chatRedux/backend/app.js

const express = require('express');
const app = express()
const cors = require("cors");
const http = require('http'); //create new http
const mongoose = require('mongoose');
const socket = require("socket.io");
const User = require('./db/models/User');
const Message = require('./db/models/Message');
const jwt = require('jsonwebtoken');
const bcrypt = require('bcrypt');
require('dotenv').config(); // add dotnv for config
const Uuid = require('uuid'); //lib for unic id generate
const fileupload = require('express-fileupload');
const fs = require('fs');



const server = http.createServer(app);
app.use(cors());
app.use(express.json());
app.use(fileupload())
app.use(express.static('avatars')); //folder for static files

const io = require("socket.io")(server, {
    cors: {
        origin: "http://localhost:3000" //client endpoint and port
    }
});

const PORT = process.env.PORT || 5000;
const TOKEN_KEY = process.env.TOKEN_KEY || 'rGH4r@3DKOg06hgj'; 
const HASH_KEY = 7;
const STATIC_PATH = process.env. STATIC_PATH || 'avatars';


const generateToken = (id, userName, isAdmin) => {
    const payload = {
        id,
        userName,
        isAdmin
    }
    return jwt.sign(payload, TOKEN_KEY);
}

const isValidUserName = (userName) => {
    const nameRegex = /[^A-Za-z0-9]/ ;
    return (!nameRegex.test(userName) && userName.trim().length > 2);
}

const getAllDbUsers = async (socket) => {
    const usersDb = await User.find({})
    socket.emit('allDbUsers', usersDb) 
}

const getOneUser = async (userName) => {
    const userInDb = await User.findOne({userName});
    return userInDb;
}
app.post('/login', async (req, res) => {
    try {
        const {userName,password} = req.body;
        if (!isValidUserName(userName)){
            return res.status(400).json({message: 'Invalid username'})
        }
        const dbUser = await getOneUser(userName)

        if (dbUser?.isBanned){
            return res.status(401).json({message: 'Your account has been banned!!!'})
        }
        const hashPassword = await bcrypt.hash(password, HASH_KEY);
        if (!dbUser) {
            const user = new User({
                userName,
                hashPassword,
                isAdmin: !await User.count().exec(),
                isBanned: false,
                isMutted: false, 
                avatar: '',
                messages: []
            });

            await user.save()

            return res.json({
                token: generateToken(user.id, user.userName, user.isAdmin)

            });
        }

        if (dbUser && !bcrypt.compareSync(password, dbUser.hashPassword)){
            return res.status(400).json({message: 'Invalid credantials'})
        }
        res.json({
            token:  generateToken(dbUser.id, dbUser.userName, dbUser.isAdmin),
        })
        

    } catch (e) {
        console.log(e);
        res.status(500).json({message: `Error ${e}`});
    }
})

app.post('/avatar', async (req, res) =>  {
    if (!req.files || Object.keys(req.files).length === 0) {
        return res.status(400).json('No files were uploaded.');
      }
    try {
        const file = req.files.file;
        const user = jwt.verify(req.body.token, TOKEN_KEY);
        const avatarFileName = Uuid.v4() + '.jpeg';
        file.mv(STATIC_PATH + '\/' + avatarFileName)
        const userFromDb = await getOneUser(user.userName);
        if(userFromDb.avatar){
            const oldAvatar = userFromDb.avatar;
            fs.unlinkSync(STATIC_PATH + '\/' + oldAvatar)
        }
        await User.findOneAndUpdate({userName: user.userName},{ $set: {'avatar': avatarFileName}},   {
            new: true
          });
        return res.json({ message:'Avatar was uploud succesfully...', avatarUrl: avatarFileName})
        
    } catch (error) {
        res.status(500).json({message: `Error uppload file to serverp: ${error}`});
    }
})

app.post('/files', async (req, res) =>  {
    if (!req.files || Object.keys(req.files).length === 0) {
        return res.status(400).json('No files were uploaded.');
    }  
    
    const user = jwt.verify(req.body.token, TOKEN_KEY);
    const oneUser = await getOneUser(user.userName);
    if(oneUser.isMutted){  
        return;
     }
    const files = req.files.files;
    if (files.length) {
        for (let i = 0; i < files.length; i++) {
        let file = files[i]
        file.mv(STATIC_PATH + '\/files/' + file.name) 

        const message = new Message({
            text: 'data.message',
            userName: user.userName,
            createDate: Date.now(),
            user: oneUser.id, //add link to other collection by id
            file: file.name
        });

        try {
            await message.save();
            if(!oneUser.messages){
                await oneUser.update({ $set: {'messages': []}});
            }
            await oneUser.messages.push(message)
            await oneUser.save()
        } 
        catch (error) {
            console.log('Message save to db error', error);   
        }
        const newMessages = await message.populate( {path:'user'})   
        io.emit('newmessage', newMessages);        

