSON.parse(row.startJson) as string[];
const len = Math.min(usage.length, every.length, start.length);
const blisters: Blister[] = [];
for (let i = 0; i < len; i++) {
blisters.push({ usage: usage[i], every: every[i], start: start[i] });
}
return blisters;
} catch {
return [];
}
}
/** Parse takenByJson to array of strings */
export function parseTakenByJson(takenByJson: string | null | undefined): string[] {
if (!takenByJson) return [];
try {
const parsed = JSON.parse(takenByJson);
return Array.isArray(parsed) ? parsed.filter((s: unknown) => typeof s === "string" && s.trim()) : [];
} catch {
return [];
}
if (!takenByJson) return [];
try {
const parsed = JSON.parse(takenByJson);
return Array.isArray(parsed) ? parsed.filter((s: unknown) => typeof s === "string" && s.trim()) : [];
} catch {
return [];
}
}
// =============================================================================
@@ -153,26 +181,26 @@ export function parseTakenByJson(takenByJson: string | null | undefined): string
/** Calculate daily usage from blisters */
export function calculateDailyUsage(blisters: Blister[]): number {
return blisters.reduce((sum, s) => sum + s.usage / s.every, 0);
return blisters.reduce((sum, s) => sum + s.usage / s.every, 0);
}
/** Calculate depletion information for a medication */
export function calculateDepletionInfo(
med: { count: number; blisters: Blister[] },
language: Language
med: { count: number; blisters: Blister[] },
language: Language
): { daysLeft: number | null; depletionDate: string | null } {
const dailyUsage = calculateDailyUsage(med.blisters);
if (dailyUsage <= 0) return { daysLeft: null, depletionDate: null };
const daysLeft = Math.floor(med.count / dailyUsage);
const depletionMs = Date.now() + daysLeft * 86_400_000;
const depletionDate = new Date(depletionMs).toLocaleDateString(getDateLocale(language), {
weekday: "short",
day: "2-digit",
month: "short",
});
return { daysLeft, depletionDate };
const dailyUsage = calculateDailyUsage(med.blisters);
if (dailyUsage <= 0) return { daysLeft: null, depletionDate: null };
const daysLeft = Math.floor(med.count / dailyUsage);
const depletionMs = Date.now() + daysLeft * 86_400_000;
const depletionDate = new Date(depletionMs).toLocaleDateString(getDateLocale(language), {
weekday: "short",
day: "2-digit",
month: "short",
});
return { daysLeft, depletionDate };
}
// =============================================================================
@@ -180,152 +208,151 @@ export function calculateDepletionInfo(
// =============================================================================
export type UpcomingIntake = {
medName: string;
usage: number;
intakeTime: Date;
intakeTimeStr: string;
takenBy: string[];
pillWeightMg: number | null;
medName: string;
usage: number;
intakeTime: Date;
intakeTimeStr: string;
takenBy: string[];
pillWeightMg: number | null;
};
/**
/**
* Get all intakes for today (past and future) - used for repeat reminders.
* Returns all intakes scheduled for today in user's timezone.
*/
export function getTodaysIntakes(
medName: string,
blisters: Blister[],
takenBy: string[],
pillWeightMg: number | null,
locale: string,
tz?: string
medName: string,
blisters: Blister[],
takenBy: string[],
pillWeightMg: number | null,
locale: string,
tz?: string
): UpcomingIntake[] {
const timezone = tz ?? getTimezone();
const now = new Date();
// Get start and end of today in user's timezone
const todayStart = new Date(now.toLocaleString("en-US", { timeZone: timezone }));
todayStart.setHours(0, 0, 0, 0);
const todayEnd = new Date(now.toLocaleString("en-US", { timeZone: timezone }));
todayEnd.setHours(23, 59, 59, 999);
const intakes: UpcomingIntake[] = [];
for (const blister of blisters) {
const startTime = new Date(blister.start).getTime();
const intervalMs = blister.every * 24 * 60 * 60 * 1000;
if (intervalMs <= 0) continue;
// Find all occurrences that fall within today
let currentTime = startTime;
// If start is in the past, calculate the first occurrence on or after todayStart
if (currentTime < todayStart.getTime()) {
const elapsed = todayStart.getTime() - startTime;
const intervals = Math.floor(elapsed / intervalMs);
currentTime = startTime + intervals * intervalMs;
}
// Collect all intakes for today
while (currentTime <= todayEnd.getTime()) {
if (currentTime >= todayStart.getTime()) {
const intakeDate = new Date(currentTime);
intakes.push({
medName,
usage: blister.usage,
intakeTime: intakeDate,
intakeTimeStr: intakeDate.toLocaleTimeString(locale, {
hour: "2-digit",
minute: "2-digit",
timeZone: timezone
}),
takenBy,
pillWeightMg,
});
}
currentTime += intervalMs;
}
}
return intakes;
const timezone = tz ?? getTimezone();
const now = new Date();
// Get start and end of today in user's timezone
const todayStart = new Date(now.toLocaleString("en-US", { timeZone: timezone }));
todayStart.setHours(0, 0, 0, 0);
const todayEnd = new Date(now.toLocaleString("en-US", { timeZone: timezone }));
todayEnd.setHours(23, 59, 59, 999);
const intakes: UpcomingIntake[] = [];
for (const blister of blisters) {
const startTime = parseLocalDateTime(blister.start).getTime();
const intervalMs = blister.every * 24 * 60 * 60 * 1000;
if (intervalMs <= 0) continue;
// Find all occurrences that fall within today
let currentTime = startTime;
// If start is in the past, calculate the first occurrence on or after todayStart
if (currentTime < todayStart.getTime()) {
const elapsed = todayStart.getTime() - startTime;
const intervals = Math.floor(elapsed / intervalMs);
currentTime = startTime + intervals * intervalMs;
}
// Collect all intakes for today
while (currentTime <= todayEnd.getTime()) {
if (currentTime >= todayStart.getTime()) {
const intakeDate = new Date(currentTime);
intakes.push({
medName,
usage: blister.usage,
intakeTime: intakeDate,
intakeTimeStr: intakeDate.toLocaleTimeString(locale, {
hour: "2-digit",
minute: "2-digit",
timeZone: timezone,
}),
takenBy,
pillWeightMg,
});
}
currentTime += intervalMs;
}
}
return intakes;
}
/**
/**
* Get upcoming intakes that fall within the reminder window.
* Returns intakes that should be notified about right now.
*/
export function getUpcomingIntakes(
medName: string,
blisters: Blister[],
minutesBefore: number,
takenBy: string[],
pillWeightMg: number | null,
locale: string,
tz?: string,
nowOverride?: number
medName: string,
blisters: Blister[],
minutesBefore: number,
takenBy: string[],
pillWeightMg: number | null,
locale: string,
tz?: string,
nowOverride?: number
): UpcomingIntake[] {
const now = nowOverride ?? Date.now();
const timezone = tz ?? getTimezone();
// Window to detect if "now" is the right time to send reminder
// We check if the notify time (intake - minutesBefore) falls within current minute ±1
const windowStart = now - 2 * 60 * 1000; // 2 minutes ago (catch slightly late checks)
const windowEnd = now + 1 * 60 * 1000; // 1 minute from now
const upcoming: UpcomingIntake[] = [];
for (const blister of blisters) {
const startTime = new Date(blister.start).getTime();
const intervalMs = blister.every * 24 * 60 * 60 * 1000;
if (intervalMs <= 0) continue;
// Find the next scheduled intake time (could be today or in the future)
let nextTime = startTime;
// If start is in the past, calculate occurrences
if (nextTime < now) {
const elapsed = now - startTime;
const intervals = Math.floor(elapsed / intervalMs);
// Check the current occurrence (today's scheduled time, even if past)
const currentOccurrence = startTime + intervals * intervalMs;
// And the next occurrence
const nextOccurrence = startTime + (intervals + 1) * intervalMs;
// If today's occurrence is within the reminder window, use it
// (intake hasn't happened yet, we should remind)
const currentNotifyTime = currentOccurrence - minutesBefore * 60 * 1000;
if (currentNotifyTime >= windowStart && currentOccurrence > now) {
nextTime = currentOccurrence;
} else {
nextTime = nextOccurrence;
}
}
// Calculate when we should notify for this intake
const notifyTime = nextTime - minutesBefore * 60 * 1000;
if (notifyTime >= windowStart && notifyTime <= windowEnd) {
const intakeDate = new Date(nextTime);
upcoming.push({
medName,
usage: blister.usage,
intakeTime: intakeDate,
intakeTimeStr: intakeDate.toLocaleTimeString(locale, {
hour: "2-digit",
minute: "2-digit",
timeZone: timezone
}),
takenBy,
pillWeightMg,
});
}
}
return upcoming;
const now = nowOverride ?? Date.now();
const timezone = tz ?? getTimezone();
// Get the current minute (truncated to minute boundary for precise matching)
const currentMinuteStart = Math.floor(now / 60000) * 60000;
const currentMinuteEnd = currentMinuteStart + 60000;
const upcoming: UpcomingIntake[] = [];
for (const blister of blisters) {
const startTime = parseLocalDateTime(blister.start).getTime();
const intervalMs = blister.every * 24 * 60 * 60 * 1000;
if (intervalMs <= 0) continue;
// Find the next scheduled intake time (could be today or in the future)
let nextTime = startTime;
// If start is in the past, calculate occurrences
if (nextTime < now) {
const elapsed = now - startTime;
const intervals = Math.floor(elapsed / intervalMs);
// Check the current occurrence (today's scheduled time, even if past)
const currentOccurrence = startTime + intervals * intervalMs;
// And the next occurrence
const nextOccurrence = startTime + (intervals + 1) * intervalMs;
// If today's occurrence notification time falls in current minute and intake hasn't happened
const currentNotifyTime = currentOccurrence - minutesBefore * 60 * 1000;
if (currentNotifyTime >= currentMinuteStart && currentOccurrence > now) {
nextTime = currentOccurrence;
} else {
nextTime = nextOccurrence;
}
}
// Calculate when we should notify for this intake
const notifyTime = nextTime - minutesBefore * 60 * 1000;
// Check if notifyTime falls within the current minute (precise matching)
if (notifyTime >= currentMinuteStart && notifyTime < currentMinuteEnd) {
const intakeDate = new Date(nextTime);
upcoming.push({
medName,
usage: blister.usage,
intakeTime: intakeDate,
intakeTimeStr: intakeDate.toLocaleTimeString(locale, {
hour: "2-digit",
minute: "2-digit",
timeZone: timezone,
}),
takenBy,
pillWeightMg,
});
}
}
return upcoming;
}
// =============================================================================
@@ -333,102 +360,106 @@ export function getUpcomingIntakes(
// =============================================================================
export type ReminderState = {
lastAutoEmailSent: string | null;
lastAutoEmailDate: string | null;
notifiedMedications: string[];
nextScheduledCheck: string | null;
lastNotificationType: "stock" | "intake" | null;
lastNotificationChannel: "email" | "push" | "both" | null;
lastAutoEmailSent: string | null;
lastAutoEmailDate: string | null;
notifiedMedications: string[];
nextScheduledCheck: string | null;
lastNotificationType: "stock" | "intake" | null;
lastNotificationChannel: "email" | "push" | "both" | null;
};
export type IntakeReminderEntry = {
firstSentAt: number; // Timestamp when first reminder was sent
lastSentAt: number; // Timestamp when last reminder was sent
sendCount: number; // How many times reminder was sent
firstSentAt: number; // Timestamp when first reminder was sent
lastSentAt: number; // Timestamp when last reminder was sent
sendCount: number; // How many times NAGGING reminder was sent (not counting advance)
advanceSent?: boolean; // Whether the advance reminder (15 min before) was sent
};
export type IntakeReminderState = {
reminders: Record<string, IntakeReminderEntry>; // key -> entry
reminders: Record<string, IntakeReminderEntry>; // key -> entry
};
/** Create default reminder state */
export function createDefaultReminderState(): ReminderState {
return {
lastAutoEmailSent: null,
lastAutoEmailDate: null,
notifiedMedications: [],
nextScheduledCheck: null,
lastNotificationType: null,
lastNotificationChannel: null,
};
return {
lastAutoEmailSent: null,
lastAutoEmailDate: null,
notifiedMedications: [],
nextScheduledCheck: null,
lastNotificationType: null,
lastNotificationChannel: null,
};
}
/** Create default intake reminder state */
export function createDefaultIntakeReminderState(): IntakeReminderState {
return { reminders: {} };
return { reminders: {} };
}
/** Parse reminder state from JSON string */
export function parseReminderState(json: string): ReminderState {
try {
const saved = JSON.parse(json);
return {
lastAutoEmailSent: saved.lastAutoEmailSent ?? null,
lastAutoEmailDate: saved.lastAutoEmailDate ?? null,
notifiedMedications: saved.notifiedMedications ?? [],
nextScheduledCheck: saved.nextScheduledCheck ?? null,
lastNotificationType: saved.lastNotificationType ?? null,
lastNotificationChannel: saved.lastNotificationChannel ?? null,
};
} catch {
return createDefaultReminderState();
}
try {
const saved = JSON.parse(json);
return {
lastAutoEmailSent: saved.lastAutoEmailSent ?? null,
lastAutoEmailDate: saved.lastAutoEmailDate ?? null,
notifiedMedications: saved.notifiedMedications ?? [],
nextScheduledCheck: saved.nextScheduledCheck ?? null,
lastNotificationType: saved.lastNotificationType ?? null,
lastNotificationChannel: saved.lastNotificationChannel ?? null,
};
} catch {
return createDefaultReminderState();
}
}
/** Parse intake reminder state from JSON string (backward compatible) */
export function parseIntakeReminderState(json: string): IntakeReminderState {
try {
const saved = JSON.parse(json);
// Backward compatibility: convert old array format to new map format
if (Array.isArray(saved.sentReminders)) {
const reminders: Record<string, IntakeReminderEntry> = {};
const now = Date.now();
for (const key of saved.sentReminders) {
reminders[key] = {
firstSentAt: now,
lastSentAt: now,
sendCount: 1,
};
}
return { reminders };
}
// New format
return {
reminders: saved.reminders ?? {},
};
} catch {
return createDefaultIntakeReminderState();
}
try {
const saved = JSON.parse(json);
// Backward compatibility: convert old array format to new map format
if (Array.isArray(saved.sentReminders)) {
const reminders: Record<string, IntakeReminderEntry> = {};
const now = Date.now();
for (const key of saved.sentReminders) {
reminders[key] = {
firstSentAt: now,
lastSentAt: now,
sendCount: 1,
};
}
return { reminders };
}
// New format
return {
reminders: saved.reminders ?? {},
};
} catch {
return createDefaultIntakeReminderState();
}
}
/** Clean up old intake reminder entries (older than given milliseconds) */
/** Clean up old intake reminder entries (using timezone-aware day check) */
export function cleanOldIntakeReminders(reminders: Record<string, IntakeReminderEntry>, tz: string): Record<string, IntakeReminderEntry> {
// Get start of today in user's timezone
const now = new Date();
const todayStart = new Date(now.toLocaleString("en-US", { timeZone: tz }));
todayStart.setHours(0, 0, 0, 0);
const todayStartMs = todayStart.getTime();
// Keep only reminders from today onwards (based on dose timestamp in key)
const cleaned: Record<string, IntakeReminderEntry> = {};
for (const [key, entry] of Object.entries(reminders)) {
const timestamp = parseInt(key.split(":").pop() || "0", 10);
if (timestamp >= todayStartMs) {
cleaned[key] = entry;
}
}
return cleaned;
export function cleanOldIntakeReminders(
reminders: Record<string, IntakeReminderEntry>,
tz: string
): Record<string, IntakeReminderEntry> {
// Get start of today in user's timezone
const now = new Date();
const todayStart = new Date(now.toLocaleString("en-US", { timeZone: tz }));
todayStart.setHours(0, 0, 0, 0);
const todayStartMs = todayStart.getTime();
// Keep only reminders from today onwards (based on dose timestamp in key)
const cleaned: Record<string, IntakeReminderEntry> = {};
for (const [key, entry] of Object.entries(reminders)) {
const timestamp = parseInt(key.split(":").pop() || "0", 10);
if (timestamp >= todayStartMs) {
cleaned[key] = entry;
}
}
return cleaned;
}
backend/src/utils/server-config.ts
+60 -72
View File
@@ -3,123 +3,111 @@
* Exported separately to allow testing without triggering server start.
