c2010246e3
Security improvements: - Add random CUID slugs to Match model to prevent ID enumeration attacks - Update all match URLs from /matches/:id to /matches/:slug - Keep numeric IDs for internal Socket.IO operations only Backend changes: - Add slug field to matches table with unique index - Update all match endpoints to use slug-based lookups (GET, PUT, DELETE) - Add GET /api/matches/:slug/messages endpoint to fetch message history - Include matchSlug in all Socket.IO notifications Frontend changes: - Update all match routes to use slug parameter - Update MatchesPage to use slug for accept/reject/navigate operations - Update MatchChatPage to fetch match data by slug and load message history - Update RatePartnerPage to use slug parameter - Add matchesAPI.getMatchMessages() function Bug fixes: - Fix MatchChatPage not loading message history from database on mount - Messages now persist and display correctly when users reconnect
spotlight.cam Backend
Node.js + Express backend for spotlight.cam - P2P video exchange app for dance events.
Features
- ✅ Express REST API
- ✅ CORS enabled
- ✅ Health check endpoint
- ✅ Error handling
- ✅ Unit tests (Jest + Supertest)
- ⏳ PostgreSQL integration (planned)
- ⏳ JWT authentication (planned)
- ⏳ Socket.IO for real-time chat (planned)
- ⏳ WebRTC signaling (planned)
API Endpoints
Health Check
GET /api/health- Backend health status
Future Endpoints
POST /api/auth/register- Register new userPOST /api/auth/login- Login userGET /api/users/me- Get current userGET /api/events- List eventsPOST /api/matches- Create matchPOST /api/ratings- Rate partner
Development
Install dependencies
npm install
Run in development mode
npm run dev
Run tests
npm test
Run tests in watch mode
npm run test:watch
Run in production mode
npm start
Environment Variables
Create a .env file (see .env.example):
NODE_ENV=development
PORT=3000
CORS_ORIGIN=http://localhost:8080
Project Structure
backend/
├── src/
│ ├── __tests__/ # Unit tests
│ │ └── app.test.js
│ ├── routes/ # API routes (future)
│ ├── controllers/ # Business logic (future)
│ ├── middleware/ # Custom middleware (future)
│ ├── utils/ # Helper functions (future)
│ ├── app.js # Express app setup
│ └── server.js # Server entry point
├── .env # Environment variables (gitignored)
├── .env.example # Environment variables template
├── package.json
└── Dockerfile
Testing
Tests are written using:
- Jest - Test framework
- Supertest - HTTP assertions
Run tests:
npm test
Current test coverage:
- Health check endpoint
- 404 error handling
- CORS configuration
- JSON body parsing
Docker
Build and run with Docker Compose (from project root):
docker compose up --build
Backend will be available at:
- Internal: http://backend:3000
- Through nginx: http://localhost:8080/api
Next Steps
- ✅ Basic Express setup
- ✅ Health check endpoint
- ✅ Unit tests
- ⏳ PostgreSQL connection
- ⏳ Database schema and migrations
- ⏳ Authentication (JWT + bcrypt)
- ⏳ Socket.IO for real-time chat
- ⏳ WebRTC signaling
License
TBD