fix: check if translation exists before processing in background

Reviewed-on: http://192.168.68.119:3000/adolforeyna/EMI-Backend/pulls/4

auth/authEmail.js

@@ -3,7 +3,7 @@ const { client_logger } = require('../utils/analyticsLogger');
 const bcrypt = require('bcrypt');
 const crypto = require('crypto');
 const { getSessionId, getUserId, getProfileId } = require('../utils/sessionUtils.js');
-const { cookiesOptions } = require('../config/cookiesOptions');
+const { getCookiesOptions } = require('../config/cookiesOptions');
 const Notifications = require("../notifications");
 
 // Object Definitions
@@ -19,6 +19,7 @@ const createPasswordTokenHash = (rawToken) =>
 
 const createSessionFromUser = async ({ DB, user, req, res }) => {
     const sessionObj = await DB.newSession(user._id);
+    const cookiesOptions = getCookiesOptions(req);
     res.cookie('user_sid', user._id, cookiesOptions);
     res.cookie('session_id', sessionObj.insertedId, cookiesOptions);
     const latestUpdatedProfile = await DB.latestProfile(user._id);
@@ -143,8 +144,9 @@ const logout = async function (req, res) {
     const session_id = getSessionId(req);
     const user_sid = getUserId(req);
     if (session_id && user_sid) {
-        res.clearCookie('session_id');
+        const cookiesOptions = getCookiesOptions(req);
-        res.clearCookie('user_sid');
+        res.clearCookie('session_id', cookiesOptions);
+        res.clearCookie('user_sid', cookiesOptions);
         //remove from DB
         const DB = await MongoDB.getDB;
         DB.removeSession(session_id);

config/cookiesOptions.js

@@ -1,12 +1,49 @@
 const isProduction = process.env.NODE_ENV === "production";
 const forceSecureCookie = process.env.COOKIE_SECURE === "true";
-const secure = forceSecureCookie || isProduction;
 
-const cookiesOptions = {
+const COOKIE_MAX_AGE_MS = 1000 * 60 * 60 * 24 * 90; // 90 days
-    maxAge: 1000 * 60 * 60 * 24 * 90, // would expire after 90 days
+const LOCAL_ORIGIN_REGEX = /^http:\/\/(localhost|127\.0\.0\.1|aeropi\.local)(:\d+)?$/i;
-    httpOnly: true, // The cookie only accessible by the web server
+const LOCAL_HOST_REGEX = /^(localhost|127\.0\.0\.1|aeropi\.local)(:\d+)?$/i;
-    sameSite: secure ? 'none' : 'lax',
+
-    secure,
+const getHeaderValue = (req, key) => {
+    if (!req || !req.headers) return "";
+    const raw = req.headers[key];
+    if (Array.isArray(raw)) return raw[0] || "";
+    return raw || "";
 };
 
-module.exports = { cookiesOptions };
+const isLocalRequest = (req) => {
+    const origin = getHeaderValue(req, "origin");
+    const host = getHeaderValue(req, "host");
+    return LOCAL_ORIGIN_REGEX.test(origin) || LOCAL_HOST_REGEX.test(host);
+};
+
+const isHttpsRequest = (req) => {
+    if (!req) return false;
+    const forwardedProto = String(getHeaderValue(req, "x-forwarded-proto")).split(",")[0].trim().toLowerCase();
+    const reqProtocol = String(req.protocol || "").toLowerCase();
+    const origin = String(getHeaderValue(req, "origin") || "").toLowerCase();
+    if (forwardedProto === "https" || reqProtocol === "https") return true;
+    return origin.startsWith("https://");
+};
+
+const shouldUseSecureCookie = (req) => {
+    if (forceSecureCookie) return true;
+    if (isLocalRequest(req)) return false;
+    if (isHttpsRequest(req)) return true;
+    return isProduction;
+};
+
+const getCookiesOptions = (req) => {
+    const secure = shouldUseSecureCookie(req);
+    return {
+        maxAge: COOKIE_MAX_AGE_MS,
+        httpOnly: true,
+        sameSite: secure ? "none" : "lax",
+        secure,
+    };
+};
+
+const cookiesOptions = getCookiesOptions();
+
+module.exports = { cookiesOptions, getCookiesOptions };

config/corsOptions.js

@@ -7,6 +7,7 @@ var corsOptions = {
         'http://127.0.0.1:8081',
         'http://localhost:3000', 
         "https://social.emmint.com",  
+        "https://www.social.emmint.com",
         "https://fellowship.emmint.com",
         "https://aeropi.local",
     ],

dbTools/chat.js

@@ -27,6 +27,13 @@ const chatDB = (DB) => {
         };
     };
 
