@riligar/elysia-backup 1.6.0 → 1.7.0

package/README.md

@@ -1,23 +1,37 @@
-# ElysiaJS Backup Plugin
+# @riligar/elysia-backup
 
-Elysia plugin for R2/S3 backup with a built-in UI dashboard. Uses native Bun S3 client for optimal performance.
+[![Open Source](https://img.shields.io/badge/Open%20Source-RiLiGar-blue)](https://riligar.click/)
+[![npm version](https://img.shields.io/npm/v/@riligar/elysia-backup.svg)](https://www.npmjs.com/package/@riligar/elysia-backup)
+[![License: MIT](https://img.shields.io/badge/License-MIT-green.svg)](LICENSE)
 
-## Features
+> **An open source project by [RiLiGar](https://riligar.click/)**
 
--   📁 Backup local directories to R2/S3
--   🔄 Scheduled backups with cron expressions
--   🖥️ Built-in UI dashboard
--   ⬇️ One-click restore
--   🗑️ Delete remote backups
--   ⚙️ Runtime configuration
+A powerful Elysia plugin for R2/S3 backup with a beautiful built-in UI dashboard. Designed for Bun runtime with native S3 client for optimal performance.
 
-## Installation
+## ✨ Features
+
+-   📁 **Smart Backup** — Backup local directories to R2/S3 with file filtering
+-   🔄 **Scheduled Backups** — Cron-based automatic backups
+-   🖥️ **Beautiful Dashboard** — Modern UI with real-time status
+-   🔐 **Secure Authentication** — Session-based auth with 2FA/TOTP support
+-   🧭 **Guided Onboarding** — Multi-step setup wizard for first-time configuration
+-   ⬇️ **One-Click Restore** — Easily restore files from backup
+-   🗑️ **Backup Management** — Delete old backups from the UI
+-   ⚙️ **Runtime Configuration** — Update settings without restarting
+
+## 📦 Installation
 
 ```bash
 bun add @riligar/elysia-backup
 ```
 
-## Usage
+### Peer Dependencies
+
+```bash
+bun add elysia @elysiajs/html
+```
+
+## 🚀 Quick Start
 
 ```javascript
 import { Elysia } from 'elysia'
@@ -26,60 +40,158 @@ import { r2Backup } from '@riligar/elysia-backup'
 const app = new Elysia()
     .use(
         r2Backup({
-            bucket: process.env.R2_BUCKET,
-            accessKeyId: process.env.R2_ACCESS_KEY_ID,
-            secretAccessKey: process.env.R2_SECRET_ACCESS_KEY,
-            endpoint: process.env.R2_ENDPOINT,
             sourceDir: './data',
-            prefix: 'backups/',
-            extensions: ['.db', '.sqlite'],
-            cronSchedule: '0 0 * * *', // Daily at midnight
-            cronEnabled: true,
+            configPath: './config.json',
         })
     )
     .listen(3000)
 
-console.log('Server running at http://localhost:3000')
-console.log('Backup UI at http://localhost:3000/backup')
+console.log('🦊 Server running at http://localhost:3000')
+console.log('📦 Backup UI at http://localhost:3000/backup')
 ```
 
-## Configuration
+On first run, you'll be guided through an onboarding wizard to configure:
+
+-   Storage credentials (R2/S3)
+-   Backup schedule
+-   Admin authentication
+
+## ⚙️ Configuration
+
+### Plugin Options
 
-| Option            | Type     | Required | Description                                            |
-| ----------------- | -------- | -------- | ------------------------------------------------------ |
-| `bucket`          | string   | ✅       | R2/S3 bucket name                                      |
-| `accessKeyId`     | string   | ✅       | R2/S3 Access Key ID                                    |
-| `secretAccessKey` | string   | ✅       | R2/S3 Secret Access Key                                |
-| `endpoint`        | string   | ✅       | R2/S3 Endpoint URL                                     |
-| `sourceDir`       | string   | ✅       | Local directory to backup                              |
-| `prefix`          | string   | ❌       | Prefix for S3 keys (e.g., 'backups/')                  |
-| `extensions`      | string[] | ❌       | File extensions to include                             |
-| `cronSchedule`    | string   | ❌       | Cron expression for scheduled backups                  |
-| `cronEnabled`     | boolean  | ❌       | Enable/disable scheduled backups                       |
-| `configPath`      | string   | ❌       | Path to save runtime config (default: './config.json') |
+| Option       | Type   | Required | Description                                            |
+| ------------ | ------ | -------- | ------------------------------------------------------ |
+| `sourceDir`  | string | ✅       | Local directory to backup                              |
+| `configPath` | string | ❌       | Path to save runtime config (default: `./config.json`) |
 
