BillTracker/routes/notifications.js

const express = require('express');
const router  = express.Router();
const { getDb, getSetting, setSetting } = require('../db/database');
const { requireAuth, requireUser, requireAdmin } = require('../middleware/requireAuth');
const { sendTestEmail } = require('../services/notificationService');

// ── Admin: SMTP configuration ─────────────────────────────────────────────────

// GET /api/notifications/admin — read all SMTP settings (password masked)
router.get('/admin', requireAuth, requireAdmin, (req, res) => {
  const keys = [
    'notify_smtp_enabled', 'notify_sender_name', 'notify_sender_address',
    'notify_smtp_host', 'notify_smtp_port', 'notify_smtp_encryption',
    'notify_smtp_self_signed', 'notify_smtp_username', 'notify_smtp_password',
    'notify_allow_user_config', 'notify_global_recipient',
  ];
  const settings = {};
  for (const k of keys) settings[k] = getSetting(k) || '';
  // Mask password in response
  if (settings.notify_smtp_password) settings.notify_smtp_password = '••••••••';
  res.json(settings);
});

// PUT /api/notifications/admin — save SMTP settings
router.put('/admin', requireAuth, requireAdmin, (req, res) => {
  const allowed = [
    'notify_smtp_enabled', 'notify_sender_name', 'notify_sender_address',
    'notify_smtp_host', 'notify_smtp_port', 'notify_smtp_encryption',
    'notify_smtp_self_signed', 'notify_smtp_username',
    'notify_allow_user_config', 'notify_global_recipient',
  ];
  for (const key of allowed) {
    if (req.body[key] !== undefined) setSetting(key, req.body[key]);
  }
  // Only update password if a real value was sent (not the masked placeholder)
  if (req.body.notify_smtp_password && !req.body.notify_smtp_password.startsWith('•')) {
    setSetting('notify_smtp_password', req.body.notify_smtp_password);
  }
  res.json({ success: true });
});

// POST /api/notifications/test — send a test email
router.post('/test', requireAuth, requireAdmin, async (req, res) => {
  const { to } = req.body;
  if (!to) return res.status(400).json({ error: 'Recipient address required' });
  try {
    await sendTestEmail(to);
    res.json({ success: true });
  } catch (err) {
    res.status(500).json({ error: err.message });
  }
});

// ── User: notification preferences ───────────────────────────────────────────

// GET /api/notifications/me — user prefs + whether admin has enabled it
router.get('/me', requireAuth, requireUser, (req, res) => {
  const db   = getDb();
  const user = db.prepare(`
    SELECT notification_email, notifications_enabled,
           notify_3d, notify_1d, notify_due, notify_overdue
    FROM users WHERE id = ?
  `).get(req.user.id);

  res.json({
    smtp_enabled:        getSetting('notify_smtp_enabled') === 'true',
    allow_user_config:   getSetting('notify_allow_user_config') === 'true',
    notification_email:  user.notification_email  || '',
    notifications_enabled: !!user.notifications_enabled,
    notify_3d:           !!user.notify_3d,
    notify_1d:           !!user.notify_1d,
    notify_due:          !!user.notify_due,
    notify_overdue:      !!user.notify_overdue,
  });
});

// PUT /api/notifications/me — save user prefs
router.put('/me', requireAuth, requireUser, (req, res) => {
  const db = getDb();
  const {
    notification_email, notifications_enabled,
    notify_3d, notify_1d, notify_due, notify_overdue,
  } = req.body;

  db.prepare(`
    UPDATE users SET
      notification_email    = ?,
      notifications_enabled = ?,
      notify_3d             = ?,
      notify_1d             = ?,
      notify_due            = ?,
      notify_overdue        = ?,
      updated_at            = datetime('now')
    WHERE id = ?
  `).run(
    notification_email   || null,
    notifications_enabled ? 1 : 0,
    notify_3d   !== false ? 1 : 0,
    notify_1d   !== false ? 1 : 0,
    notify_due  !== false ? 1 : 0,
    notify_overdue !== false ? 1 : 0,
    req.user.id,
  );

  res.json({ success: true });
});

module.exports = router;
initial commit 2026-05-03 19:51:57 -05:00			`const express = require('express');`
			`const router = express.Router();`
			`const { getDb, getSetting, setSetting } = require('../db/database');`
			`const { requireAuth, requireUser, requireAdmin } = require('../middleware/requireAuth');`
			`const { sendTestEmail } = require('../services/notificationService');`