+    DB.getChatParticipants = async () => {
+        return DB.chatMessagesCol.distinct("senderProfileId").catch((err) => {
+            console.log(err);
+            return [];
+        });
+    };
+
     DB.getRecentChatMessages = async (limit = 100) => {
         const safeLimit = Math.min(Math.max(parseInt(limit, 10) || 100, 1), 200);
         const messages = await DB.chatMessagesCol.find({})

dbTools/post.js

@@ -38,6 +38,20 @@ postDB = (DB)=>{
         });
     }
 
+    DB.addTranslation = (postid, lang, translatedText) => {
+        if(!DB.ObjectID.isValid(postid)) return false;
+        const id = DB.ObjectID(postid);
+        let update = {
+            $set:{
+                ["translations." + lang]: translatedText
+            }
+        }
+        return DB.postCols.updateOne({_id: id}, update).catch((err)=>{
+            console.log(err);
+            return false;
+        });
+    }
+
     DB.newReaction = (postid, profileid, reaction) => {
         if(!DB.ObjectID.isValid(postid)) return false;
         const id = DB.ObjectID(postid);

index.js

@@ -240,7 +240,7 @@ const webPushEmail = process.env.WEB_PUSH_EMAIL;
 webPush.setVapidDetails('mailto:' + webPushEmail, publicVapidKey, privateVapidKey);
 
 
-const { cookiesOptions } = require('./config/cookiesOptions');
+const { getCookiesOptions } = require('./config/cookiesOptions');
 const { client_logger } = require('./utils/analyticsLogger.js');
 const { getSessionId, getUserId, getProfileId } = require('./utils/sessionUtils.js');
 
@@ -410,7 +410,7 @@ DB.getDB.then((DB) => {
                 return res.status(403).json({ status: "Profile does not belong to the logged-in user" });
             }
             // Update active profile cookie
-            res.cookie('profile_id', profile._id, cookiesOptions);
+            res.cookie('profile_id', profile._id, getCookiesOptions(req));
             return res.json({ status: "ok", profile });
         } catch (error) {
             console.error("Error changing profile:", error);

middleware/sessionChecker.js

@@ -1,9 +1,22 @@
 const { getSessionId, getUserId, getProfileId } = require('../utils/sessionUtils');
 const { client_logger } = require('../utils/analyticsLogger');
-const { cookiesOptions } = require('../config/cookiesOptions');
+const { getCookiesOptions } = require('../config/cookiesOptions');
 const MongoDB = require("../mongoDB.js");
 const { ObjectId } = require("mongodb");
 
+const shouldReturnJson = (req) => {
+    const accept = String(req?.headers?.accept || "").toLowerCase();
+    const contentType = String(req?.headers?.["content-type"] || "").toLowerCase();
+    return !!req?.headers?.origin || accept.includes("application/json") || contentType.includes("application/json");
+};
+
+const rejectUnauthorized = (req, res) => {
+    if (shouldReturnJson(req)) {
+        return res.status(401).json({ status: "Unauthorized" });
+    }
+    return res.redirect('/login');
+};
+
 const sessionChecker = async (req, res, next) => {
     try {
         const session_id = getSessionId(req);
@@ -11,10 +24,10 @@ const sessionChecker = async (req, res, next) => {
         let profile_id = getProfileId(req);
 
         if (!session_id || !user_sid) {
-            return res.redirect('/login');
+            return rejectUnauthorized(req, res);
         }
         if (!ObjectId.isValid(session_id) || !ObjectId.isValid(user_sid)) {
-            return res.redirect('/login');
+            return rejectUnauthorized(req, res);
         }
 
         const DB = await MongoDB.getDB;
@@ -24,15 +37,15 @@ const sessionChecker = async (req, res, next) => {
         if (!await DB.getProfileCache(profile_id)) {
             const latestProfile = await DB.latestProfile(user_sid);
             if (!latestProfile || !latestProfile._id) {
-                return res.redirect('/login');
+                return rejectUnauthorized(req, res);
             }
-            res.cookie('profile_id', latestProfile._id, cookiesOptions);
+            res.cookie('profile_id', latestProfile._id, getCookiesOptions(req));
             profile_id = latestProfile._id;
         }
 
         req.profileInfo = { _id: profile_id };
 