*/
import { existsSync, mkdirSync } from "fs";
import { resolve } from "path";
import { existsSync, mkdirSync } from "node:fs";
import { resolve } from "node:path";
import type { CookieSerializeOptions } from "@fastify/cookie";
/**
* Parse comma-separated CORS origins string
*/
export function parseCorsOrigins(originsStr: string): string[] {
return originsStr
.split(",")
.map((o) => o.trim())
.filter((o) => o.length > 0);
return originsStr
.split(",")
.map((o) => o.trim())
.filter((o) => o.length > 0);
}
/**
* Build base cookie options for access token
*/
export function buildBaseCookieOptions(
accessTtlMinutes: number,
isProduction: boolean
): CookieSerializeOptions {
return {
httpOnly: true,
secure: isProduction,
sameSite: "lax",
path: "/",
maxAge: accessTtlMinutes * 60, // Convert minutes to seconds
};
export function buildBaseCookieOptions(accessTtlMinutes: number, isProduction: boolean): CookieSerializeOptions {
return {
httpOnly: true,
secure: isProduction,
sameSite: "lax",
path: "/",
maxAge: accessTtlMinutes * 60, // Convert minutes to seconds
};
}
/**
* Build refresh cookie options (extends base with longer TTL)
*/
export function buildRefreshCookieOptions(
baseCookieOptions: CookieSerializeOptions,
refreshTtlDays: number
baseCookieOptions: CookieSerializeOptions,
refreshTtlDays: number
): CookieSerializeOptions {
return {
...baseCookieOptions,
maxAge: refreshTtlDays * 24 * 60 * 60, // Convert days to seconds
};
return {
...baseCookieOptions,
maxAge: refreshTtlDays * 24 * 60 * 60, // Convert days to seconds
};
}
/**
* Build complete app configuration object
*/
export interface AppConfigOptions {
jwtSecret?: string;
refreshSecret?: string;
accessTtlMinutes: number;
refreshTtlDays: number;
isProduction: boolean;
jwtSecret?: string;
refreshSecret?: string;
accessTtlMinutes: number;
refreshTtlDays: number;
isProduction: boolean;
}
export interface AppConfig {
accessSecret: string;
refreshSecret: string;
accessTtl: number;
refreshTtl: number;
cookieOptions: CookieSerializeOptions;
refreshCookieOptions: CookieSerializeOptions;
accessSecret: string;
refreshSecret: string;
accessTtl: number;
refreshTtl: number;
cookieOptions: CookieSerializeOptions;
refreshCookieOptions: CookieSerializeOptions;
}
export function buildAppConfig(options: AppConfigOptions): AppConfig {
const cookieOptions = buildBaseCookieOptions(
options.accessTtlMinutes,
options.isProduction
);
const refreshCookieOptions = buildRefreshCookieOptions(
cookieOptions,
options.refreshTtlDays
);
const cookieOptions = buildBaseCookieOptions(options.accessTtlMinutes, options.isProduction);
const refreshCookieOptions = buildRefreshCookieOptions(cookieOptions, options.refreshTtlDays);
return {
accessSecret: options.jwtSecret || "",
refreshSecret: options.refreshSecret || "",
accessTtl: options.accessTtlMinutes,
refreshTtl: options.refreshTtlDays,
cookieOptions,
refreshCookieOptions,
};
return {
accessSecret: options.jwtSecret || "",
refreshSecret: options.refreshSecret || "",
accessTtl: options.accessTtlMinutes,
refreshTtl: options.refreshTtlDays,
cookieOptions,
refreshCookieOptions,
};
}
/**
* Ensure images directory exists
*/
export function ensureImagesDirectory(cwd?: string): string {
const basePath = cwd || process.cwd();
const imagesDir = resolve(basePath, "data/images");
if (!existsSync(imagesDir)) {
mkdirSync(imagesDir, { recursive: true });
}
return imagesDir;
const basePath = cwd || process.cwd();
const imagesDir = resolve(basePath, "data/images");
if (!existsSync(imagesDir)) {
mkdirSync(imagesDir, { recursive: true });
}
return imagesDir;
}
/**
* Get JWT configuration based on auth enabled status
*/
export interface JwtConfig {
secret: string;
cookie: {
cookieName: string;
signed: boolean;
};
secret: string;
cookie: {
cookieName: string;
signed: boolean;
};
}
export function getJwtConfig(authEnabled: boolean, jwtSecret?: string): JwtConfig {
const effectiveSecret =
authEnabled && jwtSecret
? jwtSecret
: "auth-disabled-no-secret-needed";
const effectiveSecret = authEnabled && jwtSecret ? jwtSecret : "auth-disabled-no-secret-needed";
return {
secret: effectiveSecret,
cookie: {
cookieName: "access_token",
signed: false,
},
};
return {
secret: effectiveSecret,
cookie: {
cookieName: "access_token",
signed: false,
},
};
}
biome.json
+54
View File
@@ -0,0 +1,54 @@
{
"$schema": "https://biomejs.dev/schemas/2.3.12/schema.json",
"assist": { "actions": { "source": { "organizeImports": "on" } } },
"files": {
"includes": ["backend/src/**/*.ts", "frontend/src/**/*.ts", "frontend/src/**/*.tsx", "frontend/src/**/*.css"]
},
"linter": {
"enabled": true,
"rules": {
"recommended": true,
"complexity": {
"noForEach": "off"
},
"suspicious": {
"noExplicitAny": "warn",
"useIterableCallbackReturn": "off",
"noImplicitAnyLet": "warn",
"noArrayIndexKey": "warn",
"noAssignInExpressions": "off"
},
"style": {
"noNonNullAssertion": "off",
"useConst": "error",
"noParameterAssign": "off"
},
"correctness": {
"noUnusedVariables": "warn",
"noUnusedImports": "warn",
"noUnusedFunctionParameters": "warn",
"useExhaustiveDependencies": "warn"
},
"a11y": {
"useKeyWithClickEvents": "warn",
"noSvgWithoutTitle": "off",
"noStaticElementInteractions": "off",
"useButtonType": "off",
"noLabelWithoutControl": "warn"
}
}
},
"formatter": {
"enabled": true,
"indentStyle": "tab",
"indentWidth": 2,
"lineWidth": 120
},
"javascript": {
"formatter": {
"quoteStyle": "double",
"semicolons": "always",
"trailingCommas": "es5"
}
}
}
docker-compose.dev.yml
+1 -1
View File
@@ -6,7 +6,7 @@ services:
volumes:
- ./backend:/app
- backend_node_modules:/app/node_modules
- ./backend/data:/app/data
- ./data:/app/data
env_file:
- .env
ports:
docs/screenshots/dashboard-desktop.png
BIN
View File
Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 2.4 MiB

docs/screenshots/dashboard-mobile.png
BIN
View File
Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 329 KiB

docs/screenshots/dashboard.png
BIN
View File
Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 1.8 MiB

docs/screenshots/medication-detail-modal.png
BIN
View File
Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.7 MiB

docs/screenshots/medications-edit-desktop.png
BIN
View File
Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 2.4 MiB

docs/screenshots/medications-mobile.png
BIN
View File
Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 421 KiB

docs/screenshots/planner-desktop.png
BIN
View File
Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 2.0 MiB

docs/screenshots/schedule-mobile.png
BIN
View File
Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 364 KiB

docs/screenshots/share-schedule-desktop.png
BIN
View File
Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 2.7 MiB

frontend/.dockerignore
+33
View File
@@ -0,0 +1,33 @@
# Dependencies
node_modules/
# Build outputs (rebuilt in Docker)
dist/
coverage/
# Development files
*.log
npm-debug.log*
# Test files
src/test/
*.test.ts
*.test.tsx
vitest.config.ts
# IDE
.vscode/
.idea/
# OS files
.DS_Store
Thumbs.db
# Git
.git/
.gitignore
# Docker
Dockerfile
.dockerignore
docker-compose*.yml
frontend/nginx.conf
+2 -2
View File
@@ -12,8 +12,8 @@ server {
add_header X-XSS-Protection "1; mode=block" always;
add_header Referrer-Policy "strict-origin-when-cross-origin" always;
# Allow larger file uploads (for medication images)
client_max_body_size 10M;
# Allow larger file uploads (for medication images and data import/export)
client_max_body_size 50M;
location / {
try_files $uri /index.html;
frontend/package-lock.json
Generated
+1543 -3
View File
File diff suppressed because it is too large Load Diff
frontend/package.json
+15 -3
View File
@@ -1,13 +1,18 @@
{
"name": "medassist-ng-frontend",
"private": true,
"version": "1.1.0",
"version": "1.5.0",
"type": "module",
"scripts": {
"dev": "vite",
"build": "vite build",
"preview": "vite preview",
"lint": "echo 'add lint config'"
"lint": "npx biome check .",
"lint:fix": "npx biome check --write .",
"format": "npx biome format --write .",
"check": "npx biome check . && tsc --noEmit",
"test": "vitest",
"test:coverage": "vitest run --coverage"
},
"dependencies": {
"i18next": "^24.2.2",
@@ -19,11 +24,18 @@
"zod": "^3.23.8"
},
"devDependencies": {
"@biomejs/biome": "^2.3.12",
"@testing-library/jest-dom": "^6.9.1",
"@testing-library/react": "^16.3.2",
"@testing-library/user-event": "^14.6.1",
"@types/react": "^18.3.4",
"@types/react-dom": "^18.3.0",
"@types/react-router-dom": "^5.3.3",
"@vitejs/plugin-react": "^4.3.2",
"@vitest/coverage-v8": "^4.0.17",
"jsdom": "^27.4.0",
"typescript": "^5.5.4",
"vite": "^7.3.0"
"vite": "^7.3.0",
"vitest": "^4.0.17"
}
}
frontend/src/App.tsx
+295 -4639
View File
File diff suppressed because it is too large Load Diff
frontend/src/components/AboutModal.tsx
+166
View File
@@ -0,0 +1,166 @@
import { useEffect, useState } from "react";
import { useTranslation } from "react-i18next";
import { FRONTEND_VERSION, GITHUB_URL } from "../App";
interface UpdateCheckResult {
status: "checking" | "up-to-date" | "update-available" | "error";
latestVersion?: string;
lastChecked?: string;
}
interface AboutModalProps {
isOpen: boolean;
onClose: () => void;
}
export default function AboutModal({ isOpen, onClose }: AboutModalProps) {
const { t } = useTranslation();
const [backendVersion, setBackendVersion] = useState<string | null>(null);
const [updateCheckResult, setUpdateCheckResult] = useState<UpdateCheckResult | null>(null);
// Fetch backend version and cached update result on mount
useEffect(() => {
if (!isOpen) return;
// Fetch backend version
fetch("/api/health")
.then((res) => res.json())
.then((data) => setBackendVersion(data.version || "unknown"))
.catch(() => setBackendVersion("unknown"));
// Load cached update check result
const cached = sessionStorage.getItem("updateCheckResult");
if (cached) {
try {
const parsed = JSON.parse(cached);
if (parsed && typeof parsed === "object") {
setUpdateCheckResult(parsed);
}
} catch {
// ignore
}
}
}, [isOpen]);
async function checkForUpdates() {
setUpdateCheckResult({ status: "checking" });
try {
const res = await fetch(`https://api.github.com/repos/DanielVolz/medassist-ng/releases/latest`);
if (!res.ok) throw new Error("Failed to fetch");
const data = await res.json();
const latestVersion = (data.tag_name || "").replace(/^v/, "");
const currentVersion = FRONTEND_VERSION.replace(/^v/, "");
const isUpToDate = latestVersion === currentVersion;
const result: UpdateCheckResult = {
status: isUpToDate ? "up-to-date" : "update-available",
latestVersion,
lastChecked: new Date().toISOString(),
};
setUpdateCheckResult(result);
// Cache the result
sessionStorage.setItem("updateCheckResult", JSON.stringify(result));
} catch {
setUpdateCheckResult({ status: "error" });
}
}
if (!isOpen) return null;
return (
<div className="modal-overlay" onClick={onClose}>
<div className="modal-content about-modal" onClick={(e) => e.stopPropagation()}>
<button className="modal-close" onClick={onClose}>
×
</button>
<div className="about-header">
<div className="about-logo">
<svg viewBox="0 0 24 24" fill="none" stroke="currentColor" strokeWidth="1.5">
<path d="M19.5 12c0 4.14-3.36 7.5-7.5 7.5S4.5 16.14 4.5 12 7.86 4.5 12 4.5s7.5 3.36 7.5 7.5z" />
<path d="M12 8v4l2.5 2.5" />
<path d="M9 2h6M12 2v2" />
</svg>
</div>
<h2>{t("about.appName", "MedAssist")}</h2>
<p className="about-tagline">{t("about.description", "Personal medication tracking and reminder app")}</p>
</div>
<div className="about-versions">
<div className="about-version-row">
<span className="about-version-label">{t("about.frontendVersion", "Frontend")}</span>
<span className="about-version-value">{FRONTEND_VERSION}</span>
</div>
<div className="about-version-row">
<span className="about-version-label">{t("about.backendVersion", "Backend")}</span>
<span className="about-version-value">{backendVersion || "..."}</span>
</div>
</div>
<div className="about-update-section">
<button
className="about-update-btn"
onClick={checkForUpdates}
disabled={updateCheckResult?.status === "checking"}
>
{updateCheckResult?.status === "checking" ? (
<>
<span className="spinner-small"></span>
{t("about.checking", "Checking...")}
</>
) : (
<>
<svg viewBox="0 0 24 24" fill="none" stroke="currentColor" strokeWidth="2">
<path d="M21 12a9 9 0 0 0-9-9 9.75 9.75 0 0 0-6.74 2.74L3 8" />
<path d="M3 3v5h5" />
<path d="M3 12a9 9 0 0 0 9 9 9.75 9.75 0 0 0 6.74-2.74L21 16" />
<path d="M16 16h5v5" />
</svg>
{t("about.checkForUpdates", "Check for Updates")}
</>
)}
</button>
{updateCheckResult && updateCheckResult.status !== "checking" && (
<div className={`about-update-result ${updateCheckResult.status}`}>
{updateCheckResult.status === "up-to-date" && (
<span className="update-status-text"> {t("about.upToDate", "You are up to date!")}</span>
)}
{updateCheckResult.status === "update-available" && (
<span className="update-status-text">
{t("about.updateAvailable", "Update available")}:{" "}
<strong>v{updateCheckResult.latestVersion}</strong>
<a
href={`${GITHUB_URL}/releases/latest`}
target="_blank"
rel="noopener noreferrer"
className="update-download-link"
>
{t("about.downloadUpdate", "Download")}
</a>
</span>
)}
{updateCheckResult.status === "error" && (
<span className="update-status-text"> {t("about.checkFailed", "Could not check for updates")}</span>
)}
{updateCheckResult.lastChecked && (
<span className="update-last-checked">
{t("about.lastChecked", "Last checked")}: {new Date(updateCheckResult.lastChecked).toLocaleString()}
</span>
)}
</div>
)}
</div>
<div className="about-links">
<a href={GITHUB_URL} target="_blank" rel="noopener noreferrer" className="about-link">
<svg viewBox="0 0 24 24" fill="currentColor">
<path d="M12 0c-6.626 0-12 5.373-12 12 0 5.302 3.438 9.8 8.207 11.387.599.111.793-.261.793-.577v-2.234c-3.338.726-4.033-1.416-4.033-1.416-.546-1.387-1.333-1.756-1.333-1.756-1.089-.745.083-.729.083-.729 1.205.084 1.839 1.237 1.839 1.237 1.07 1.834 2.807 1.304 3.492.997.107-.775.418-1.305.762-1.604-2.665-.305-5.467-1.334-5.467-5.931 0-1.311.469-2.381 1.236-3.221-.124-.303-.535-1.524.117-3.176 0 0 1.008-.322 3.301 1.23.957-.266 1.983-.399 3.003-.404 1.02.005 2.047.138 3.006.404 2.291-1.552 3.297-1.23 3.297-1.23.653 1.653.242 2.874.118 3.176.77.84 1.235 1.911 1.235 3.221 0 4.609-2.807 5.624-5.479 5.921.43.372.823 1.102.823 2.222v3.293c0 .319.192.694.801.576 4.765-1.589 8.199-6.086 8.199-11.386 0-6.627-5.373-12-12-12z" />
</svg>
{t("about.viewOnGitHub", "View on GitHub")}
</a>
</div>
<div className="about-footer">
<p className="about-copyright">
{t("about.copyright", "© {{year}} Daniel Volz", { year: new Date().getFullYear() })}
</p>
