require('dotenv').config(); const express = require('express'); const session = require('express-session'); const path = require('path'); const bcrypt = require('bcryptjs'); const db = require('./config/database'); const app = express(); // View Engine app.set('view engine', 'ejs'); app.set('views', path.join(__dirname, 'views')); // Static Files app.use(express.static(path.join(__dirname, 'public'))); // Body Parser app.use(express.json()); app.use(express.urlencoded({ extended: true })); // Session app.use(session({ secret: process.env.SESSION_SECRET || 'plusfit24-secret', resave: false, saveUninitialized: false, cookie: { secure: false, // auf true setzen wenn HTTPS direkt (nicht via Proxy) maxAge: 24 * 60 * 60 * 1000 // 24 Stunden } })); // Routen const indexRouter = require('./routes/index'); const adminRouter = require('./routes/admin'); const apiRouter = require('./routes/api'); app.use('/', indexRouter); app.use('/admin', adminRouter); app.use('/api', apiRouter); // 404 Handler app.use((req, res) => { res.status(404).render('error', { message: 'Seite nicht gefunden' }); }); // Fehler Handler app.use((err, req, res, next) => { console.error(err.stack); res.status(500).render('error', { message: 'Ein Fehler ist aufgetreten' }); }); // Admin Account beim Start erstellen falls keiner existiert async function initAdmin() { try { const [rows] = await db.query('SELECT COUNT(*) as count FROM admins'); if (rows[0].count === 0) { const hash = await bcrypt.hash(process.env.ADMIN_PASSWORD || 'Admin1234!', 12); await db.query( 'INSERT INTO admins (username, password_hash) VALUES (?, ?)', [process.env.ADMIN_USER || 'admin', hash] ); console.log('✅ Admin Account erstellt:', process.env.ADMIN_USER || 'admin'); } } catch (err) { console.error('❌ Fehler beim Erstellen des Admin Accounts:', err.message); } } const PORT = process.env.PORT || 3100; app.listen(PORT, async () => { console.log(`🚀 PlusFit24 Server läuft auf Port ${PORT}`); await initAdmin(); });