-## API Endpoints
+### Runtime Configuration (via UI or config.json)
+
+| Option            | Type     | Description                                    |
+| ----------------- | -------- | ---------------------------------------------- |
+| `bucket`          | string   | R2/S3 bucket name                              |
+| `accessKeyId`     | string   | R2/S3 Access Key ID                            |
+| `secretAccessKey` | string   | R2/S3 Secret Access Key                        |
+| `endpoint`        | string   | R2/S3 Endpoint URL                             |
+| `prefix`          | string   | Prefix for S3 keys (e.g., `backups/`)          |
+| `extensions`      | string[] | File extensions to include (empty = all files) |
+| `cronSchedule`    | string   | Cron expression for scheduled backups          |
+| `cronEnabled`     | boolean  | Enable/disable scheduled backups               |
+| `auth.username`   | string   | Admin username                                 |
+| `auth.password`   | string   | Admin password                                 |
+| `auth.totpSecret` | string   | TOTP secret for 2FA (optional)                 |
+
+## 🔌 API Endpoints
 
 The plugin adds the following routes under `/backup`:
 
-| Method | Path                  | Description           |
-| ------ | --------------------- | --------------------- |
-| GET    | `/backup`             | UI Dashboard          |
-| POST   | `/backup/api/run`     | Trigger manual backup |
-| GET    | `/backup/api/files`   | List remote files     |
-| POST   | `/backup/api/restore` | Restore a file        |
-| POST   | `/backup/api/delete`  | Delete a remote file  |
-| POST   | `/backup/api/config`  | Update configuration  |
+### Pages
+
+| Method | Path                 | Description             |
+| ------ | -------------------- | ----------------------- |
+| GET    | `/backup`            | Dashboard UI            |
+| GET    | `/backup/login`      | Login page              |
+| GET    | `/backup/onboarding` | First-time setup wizard |
+
+### Authentication
+
+| Method | Path                  | Description       |
+| ------ | --------------------- | ----------------- |
+| POST   | `/backup/auth/login`  | Authenticate user |
+| POST   | `/backup/auth/logout` | End session       |
+
+### Backup Operations
+
+| Method | Path                  | Description                 |
+| ------ | --------------------- | --------------------------- |
+| POST   | `/backup/api/run`     | Trigger manual backup       |
+| GET    | `/backup/api/files`   | List remote backup files    |
+| POST   | `/backup/api/restore` | Restore a specific file     |
+| POST   | `/backup/api/delete`  | Delete a remote backup file |
+| POST   | `/backup/api/config`  | Update configuration        |
+
+### Two-Factor Authentication (TOTP)
+
+| Method | Path                        | Description                   |
+| ------ | --------------------------- | ----------------------------- |
+| GET    | `/backup/api/totp/status`   | Check 2FA status              |
+| POST   | `/backup/api/totp/generate` | Generate new TOTP secret & QR |
+| POST   | `/backup/api/totp/verify`   | Verify and enable 2FA         |
+| POST   | `/backup/api/totp/disable`  | Disable 2FA                   |
 