<p className="about-license">{t("about.license", "GPL-3.0 License")}</p>
</div>
</div>
</div>
);
}
frontend/src/components/AppHeader.tsx
+184
View File
@@ -0,0 +1,184 @@
/**
* AppHeader - Main application header with navigation and user menu
*/
import { useEffect, useState } from "react";
import { useTranslation } from "react-i18next";
import { useLocation, useNavigate } from "react-router-dom";
import { useUnsavedChanges } from "../context";
import { useTheme } from "../hooks";
import { useAuth } from "./Auth";
interface AppHeaderProps {
onOpenProfile: () => void;
onOpenAbout: () => void;
}
export function AppHeader({ onOpenProfile, onOpenAbout }: AppHeaderProps) {
const { t } = useTranslation();
const navigate = useNavigate();
const location = useLocation();
const currentPath = location.pathname;
const { user, authState, logout } = useAuth();
const { theme, toggleTheme } = useTheme();
const { confirmNavigation } = useUnsavedChanges();
// Safe navigation that checks for unsaved changes first
const safeNavigate = async (path: string) => {
if (await confirmNavigation()) {
navigate(path);
}
};
// User dropdown state (for mobile click-based behavior)
const [userDropdownOpen, setUserDropdownOpen] = useState(false);
// Close user dropdown when clicking outside
useEffect(() => {
if (!userDropdownOpen) return;
const handleClickOutside = (e: MouseEvent) => {
const target = e.target as HTMLElement;
if (!target.closest(".user-menu")) {
setUserDropdownOpen(false);
}
};
document.addEventListener("click", handleClickOutside);
return () => document.removeEventListener("click", handleClickOutside);
}, [userDropdownOpen]);
// Page titles based on current route
const pageInfo = {
"/dashboard": { eyebrow: t("header.eyebrow.overview"), title: t("nav.dashboard") },
"/medications": { eyebrow: t("header.eyebrow.inventory"), title: t("nav.medications") },
"/planner": { eyebrow: t("header.eyebrow.planner"), title: t("nav.planner") },
"/settings": { eyebrow: t("header.eyebrow.settings"), title: t("nav.settings") },
"/schedule": { eyebrow: t("header.eyebrow.schedule"), title: t("dashboard.schedules.title") },
}[currentPath] || { eyebrow: t("header.eyebrow.overview"), title: t("nav.dashboard") };
return (
<header className="hero">
<div className="hero-title">
<img src="/favicon.svg" alt="MedAssist-ng" className="hero-logo" />
<div>
<p className="eyebrow">{pageInfo.eyebrow}</p>
<h1>{pageInfo.title}</h1>
</div>
</div>
<div className="header-actions">
<div className="tabs">
<button
className={currentPath === "/dashboard" || currentPath === "/" ? "pill primary" : "pill"}
onClick={() => safeNavigate("/dashboard")}
>
{t("nav.dashboard")}
</button>
<button
className={currentPath === "/medications" ? "pill primary" : "pill"}
onClick={() => safeNavigate("/medications")}
>
{t("nav.medications")}
</button>
<button
className={currentPath === "/planner" ? "pill primary" : "pill"}
onClick={() => safeNavigate("/planner")}
>
{t("nav.planner")}
</button>
</div>
{/* Settings button only shown when auth is disabled (no user dropdown available) */}
{!authState?.authEnabled && (
<button
className={`icon-btn ${currentPath === "/settings" ? "active" : ""}`}
onClick={() => safeNavigate("/settings")}
title={t("nav.settings")}
>
</button>
)}
<button
className="icon-btn"
onClick={toggleTheme}
title={theme === "dark" ? t("tooltips.lightMode") : t("tooltips.darkMode")}
>
{theme === "dark" ? "☀️" : "🌙"}
</button>
{authState?.authEnabled && user && (
<div className={`user-menu ${userDropdownOpen ? "open" : ""}`}>
<button className="user-menu-btn" onClick={() => setUserDropdownOpen(!userDropdownOpen)}>
{user.avatarUrl ? (
<img src={`/api/images/${user.avatarUrl}`} alt={user.username} className="user-avatar-img" />
) : (
<span className="user-avatar">{user.username.charAt(0).toUpperCase()}</span>
)}
</button>
<div className="user-dropdown">
<div className="dropdown-header">
{user.avatarUrl ? (
<img src={`/api/images/${user.avatarUrl}`} alt={user.username} className="dropdown-avatar-img" />
) : (
<div className="dropdown-avatar">{user.username.charAt(0).toUpperCase()}</div>
)}
<span className="dropdown-username">{user.username}</span>
</div>
<div className="dropdown-menu">
<button
className="dropdown-item"
onClick={() => {
onOpenProfile();
setUserDropdownOpen(false);
}}
>
<svg viewBox="0 0 24 24" fill="none" stroke="currentColor" strokeWidth="2">
<path d="M20 21v-2a4 4 0 0 0-4-4H8a4 4 0 0 0-4 4v2" />
<circle cx="12" cy="7" r="4" />
</svg>
{t("auth.profile", "Profile")}
</button>
<button
className="dropdown-item"
onClick={() => {
safeNavigate("/settings");
setUserDropdownOpen(false);
}}
>
<svg viewBox="0 0 24 24" fill="none" stroke="currentColor" strokeWidth="2">
<circle cx="12" cy="12" r="3" />
<path d="M19.4 15a1.65 1.65 0 0 0 .33 1.82l.06.06a2 2 0 0 1 0 2.83 2 2 0 0 1-2.83 0l-.06-.06a1.65 1.65 0 0 0-1.82-.33 1.65 1.65 0 0 0-1 1.51V21a2 2 0 0 1-2 2 2 2 0 0 1-2-2v-.09A1.65 1.65 0 0 0 9 19.4a1.65 1.65 0 0 0-1.82.33l-.06.06a2 2 0 0 1-2.83 0 2 2 0 0 1 0-2.83l.06-.06a1.65 1.65 0 0 0 .33-1.82 1.65 1.65 0 0 0-1.51-1H3a2 2 0 0 1-2-2 2 2 0 0 1 2-2h.09A1.65 1.65 0 0 0 4.6 9a1.65 1.65 0 0 0-.33-1.82l-.06-.06a2 2 0 0 1 0-2.83 2 2 0 0 1 2.83 0l.06.06a1.65 1.65 0 0 0 1.82.33H9a1.65 1.65 0 0 0 1-1.51V3a2 2 0 0 1 2-2 2 2 0 0 1 2 2v.09a1.65 1.65 0 0 0 1 1.51 1.65 1.65 0 0 0 1.82-.33l.06-.06a2 2 0 0 1 2.83 0 2 2 0 0 1 0 2.83l-.06.06a1.65 1.65 0 0 0-.33 1.82V9a1.65 1.65 0 0 0 1.51 1H21a2 2 0 0 1 2 2 2 2 0 0 1-2 2h-.09a1.65 1.65 0 0 0-1.51 1z" />
</svg>
{t("nav.settings", "Settings")}
</button>
<button
className="dropdown-item"
onClick={() => {
onOpenAbout();
setUserDropdownOpen(false);
}}
>
<svg viewBox="0 0 24 24" fill="none" stroke="currentColor" strokeWidth="2">
<circle cx="12" cy="12" r="10" />
<path d="M12 16v-4" />
<path d="M12 8h.01" />
</svg>
{t("about.title", "About")}
</button>
<button
className="dropdown-item danger"
onClick={() => {
logout();
setUserDropdownOpen(false);
}}
>
<svg viewBox="0 0 24 24" fill="none" stroke="currentColor" strokeWidth="2">
<path d="M9 21H5a2 2 0 0 1-2-2V5a2 2 0 0 1 2-2h4" />
<polyline points="16 17 21 12 16 7" />
<line x1="21" y1="12" x2="9" y2="12" />
</svg>
{t("auth.signOut", "Sign Out")}
</button>
</div>
</div>
</div>
)}
</div>
</header>
);
}
frontend/src/components/Auth.tsx
+635 -620
View File
File diff suppressed because it is too large Load Diff
frontend/src/components/ConfirmModal.tsx
+47
View File
@@ -0,0 +1,47 @@
// =============================================================================
// ConfirmModal Component - Simple confirmation dialog
// =============================================================================
import type { ReactNode } from "react";
export interface ConfirmModalProps {
title: string;
message: string | ReactNode;
confirmLabel: string;
cancelLabel: string;
onConfirm: () => void;
onCancel: () => void;
isLoading?: boolean;
confirmVariant?: "primary" | "danger" | "success";
}
export function ConfirmModal({
title,
message,
confirmLabel,
cancelLabel,
onConfirm,
onCancel,
isLoading = false,
confirmVariant = "primary",
}: ConfirmModalProps) {
return (
<div className="modal-overlay" onClick={onCancel}>
<div className="modal-content" onClick={(e) => e.stopPropagation()} style={{ maxWidth: "450px" }}>
<button className="modal-close" onClick={onCancel}>
×
</button>
<h2 style={{ marginBottom: "16px", paddingRight: "2rem" }}>{title}</h2>
<div style={{ marginBottom: "24px" }}>{typeof message === "string" ? <p>{message}</p> : message}</div>
<div className="modal-footer" style={{ padding: "1rem 0 0 0", borderTop: "none", justifyContent: "flex-end" }}>
<button type="button" className="ghost" onClick={onCancel} disabled={isLoading}>
{cancelLabel}
</button>
<button type="button" className={confirmVariant} onClick={onConfirm} disabled={isLoading}>
{confirmLabel}
</button>
</div>
</div>
</div>
);
}
frontend/src/components/ExportModal.tsx
+62
View File
@@ -0,0 +1,62 @@
import { useTranslation } from "react-i18next";
interface ExportModalProps {
isOpen: boolean;
onClose: () => void;
onExport: (includeImages: boolean) => void;
exporting: boolean;
}
export default function ExportModal({ isOpen, onClose, onExport, exporting }: ExportModalProps) {
const { t } = useTranslation();
if (!isOpen) return null;
return (
<div className="modal-overlay" onClick={onClose}>
<div className="modal-content" onClick={(e) => e.stopPropagation()} style={{ maxWidth: "450px" }}>
<button className="modal-close" onClick={onClose}>
×
</button>
<h2 style={{ marginBottom: "16px", paddingRight: "2rem" }}>{t("exportImport.exportOptions")}</h2>
<div style={{ display: "flex", flexDirection: "column", gap: "12px" }}>
<button
type="button"
className="action-card"
onClick={() => {
onClose();
onExport(true);
}}
disabled={exporting}
style={{ textAlign: "left", cursor: "pointer", border: "1px solid var(--border)", borderRadius: "8px" }}
>
<div className="action-card-content" style={{ flex: 1 }}>
<span className="action-card-title">{t("exportImport.exportWithImages")}</span>
<span className="action-card-desc">{t("exportImport.exportWithImagesDesc")}</span>
</div>
</button>
<button
type="button"
className="action-card"
onClick={() => {
onClose();
onExport(false);
}}
disabled={exporting}
style={{ textAlign: "left", cursor: "pointer", border: "1px solid var(--border)", borderRadius: "8px" }}
>
<div className="action-card-content" style={{ flex: 1 }}>
<span className="action-card-title">{t("exportImport.exportDataOnly")}</span>
<span className="action-card-desc">{t("exportImport.exportDataOnlyDesc")}</span>
</div>
</button>
</div>
<div className="modal-footer" style={{ padding: "1rem 0 0 0", borderTop: "none", justifyContent: "flex-end" }}>
<button type="button" className="ghost" onClick={onClose}>
{t("exportImport.cancelButton")}
</button>
</div>
</div>
</div>
);
}
frontend/src/components/Lightbox.tsx
+28
View File
@@ -0,0 +1,28 @@
// =============================================================================
// Lightbox Component - Full-screen image viewer
// =============================================================================
import type { MouseEvent } from "react";
export interface LightboxProps {
src: string;
alt: string;
onClose: () => void;
}
export function Lightbox({ src, alt, onClose }: LightboxProps) {
function handleOverlayClick(e: MouseEvent) {
if (e.target === e.currentTarget) {
onClose();
}
}
return (
<div className="lightbox-overlay" onClick={handleOverlayClick}>
<button className="lightbox-close" onClick={onClose}>
×
</button>
<img src={src} alt={alt} className="lightbox-image" onClick={(e) => e.stopPropagation()} />
</div>
);
}
frontend/src/components/MedDetailModal.tsx
+532
View File
@@ -0,0 +1,532 @@
/**
* MedDetailModal - Medication detail view with nested modals
* Displays medication information, stock, schedules, and provides refill/edit functionality
*
* Can work in two modes:
* 1. Context mode: Uses useAppContext() for all state (when no props provided)
* 2. Props mode: Accepts all required data as props (for gradual adoption)
*/
import { useTranslation } from "react-i18next";
import { Lightbox, MedicationAvatar } from "../components";
import type { Coverage, Medication, RefillEntry, StockThresholds } from "../types";
import { getMedTotal, getPackageSize } from "../types";
import { formatNumber, generateICS, getExpiryClass, getSystemLocale } from "../utils";
import { getStockStatus } from "../utils/schedule";
// =============================================================================
// Local Helper Functions
// =============================================================================
/**
* Calculate blister stock - divides current pills into full blisters and partial
*/
function getBlisterStock(
currentPills: number,
pillsPerBlister: number,
_originalLooseTablets: number,
_originalTotalPills: number
): { fullBlisters: number; openBlisterPills: number; loosePills: number } {
if (pillsPerBlister <= 0 || pillsPerBlister === 1) {
return { fullBlisters: 0, openBlisterPills: 0, loosePills: currentPills };
}
const fullBlisters = Math.floor(currentPills / pillsPerBlister);
const openBlisterPills = currentPills % pillsPerBlister;
return { fullBlisters, openBlisterPills, loosePills: 0 };
}
/**
* Format full blisters column
*/
function formatFullBlisters(fullBlisters: number, t: (key: string) => string): string {
if (fullBlisters === 0) return "—";
return `${fullBlisters} ${fullBlisters === 1 ? t("common.blister") : t("common.blisters")}`;
}
/**
* Format open blister column
*/
function formatOpenBlisterAndLoose(
openBlisterPills: number,
_loosePills: number,
pillsPerBlister: number,
t: (key: string) => string
): string {
if (openBlisterPills > 0) {
return `${openBlisterPills} ${t("common.of")} ${pillsPerBlister} ${t("common.pills")}`;
}
return "—";
}
// =============================================================================
// Props Interface
// =============================================================================
export interface MedDetailModalProps {
// Required
selectedMed: Medication | null;
coverage: { all: Coverage[] };
settings: StockThresholds;
// Modal state
showImageLightbox: boolean;
showRefillModal: boolean;
showEditStockModal: boolean;
// Modal actions
onClose: () => void;
onOpenImageLightbox: () => void;
onCloseImageLightbox: () => void;
onOpenRefillModal: () => void;
onCloseRefillModal: () => void;
onOpenEditStockModal: () => void;
onCloseEditStockModal: () => void;
// Refill state
refillPacks: number;
onRefillPacksChange: (value: number) => void;
refillLoose: number;
onRefillLooseChange: (value: number) => void;
refillSaving: boolean;
refillHistory: RefillEntry[];
refillHistoryExpanded: boolean;
onRefillHistoryExpandedChange: (value: boolean) => void;
onSubmitRefill: (medId: number) => Promise<void>;
// Edit stock state
editStockFullBlisters: number;
onEditStockFullBlistersChange: (value: number) => void;
editStockPartialBlisterPills: number;
onEditStockPartialBlisterPillsChange: (value: number) => void;
editStockSaving: boolean;
onSubmitStockCorrection: (medId: number) => Promise<void>;
}
export function MedDetailModal({
selectedMed,
coverage,
settings,
showImageLightbox,
showRefillModal,
showEditStockModal,
onClose,
onOpenImageLightbox,
onCloseImageLightbox,
onOpenRefillModal,
onCloseRefillModal,
onOpenEditStockModal,
onCloseEditStockModal,
refillPacks,
onRefillPacksChange,
refillLoose,
onRefillLooseChange,
refillSaving,
refillHistory,
refillHistoryExpanded,
onRefillHistoryExpandedChange,
onSubmitRefill,
editStockFullBlisters,
onEditStockFullBlistersChange,