			`// ── Admin: SMTP configuration ─────────────────────────────────────────────────`

			`// GET /api/notifications/admin — read all SMTP settings (password masked)`
			`router.get('/admin', requireAuth, requireAdmin, (req, res) => {`
			`const keys = [`
			`'notify_smtp_enabled', 'notify_sender_name', 'notify_sender_address',`
			`'notify_smtp_host', 'notify_smtp_port', 'notify_smtp_encryption',`
			`'notify_smtp_self_signed', 'notify_smtp_username', 'notify_smtp_password',`
			`'notify_allow_user_config', 'notify_global_recipient',`
			`];`
			`const settings = {};`
			`for (const k of keys) settings[k] = getSetting(k) \|\| '';`
			`// Mask password in response`
			`if (settings.notify_smtp_password) settings.notify_smtp_password = '••••••••';`
			`res.json(settings);`
			`});`

			`// PUT /api/notifications/admin — save SMTP settings`
			`router.put('/admin', requireAuth, requireAdmin, (req, res) => {`
			`const allowed = [`
			`'notify_smtp_enabled', 'notify_sender_name', 'notify_sender_address',`
			`'notify_smtp_host', 'notify_smtp_port', 'notify_smtp_encryption',`
			`'notify_smtp_self_signed', 'notify_smtp_username',`
			`'notify_allow_user_config', 'notify_global_recipient',`
			`];`
			`for (const key of allowed) {`
			`if (req.body[key] !== undefined) setSetting(key, req.body[key]);`
			`}`
			`// Only update password if a real value was sent (not the masked placeholder)`
			`if (req.body.notify_smtp_password && !req.body.notify_smtp_password.startsWith('•')) {`
			`setSetting('notify_smtp_password', req.body.notify_smtp_password);`
			`}`
			`res.json({ success: true });`
			`});`

			`// POST /api/notifications/test — send a test email`
			`router.post('/test', requireAuth, requireAdmin, async (req, res) => {`
			`const { to } = req.body;`
			`if (!to) return res.status(400).json({ error: 'Recipient address required' });`
			`try {`
			`await sendTestEmail(to);`
			`res.json({ success: true });`
			`} catch (err) {`
			`res.status(500).json({ error: err.message });`
			`}`
			`});`

			`// ── User: notification preferences ───────────────────────────────────────────`

			`// GET /api/notifications/me — user prefs + whether admin has enabled it`
			`router.get('/me', requireAuth, requireUser, (req, res) => {`
			`const db = getDb();`
			const user = db.prepare(`
			`SELECT notification_email, notifications_enabled,`
			`notify_3d, notify_1d, notify_due, notify_overdue`
			`FROM users WHERE id = ?`
			`).get(req.user.id);

			`res.json({`
			`smtp_enabled: getSetting('notify_smtp_enabled') === 'true',`
			`allow_user_config: getSetting('notify_allow_user_config') === 'true',`
			`notification_email: user.notification_email \|\| '',`
			`notifications_enabled: !!user.notifications_enabled,`
			`notify_3d: !!user.notify_3d,`
			`notify_1d: !!user.notify_1d,`
			`notify_due: !!user.notify_due,`
			`notify_overdue: !!user.notify_overdue,`
			`});`
			`});`

			`// PUT /api/notifications/me — save user prefs`
			`router.put('/me', requireAuth, requireUser, (req, res) => {`
			`const db = getDb();`
			`const {`
			`notification_email, notifications_enabled,`
			`notify_3d, notify_1d, notify_due, notify_overdue,`
			`} = req.body;`

			db.prepare(`
			`UPDATE users SET`
			`notification_email = ?,`
			`notifications_enabled = ?,`
			`notify_3d = ?,`
			`notify_1d = ?,`
			`notify_due = ?,`
			`notify_overdue = ?,`
			`updated_at = datetime('now')`
			`WHERE id = ?`
			`).run(
			`notification_email \|\| null,`
			`notifications_enabled ? 1 : 0,`
			`notify_3d !== false ? 1 : 0,`
			`notify_1d !== false ? 1 : 0,`
			`notify_due !== false ? 1 : 0,`
			`notify_overdue !== false ? 1 : 0,`
			`req.user.id,`
			`);`

			`res.json({ success: true });`
			`});`

			`module.exports = router;`