-## Environment Variables Example
+## 🔐 Security Features
+
+### Session-Based Authentication
+
+-   Secure session tokens with configurable expiration
+-   HTTP-only cookies for session management
+-   Automatic session cleanup
+
+### Two-Factor Authentication (TOTP)
+
+-   Compatible with any authenticator app (Google Authenticator, Authy, etc.)
+-   QR code for easy setup
+-   Backup codes support
+
+## 📂 Project Structure
+
+```
+src/
+├── index.js              # Main plugin entry
+├── assets/               # Static assets (favicon, logo)
+├── views/
+│   ├── LoginPage.js      # Login page
+│   ├── DashboardPage.js  # Main dashboard
+│   ├── OnboardingPage.js # Setup wizard
+│   ├── components/       # UI components
+│   │   ├── ActionArea.js
+│   │   ├── FilesTab.js
+│   │   ├── Footer.js
+│   │   ├── Head.js
+│   │   ├── Header.js
+│   │   ├── LoginCard.js
+│   │   ├── OnboardingCard.js
+│   │   ├── SecuritySection.js
+│   │   ├── SettingsTab.js
+│   │   └── StatusCards.js
+│   └── scripts/          # Client-side JavaScript
+│       ├── backupApp.js
+│       ├── loginApp.js
+│       └── onboardingApp.js
+```
+
+## 🌍 Environment Variables Example
 
 ```env
+# Optional - for initial configuration
 R2_BUCKET=your-bucket-name
 R2_ACCESS_KEY_ID=your-access-key
 R2_SECRET_ACCESS_KEY=your-secret-key
 R2_ENDPOINT=https://your-account.r2.cloudflarestorage.com
 ```
 
-## License
+> **Note:** All configuration can be set via the onboarding wizard. Environment variables are optional.
+
+## 📸 Screenshots
+
+The dashboard provides:
+
+-   **Status Overview** — Cron status, next run time, bucket info
+-   **Quick Actions** — Manual backup trigger with real-time feedback
+-   **Files Browser** — View, restore, and delete backup files
+-   **Settings** — Update storage and backup configuration
+-   **Security** — Enable/disable 2FA
+
+## 🤝 Contributing
+
+Contributions are welcome! See our [GitHub repository](https://github.com/riligar-solutions/elysia-backup) for more information.
+
+## 📄 License
+
+MIT © [RiLiGar](https://riligar.click/)
+
+---
 
-MIT
+<p align="center">
+  Made with ❤️ by <a href="https://riligar.click/">RiLiGar</a>
+</p>

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@riligar/elysia-backup",
-  "version": "1.6.0",
+  "version": "1.7.0",
   "description": "Elysia plugin for R2/S3 backup with a built-in UI dashboard",
   "type": "module",
   "main": "src/index.js",

package/src/index.js

@@ -132,10 +132,23 @@ export const r2Backup = initialConfig => app => {
         const dir = dirname(relativePath)
         const filename = relativePath.split('/').pop()
 
-        const timestamp = timestampPrefix || new Date().toISOString()
-        const newFilename = `${timestamp}_${filename}`
-
-        const finalPath = dir === '.' ? newFilename : join(dir, newFilename)
+        // Parse timestamp to extract date and time parts
+        // Expected format: YYYY-MM-DD_HH-mm-ss
+        const timestamp = timestampPrefix || new Date().toISOString().replace(/[:.]/g, '-').slice(0, 19)
+        const datePart = timestamp.slice(0, 10) // YYYY-MM-DD
+        const timePart = timestamp.slice(11) || '00-00-00' // HH-mm-ss
+
+        // Format: YYYY-MM-DD/HH-mm-ss_filename.ext
+        const newFilename = `${timePart}_${filename}`
+        const dateFolder = datePart
+
+        // Reconstruct path: prefix/date/[subdir/]time_filename
+        let finalPath
+        if (dir === '.') {
+            finalPath = join(dateFolder, newFilename)
+        } else {
+            finalPath = join(dateFolder, dir, newFilename)
+        }
         const key = config.prefix ? join(config.prefix, finalPath) : finalPath
 
         console.log(`Uploading ${key}...`)
@@ -178,7 +191,6 @@ export const r2Backup = initialConfig => app => {
                 backupJob = new CronJob(
                     config.cronSchedule,
                     async () => {
-                        console.log('Running scheduled backup...')
                         try {
                             const now = new Date()
                             const timestamp =
@@ -248,16 +260,34 @@ export const r2Backup = initialConfig => app => {
         const arrayBuffer = await file.arrayBuffer()
         const byteArray = new Uint8Array(arrayBuffer)
 
+        // Remove prefix from key to get relative path
         const relativePath = config.prefix ? key.replace(config.prefix, '') : key
         const cleanRelative = relativePath.replace(/^[\/\\]/, '')
 