editStockPartialBlisterPills,
onEditStockPartialBlisterPillsChange,
editStockSaving,
onSubmitStockCorrection,
}: MedDetailModalProps) {
const { t, i18n } = useTranslation();
if (!selectedMed) return null;
const medCoverage = coverage.all.find((c) => c.name === selectedMed.name);
const packageSize = getPackageSize(selectedMed);
const currentStock = medCoverage ? Math.round(medCoverage.medsLeft) : getMedTotal(selectedMed);
const status = medCoverage ? getStockStatus(medCoverage.daysLeft, medCoverage.medsLeft, settings) : null;
const textClass =
status?.className === "danger" ? "danger-text" : status?.className === "warning" ? "warning-text" : "success-text";
const stock = getBlisterStock(currentStock, selectedMed.pillsPerBlister, selectedMed.looseTablets, packageSize);
return (
<div className="modal-overlay" onClick={onClose}>
<div className="modal-content med-detail-modal" onClick={(e) => e.stopPropagation()}>
<button className="modal-close" onClick={onClose}>
×
</button>
<div className="med-detail-body">
{/* Header */}
<div className="med-detail-header">
<div
className={`med-detail-avatar-wrapper ${selectedMed.imageUrl ? "clickable" : ""}`}
onClick={() => selectedMed.imageUrl && onOpenImageLightbox()}
>
<MedicationAvatar name={selectedMed.name} imageUrl={selectedMed.imageUrl} size="lg" />
{selectedMed.imageUrl && <span className="expand-icon">🔍</span>}
</div>
<div className="med-detail-titles">
<h2>{selectedMed.name}</h2>
{selectedMed.genericName && <span className="med-generic-name">{selectedMed.genericName}</span>}
{selectedMed.takenBy && (selectedMed.takenBy || []).length > 0 && (
<span className="med-taken-by">
{t("modal.for")} {selectedMed.takenBy.join(", ")}
</span>
)}
</div>
</div>
{/* Stock Info Section */}
<div className="med-detail-section">
<h3>{t("modal.stockInfo")}</h3>
<div className="med-detail-grid">
<div className="med-detail-item">
<span className="med-detail-label">{t("table.fullBlisters")}</span>
<span className={`med-detail-value ${textClass}`}>{formatFullBlisters(stock.fullBlisters, t)}</span>
</div>
<div className="med-detail-item">
<span className="med-detail-label">{t("table.openBlister")}</span>
<span className={`med-detail-value ${textClass}`}>
{formatOpenBlisterAndLoose(
stock.openBlisterPills,
stock.loosePills,
selectedMed.pillsPerBlister ?? 1,
t
)}
</span>
</div>
<div className="med-detail-item full-width">
<span className="med-detail-label">{t("modal.currentStock")}</span>
<span className={`med-detail-value ${textClass}`}>
{currentStock} / {packageSize}
</span>
</div>
</div>
</div>
{/* Package Details Section */}
<div className="med-detail-section">
<h3>{t("modal.packageDetails")}</h3>
<div className="med-detail-grid">
<div className="med-detail-item">
<span className="med-detail-label">{t("modal.packs")}</span>
<span className="med-detail-value">{selectedMed.packCount}</span>
</div>
<div className="med-detail-item">
<span className="med-detail-label">{t("modal.blistersPerPack")}</span>
<span className="med-detail-value">{selectedMed.blistersPerPack}</span>
</div>
<div className="med-detail-item">
<span className="med-detail-label">{t("modal.pillsPerBlister")}</span>
<span className="med-detail-value">{selectedMed.pillsPerBlister}</span>
</div>
{selectedMed.pillWeightMg && (
<div className="med-detail-item">
<span className="med-detail-label">{t("modal.pillWeight")}</span>
<span className="med-detail-value">{selectedMed.pillWeightMg} mg</span>
</div>
)}
{selectedMed.expiryDate && (
<div className="med-detail-item">
<span className="med-detail-label">{t("modal.expiryDate")}</span>
<span
className={`med-detail-value ${getExpiryClass(selectedMed.expiryDate, settings.expiryWarningDays)}`}
>
{new Date(selectedMed.expiryDate).toLocaleDateString(getSystemLocale(i18n.language), {
day: "2-digit",
month: "short",
year: "numeric",
})}
</span>
</div>
)}
</div>
</div>
{/* Intake Schedule Section */}
{selectedMed.blisters.length > 0 && (
<div className="med-detail-section">
<h3>
{t("modal.intakeSchedule")}{" "}
{selectedMed.intakeRemindersEnabled && (
<span className="reminder-icon info-tooltip" data-tooltip={t("tooltips.intakeReminders")}>
🔔
</span>
)}
</h3>
<div className="med-detail-schedules">
{selectedMed.blisters.map((blister, idx) => {
const personCount = Math.max(1, selectedMed.takenBy?.length || 1);
const totalUsage = blister.usage * personCount;
return (
<div key={idx} className="med-schedule-item">
<span className="med-schedule-usage">
{totalUsage} {totalUsage !== 1 ? t("common.pills") : t("common.pill")}
{selectedMed.pillWeightMg && ` (${totalUsage * selectedMed.pillWeightMg} mg)`}
</span>
<span className="med-schedule-freq">
{t("form.blisters.every")} {blister.every}{" "}
{blister.every !== 1 ? t("common.days") : t("common.day")}
</span>
<span className="med-schedule-time">
{t("modal.at")}{" "}
{new Date(blister.start).toLocaleTimeString(getSystemLocale(i18n.language), {
hour: "2-digit",
minute: "2-digit",
})}
</span>
</div>
);
})}
</div>
</div>
)}
{/* Coverage Status Section */}
{medCoverage && status && (
<div className="med-detail-section">
<h3 className="section-header-with-badge">
{t("modal.coverageStatus")}
<span className={`status-chip small ${status.className}`}>{t(status.label)}</span>
</h3>
<div className="med-detail-grid">
<div className="med-detail-item">
<span className="med-detail-label">{t("modal.daysLeft")}</span>
<span className="med-detail-value">
{medCoverage.daysLeft !== null ? formatNumber(medCoverage.daysLeft) : "—"}
</span>
</div>
<div className="med-detail-item">
<span className="med-detail-label">{t("modal.runsOut")}</span>
<span className="med-detail-value">{medCoverage.depletionDate ?? "—"}</span>
</div>
</div>
</div>
)}
{/* Notes Section */}
{selectedMed.notes && (
<div className="med-detail-section">
<h3>📝 {t("modal.notes")}</h3>
<div className="med-notes-content">{selectedMed.notes}</div>
</div>
)}
{/* Refill History Section */}
{refillHistory.length > 0 && (
<div className="med-detail-section">
<h3
className="section-header-clickable"
onClick={() => onRefillHistoryExpandedChange(!refillHistoryExpanded)}
>
{t("refill.history")} ({refillHistory.length})
<span className="expand-arrow">{refillHistoryExpanded ? "▼" : "▶"}</span>
</h3>
{refillHistoryExpanded && (
<div className="refill-history-list">
{refillHistory.map((entry) => (
<div key={entry.id} className="refill-history-item">
<span className="refill-date">
{new Date(entry.refillDate).toLocaleDateString(getSystemLocale(i18n.language), {
day: "2-digit",
month: "short",
year: "numeric",
})}
,{" "}
{new Date(entry.refillDate).toLocaleTimeString(getSystemLocale(i18n.language), {
hour: "2-digit",
minute: "2-digit",
})}
</span>
<span className="refill-amount">
+
{entry.packsAdded * selectedMed.blistersPerPack * selectedMed.pillsPerBlister +
entry.loosePillsAdded}{" "}
{t("common.pills")}
</span>
</div>
))}
</div>
)}
</div>
)}
</div>
{/* Footer */}
<div className="med-detail-footer">
<button onClick={onClose}>{t("common.close")}</button>
<div className="footer-actions">
<button className="success" onClick={onOpenRefillModal}>
{t("refill.button")}
</button>
<button className="info" onClick={onOpenEditStockModal}>
{t("common.edit")}
</button>
{selectedMed.blisters.length > 0 && (
<button
className="secondary icon-only"
onClick={() => generateICS(selectedMed)}
title={t("modal.exportTooltip")}
>
📅
</button>
)}
</div>
</div>
</div>
{/* Image Lightbox */}
{showImageLightbox && selectedMed.imageUrl && (
<Lightbox src={`/api/images/${selectedMed.imageUrl}`} alt={selectedMed.name} onClose={onCloseImageLightbox} />
)}
{/* Refill Modal */}
{showRefillModal && (
<div
className="modal-overlay"
onClick={(e) => {
e.stopPropagation();
onCloseRefillModal();
}}
>
<div className="modal-content refill-modal" onClick={(e) => e.stopPropagation()}>
<button className="modal-close" onClick={onCloseRefillModal}>
×
</button>
<h2>{t("refill.title")}</h2>
<p className="refill-med-name">{selectedMed.name}</p>
<div className="refill-form">
<label>
{t("refill.packs")}
<input
type="number"
min="0"
value={refillPacks}
onChange={(e) => onRefillPacksChange(parseInt(e.target.value, 10) || 0)}
/>
</label>
<label>
{t("refill.loosePills")}
<input
type="number"
min="0"
value={refillLoose}
onChange={(e) => onRefillLooseChange(parseInt(e.target.value, 10) || 0)}
/>
</label>
</div>
<div className="modal-footer">
<button className="ghost" onClick={onCloseRefillModal}>
{t("common.cancel")}
</button>
<div className="refill-footer-right">
<button
className="success"
onClick={() => onSubmitRefill(selectedMed.id)}
disabled={(refillPacks < 1 && refillLoose < 1) || refillSaving}
>
{refillSaving ? t("common.saving") : t("refill.button")}
</button>
{(refillPacks > 0 || refillLoose > 0) && (
<span className="refill-preview">
+{refillPacks * selectedMed.blistersPerPack * selectedMed.pillsPerBlister + refillLoose}{" "}
{t("common.pills")}
</span>
)}
</div>
</div>
</div>
</div>
)}
{/* Edit Stock Modal */}
{showEditStockModal && (
<div
className="modal-overlay"
onClick={(e) => {
e.stopPropagation();
onCloseEditStockModal();
}}
>
<div className="modal-content edit-stock-modal" onClick={(e) => e.stopPropagation()}>
<button className="modal-close" onClick={onCloseEditStockModal}>
×
</button>
<h2>{t("editStock.title")}</h2>
<p className="edit-stock-med-name">{selectedMed.name}</p>
<p className="edit-stock-hint">{t("editStock.hint")}</p>
{(() => {
const dbTotal = getMedTotal(selectedMed);
const currentTotal = medCoverage ? Math.round(medCoverage.medsLeft) : dbTotal;
const newTotal = editStockFullBlisters * selectedMed.pillsPerBlister + editStockPartialBlisterPills;
const difference = newTotal - currentTotal;
return (
<>
<div className="edit-stock-form">
<label>
{t("editStock.fullBlisters")}{" "}
{t("editStock.pillsPerBlister", { count: selectedMed.pillsPerBlister })}
<input
type="number"
min="0"
value={editStockFullBlisters}
onChange={(e) => onEditStockFullBlistersChange(parseInt(e.target.value, 10) || 0)}
/>
</label>
<label>
{t("editStock.partialBlisterPills")}
<input
type="number"
min={editStockFullBlisters > 0 ? -(selectedMed.pillsPerBlister - 1) : 0}
max={selectedMed.pillsPerBlister}
value={editStockPartialBlisterPills}
onChange={(e) => {
const val = parseInt(e.target.value, 10) || 0;
const min = editStockFullBlisters > 0 ? -(selectedMed.pillsPerBlister - 1) : 0;
const max = selectedMed.pillsPerBlister;
onEditStockPartialBlisterPillsChange(Math.max(min, Math.min(val, max)));
}}
/>
</label>
</div>
<div className="edit-stock-summary">
<div className="summary-row">
<span>{t("editStock.currentTotal")}:</span>
<span>
{currentTotal} {t("common.pills")}
</span>
</div>
<div className="summary-row">
<span>{t("editStock.newTotal")}:</span>
<span>
{newTotal} {t("common.pills")}
</span>
</div>
<div
className={`summary-row difference ${difference > 0 ? "positive" : difference < 0 ? "negative" : ""}`}
>
<span>{t("editStock.difference")}:</span>
<span>
{difference > 0 ? "+" : ""}
{difference} {t("common.pills")}
</span>
</div>
</div>
</>
);
})()}
<div className="modal-footer">
<button className="ghost" onClick={onCloseEditStockModal}>
{t("common.cancel")}
</button>
<button
className="info"
onClick={() => onSubmitStockCorrection(selectedMed.id)}
disabled={editStockSaving}
>
{editStockSaving ? t("editStock.saving") : t("editStock.save")}
</button>
</div>
</div>
</div>
)}
</div>
);
}
frontend/src/components/MedicationAvatar.tsx
+25
View File
@@ -0,0 +1,25 @@
// =============================================================================
// MedicationAvatar Component
// =============================================================================
export type MedicationAvatarProps = {
name: string;
imageUrl?: string | null;
size?: "sm" | "md" | "lg";
};
export function MedicationAvatar({ name, imageUrl, size = "sm" }: MedicationAvatarProps) {
const initials =
name
.split(" ")
.map((w) => w[0])
.join("")
.toUpperCase()
.slice(0, 2) || "?";
const sizeClass = `med-avatar med-avatar-${size}`;
if (imageUrl) {
return <img src={`/api/images/${imageUrl}`} alt={name} className={sizeClass} />;
}
return <div className={`${sizeClass} med-avatar-initials`}>{initials}</div>;
}
frontend/src/components/MobileEditModal.tsx
+404
View File
@@ -0,0 +1,404 @@
/**
* MobileEditModal - Full-screen edit form for medications (mobile-optimized)
* Handles new medication creation and editing existing medications
*/
import { useTranslation } from "react-i18next";
import type { FieldErrors, FormBlister, FormState, Medication } from "../types";
// Field limits for validation
const FIELD_LIMITS = {
name: { max: 100 },
genericName: { max: 100 },
takenBy: { max: 50 },
notes: { max: 1000 },
};
export interface MobileEditModalProps {
show: boolean;
editingId: number | null;
form: FormState;
onFormChange: (form: FormState) => void;
fieldErrors: FieldErrors;
saving: boolean;
formSaved: boolean;
formChanged: boolean;
hasValidationErrors: boolean;
// TakenBy tag input
takenByInput: string;
onTakenByInputChange: (value: string) => void;
existingPeople: string[];
onAddTakenByPerson: (person: string) => void;
onRemoveTakenByPerson: (person: string) => void;
onTakenByKeyDown: (e: React.KeyboardEvent<HTMLInputElement>) => void;
// Blister helpers
onSetBlisterValue: (idx: number, field: keyof FormBlister, value: string) => void;
onAddBlister: () => void;
onRemoveBlister: (idx: number) => void;
// Value change handler for numeric fields
onHandleValueChange: <K extends keyof FormState>(field: K, value: string) => void;
// Refill state (for edit mode)
refillPacks: number;
onRefillPacksChange: (value: number) => void;
refillLoose: number;
onRefillLooseChange: (value: number) => void;
refillSaving: boolean;
onSubmitRefill: (medId: number) => Promise<void>;
// Image handling
meds: Medication[];
onUploadMedImage: (medId: number, file: File) => Promise<void>;
onDeleteMedImage: (medId: number) => Promise<void>;
// Actions
onClose: () => void;
onResetForm: () => void;
onSaveMedication: (e: React.FormEvent) => void;
}
function deriveTotal(form: FormState) {
const packCount = Number(form.packCount) || 0;
const blistersPerPack = Number(form.blistersPerPack) || 0;
const pillsPerBlister = Number(form.pillsPerBlister) || 1;
const looseTablets = Number(form.looseTablets) || 0;
return packCount * blistersPerPack * pillsPerBlister + looseTablets;
}
export function MobileEditModal({
show,
editingId,
form,
onFormChange,
fieldErrors,
saving,
formSaved,
formChanged,
hasValidationErrors,
takenByInput,
onTakenByInputChange,
existingPeople,
onAddTakenByPerson,
onRemoveTakenByPerson,
onTakenByKeyDown,
onSetBlisterValue,
