const express = require("express"); const { query } = require("../config/database"); const { requireAuth } = require("../middleware/auth"); const router = express.Router(); // Dashboard stats API router.get("/dashboard/stats", requireAuth, async (req, res) => { try { const productsCount = await query("SELECT COUNT(*) FROM products"); const projectsCount = await query("SELECT COUNT(*) FROM portfolioprojects"); const blogCount = await query("SELECT COUNT(*) FROM blogposts"); const pagesCount = await query("SELECT COUNT(*) FROM pages"); res.json({ success: true, stats: { products: parseInt(productsCount.rows[0].count), projects: parseInt(projectsCount.rows[0].count), blog: parseInt(blogCount.rows[0].count), pages: parseInt(pagesCount.rows[0].count), }, user: { name: req.session.name, email: req.session.email, role: req.session.role, }, }); } catch (error) { console.error("Dashboard error:", error); res.status(500).json({ success: false, message: "Server error" }); } }); // Products API router.get("/products", requireAuth, async (req, res) => { try { const result = await query( "SELECT id, name, price, stockquantity, isactive, createdat FROM products ORDER BY createdat DESC" ); res.json({ success: true, products: result.rows, }); } catch (error) { console.error("Products error:", error); res.status(500).json({ success: false, message: "Server error" }); } }); // Portfolio Projects API router.get("/portfolio/projects", requireAuth, async (req, res) => { try { const result = await query( "SELECT id, title, description, imageurl, categoryid, createdat FROM portfolioprojects ORDER BY createdat DESC" ); res.json({ success: true, projects: result.rows, }); } catch (error) { console.error("Portfolio error:", error); res.status(500).json({ success: false, message: "Server error" }); } }); // Blog Posts API router.get("/blog", requireAuth, async (req, res) => { try { const result = await query( "SELECT id, title, slug, excerpt, ispublished, createdat FROM blogposts ORDER BY createdat DESC" ); res.json({ success: true, posts: result.rows, }); } catch (error) { console.error("Blog error:", error); res.status(500).json({ success: false, message: "Server error" }); } }); // Pages API router.get("/pages", requireAuth, async (req, res) => { try { const result = await query( "SELECT id, title, slug, ispublished, createdat FROM pages ORDER BY createdat DESC" ); res.json({ success: true, pages: result.rows, }); } catch (error) { console.error("Pages error:", error); res.status(500).json({ success: false, message: "Server error" }); } }); // Get single product router.get("/products/:id", requireAuth, async (req, res) => { try { const result = await query("SELECT * FROM products WHERE id = $1", [ req.params.id, ]); if (result.rows.length === 0) { return res .status(404) .json({ success: false, message: "Product not found" }); } res.json({ success: true, product: result.rows[0], }); } catch (error) { console.error("Product error:", error); res.status(500).json({ success: false, message: "Server error" }); } }); // Create product router.post("/products", requireAuth, async (req, res) => { try { const { name, description, price, stockquantity, category, isactive, isbestseller, } = req.body; const result = await query( `INSERT INTO products (name, description, price, stockquantity, category, isactive, isbestseller, createdat) VALUES ($1, $2, $3, $4, $5, $6, $7, NOW()) RETURNING *`, [ name, description, price, stockquantity || 0, category, isactive !== false, isbestseller || false, ] ); res.json({ success: true, product: result.rows[0], message: "Product created successfully", }); } catch (error) { console.error("Create product error:", error); res.status(500).json({ success: false, message: "Server error" }); } }); // Update product router.put("/products/:id", requireAuth, async (req, res) => { try { const { name, description, price, stockquantity, category, isactive, isbestseller, } = req.body; const result = await query( `UPDATE products SET name = $1, description = $2, price = $3, stockquantity = $4, category = $5, isactive = $6, isbestseller = $7, updatedat = NOW() WHERE id = $8 RETURNING *`, [ name, description, price, stockquantity || 0, category, isactive !== false, isbestseller || false, req.params.id, ] ); if (result.rows.length === 0) { return res .status(404) .json({ success: false, message: "Product not found" }); } res.json({ success: true, product: result.rows[0], message: "Product updated successfully", }); } catch (error) { console.error("Update product error:", error); res.status(500).json({ success: false, message: "Server error" }); } }); // Delete product router.delete("/products/:id", requireAuth, async (req, res) => { try { const result = await query( "DELETE FROM products WHERE id = $1 RETURNING id", [req.params.id] ); if (result.rows.length === 0) { return res .status(404) .json({ success: false, message: "Product not found" }); } res.json({ success: true, message: "Product deleted successfully", }); } catch (error) { console.error("Delete product error:", error); res.status(500).json({ success: false, message: "Server error" }); } }); // Portfolio Project CRUD router.get("/portfolio/projects/:id", requireAuth, async (req, res) => { try { const result = await query( "SELECT * FROM portfolioprojects WHERE id = $1", [req.params.id] ); if (result.rows.length === 0) { return res .status(404) .json({ success: false, message: "Project not found" }); } res.json({ success: true, project: result.rows[0] }); } catch (error) { console.error("Portfolio project error:", error); res.status(500).json({ success: false, message: "Server error" }); } }); router.post("/portfolio/projects", requireAuth, async (req, res) => { try { const { title, description, category, isactive } = req.body; const result = await query( `INSERT INTO portfolioprojects (title, description, category, isactive, createdat) VALUES ($1, $2, $3, $4, NOW()) RETURNING *`, [title, description, category, isactive !== false] ); res.json({ success: true, project: result.rows[0], message: "Project created successfully", }); } catch (error) { console.error("Create portfolio project error:", error); res.status(500).json({ success: false, message: "Server error" }); } }); router.put("/portfolio/projects/:id", requireAuth, async (req, res) => { try { const { title, description, category, isactive } = req.body; const result = await query( `UPDATE portfolioprojects SET title = $1, description = $2, category = $3, isactive = $4, updatedat = NOW() WHERE id = $5 RETURNING *`, [title, description, category, isactive !== false, req.params.id] ); if (result.rows.length === 0) { return res .status(404) .json({ success: false, message: "Project not found" }); } res.json({ success: true, project: result.rows[0], message: "Project updated successfully", }); } catch (error) { console.error("Update portfolio project error:", error); res.status(500).json({ success: false, message: "Server error" }); } }); router.delete("/portfolio/projects/:id", requireAuth, async (req, res) => { try { const result = await query( "DELETE FROM portfolioprojects WHERE id = $1 RETURNING id", [req.params.id] ); if (result.rows.length === 0) { return res .status(404) .json({ success: false, message: "Project not found" }); } res.json({ success: true, message: "Project deleted successfully" }); } catch (error) { console.error("Delete portfolio project error:", error); res.status(500).json({ success: false, message: "Server error" }); } }); // Blog Post CRUD router.get("/blog/:id", requireAuth, async (req, res) => { try { const result = await query("SELECT * FROM blogposts WHERE id = $1", [ req.params.id, ]); if (result.rows.length === 0) { return res .status(404) .json({ success: false, message: "Blog post not found" }); } res.json({ success: true, post: result.rows[0] }); } catch (error) { console.error("Blog post error:", error); res.status(500).json({ success: false, message: "Server error" }); } }); router.post("/blog", requireAuth, async (req, res) => { try { const { title, slug, excerpt, content, metatitle, metadescription, ispublished, } = req.body; const result = await query( `INSERT INTO blogposts (title, slug, excerpt, content, metatitle, metadescription, ispublished, createdat) VALUES ($1, $2, $3, $4, $5, $6, $7, NOW()) RETURNING *`, [ title, slug, excerpt, content, metatitle, metadescription, ispublished || false, ] ); res.json({ success: true, post: result.rows[0], message: "Blog post created successfully", }); } catch (error) { console.error("Create blog post error:", error); res.status(500).json({ success: false, message: "Server error" }); } }); router.put("/blog/:id", requireAuth, async (req, res) => { try { const { title, slug, excerpt, content, metatitle, metadescription, ispublished, } = req.body; const result = await query( `UPDATE blogposts SET title = $1, slug = $2, excerpt = $3, content = $4, metatitle = $5, metadescription = $6, ispublished = $7, updatedat = NOW() WHERE id = $8 RETURNING *`, [ title, slug, excerpt, content, metatitle, metadescription, ispublished || false, req.params.id, ] ); if (result.rows.length === 0) { return res .status(404) .json({ success: false, message: "Blog post not found" }); } res.json({ success: true, post: result.rows[0], message: "Blog post updated successfully", }); } catch (error) { console.error("Update blog post error:", error); res.status(500).json({ success: false, message: "Server error" }); } }); router.delete("/blog/:id", requireAuth, async (req, res) => { try { const result = await query( "DELETE FROM blogposts WHERE id = $1 RETURNING id", [req.params.id] ); if (result.rows.length === 0) { return res .status(404) .json({ success: false, message: "Blog post not found" }); } res.json({ success: true, message: "Blog post deleted successfully" }); } catch (error) { console.error("Delete blog post error:", error); res.status(500).json({ success: false, message: "Server error" }); } }); // Custom Pages CRUD router.get("/pages/:id", requireAuth, async (req, res) => { try { const result = await query("SELECT * FROM pages WHERE id = $1", [ req.params.id, ]); if (result.rows.length === 0) { return res .status(404) .json({ success: false, message: "Page not found" }); } res.json({ success: true, page: result.rows[0] }); } catch (error) { console.error("Page error:", error); res.status(500).json({ success: false, message: "Server error" }); } }); router.post("/pages", requireAuth, async (req, res) => { try { const { title, slug, content, metatitle, metadescription, ispublished } = req.body; const result = await query( `INSERT INTO pages (title, slug, content, metatitle, metadescription, ispublished, createdat) VALUES ($1, $2, $3, $4, $5, $6, NOW()) RETURNING *`, [title, slug, content, metatitle, metadescription, ispublished !== false] ); res.json({ success: true, page: result.rows[0], message: "Page created successfully", }); } catch (error) { console.error("Create page error:", error); res.status(500).json({ success: false, message: "Server error" }); } }); router.put("/pages/:id", requireAuth, async (req, res) => { try { const { title, slug, content, metatitle, metadescription, ispublished } = req.body; const result = await query( `UPDATE pages SET title = $1, slug = $2, content = $3, metatitle = $4, metadescription = $5, ispublished = $6, updatedat = NOW() WHERE id = $7 RETURNING *`, [ title, slug, content, metatitle, metadescription, ispublished !== false, req.params.id, ] ); if (result.rows.length === 0) { return res .status(404) .json({ success: false, message: "Page not found" }); } res.json({ success: true, page: result.rows[0], message: "Page updated successfully", }); } catch (error) { console.error("Update page error:", error); res.status(500).json({ success: false, message: "Server error" }); } }); router.delete("/pages/:id", requireAuth, async (req, res) => { try { const result = await query("DELETE FROM pages WHERE id = $1 RETURNING id", [ req.params.id, ]); if (result.rows.length === 0) { return res .status(404) .json({ success: false, message: "Page not found" }); } res.json({ success: true, message: "Page deleted successfully" }); } catch (error) { console.error("Delete page error:", error); res.status(500).json({ success: false, message: "Server error" }); } }); // Homepage Settings router.get("/homepage/settings", requireAuth, async (req, res) => { try { const result = await query( "SELECT settings FROM site_settings WHERE key = 'homepage'" ); const settings = result.rows.length > 0 ? result.rows[0].settings : {}; res.json({ success: true, settings }); } catch (error) { console.error("Homepage settings error:", error); res.json({ success: true, settings: {} }); } }); router.post("/homepage/settings", requireAuth, async (req, res) => { try { const settings = req.body; await query( `INSERT INTO site_settings (key, settings, updatedat) VALUES ('homepage', $1, NOW()) ON CONFLICT (key) DO UPDATE SET settings = $1, updatedat = NOW()`, [JSON.stringify(settings)] ); res.json({ success: true, message: "Homepage settings saved successfully", }); } catch (error) { console.error("Save homepage settings error:", error); res.status(500).json({ success: false, message: "Server error" }); } }); // General Settings router.get("/settings", requireAuth, async (req, res) => { try { const result = await query( "SELECT settings FROM site_settings WHERE key = 'general'" ); const settings = result.rows.length > 0 ? result.rows[0].settings : {}; res.json({ success: true, settings }); } catch (error) { console.error("Settings error:", error); res.json({ success: true, settings: {} }); } }); router.post("/settings", requireAuth, async (req, res) => { try { const settings = req.body; await query( `INSERT INTO site_settings (key, settings, updatedat) VALUES ('general', $1, NOW()) ON CONFLICT (key) DO UPDATE SET settings = $1, updatedat = NOW()`, [JSON.stringify(settings)] ); res.json({ success: true, message: "Settings saved successfully" }); } catch (error) { console.error("Save settings error:", error); res.status(500).json({ success: false, message: "Server error" }); } }); // Menu Management router.get("/menu", requireAuth, async (req, res) => { try { const result = await query( "SELECT settings FROM site_settings WHERE key = 'menu'" ); const items = result.rows.length > 0 ? result.rows[0].settings.items || [] : []; res.json({ success: true, items }); } catch (error) { console.error("Menu error:", error); res.json({ success: true, items: [] }); } }); router.post("/menu", requireAuth, async (req, res) => { try { const { items } = req.body; await query( `INSERT INTO site_settings (key, settings, updatedat) VALUES ('menu', $1, NOW()) ON CONFLICT (key) DO UPDATE SET settings = $1, updatedat = NOW()`, [JSON.stringify({ items })] ); res.json({ success: true, message: "Menu saved successfully" }); } catch (error) { console.error("Save menu error:", error); res.status(500).json({ success: false, message: "Server error" }); } }); module.exports = router;