   }}     
    else {
            files.mv(STATIC_PATH + '\/files/' + files.name);      //for one file       
            const message = new Message({
                text: 'File sent',
                userName: user.userName,
                createDate: Date.now(),
                user: oneUser.id, //add link to other collection by id
                file: files.name
            });
    
            try {
                await message.save();
                if(!oneUser.messages){
                    await oneUser.update({ $set: {'messages': []}});
                }
                await oneUser.messages.push(message)
                await oneUser.save()
            } 
            catch (error) {
                console.log('Message save to db error', error);   
            }
            const newMessages = await message.populate( {path:'user'})   
            console.log(newMessages)
            io.emit('newmessage', newMessages); 
    } 

    return res.json({ message:'File was uploud succesfully...'})
  })



io.use( async (socket, next) => {
    const token = socket.handshake.auth.token; 
    const sockets = await io.fetchSockets();
   
    if(!token) {
        console.log('socket')
        socket.disconnect();
        return;
    }

    const usersOnline = [];
    sockets.map((sock) => {
        usersOnline.push(sock.user);
    }) 


   
    try {
        const user = jwt.verify(token, TOKEN_KEY);
        const userName = user.userName;
        const dbUser = await getOneUser(userName);

        if(dbUser.isBanned){
            socket.disconnect();
            return;
        }
        socket.user = user;
        const exist = sockets.find((current) => current.user.userName == socket.user.userName)

        if(exist) {  //&& !user.isAdmin  - add for two or more admins 
            console.log(exist.userName, 'exist twice entering...')   
            exist.disconnect(); 
        } 
    } catch(e) {
        console.log(e);
        socket.disconnect();
    }
    next();
});

io.on("connection", async (socket) => {
    const userName = socket.user.userName;
    const sockets = await io.fetchSockets();
    const dbUser = await getOneUser(userName);


    io.emit('usersOnline', sockets.map(sock => sock.user)); // send array online users  

    socket.emit('connected', dbUser); //socket.user
  
    if(socket.user.isAdmin){
         getAllDbUsers(socket); 
    }//sent all users from db to admin

    const messagesToShow = await Message.find({}).sort({ 'createDate': -1 }).limit(20).populate( {path:'user'});   
    socket.emit('allmessages', messagesToShow.reverse());
    socket.on("message", async (data) => {
        const dateNow = Date.now(); // for correct working latest post 
        const post = await Message.findOne({userName}).sort({ 'createDate': -1 })
        const oneUser = await getOneUser(userName);
        if(oneUser.isMutted){  //(oneUser.isMutted || !post)
            return;
        }

        if(((Date.now() - Date.parse(post?.createDate)) < 1500)){
            console.log((Date.now() - Date.parse(post?.createDate)))// can use to show timer near by button
            return;
        }

        // if(!oneUser.isMutted && post){
        // if(((Date.now() - Date.parse(post.createDate)) > 150)){//change later 15000  
        
        const message = new Message({
                text: data.message,
                userName: userName,
                createDate: Date.now(),
                user: oneUser.id, //add link to other collection by id
            });
            try {
                await message.save();
                if(!oneUser.messages){
                    await oneUser.update({ $set: {'messages': []}});
                }
                await oneUser.messages.push(message)
                await oneUser.save()
            } catch (error) {
                console.log('Message save to db error', error);   
            }
            const newMessages = await message.populate( {path:'user'})   
            io.emit('newmessage', newMessages);        
            // }
        // } 
    });
    
    try {
        socket.on("disconnect", async () => {
            const sockets = await io.fetchSockets();
            io.emit('usersOnline', sockets.map(sock => sock.user));
            console.log(`user :${socket.user.userName} , disconnected to socket`); 
        });
            console.log(`user :${socket.user.userName} , connected to socket`); 
        socket.on("muteUser",async (data) => {
            if(!socket.user.isAdmin){
                return;
            }
                // if(socket.user.isAdmin){
                    const {user, prevStatus} = data;
                    const sockets = await io.fetchSockets();
                    const mute = await User.updateOne({userName : user}, {$set: {isMutted :!prevStatus}});
                    getAllDbUsers(socket);
                    const exist = sockets.find( current => current.user.userName == user)
                    const dbUser = await getOneUser(user);
                    
                    if(exist){
                        exist.emit('connected', dbUser);   
                    } 
                // }
           });
    
        socket.on("banUser",async (data) => {
            if(!socket.user.isAdmin){
                return;
            }

            // if(socket.user.isAdmin) { 
                const {user, prevStatus} = data;
                const sockets = await io.fetchSockets();
                const ban = await User.updateOne({userName : user}, {$set: {isBanned:!prevStatus}});
                getAllDbUsers(socket)
                const exist = sockets.find( current => current.user.userName == user)
                
                if(exist){
                    exist.emit('ban', "dbUser")
                    exist.disconnect();  
                }
            // }
           });

           socket.on('userWriting', async () => {
                let isTyping = true;
                io.emit('writing', {userName, isTyping})
           })
    } catch (e) {
        console.log(e);
    }
});


//server and database start
const start = async () => {
    try {
        await mongoose.connect('mongodb://localhost:27017/chat')
            .then(() => console.log(`DB started`))
        server.listen(PORT, () => {
            console.log(`Server started. Port: ${PORT}`);
        })
    } catch (e) {
        console.log(e);
    }
}

start();