onAddBlister,
onRemoveBlister,
onHandleValueChange,
refillPacks,
onRefillPacksChange,
refillLoose,
onRefillLooseChange,
refillSaving,
onSubmitRefill,
meds,
onUploadMedImage,
onDeleteMedImage,
onClose,
_onResetForm,
onSaveMedication,
}: MobileEditModalProps) {
const { t } = useTranslation();
if (!show) return null;
const currentMed = editingId ? meds.find((m) => m.id === editingId) : null;
return (
<div className="modal-overlay" onClick={onClose}>
<div className="modal-content edit-modal" onClick={(e) => e.stopPropagation()}>
<button className="modal-close" onClick={onClose}>
×
</button>
<div className="edit-modal-header">
<h2>{editingId ? t("form.editEntry") : t("form.newEntry")}</h2>
</div>
<form
className="form-grid mobile-edit-form"
onSubmit={(e) => {
// Check native HTML5 validation first
const formElement = e.currentTarget;
if (!formElement.checkValidity()) {
// Let browser show native validation messages
formElement.reportValidity();
e.preventDefault();
return;
}
onSaveMedication(e);
}}
>
<label className={`full ${fieldErrors.name ? "has-error" : ""}`}>
{t("form.commercialName")}
<input
value={form.name}
onChange={(e) => onFormChange({ ...form, name: e.target.value })}
placeholder={t("form.placeholders.commercial")}
maxLength={FIELD_LIMITS.name.max}
required
/>
{fieldErrors.name && <span className="field-error">{fieldErrors.name}</span>}
</label>
<label className={`full ${fieldErrors.genericName ? "has-error" : ""}`}>
{t("form.genericName")}
<input
value={form.genericName}
onChange={(e) => onFormChange({ ...form, genericName: e.target.value })}
placeholder={t("form.placeholders.generic")}
maxLength={FIELD_LIMITS.genericName.max}
/>
{fieldErrors.genericName && <span className="field-error">{fieldErrors.genericName}</span>}
</label>
<label className={`full ${fieldErrors.takenBy ? "has-error" : ""}`}>
{t("form.takenBy")}
<div className="tag-input-container">
{form.takenBy.map((person) => (
<span key={person} className="tag">
{person}
<button type="button" className="tag-remove" onClick={() => onRemoveTakenByPerson(person)}>
×
</button>
</span>
))}
<input
value={takenByInput}
onChange={(e) => onTakenByInputChange(e.target.value)}
onKeyDown={onTakenByKeyDown}
onBlur={() => {
if (takenByInput.trim()) onAddTakenByPerson(takenByInput);
}}
placeholder={
form.takenBy.length === 0 ? t("form.placeholders.takenBy") : t("form.placeholders.addPerson")
}
maxLength={FIELD_LIMITS.takenBy.max}
list="takenby-suggestions-modal"
/>
<datalist id="takenby-suggestions-modal">
{existingPeople
.filter((p) => !form.takenBy.includes(p))
.map((person) => (
<option key={person} value={person} />
))}
</datalist>
</div>
{fieldErrors.takenBy && <span className="field-error">{fieldErrors.takenBy}</span>}
</label>
<label>
{t("form.packs")}
<input
type="number"
min="0"
value={form.packCount}
onChange={(e) => onHandleValueChange("packCount", e.target.value)}
/>
</label>
<label>
{t("form.blistersPerPack")}
<input
type="number"
min="0"
value={form.blistersPerPack}
onChange={(e) => onHandleValueChange("blistersPerPack", e.target.value)}
/>
</label>
<label>
{t("form.pillsPerBlister")}
<input
type="number"
min="1"
value={form.pillsPerBlister}
onChange={(e) => onHandleValueChange("pillsPerBlister", e.target.value)}
/>
</label>
<label>
{t("form.loosePills")}
<input
type="number"
min="0"
value={form.looseTablets}
onChange={(e) => onHandleValueChange("looseTablets", e.target.value)}
/>
</label>
<div className="full">
<p className="sub">
<strong>{t("form.total")}:</strong> {deriveTotal(form)} {t("common.pills")}
</p>
</div>
<label className="full">
{t("form.pillWeight")}
<input
type="number"
min="0"
step="0.1"
value={form.pillWeightMg}
onChange={(e) => onFormChange({ ...form, pillWeightMg: e.target.value })}
placeholder={t("form.placeholders.weight")}
/>
</label>
<label className="full">
{t("form.expiryDate")}
<input
type="date"
value={form.expiryDate}
onChange={(e) => onFormChange({ ...form, expiryDate: e.target.value })}
/>
</label>
{/* Refill section - only shown when editing (mobile) */}
{editingId && (
<div className="full refill-section">
<h4 className="refill-title">{t("refill.title")}</h4>
<div className="refill-form-inline">
<label>
{t("refill.packs")}
<input
type="number"
min="0"
value={refillPacks}
onChange={(e) => onRefillPacksChange(parseInt(e.target.value, 10) || 0)}
/>
</label>
<label>
{t("refill.loosePills")}
<input
type="number"
min="0"
value={refillLoose}
onChange={(e) => onRefillLooseChange(parseInt(e.target.value, 10) || 0)}
/>
</label>
<button
type="button"
className="success"
onClick={() => onSubmitRefill(editingId)}
disabled={(refillPacks < 1 && refillLoose < 1) || refillSaving}
>
{refillSaving ? t("common.saving") : t("refill.button")}
</button>
{(refillPacks > 0 || refillLoose > 0) && (
<span className="refill-preview">
+{refillPacks * Number(form.blistersPerPack || 0) * Number(form.pillsPerBlister || 1) + refillLoose}{" "}
{t("common.pills")}
</span>
)}
</div>
</div>
)}
<label className={`full ${fieldErrors.notes ? "has-error" : ""}`}>
{t("form.notes")}
<textarea
value={form.notes}
onChange={(e) => onFormChange({ ...form, notes: e.target.value })}
placeholder={t("form.placeholders.notes")}
rows={2}
maxLength={FIELD_LIMITS.notes.max}
className="auto-resize"
onInput={(e) => {
const target = e.target as HTMLTextAreaElement;
target.style.height = "auto";
target.style.height = `${target.scrollHeight}px`;
}}
/>
{form.notes.length > 0 && (
<span className={`char-count ${form.notes.length > FIELD_LIMITS.notes.max * 0.9 ? "warning" : ""}`}>
{t("common.validation.tooLong", { current: form.notes.length, max: FIELD_LIMITS.notes.max })}
</span>
)}
{fieldErrors.notes && <span className="field-error">{fieldErrors.notes}</span>}
</label>
{editingId && currentMed?.imageUrl ? (
<div className="full image-field">
<span className="field-label">{t("form.medicationImage")}</span>
<div className="image-preview">
<img src={`/api/images/${currentMed.imageUrl}`} alt={currentMed.name} />
<button type="button" className="danger" onClick={() => onDeleteMedImage(editingId)}>
{t("form.removeImage")}
</button>
</div>
</div>
) : editingId ? (
<label className="full">
{t("form.medicationImage")}
<input
type="file"
accept="image/*"
onChange={(e) => e.target.files?.[0] && onUploadMedImage(editingId, e.target.files[0])}
/>
</label>
) : null}
<fieldset className="full blister-section">
<legend>
{t("form.blisters.title")}
<label className="toggle-switch small" title={t("form.blisters.remindTooltip")}>
<input
type="checkbox"
checked={form.intakeRemindersEnabled}
onChange={(e) => onFormChange({ ...form, intakeRemindersEnabled: e.target.checked })}
/>
<span className="toggle-slider"></span>
</label>
<span className="legend-hint">{t("form.blisters.remind")}</span>
</legend>
{form.blisters.map((b, idx) => (
<div key={idx} className="blister-row">
<label className="compact">
<span>{t("form.blisters.usage")}</span>
<input
type="number"
min="0"
step="0.1"
value={b.usage}
onChange={(e) => onSetBlisterValue(idx, "usage", e.target.value)}
/>
</label>
<label className="compact">
<span>{t("form.blisters.everyDays")}</span>
<input
type="number"
min="1"
value={b.every}
onChange={(e) => onSetBlisterValue(idx, "every", e.target.value)}
/>
</label>
<label className="compact full-row">
<span>{t("form.blisters.startDate")}</span>
<input
type="date"
value={b.startDate}
onChange={(e) => onSetBlisterValue(idx, "startDate", e.target.value)}
/>
</label>
<label className="compact time-label">
<span>{t("form.blisters.startTime")}</span>
<input
type="time"
value={b.startTime}
onChange={(e) => onSetBlisterValue(idx, "startTime", e.target.value)}
/>
</label>
{form.blisters.length > 1 && (
<button type="button" className="danger remove-blister-btn" onClick={() => onRemoveBlister(idx)}>
{t("common.remove")}
</button>
)}
</div>
))}
<button type="button" className="ghost add-blister" onClick={onAddBlister}>
+ {t("form.blisters.addIntake")}
</button>
</fieldset>
<div className="modal-footer">
<button type="button" className="ghost" onClick={onClose}>
{t("common.cancel")}
</button>
<button
type="submit"
disabled={saving || hasValidationErrors || (!formChanged && (formSaved || !!editingId))}
>
{formSaved && !formChanged ? t("common.saved") : t("common.save")}
</button>
</div>
</form>
</div>
</div>
);
}
frontend/src/components/ProfileModal.tsx
+21
View File
@@ -0,0 +1,21 @@
import { UserProfile } from "./Auth";
interface ProfileModalProps {
isOpen: boolean;
onClose: () => void;
}
export default function ProfileModal({ isOpen, onClose }: ProfileModalProps) {
if (!isOpen) return null;
return (
<div className="modal-overlay" onClick={onClose}>
<div className="modal-content profile-modal" onClick={(e) => e.stopPropagation()}>
<button className="modal-close" onClick={onClose}>
×
</button>
<UserProfile onClose={onClose} />
</div>
</div>
);
}
frontend/src/components/ShareDialog.tsx
+124
View File
@@ -0,0 +1,124 @@
/**
* ShareDialog - Modal for generating share links for medication schedules
* Allows sharing schedule view for a specific person
*/
import { useTranslation } from "react-i18next";
export interface ShareDialogProps {
show: boolean;
sharePeople: string[];
shareSelectedPerson: string;
onShareSelectedPersonChange: (person: string) => void;
shareSelectedDays: number;
onShareSelectedDaysChange: (days: number) => void;
shareGenerating: boolean;
shareLink: string | null;
onShareLinkChange: (link: string | null) => void;
shareCopied: boolean;
onShareCopiedChange: (copied: boolean) => void;
onClose: () => void;
onGenerateShareLink: () => Promise<void>;
onCopyShareLink: () => void;
}
export function ShareDialog({
show,
sharePeople,
shareSelectedPerson,
onShareSelectedPersonChange,
shareSelectedDays,
onShareSelectedDaysChange,
shareGenerating,
shareLink,
onShareLinkChange,
shareCopied,
onShareCopiedChange,
onClose,
onGenerateShareLink,
onCopyShareLink,
}: ShareDialogProps) {
const { t } = useTranslation();
if (!show) return null;
return (
<div className="modal-overlay" onClick={onClose}>
<div className="modal-content share-dialog-modal" onClick={(e) => e.stopPropagation()}>
<button className="modal-close" onClick={onClose}>
×
</button>
<div className="share-dialog-header">
<h2>🔗 {t("share.title")}</h2>
<p className="share-dialog-description">{t("share.description")}</p>
</div>
{sharePeople.length === 0 ? (
<div className="share-dialog-empty">
<p>{t("share.noPeople")}</p>
</div>
) : shareLink ? (
<div className="share-dialog-result">
<p className="share-success">{t("share.linkGenerated")}</p>
<div className="share-link-box">
<input
type="text"
value={shareLink}
readOnly
className="share-link-input"
onClick={(e) => (e.target as HTMLInputElement).select()}
/>
<button className="btn-copy" onClick={onCopyShareLink}>
{shareCopied ? "✓" : "📋"}
</button>
</div>
{shareCopied && <span className="share-copied-hint">{t("share.copied")}</span>}
<div className="share-dialog-footer">
<button
className="ghost"
onClick={() => {
onShareLinkChange(null);
onShareCopiedChange(false);
}}
>
{t("share.generateAnother")}
</button>
<button onClick={onClose}>{t("common.close")}</button>
</div>
</div>
) : (
<div className="share-dialog-form">
<div className="form-group">
<label>{t("share.selectPerson")}</label>
<select value={shareSelectedPerson} onChange={(e) => onShareSelectedPersonChange(e.target.value)}>
{sharePeople.map((person) => (
<option key={person} value={person}>
{person}
</option>
))}
</select>
</div>
<div className="form-group">
<label>{t("share.selectPeriod")}</label>
<select value={shareSelectedDays} onChange={(e) => onShareSelectedDaysChange(Number(e.target.value))}>
<option value={30}>{t("dashboard.schedules.1month")}</option>
<option value={90}>{t("dashboard.schedules.3months")}</option>
<option value={180}>{t("dashboard.schedules.6months")}</option>
</select>
</div>
<div className="share-dialog-footer">
<button className="ghost" onClick={onClose}>
{t("common.cancel")}
</button>
<button onClick={onGenerateShareLink} disabled={shareGenerating || !shareSelectedPerson}>
{shareGenerating ? t("share.generating") : t("share.generateLink")}
</button>
</div>
</div>
)}
</div>
</div>
);
}
frontend/src/components/SharedSchedule.tsx
+1108
View File
File diff suppressed because it is too large Load Diff
frontend/src/components/TagInput.tsx
+79
View File
@@ -0,0 +1,79 @@
// =============================================================================
// TagInput Component - Reusable tag input with suggestions
// =============================================================================
import type { KeyboardEvent } from "react";
export interface TagInputProps {
tags: string[];
inputValue: string;
onInputChange: (value: string) => void;
onAddTag: (tag: string) => void;
onRemoveTag: (tag: string) => void;
suggestions?: string[];
placeholder?: string;
addPlaceholder?: string;
maxLength?: number;
error?: string;
datalistId?: string;
}
export function TagInput({
tags,
inputValue,
onInputChange,
onAddTag,
onRemoveTag,
suggestions = [],
placeholder = "",
addPlaceholder = "",
maxLength,
error,
datalistId = "tag-suggestions",
}: TagInputProps) {
function handleKeyDown(e: KeyboardEvent<HTMLInputElement>) {
if ((e.key === "Enter" || e.key === ",") && inputValue.trim()) {
e.preventDefault();
onAddTag(inputValue);
}
if (e.key === "Backspace" && !inputValue && tags.length > 0) {
onRemoveTag(tags[tags.length - 1]);
}
}
return (
<>
<div className="tag-input-container">
{tags.map((tag) => (
<span key={tag} className="tag">
{tag}
<button type="button" className="tag-remove" onClick={() => onRemoveTag(tag)}>
×
</button>
</span>
))}
<input
value={inputValue}
onChange={(e) => onInputChange(e.target.value)}
onKeyDown={handleKeyDown}
onBlur={() => {
if (inputValue.trim()) onAddTag(inputValue);
}}
placeholder={tags.length === 0 ? placeholder : addPlaceholder}
maxLength={maxLength}
list={datalistId}
/>
{suggestions.length > 0 && (
<datalist id={datalistId}>
{suggestions
.filter((s) => !tags.includes(s))
.map((suggestion) => (
<option key={suggestion} value={suggestion} />
))}
</datalist>
)}
</div>
{error && <span className="field-error">{error}</span>}
</>
);
}
frontend/src/components/UserFilterModal.tsx
+87
View File
@@ -0,0 +1,87 @@
/**
* UserFilterModal - Shows medications for a specific person (takenBy filter)
* Allows clicking through to medication details
*/
import { useTranslation } from "react-i18next";
import { MedicationAvatar } from "../components";
import type { Coverage, Medication, StockThresholds } from "../types";
import { getMedTotal, getPackageSize } from "../types";