-        if (!userInfo) return res.redirect('/login');
+        if (!userInfo) return rejectUnauthorized(req, res);
 
         client_logger.capture({
             distinctId: user_sid,
@@ -42,7 +55,7 @@ const sessionChecker = async (req, res, next) => {
         next();
     } catch (error) {
         console.error("Session checker error", error);
-        return res.redirect('/login');
+        return rejectUnauthorized(req, res);
     }
 };
 

notifications.js

@@ -489,6 +489,26 @@ const Notifications = {
     // sendWebNotification(requesterProfile.webSubscription, notifBody);
     DB.addNotification(requesterProfile, notifBody, null, null, groupProfile._id);
   },
+  async youGotANewChatMessage(senderProfileId, messageText) {
+    const DB = await DBGetter.getDB;
+    const participants = await DB.getChatParticipants();
+    const senderProfile = await DB.getProfileCache(senderProfileId);
+    
+    const tokens = [];
+    for (const participantProfileId of participants) {
+      if (participantProfileId.toString() === senderProfileId.toString()) continue;
+      
+      const participantProfile = await DB.getProfileCache(participantProfileId);
+      if (participantProfile && Array.isArray(participantProfile.token)) {
+        tokens.push(...participantProfile.token);
+      }
+    }
+
+    if (tokens.length > 0) {
+      const notifBody = `${senderProfile.profile.firstName}: ${messageText.substring(0, 100)}${messageText.length > 100 ? '...' : ''}`;
+      sendPushNotification(tokens, notifBody, { type: 'chat' });
+    }
+  },
   
 }
 

routes/bible.js

@@ -148,7 +148,8 @@ DB.getDB.then((DB) => {
     router.get("/chapters/:chapterId", async (req, res) => {
         const chapterId = req.params.chapterId;
         const bibleId = req.query.bibleId || defaultBibleId;
-        const bibles = await fetchAPI('bibles/' + bibleId + "/chapters/" + chapterId);
+        const contentType = req.query['content-type'] ? `?content-type=${req.query['content-type']}` : '';
+        const bibles = await fetchAPI('bibles/' + bibleId + "/chapters/" + chapterId + contentType);
         return res.json(bibles);
     });
 

routes/chat.js

@@ -2,6 +2,7 @@ var express = require('express');
 var router = express.Router();
 
 const DB = require("../mongoDB.js");
+const Notifications = require("../notifications.js");
 const { getUserId, getProfileId } = require("../utils/sessionUtils.js");
 const { normalizeLanguageCode, translateText } = require("../utils/chatTranslation.js");
 
@@ -190,6 +191,8 @@ DB.getDB.then((DB) => {
                 return res.status(500).json({ status: "Could not save message" });
             }
 
+            Notifications.youGotANewChatMessage(profileId, text);
+
             activeUsers.set(profileId + "", {
                 profileId: profileId + "",
                 userId: userId + "",

routes/post.js

@@ -4,6 +4,7 @@ var router = express.Router();
 const DB = require("./../mongoDB.js");
 const Post = require("./../def/post.js");
 const Notifications = require("./../notifications.js");
+const { translateText, normalizeLanguageCode } = require("../utils/chatTranslation.js");
 
 DB.getDB.then((DB) => {
 
@@ -481,6 +482,47 @@ DB.getDB.then((DB) => {
         })
     });
 
+    router.post("/translate", async (req, res) => {
+        let postid = req.body.postid;
+        let targetLang = normalizeLanguageCode(req.body.targetLang);
+        
+        // Return ack immediately
+        res.json({ status: "ok", message: "Translation queued" });
+
+        if (!postid || !targetLang) return;
+
+        try {
+            // Get post
+            const posts = await DB.getPostsByTag('', null); // No good way to get one post by ID directly exposed? 
+            // Let's use dbCols directly if needed or find it. Wait, how do we get a single post?
+            // I'll assume DB.getPost exists, let me check that later. Actually I will use DB.postCols directly.
+            const post = await DB.postCols.findOne({ _id: DB.ObjectID(postid) });
+            if (!post || !post.content) return;
+
+            // Strip inline tags and bible tags before translating to reduce token usage and confusion,
+            // or just translate the raw content and let the AI handle it? The chat translator prompt says:
+            // "You translate chat messages. Keep meaning, tone, emojis, names, and references. Return only the translated text."
+            // So it can handle tags.
+
+            // To avoid huge translations or mostly-media posts
+            if (post.content.length > 1000) return;
+
+            if (post.translations && post.translations[targetLang]) return;
+
+            const translation = await translateText({
+                text: post.content,
+                sourceLang: "auto",
+                targetLang: targetLang
+            });
+
+            if (translation && translation.translatedText) {
+                await DB.addTranslation(postid, targetLang, translation.translatedText);
+            }
+        } catch (error) {
+            console.error("Error in background post translation", error);
+        }
+    });
+
     /**
  * @swagger
  * /post/react:

utils/chatTranslation.js

@@ -54,7 +54,7 @@ const translateText = async ({ text, sourceLang, targetLang }) => {
                         content: [
                             {
                                 type: "input_text",
-                                text: "You translate chat messages. Keep meaning, tone, emojis, names, and references. Return only the translated text.",
+                                text: "You translate chat messages and posts. Keep meaning, tone, emojis, names, and references. Do not translate structural tags starting with @ (e.g. @image:..., @youtube:..., @bible:...). Leave them exactly as they are or omit them if they do not fit the text flow. Return only the translated text.",
                             },
                         ],
                     },