import { formatNumber } from "../utils";
import { getStockStatus } from "../utils/schedule";
export interface UserFilterModalProps {
selectedUser: string | null;
meds: Medication[];
coverage: { all: Coverage[] };
settings: StockThresholds;
onClose: () => void;
onOpenMedDetail: (med: Medication) => void;
}
export function UserFilterModal({
selectedUser,
meds,
coverage,
settings,
onClose,
onOpenMedDetail,
}: UserFilterModalProps) {
const { t } = useTranslation();
if (!selectedUser) return null;
const userMeds = meds.filter((m) => (m.takenBy || []).includes(selectedUser));
return (
<div className="modal-overlay" onClick={onClose}>
<div className="modal-content user-meds-modal" onClick={(e) => e.stopPropagation()}>
<button className="modal-close" onClick={onClose}>
×
</button>
<div className="user-meds-header">
<div className="user-avatar">{selectedUser.charAt(0).toUpperCase()}</div>
<h2>{t("modal.userMedications", { name: selectedUser })}</h2>
</div>
<div className="user-meds-list">
{userMeds.map((med) => {
const medCoverage = coverage.all.find((c) => c.name === med.name);
const status = medCoverage ? getStockStatus(medCoverage.daysLeft, medCoverage.medsLeft, settings) : null;
const packageSize = getPackageSize(med);
const currentStock = medCoverage ? formatNumber(medCoverage.medsLeft) : formatNumber(getMedTotal(med));
return (
<div
key={med.id}
className="user-med-item clickable"
onClick={() => {
onClose();
onOpenMedDetail(med);
}}
>
<MedicationAvatar name={med.name} imageUrl={med.imageUrl} size="sm" />
<div className="user-med-info">
<span className="user-med-name">{med.name}</span>
{med.genericName && <span className="user-med-generic">{med.genericName}</span>}
</div>
<div className="user-med-stats">
<span className="user-med-pills">
{currentStock}/{formatNumber(packageSize)} {t("common.pills")}
</span>
{status && <span className={`status-chip ${status.className}`}>{t(status.label)}</span>}
</div>
</div>
);
})}
{userMeds.length === 0 && (
<div className="user-meds-empty">{t("modal.noMedsForUser", { name: selectedUser })}</div>
)}
</div>
<div className="user-meds-footer">
<button onClick={onClose}>{t("common.close")}</button>
</div>
</div>
</div>
);
}
frontend/src/components/index.ts
+23
View File
@@ -0,0 +1,23 @@
// Components barrel export
export { default as AboutModal } from "./AboutModal";
export type { ConfirmModalProps } from "./ConfirmModal";
export { ConfirmModal } from "./ConfirmModal";
export { default as ExportModal } from "./ExportModal";
export type { LightboxProps } from "./Lightbox";
export { Lightbox } from "./Lightbox";
export type { MedDetailModalProps } from "./MedDetailModal";
export { MedDetailModal } from "./MedDetailModal";
export type { MedicationAvatarProps } from "./MedicationAvatar";
export { MedicationAvatar } from "./MedicationAvatar";
export type { MobileEditModalProps } from "./MobileEditModal";
export { MobileEditModal } from "./MobileEditModal";
export { default as ProfileModal } from "./ProfileModal";
export type { ShareDialogProps } from "./ShareDialog";
export { ShareDialog } from "./ShareDialog";
export { SharedSchedule } from "./SharedSchedule";
export type { TagInputProps } from "./TagInput";
export { TagInput } from "./TagInput";
export type { UserFilterModalProps } from "./UserFilterModal";
export { UserFilterModal } from "./UserFilterModal";
frontend/src/context/AppContext.tsx
+886
View File
@@ -0,0 +1,886 @@
import type React from "react";
import { createContext, useCallback, useContext, useEffect, useMemo, useState } from "react";
import { useTranslation } from "react-i18next";
import { useAuth } from "../components/Auth";
import { useCollapsedDays, useDoses, useMedications, useRefill, useSettings, useShare } from "../hooks";
import type { Coverage, Medication, ScheduleEvent } from "../types";
import { getSystemLocale } from "../utils/formatters";
import { buildSchedulePreview, calculateCoverage } from "../utils/schedule";
// =============================================================================
// Types
// =============================================================================
export type DoseInfo = {
id: string;
timeStr: string;
when: number;
usage: number;
takenBy: string[];
};
export type DayMedEntry = {
medName: string;
total: number;
doses: DoseInfo[];
lastWhen: number;
};
export type GroupedDay = {
dateStr: string;
date: Date;
isPast: boolean;
meds: DayMedEntry[];
};
export interface AppContextValue {
// From useMedications
meds: Medication[];
setMeds: React.Dispatch<React.SetStateAction<Medication[]>>;
loading: boolean;
saving: boolean;
setSaving: React.Dispatch<React.SetStateAction<boolean>>;
uploadingImage: boolean;
loadMeds: () => void;
deleteMed: (id: number, editingId: number | null, resetForm: () => void) => Promise<void>;
uploadMedImage: (medId: number, file: File) => Promise<void>;
deleteMedImage: (medId: number) => Promise<void>;
// From useSettings (selected fields)
settings: ReturnType<typeof useSettings>["settings"];
setSettings: ReturnType<typeof useSettings>["setSettings"];
savedSettings: ReturnType<typeof useSettings>["savedSettings"];
settingsLoading: boolean;
settingsSaving: boolean;
settingsSaved: boolean;
testingEmail: boolean;
testEmailResult: { success: boolean; message: string } | null;
testingShoutrrr: boolean;
testShoutrrrResult: { success: boolean; message: string } | null;
loadSettings: () => void;
saveSettings: (e: React.FormEvent) => Promise<void>;
testEmail: () => Promise<void>;
testShoutrrr: () => Promise<void>;
// From useDoses
takenDoses: Set<string>;
setTakenDoses: React.Dispatch<React.SetStateAction<Set<string>>>;
dismissedDoses: Set<string>;
clearingMissed: boolean;
showClearMissedConfirm: boolean;
setShowClearMissedConfirm: (show: boolean) => void;
getDoseId: (baseDoseId: string, person: string | null) => string;
countTakenDoses: (doses: Array<{ id: string; takenBy: string[] }>) => { total: number; taken: number };
markDoseTaken: (doseId: string) => Promise<void>;
undoDoseTaken: (doseId: string) => Promise<void>;
dismissMissedDoses: (doseIds: string[]) => Promise<void>;
// From useCollapsedDays
manuallyCollapsedDays: Set<string>;
manuallyExpandedDays: Set<string>;
toggleDayCollapse: (dateStr: string, isCurrentlyExpanded: boolean) => void;
// From useShare
showShareDialog: boolean;
sharePeople: string[];
shareSelectedPerson: string;
setShareSelectedPerson: React.Dispatch<React.SetStateAction<string>>;
shareSelectedDays: number;
setShareSelectedDays: React.Dispatch<React.SetStateAction<number>>;
shareGenerating: boolean;
shareLink: string | null;
setShareLink: React.Dispatch<React.SetStateAction<string | null>>;
shareCopied: boolean;
setShareCopied: React.Dispatch<React.SetStateAction<boolean>>;
openShareDialog: () => void;
generateShareLink: () => Promise<void>;
copyShareLink: () => void;
closeShareDialog: () => void;
resetShareDialogState: () => void;
// From useRefill
showRefillModal: boolean;
setShowRefillModal: React.Dispatch<React.SetStateAction<boolean>>;
refillPacks: number;
setRefillPacks: React.Dispatch<React.SetStateAction<number>>;
refillLoose: number;
setRefillLoose: React.Dispatch<React.SetStateAction<number>>;
refillSaving: boolean;
refillHistory: ReturnType<typeof useRefill>["refillHistory"];
refillHistoryExpanded: boolean;
setRefillHistoryExpanded: React.Dispatch<React.SetStateAction<boolean>>;
showEditStockModal: boolean;
setShowEditStockModal: React.Dispatch<React.SetStateAction<boolean>>;
editStockFullBlisters: number;
setEditStockFullBlisters: React.Dispatch<React.SetStateAction<number>>;
editStockPartialBlisterPills: number;
setEditStockPartialBlisterPills: React.Dispatch<React.SetStateAction<number>>;
editStockSaving: boolean;
loadRefillHistory: (medId: number) => Promise<void>;
submitRefill: (
medId: number,
editingId: number | null,
setForm: React.Dispatch<React.SetStateAction<any>>,
loadMeds: () => void
) => Promise<void>;
submitStockCorrection: (medId: number, selectedMed: Medication, loadMeds: () => void) => Promise<void>;
openRefillModal: () => void;
closeRefillModal: () => void;
openEditStockModal: (selectedMed: Medication, coverage: { all: Coverage[] }) => void;
closeEditStockModal: () => void;
// Computed values
schedule: { events: ScheduleEvent[] };
coverage: { all: Coverage[]; low: Coverage[] };
coverageByMed: Record<string, Coverage>;
depletionByMed: Record<string, number | null>;
existingPeople: string[];
groupedSchedule: GroupedDay[];
pastDays: GroupedDay[];
todayDay: GroupedDay | null;
futureDays: GroupedDay[];
missedPastDoseIds: string[];
getDayStockStatus: (dayMeds: { medName: string; lastWhen: number }[]) => "success" | "warning" | "danger";
// Schedule UI state
scheduleDays: number;
setScheduleDays: React.Dispatch<React.SetStateAction<number>>;
showPastDays: boolean;
setShowPastDays: React.Dispatch<React.SetStateAction<boolean>>;
showFutureDays: boolean;
setShowFutureDays: React.Dispatch<React.SetStateAction<boolean>>;
// Modal state
selectedMed: Medication | null;
setSelectedMed: React.Dispatch<React.SetStateAction<Medication | null>>;
showImageLightbox: boolean;
setShowImageLightbox: React.Dispatch<React.SetStateAction<boolean>>;
scheduleLightboxImage: string | null;
setScheduleLightboxImage: React.Dispatch<React.SetStateAction<string | null>>;
selectedUser: string | null;
setSelectedUser: React.Dispatch<React.SetStateAction<string | null>>;
// Export/Import state
exporting: boolean;
importing: boolean;
showExportModal: boolean;
setShowExportModal: React.Dispatch<React.SetStateAction<boolean>>;
showImportConfirm: boolean;
setShowImportConfirm: React.Dispatch<React.SetStateAction<boolean>>;
pendingImportData: unknown;
setPendingImportData: React.Dispatch<React.SetStateAction<unknown>>;
importResult: { medications: number; doses: number; shares: number } | null;
setImportResult: React.Dispatch<React.SetStateAction<{ medications: number; doses: number; shares: number } | null>>;
handleExport: (includeImages?: boolean) => Promise<void>;
handleImportFileSelect: (e: React.ChangeEvent<HTMLInputElement>) => void;
handleImportConfirm: () => Promise<void>;
settingsChanged: boolean;
// Modal helpers
openMedDetail: (med: Medication) => void;
closeMedDetail: () => void;
openImageLightbox: () => void;
closeImageLightbox: () => void;
openScheduleLightbox: (imageUrl: string) => void;
closeScheduleLightbox: () => void;
openUserFilter: (person: string) => void;
closeUserFilter: () => void;
}
// =============================================================================
// Context
// =============================================================================
const AppContext = createContext<AppContextValue | null>(null);
// Helper for user-specific localStorage keys
function userStorageKey(userId: number | undefined, key: string): string {
return userId ? `user_${userId}_${key}` : key;
}
// =============================================================================
// Provider
// =============================================================================
export function AppProvider({ children }: { children: React.ReactNode }) {
const { i18n } = useTranslation();
const { user } = useAuth();
// Compose hooks
const medications = useMedications();
const settingsHook = useSettings();
const doses = useDoses();
const collapsed = useCollapsedDays(user?.id);
const share = useShare();
const refill = useRefill();
// Schedule UI state
const [scheduleDays, setScheduleDays] = useState<number>(30);
const [showPastDays, setShowPastDays] = useState(false);
const [showFutureDays, setShowFutureDays] = useState(false);
// Modal state
const [selectedMed, setSelectedMed] = useState<Medication | null>(null);
const [showImageLightbox, setShowImageLightbox] = useState(false);
const [scheduleLightboxImage, setScheduleLightboxImage] = useState<string | null>(null);
const [selectedUser, setSelectedUser] = useState<string | null>(null);
// Export/Import state
const [exporting, setExporting] = useState(false);
const [importing, setImporting] = useState(false);
const [showExportModal, setShowExportModal] = useState(false);
const [showImportConfirm, setShowImportConfirm] = useState(false);
const [pendingImportData, setPendingImportData] = useState<unknown>(null);
const [importResult, setImportResult] = useState<{ medications: number; doses: number; shares: number } | null>(null);
// Load user-specific scheduleDays when user changes
useEffect(() => {
if (typeof window !== "undefined" && user?.id) {
const storedDays = localStorage.getItem(userStorageKey(user.id, "scheduleDays"));
setScheduleDays(storedDays ? Number(storedDays) : 30);
}
}, [user?.id]);
// Load medications and settings when user changes
useEffect(() => {
medications.loadMeds();
settingsHook.loadSettings();
}, [medications.loadMeds, settingsHook.loadSettings]);
// Update selectedMed when meds change (e.g., after refill)
useEffect(() => {
if (selectedMed) {
const updated = medications.meds.find((m) => m.id === selectedMed.id);
if (
updated &&
(updated.packCount !== selectedMed.packCount ||
updated.looseTablets !== selectedMed.looseTablets ||
updated.updatedAt !== selectedMed.updatedAt)
) {
setSelectedMed(updated);
}
}
}, [medications.meds, selectedMed]);
// Computed values - combine app language with timezone region for locale
const systemLocale = getSystemLocale(i18n.language);
const schedule = useMemo(
() => buildSchedulePreview(medications.meds, systemLocale, true),
[medications.meds, systemLocale]
);
const coverage = useMemo(
() =>
calculateCoverage(
medications.meds,
schedule.events,
systemLocale,
settingsHook.settings.reminderDaysBefore,
settingsHook.settings.stockCalculationMode,
doses.takenDoses
),
[
medications.meds,
schedule.events,
systemLocale,
settingsHook.settings.reminderDaysBefore,
settingsHook.settings.stockCalculationMode,
doses.takenDoses,
]
);
const depletionByMed = useMemo(
() => Object.fromEntries(coverage.all.map((c) => [c.name, c.depletionTime])),
[coverage.all]
);
const coverageByMed = useMemo(() => Object.fromEntries(coverage.all.map((c) => [c.name, c])), [coverage.all]);
const existingPeople = useMemo(() => {
const allPeople = medications.meds.flatMap((m) => m.takenBy || []);
return [...new Set(allPeople)].filter(Boolean).sort();
}, [medications.meds]);
// Get worst stock status for a day's medications
const getDayStockStatus = useCallback(
(dayMeds: { medName: string; lastWhen: number }[]): "success" | "warning" | "danger" => {
const statuses = dayMeds.map((item) => {
const cov = coverageByMed[item.medName];
const depletionTime = depletionByMed[item.medName];
// Will be out of stock by this day?
if (typeof depletionTime === "number" && item.lastWhen > depletionTime) {
return "danger";
}
if (!cov) return "success";
const { daysLeft, medsLeft } = cov;
// Currently out of stock
if (medsLeft <= 0 || daysLeft === 0) return "danger";
// No schedule (can't calculate)
if (daysLeft === null) return "success";
// Low stock: < lowStockDays (warning)
if (daysLeft < settingsHook.settings.lowStockDays) return "warning";
// Normal/High stock
return "success";
});
return statuses.includes("danger") ? "danger" : statuses.includes("warning") ? "warning" : "success";
},
[coverageByMed, depletionByMed, settingsHook.settings.lowStockDays]
);
const groupedSchedule = useMemo(() => {
const days = new Map<string, { dateStr: string; date: Date; isPast: boolean; meds: Map<string, DayMedEntry> }>();
schedule.events.slice(0, 2000).forEach((event) => {
const day = days.get(event.dateStr) ?? {
dateStr: event.dateStr,
date: new Date(event.when),
isPast: event.isPast,
meds: new Map(),
};
const medEntry = day.meds.get(event.medName) ?? {
medName: event.medName,
total: 0,
doses: [],
lastWhen: event.when,
};
medEntry.total += event.usage;
medEntry.doses.push({
id: event.id,
timeStr: event.timeStr,
when: event.when,
usage: event.usage,
takenBy: event.takenBy || [],
});
medEntry.lastWhen = Math.max(medEntry.lastWhen, event.when);
day.meds.set(event.medName, medEntry);
days.set(event.dateStr, day);
});
return Array.from(days.values()).map((d) => ({
dateStr: d.dateStr,
date: d.date,
isPast: d.isPast,
meds: Array.from(d.meds.values()),
}));
}, [schedule.events]);
const pastDays = useMemo(() => groupedSchedule.filter((d) => d.isPast), [groupedSchedule]);
// Separate today from future days
const todayDay = useMemo(() => {
const today = new Date();
today.setHours(0, 0, 0, 0);
return (
groupedSchedule.find((d) => {
const dayDate = new Date(d.date);
dayDate.setHours(0, 0, 0, 0);
return dayDate.getTime() === today.getTime();
}) || null
);
}, [groupedSchedule]);
const futureDays = useMemo(() => {
const today = new Date();
today.setHours(0, 0, 0, 0);
return groupedSchedule
.filter((d) => {
if (d.isPast) return false;
const dayDate = new Date(d.date);
dayDate.setHours(0, 0, 0, 0);
return dayDate.getTime() > today.getTime();
})
.slice(0, scheduleDays);
}, [groupedSchedule, scheduleDays]);
// Build a map of medId -> dismissedUntil date string from medication records
// This is robust against timestamp changes from schedule updates or timezone fixes
const _dismissedUntilByMed = useMemo(() => {
const map = new Map<string, string>();
for (const med of medications.meds) {
if (med.dismissedUntil) {
map.set(String(med.id), med.dismissedUntil);
}
}
return map;
}, [medications.meds]);
// Helper to check if a dose date is on or before the dismissedUntil date
const isDoseDismissed = useCallback((doseId: string, dismissedUntilDate: string | undefined): boolean => {
if (!dismissedUntilDate) return false;
// Extract timestamp from dose ID (format: medId-blisterIdx-timestamp or medId-blisterIdx-timestamp-person)
const parts = doseId.split("-");
if (parts.length < 3) return false;
const timestamp = parseInt(parts[2], 10);
if (Number.isNaN(timestamp)) return false;
// Compare date strings (YYYY-MM-DD format sorts correctly)
const doseDate = new Date(timestamp);
const doseDateStr = `${doseDate.getFullYear()}-${String(doseDate.getMonth() + 1).padStart(2, "0")}-${String(doseDate.getDate()).padStart(2, "0")}`;
return doseDateStr <= dismissedUntilDate;
}, []);
const missedPastDoseIds = useMemo(() => {
const totalPastDoses = pastDays.flatMap((d) =>
d.meds.flatMap((m) => {
// Find the medication to get its dismissedUntil
const med = medications.meds.find((med) => med.name === m.medName);
const dismissedUntilDate = med?.dismissedUntil ?? undefined;
return m.doses.flatMap((dose) => {
// Check if this dose is on or before the dismissed date for this medication
if (isDoseDismissed(dose.id, dismissedUntilDate)) {
return [];
}
return (dose.takenBy || []).length > 0 ? dose.takenBy.map((p: string) => `${dose.id}-${p}`) : [dose.id];
});
})
);
// Also filter out doses that are marked as taken or individually dismissed (legacy)
return totalPastDoses.filter((id) => !doses.takenDoses.has(id) && !doses.dismissedDoses.has(id));
}, [pastDays, medications.meds, doses.takenDoses, doses.dismissedDoses, isDoseDismissed]);
// Modal helpers with browser history support
const openMedDetail = useCallback(
(med: Medication) => {
setSelectedMed(med);
refill.setRefillHistoryExpanded(false);
refill.loadRefillHistory(med.id);
window.history.pushState({ modal: "medDetail", medId: med.id }, "");
},
[refill]
);
const closeMedDetail = useCallback(() => {
if (selectedMed) {
window.history.back();
}
}, [selectedMed]);
const openImageLightbox = useCallback(() => {
setShowImageLightbox(true);
window.history.pushState({ modal: "imageLightbox" }, "");
}, []);
const closeImageLightbox = useCallback(() => {
if (showImageLightbox) {
window.history.back();
}
}, [showImageLightbox]);
const openScheduleLightbox = useCallback((imageUrl: string) => {
setScheduleLightboxImage(imageUrl);
window.history.pushState({ modal: "scheduleLightbox" }, "");
}, []);
const closeScheduleLightbox = useCallback(() => {
if (scheduleLightboxImage) {
window.history.back();
}
}, [scheduleLightboxImage]);
const openUserFilter = useCallback((person: string) => {
setSelectedUser(person);
window.history.pushState({ modal: "userFilter", person }, "");
}, []);
const closeUserFilter = useCallback(() => {
if (selectedUser) {
window.history.back();
}
}, [selectedUser]);
// Wrapper to pass meds to openShareDialog
const openShareDialog = useCallback(() => {
share.openShareDialog(medications.meds);
}, [share, medications.meds]);
// Get t function for translations
const { t } = useTranslation();
// Export data to JSON file
const handleExport = useCallback(
async (includeImages: boolean = true) => {
setExporting(true);
try {
const res = await fetch(`/api/export?includeSensitive=true&includeImages=${includeImages}`, {
credentials: "include",
});
if (!res.ok) throw new Error("Export failed");
const data = await res.json();
// Create download
const blob = new Blob([JSON.stringify(data, null, 2)], { type: "application/json" });
const url = URL.createObjectURL(blob);
const a = document.createElement("a");
const dateStr = new Date().toISOString().split("T")[0];
a.href = url;
a.download = `${t("exportImport.downloadFilename")}-${dateStr}.json`;
document.body.appendChild(a);
a.click();
document.body.removeChild(a);
URL.revokeObjectURL(url);
} catch (err) {
console.error("Export error:", err);
}
setExporting(false);
},
[t]
);
// Handle file selection for import
const handleImportFileSelect = useCallback(
(e: React.ChangeEvent<HTMLInputElement>) => {
const file = e.target.files?.[0];
if (!file) return;
const reader = new FileReader();
reader.onload = (event) => {
try {
const data = JSON.parse(event.target?.result as string);
if (!data.version || !data.exportedAt) {
alert(t("exportImport.invalidFile"));
return;
}
setPendingImportData(data);
setShowImportConfirm(true);
} catch {
alert(t("exportImport.invalidFile"));
}
};
reader.readAsText(file);
// Reset file input
e.target.value = "";
},
[t]
);
// Confirm and execute import
const handleImportConfirm = useCallback(async () => {
if (!pendingImportData) return;
setImporting(true);
setShowImportConfirm(false);
try {
const res = await fetch("/api/import", {
method: "POST",
headers: { "Content-Type": "application/json" },
credentials: "include",
body: JSON.stringify(pendingImportData),
});
// Get the response text first to handle non-JSON responses
const text = await res.text();
let data: { error?: string; message?: string; imported?: number } = {};
try {
data = text ? JSON.parse(text) : {};
} catch {
console.error("Import response parse error:", text);
alert(`${t("exportImport.importError")}: Server returned invalid response`);
return;
}
if (!res.ok) {
alert(`${t("exportImport.importError")}: ${data.error || `HTTP ${res.status}`}`);
return;
}
// Show success message in UI instead of browser alert
setImportResult({
medications: data.imported?.medications || 0,
doses: data.imported?.doseHistory || 0,
shares: data.imported?.shareLinks || 0,
});
// Reload all data
medications.loadMeds();
settingsHook.loadSettings();
doses.loadTakenDoses();
} catch (err) {
console.error("Import error:", err);
alert(t("exportImport.importError"));
}
setPendingImportData(null);
setImporting(false);
}, [pendingImportData, t, medications, settingsHook, doses]);
// Compute settingsChanged
const settingsChanged = useMemo(() => {
const settings = settingsHook.settings;
const savedSettings = settingsHook.savedSettings;
return (
settings.emailEnabled !== savedSettings.emailEnabled ||
settings.notificationEmail !== savedSettings.notificationEmail ||
settings.emailStockReminders !== savedSettings.emailStockReminders ||
settings.emailIntakeReminders !== savedSettings.emailIntakeReminders ||
settings.reminderDaysBefore !== savedSettings.reminderDaysBefore ||
settings.repeatDailyReminders !== savedSettings.repeatDailyReminders ||
settings.lowStockDays !== savedSettings.lowStockDays ||
settings.normalStockDays !== savedSettings.normalStockDays ||
settings.highStockDays !== savedSettings.highStockDays ||
settings.shoutrrrEnabled !== savedSettings.shoutrrrEnabled ||
settings.shoutrrrUrl !== savedSettings.shoutrrrUrl ||
settings.shoutrrrStockReminders !== savedSettings.shoutrrrStockReminders ||
settings.shoutrrrIntakeReminders !== savedSettings.shoutrrrIntakeReminders ||
settings.skipRemindersForTakenDoses !== savedSettings.skipRemindersForTakenDoses ||
settings.repeatRemindersEnabled !== savedSettings.repeatRemindersEnabled ||
settings.reminderRepeatIntervalMinutes !== savedSettings.reminderRepeatIntervalMinutes ||
settings.maxNaggingReminders !== savedSettings.maxNaggingReminders ||
settings.stockCalculationMode !== savedSettings.stockCalculationMode
);
}, [settingsHook.settings, settingsHook.savedSettings]);
// New dismissMissedDoses that uses medication-level dismissedUntil dates
// This is robust against timestamp changes from schedule updates or timezone fixes
const [clearingMissedState, setClearingMissedState] = useState(false);
const dismissMissedDoses = useCallback(
async (doseIds: string[]) => {
if (doseIds.length === 0) return;
// Extract unique medication IDs from dose IDs (format: medId-blisterIdx-timestamp[-person])
const medIds = new Set<number>();
for (const doseId of doseIds) {
const parts = doseId.split("-");
if (parts.length >= 1) {
const medId = parseInt(parts[0], 10);
if (!Number.isNaN(medId)) {
medIds.add(medId);
}
}
}
if (medIds.size === 0) return;
// Get today's date in YYYY-MM-DD format
const today = new Date();
const until = `${today.getFullYear()}-${String(today.getMonth() + 1).padStart(2, "0")}-${String(today.getDate()).padStart(2, "0")}`;
setClearingMissedState(true);
try {
const res = await fetch("/api/medications/dismiss-until", {
method: "POST",
headers: { "Content-Type": "application/json" },
credentials: "include",
body: JSON.stringify({ medicationIds: Array.from(medIds), until }),
});
if (res.ok) {
// Reload medications to get updated dismissedUntil values
await medications.loadMeds();
doses.setShowClearMissedConfirm(false);
}
} catch {
// Error - dialog stays open
} finally {
setClearingMissedState(false);
}
},
[medications, doses]
);
// Build context value
const value: AppContextValue = useMemo(
() => ({
// From useMedications
...medications,
// From useSettings
settings: settingsHook.settings,
setSettings: settingsHook.setSettings,
savedSettings: settingsHook.savedSettings,
settingsLoading: settingsHook.settingsLoading,
settingsSaving: settingsHook.settingsSaving,
settingsSaved: settingsHook.settingsSaved,
testingEmail: settingsHook.testingEmail,
testEmailResult: settingsHook.testEmailResult,
testingShoutrrr: settingsHook.testingShoutrrr,
testShoutrrrResult: settingsHook.testShoutrrrResult,
loadSettings: settingsHook.loadSettings,
saveSettings: settingsHook.saveSettings,
testEmail: settingsHook.testEmail,
testShoutrrr: settingsHook.testShoutrrr,
// From useDoses
takenDoses: doses.takenDoses,
setTakenDoses: doses.setTakenDoses,
dismissedDoses: doses.dismissedDoses,
clearingMissed: clearingMissedState,
showClearMissedConfirm: doses.showClearMissedConfirm,
setShowClearMissedConfirm: doses.setShowClearMissedConfirm,
getDoseId: doses.getDoseId,
countTakenDoses: doses.countTakenDoses,
markDoseTaken: doses.markDoseTaken,
undoDoseTaken: doses.undoDoseTaken,
dismissMissedDoses,
// From useCollapsedDays
manuallyCollapsedDays: collapsed.manuallyCollapsedDays,
manuallyExpandedDays: collapsed.manuallyExpandedDays,
toggleDayCollapse: collapsed.toggleDayCollapse,
// From useShare
showShareDialog: share.showShareDialog,
sharePeople: share.sharePeople,
shareSelectedPerson: share.shareSelectedPerson,
setShareSelectedPerson: share.setShareSelectedPerson,
shareSelectedDays: share.shareSelectedDays,
setShareSelectedDays: share.setShareSelectedDays,
shareGenerating: share.shareGenerating,
shareLink: share.shareLink,
setShareLink: share.setShareLink,
shareCopied: share.shareCopied,
setShareCopied: share.setShareCopied,
openShareDialog,
generateShareLink: share.generateShareLink,
copyShareLink: share.copyShareLink,
closeShareDialog: share.closeShareDialog,
resetShareDialogState: share.resetShareDialogState,
// From useRefill
showRefillModal: refill.showRefillModal,
setShowRefillModal: refill.setShowRefillModal,
refillPacks: refill.refillPacks,
setRefillPacks: refill.setRefillPacks,
refillLoose: refill.refillLoose,
setRefillLoose: refill.setRefillLoose,
refillSaving: refill.refillSaving,
refillHistory: refill.refillHistory,
refillHistoryExpanded: refill.refillHistoryExpanded,
setRefillHistoryExpanded: refill.setRefillHistoryExpanded,
showEditStockModal: refill.showEditStockModal,
setShowEditStockModal: refill.setShowEditStockModal,
editStockFullBlisters: refill.editStockFullBlisters,
setEditStockFullBlisters: refill.setEditStockFullBlisters,
editStockPartialBlisterPills: refill.editStockPartialBlisterPills,
setEditStockPartialBlisterPills: refill.setEditStockPartialBlisterPills,
editStockSaving: refill.editStockSaving,
loadRefillHistory: refill.loadRefillHistory,
submitRefill: refill.submitRefill,
submitStockCorrection: refill.submitStockCorrection,
openRefillModal: refill.openRefillModal,
closeRefillModal: refill.closeRefillModal,
openEditStockModal: refill.openEditStockModal,
closeEditStockModal: refill.closeEditStockModal,
// Computed values
schedule,
coverage,
coverageByMed,
depletionByMed,
existingPeople,
groupedSchedule,
pastDays,
todayDay,
futureDays,
missedPastDoseIds,
getDayStockStatus,
// Schedule UI state
scheduleDays,
setScheduleDays,
showPastDays,
setShowPastDays,
showFutureDays,
setShowFutureDays,
// Modal state
selectedMed,
setSelectedMed,
showImageLightbox,
setShowImageLightbox,
scheduleLightboxImage,
setScheduleLightboxImage,
selectedUser,
setSelectedUser,
// Modal helpers
openMedDetail,
closeMedDetail,
openImageLightbox,
closeImageLightbox,
openScheduleLightbox,
closeScheduleLightbox,
openUserFilter,
closeUserFilter,
// Export/Import
exporting,
importing,
showExportModal,
setShowExportModal,
showImportConfirm,
setShowImportConfirm,
pendingImportData,
setPendingImportData,
importResult,
setImportResult,
handleExport,
handleImportFileSelect,
handleImportConfirm,
settingsChanged,
}),
[
medications,
settingsHook,
doses,
collapsed,
share,
refill,
schedule,
coverage,
coverageByMed,
depletionByMed,
existingPeople,
groupedSchedule,
pastDays,
todayDay,
futureDays,
missedPastDoseIds,
getDayStockStatus,
scheduleDays,
showPastDays,
showFutureDays,
selectedMed,
showImageLightbox,
scheduleLightboxImage,
selectedUser,
openMedDetail,
closeMedDetail,
openImageLightbox,
closeImageLightbox,
openScheduleLightbox,
closeScheduleLightbox,
openUserFilter,
closeUserFilter,
openShareDialog,
exporting,
importing,
showExportModal,
showImportConfirm,
pendingImportData,
importResult,
handleExport,
handleImportFileSelect,
handleImportConfirm,
settingsChanged,
clearingMissedState,
dismissMissedDoses,
]
);
return <AppContext.Provider value={value}>{children}</AppContext.Provider>;
}
// =============================================================================
// Hook
// =============================================================================
export function useAppContext(): AppContextValue {
const context = useContext(AppContext);
if (!context) {
throw new Error("useAppContext must be used within an AppProvider");
}
return context;
}
frontend/src/context/UnsavedChangesContext.tsx
+73
View File
@@ -0,0 +1,73 @@
import { createContext, type ReactNode, useCallback, useContext, useState } from "react";
import { useTranslation } from "react-i18next";
import { ConfirmModal } from "../components/ConfirmModal";
interface UnsavedChangesContextValue {
/** Whether there are unsaved changes anywhere in the app */
hasUnsavedChanges: boolean;
/** Register that a component has unsaved changes */
setHasUnsavedChanges: (value: boolean) => void;
/** Check and confirm navigation - returns a promise that resolves to true if navigation should proceed */
confirmNavigation: () => Promise<boolean>;
}
const UnsavedChangesContext = createContext<UnsavedChangesContextValue | null>(null);
export function UnsavedChangesProvider({ children }: { children: ReactNode }) {
const { t } = useTranslation();
const [hasUnsavedChanges, setHasUnsavedChanges] = useState(false);
const [showConfirmModal, setShowConfirmModal] = useState(false);
const [pendingResolve, setPendingResolve] = useState<((value: boolean) => void) | null>(null);
const confirmNavigation = useCallback((): Promise<boolean> => {
if (!hasUnsavedChanges) {
return Promise.resolve(true);
}
return new Promise((resolve) => {
setPendingResolve(() => resolve);
setShowConfirmModal(true);
});
}, [hasUnsavedChanges]);
const handleConfirm = useCallback(() => {
setShowConfirmModal(false);
if (pendingResolve) {
pendingResolve(true);
setPendingResolve(null);
}
}, [pendingResolve]);
const handleCancel = useCallback(() => {
setShowConfirmModal(false);
if (pendingResolve) {
pendingResolve(false);
setPendingResolve(null);
}
}, [pendingResolve]);
return (
<UnsavedChangesContext.Provider value={{ hasUnsavedChanges, setHasUnsavedChanges, confirmNavigation }}>
{children}
{showConfirmModal && (
<ConfirmModal
title={t("common.unsavedChanges.title", "Unsaved Changes")}
message={t("common.unsavedChanges.message")}
confirmLabel={t("common.unsavedChanges.leave", "Leave")}
cancelLabel={t("common.unsavedChanges.stay", "Stay")}
onConfirm={handleConfirm}
onCancel={handleCancel}
confirmVariant="danger"
/>
)}
</UnsavedChangesContext.Provider>
);
}
export function useUnsavedChanges() {
const context = useContext(UnsavedChangesContext);
if (!context) {
throw new Error("useUnsavedChanges must be used within UnsavedChangesProvider");
}
return context;
}
frontend/src/context/index.ts
+5
View File
@@ -0,0 +1,5 @@
// Context barrel export
export type { AppContextValue, DayMedEntry, DoseInfo, GroupedDay } from "./AppContext";
export { AppProvider, useAppContext } from "./AppContext";
export { UnsavedChangesProvider, useUnsavedChanges } from "./UnsavedChangesContext";
frontend/src/hooks/index.ts
+20
View File
@@ -0,0 +1,20 @@
// Hooks barrel export
export type { UseCollapsedDaysReturn } from "./useCollapsedDays";
export { useCollapsedDays } from "./useCollapsedDays";
export type { UseDosesReturn } from "./useDoses";
export { useDoses } from "./useDoses";
export type { UseMedicationFormReturn } from "./useMedicationForm";
export { defaultBlister, defaultForm, useMedicationForm } from "./useMedicationForm";
export type { UseMedicationsReturn } from "./useMedications";
export { useMedications } from "./useMedications";
export type { UseRefillReturn } from "./useRefill";
export { useRefill } from "./useRefill";
export type { Settings, UseSettingsReturn } from "./useSettings";
export { useSettings } from "./useSettings";
export type { UseShareReturn } from "./useShare";
export { useShare } from "./useShare";
export type { Theme, UseThemeReturn } from "./useTheme";
export { useTheme } from "./useTheme";
export type { UseUnsavedChangesWarningReturn } from "./useUnsavedChangesWarning";
export { useUnsavedChangesWarning } from "./useUnsavedChangesWarning";
frontend/src/hooks/useCollapsedDays.ts
+67
View File
@@ -0,0 +1,67 @@
// =============================================================================
// useCollapsedDays Hook - Day collapse/expand state management
// =============================================================================
import { useCallback, useEffect, useState } from "react";
import { loadCollapsedDaysFromStorage, userStorageKey } from "../utils/storage";
export interface UseCollapsedDaysReturn {
manuallyCollapsedDays: Set<string>;
manuallyExpandedDays: Set<string>;
toggleDayCollapse: (dateStr: string, isAutoCollapsed: boolean) => void;
}
export function useCollapsedDays(userId: number | undefined): UseCollapsedDaysReturn {
const [manuallyCollapsedDays, setManuallyCollapsedDays] = useState<Set<string>>(new Set());
const [manuallyExpandedDays, setManuallyExpandedDays] = useState<Set<string>>(new Set());
// Load collapsed/expanded state from localStorage when user changes
useEffect(() => {
if (typeof window !== "undefined" && userId) {
const { collapsed, expanded } = loadCollapsedDaysFromStorage(
userStorageKey(userId, "collapsedDays"),
userStorageKey(userId, "expandedDays")
);
setManuallyCollapsedDays(collapsed);
setManuallyExpandedDays(expanded);
}
}, [userId]);
// Toggle day collapse/expand
const toggleDayCollapse = useCallback(
(dateStr: string, isAutoCollapsed: boolean) => {
if (isAutoCollapsed) {
// Day is auto-collapsed (all taken) - toggle the expanded override
setManuallyExpandedDays((prev) => {
const next = new Set(prev);
if (next.has(dateStr)) {
next.delete(dateStr);
} else {
next.add(dateStr);
}
if (userId) localStorage.setItem(userStorageKey(userId, "expandedDays"), JSON.stringify([...next]));
return next;
});
} else {
// Day is not auto-collapsed - toggle manual collapse
setManuallyCollapsedDays((prev) => {
const next = new Set(prev);
if (next.has(dateStr)) {
next.delete(dateStr);
} else {
next.add(dateStr);
}
if (userId) localStorage.setItem(userStorageKey(userId, "collapsedDays"), JSON.stringify([...next]));
return next;
});
}
},
[userId]
);
return {
manuallyCollapsedDays,
manuallyExpandedDays,
toggleDayCollapse,
};
}
frontend/src/hooks/useDoses.ts
+142
View File
@@ -0,0 +1,142 @@
// =============================================================================
// useDoses Hook - Dose tracking state and operations
// =============================================================================
import { useCallback, useEffect, useState } from "react";
export interface UseDosesReturn {
takenDoses: Set<string>;
setTakenDoses: React.Dispatch<React.SetStateAction<Set<string>>>;
dismissedDoses: Set<string>;
showClearMissedConfirm: boolean;
setShowClearMissedConfirm: (show: boolean) => void;
getDoseId: (baseDoseId: string, person: string | null) => string;
countTakenDoses: (doses: Array<{ id: string; takenBy: string[] }>) => { total: number; taken: number };
markDoseTaken: (doseId: string) => Promise<void>;
undoDoseTaken: (doseId: string) => Promise<void>;
loadTakenDoses: () => Promise<void>;
}
export function useDoses(): UseDosesReturn {
const [takenDoses, setTakenDoses] = useState<Set<string>>(new Set());
const [dismissedDoses, setDismissedDoses] = useState<Set<string>>(new Set());
const [showClearMissedConfirm, setShowClearMissedConfirm] = useState(false);
// Load taken doses from server
const loadTakenDoses = useCallback(async () => {
try {
const res = await fetch("/api/doses/taken", { credentials: "include" });
if (res.ok) {
const data = await res.json();
const taken = new Set<string>();
const dismissed = new Set<string>();
for (const d of data.doses) {
if (d.dismissed) {
dismissed.add(d.doseId);
} else {
taken.add(d.doseId);
}
}
setTakenDoses(taken);
setDismissedDoses(dismissed);
}
// Don't reset on error - keep current state
} catch {
// Don't reset on error - keep current state
}
}, []);
// Poll for taken doses from server (works with or without auth)
useEffect(() => {
loadTakenDoses();
// Poll for updates every 5 seconds (real-time sync with share links)
const interval = setInterval(loadTakenDoses, 5000);
return () => clearInterval(interval);
}, [loadTakenDoses]);
// Get dose ID with optional person suffix
const getDoseId = useCallback((baseDoseId: string, person: string | null): string => {
return person ? `${baseDoseId}-${person}` : baseDoseId;
}, []);
// Count taken doses for a day/item
const countTakenDoses = useCallback(
(doses: Array<{ id: string; takenBy: string[] }>): { total: number; taken: number } => {
let total = 0;
let taken = 0;
for (const d of doses) {
const people = (d.takenBy || []).length > 0 ? d.takenBy : [null];
for (const person of people) {
total++;
if (takenDoses.has(getDoseId(d.id, person))) taken++;
}
}
return { total, taken };
},
[takenDoses, getDoseId]
);
const markDoseTaken = useCallback(async (doseId: string) => {
// Optimistic update
setTakenDoses((prev) => {
const next = new Set(prev);
next.add(doseId);
return next;
});
// Send to server
try {
await fetch("/api/doses/taken", {
method: "POST",
headers: { "Content-Type": "application/json" },
credentials: "include",
body: JSON.stringify({ doseId }),
});
} catch {
// Revert on error
setTakenDoses((prev) => {
const next = new Set(prev);
next.delete(doseId);
return next;
});
}
}, []);
const undoDoseTaken = useCallback(async (doseId: string) => {
// Optimistic update
setTakenDoses((prev) => {
const next = new Set(prev);
next.delete(doseId);
return next;
});
// Send to server
try {
await fetch(`/api/doses/taken/${encodeURIComponent(doseId)}`, {
method: "DELETE",
credentials: "include",
});
} catch {
// Revert on error
setTakenDoses((prev) => {
const next = new Set(prev);
next.add(doseId);
return next;
});
}
}, []);
return {
takenDoses,
setTakenDoses,
dismissedDoses,
showClearMissedConfirm,
setShowClearMissedConfirm,
getDoseId,
countTakenDoses,
markDoseTaken,
undoDoseTaken,
loadTakenDoses,
};
}
frontend/src/hooks/useMedicationForm.ts
+244
View File
@@ -0,0 +1,244 @@
import { useCallback, useEffect, useMemo, useState } from "react";
import { useTranslation } from "react-i18next";
import type { FieldErrors, FormBlister, FormState, Medication } from "../types";
import { FIELD_LIMITS } from "../types";
import { toDateValue, toTimeValue } from "../utils/formatters";
export const defaultBlister = (): FormBlister => {
const now = new Date();
return {
usage: "1",
every: "1",
startDate: toDateValue(now),
startTime: toTimeValue(now),
};
};
export const defaultForm = (): FormState => ({
name: "",
genericName: "",
takenBy: [],
packCount: "1",
blistersPerPack: "1",
pillsPerBlister: "1",
looseTablets: "0",
pillWeightMg: "",
expiryDate: "",
notes: "",
intakeRemindersEnabled: false,
blisters: [defaultBlister()],
});
export interface UseMedicationFormReturn {
form: FormState;
setForm: React.Dispatch<React.SetStateAction<FormState>>;
originalForm: FormState;
setOriginalForm: React.Dispatch<React.SetStateAction<FormState>>;
editingId: number | null;
setEditingId: React.Dispatch<React.SetStateAction<number | null>>;
showEditModal: boolean;
setShowEditModal: React.Dispatch<React.SetStateAction<boolean>>;
fieldErrors: FieldErrors;
formSaved: boolean;
setFormSaved: React.Dispatch<React.SetStateAction<boolean>>;
hasValidationErrors: boolean;
formChanged: boolean;
pendingImage: File | null;
setPendingImage: React.Dispatch<React.SetStateAction<File | null>>;
pendingImagePreview: string | null;
setPendingImagePreview: React.Dispatch<React.SetStateAction<string | null>>;
takenByInput: string;
setTakenByInput: React.Dispatch<React.SetStateAction<string>>;
validateField: (field: keyof FieldErrors, value: string | string[]) => string | undefined;
setBlisterValue: (idx: number, field: keyof FormBlister, value: string) => void;
addBlister: () => void;
removeBlister: (idx: number) => void;
startEdit: (med: Medication, openEditModal: () => void) => void;
resetForm: () => void;
handleValueChange: <K extends keyof FormState>(key: K, value: string) => void;
addTakenByPerson: (name: string) => void;
removeTakenByPerson: (name: string) => void;
handleTakenByKeyDown: (e: React.KeyboardEvent<HTMLInputElement>) => void;
}
export function useMedicationForm(): UseMedicationFormReturn {
const { t } = useTranslation();
const [form, setForm] = useState<FormState>(defaultForm());
const [originalForm, setOriginalForm] = useState<FormState>(defaultForm());
const [editingId, setEditingId] = useState<number | null>(null);
const [showEditModal, setShowEditModal] = useState(false);
const [fieldErrors, setFieldErrors] = useState<FieldErrors>({});
const [formSaved, setFormSaved] = useState(false);
const [pendingImage, setPendingImage] = useState<File | null>(null);
const [pendingImagePreview, setPendingImagePreview] = useState<string | null>(null);
const [takenByInput, setTakenByInput] = useState("");
// Validate form fields
const validateField = useCallback(
(field: keyof FieldErrors, value: string | string[]): string | undefined => {
const limits = FIELD_LIMITS[field];
// Skip validation for takenBy array (individual items validated on add)
if (field === "takenBy") return undefined;
const strValue = typeof value === "string" ? value : "";
if (field === "name" && (!strValue || strValue.trim().length === 0)) {
return t("common.validation.required");
}
if ("max" in limits && strValue.length > limits.max) {
return t("common.validation.maxLength", { max: limits.max, current: strValue.length });
}
return undefined;
},
[t]
);
// Check if form has any errors
const hasValidationErrors = useMemo(() => {
return Object.values(fieldErrors).some((error) => error !== undefined);
}, [fieldErrors]);
// Check if form has been modified from original state
const formChanged = useMemo(() => {
return JSON.stringify(form) !== JSON.stringify(originalForm);
}, [form, originalForm]);
// Reset formSaved when form changes
useEffect(() => {
if (formChanged) {
setFormSaved(false);
}
}, [formChanged]);
// Validate all fields when form changes
useEffect(() => {
const errors: FieldErrors = {};
(["name", "genericName", "notes"] as const).forEach((f) => {
const error = validateField(f, form[f]);
if (error) errors[f] = error;
});
setFieldErrors(errors);
}, [form.name, form.genericName, form.notes, validateField]);
const setBlisterValue = useCallback((idx: number, field: keyof FormBlister, value: string) => {
setForm((prev) => {
const next = [...prev.blisters];
next[idx] = { ...next[idx], [field]: value };
return { ...prev, blisters: next };
});
}, []);
const addBlister = useCallback(() => {
setForm((prev) => ({ ...prev, blisters: [...prev.blisters, defaultBlister()] }));
}, []);
const removeBlister = useCallback((idx: number) => {
setForm((prev) => ({ ...prev, blisters: prev.blisters.filter((_, i) => i !== idx) }));
}, []);
const startEdit = useCallback((med: Medication, openEditModal: () => void) => {
setEditingId(med.id);
setTakenByInput(""); // Clear tag input when starting edit
setFormSaved(true); // Existing medication is already saved
const editForm: FormState = {
name: med.name,
genericName: med.genericName ?? "",
takenBy: med.takenBy || [], // Already an array from API
packCount: String(med.packCount),
blistersPerPack: String(med.blistersPerPack),
pillsPerBlister: String(med.pillsPerBlister),
looseTablets: String(med.looseTablets),
pillWeightMg: med.pillWeightMg ? String(med.pillWeightMg) : "",
expiryDate: med.expiryDate ? med.expiryDate.slice(0, 10) : "",
notes: med.notes ?? "",
intakeRemindersEnabled: med.intakeRemindersEnabled ?? false,
blisters: med.blisters.map((s) => ({
usage: String(s.usage),
every: String(s.every),
startDate: toDateValue(s.start),
startTime: toTimeValue(s.start),
})),
};
setForm(editForm);
setOriginalForm(editForm);
// Show modal on mobile
if (window.innerWidth <= 768) {
openEditModal();
}
}, []);
const resetForm = useCallback(() => {
setEditingId(null);
setShowEditModal(false);
setPendingImage(null);
setPendingImagePreview(null);
setTakenByInput("");
setFormSaved(false);
const newForm = defaultForm();
setForm(newForm);
setOriginalForm(newForm);
}, []);
const handleValueChange = useCallback(<K extends keyof FormState>(key: K, value: string) => {
setForm((prev) => ({ ...prev, [key]: value }));
}, []);
// Tag input helpers for "Taken By" field
const addTakenByPerson = useCallback(
(name: string) => {
const trimmed = name.trim();
if (trimmed && trimmed.length <= FIELD_LIMITS.takenBy.max && !form.takenBy.includes(trimmed)) {
setForm((prev) => ({ ...prev, takenBy: [...prev.takenBy, trimmed] }));
}
setTakenByInput("");
},
[form.takenBy]
);
const removeTakenByPerson = useCallback((name: string) => {
setForm((prev) => ({ ...prev, takenBy: prev.takenBy.filter((p) => p !== name) }));
}, []);
const handleTakenByKeyDown = useCallback(
(e: React.KeyboardEvent<HTMLInputElement>) => {
if (e.key === "Enter" || e.key === ",") {
e.preventDefault();
addTakenByPerson(takenByInput);
} else if (e.key === "Backspace" && !takenByInput && form.takenBy.length > 0) {
// Remove last tag on backspace when input is empty
removeTakenByPerson(form.takenBy[form.takenBy.length - 1]);
}
},
[takenByInput, form.takenBy, addTakenByPerson, removeTakenByPerson]
);
return {
form,
setForm,
originalForm,
setOriginalForm,
editingId,
setEditingId,
showEditModal,
setShowEditModal,
fieldErrors,
formSaved,
setFormSaved,
hasValidationErrors,
formChanged,
pendingImage,
setPendingImage,
pendingImagePreview,
setPendingImagePreview,
takenByInput,
setTakenByInput,
validateField,
setBlisterValue,
addBlister,
removeBlister,
startEdit,
resetForm,
handleValueChange,
addTakenByPerson,
removeTakenByPerson,
handleTakenByKeyDown,
};
}
frontend/src/hooks/useMedications.ts
+83
View File
@@ -0,0 +1,83 @@
import { useCallback, useState } from "react";
import type { Medication } from "../types";
export interface UseMedicationsReturn {
meds: Medication[];
setMeds: React.Dispatch<React.SetStateAction<Medication[]>>;
loading: boolean;
saving: boolean;
setSaving: React.Dispatch<React.SetStateAction<boolean>>;
uploadingImage: boolean;
loadMeds: () => void;
deleteMed: (id: number, editingId: number | null, resetForm: () => void) => Promise<void>;
uploadMedImage: (medId: number, file: File) => Promise<void>;
deleteMedImage: (medId: number) => Promise<void>;
}
export function useMedications(): UseMedicationsReturn {
const [meds, setMeds] = useState<Medication[]>([]);
const [loading, setLoading] = useState(false);
const [saving, setSaving] = useState(false);
const [uploadingImage, setUploadingImage] = useState(false);
const loadMeds = useCallback(() => {
setLoading(true);
fetch("/api/medications")
.then((res) => res.json())
.then((data) => setMeds(Array.isArray(data) ? data : []))
.catch(() => setMeds([]))
.finally(() => setLoading(false));
}, []);
const deleteMed = useCallback(
async (id: number, editingId: number | null, resetForm: () => void) => {
await fetch(`/api/medications/${id}`, { method: "DELETE" }).catch(() => null);
if (editingId === id) resetForm();
loadMeds();
},
[loadMeds]
);
const uploadMedImage = useCallback(
async (medId: number, file: File) => {
setUploadingImage(true);
const formData = new FormData();
formData.append("file", file);
try {
const res = await fetch(`/api/medications/${medId}/image`, {
method: "POST",
body: formData,
});
if (res.ok) {
loadMeds();
}
} catch {
// ignore
}
setUploadingImage(false);
},
[loadMeds]
);
const deleteMedImage = useCallback(
async (medId: number) => {
await fetch(`/api/medications/${medId}/image`, { method: "DELETE" }).catch(() => null);
loadMeds();
},
[loadMeds]
);
return {
meds,
setMeds,
loading,
saving,
setSaving,
uploadingImage,
loadMeds,
deleteMed,
uploadMedImage,
deleteMedImage,
};
}

Some files were not shown because too many files have changed in this diff Show More