-        const dir = dirname(cleanRelative)
-        const filename = cleanRelative.split('/').pop()
+        // New structure: YYYY-MM-DD/[subdir/]HH-mm-ss_filename.ext
+        // Old structure: YYYY-MM-DD_HH-mm-ss_filename.ext or timestamp_filename.ext
+        const pathParts = cleanRelative.split('/')
+        const filename = pathParts.pop()
+
+        // Check if first part is a date folder (YYYY-MM-DD)
+        const dateFolderRegex = /^\d{4}-\d{2}-\d{2}$/
+        let subdir = ''
+
+        if (pathParts.length > 0 && dateFolderRegex.test(pathParts[0])) {
+            // New format: remove date folder, keep remaining subdirs
+            pathParts.shift() // Remove date folder
+            subdir = pathParts.join('/')
+        } else {
+            // Old format: use dir as-is
+            subdir = pathParts.join('/')
+        }
 
-        const timestampRegex = /^(\d{4}-\d{2}-\d{2}_\d{2}-\d{2}-\d{2}|\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}\.\d{3}Z)_/
-        const originalFilename = filename.replace(timestampRegex, '')
+        // Strip time prefix from filename (HH-mm-ss_filename or old YYYY-MM-DD_HH-mm-ss_filename)
+        const timeOnlyRegex = /^\d{2}-\d{2}-\d{2}_/
+        const fullTimestampRegex = /^(\d{4}-\d{2}-\d{2}_\d{2}-\d{2}-\d{2}|\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}\.\d{3}Z)_/
+        let originalFilename = filename.replace(timeOnlyRegex, '').replace(fullTimestampRegex, '')
 
-        const finalLocalRelativePath = dir === '.' ? originalFilename : join(dir, originalFilename)
+        const finalLocalRelativePath = subdir ? join(subdir, originalFilename) : originalFilename
         const localPath = join(config.sourceDir, finalLocalRelativePath)
 
         await mkdir(dirname(localPath), { recursive: true })
@@ -320,6 +350,13 @@ export const r2Backup = initialConfig => app => {
             const session = getSession(sessionToken)
 
             if (!session) {
+                // Return JSON error for API routes
+                if (path.startsWith('/backup/api/')) {
+                    context.set.status = 401
+                    return { status: 'error', message: 'Session expired. Please login again.' }
+                }
+
+                // Redirect to login for page routes
                 context.set.status = 302
                 context.set.headers['Location'] = '/backup/login'
                 return new Response('Redirecting to login', {

package/src/services/backup.service.js

@@ -17,7 +17,7 @@ export const createBackupService = getConfig => {
      * Upload a single file to S3
      * @param {string} filePath - Local file path
      * @param {string} rootDir - Root directory for relative path calculation
-     * @param {string} timestampPrefix - Timestamp to prepend to filename
+     * @param {string} timestampPrefix - Timestamp to prepend to filename (YYYY-MM-DD_HH-mm-ss)
      */
     const uploadFile = async (filePath, rootDir, timestampPrefix) => {
         const config = getConfig()
@@ -28,15 +28,25 @@ export const createBackupService = getConfig => {
         const dir = dirname(relativePath)
         const filename = relativePath.split('/').pop()
 
-        // Format: YYYY-MM-DD_HH-mm-ss_filename.ext
-        const timestamp = timestampPrefix || new Date().toISOString()
-        const newFilename = `${timestamp}_${filename}`
-
-        // Reconstruct path with new filename
-        const finalPath = dir === '.' ? newFilename : join(dir, newFilename)
+        // Parse timestamp to extract date and time parts
+        // Expected format: YYYY-MM-DD_HH-mm-ss
+        const timestamp = timestampPrefix || new Date().toISOString().replace(/[:.]/g, '-').slice(0, 19)
+        const datePart = timestamp.slice(0, 10) // YYYY-MM-DD
+        const timePart = timestamp.slice(11) || '00-00-00' // HH-mm-ss
+
+        // Format: YYYY-MM-DD/HH-mm-ss_filename.ext
+        const newFilename = `${timePart}_${filename}`
+        const dateFolder = datePart
+
+        // Reconstruct path: prefix/date/[subdir/]time_filename
+        let finalPath
+        if (dir === '.') {
+            finalPath = join(dateFolder, newFilename)
+        } else {
+            finalPath = join(dateFolder, dir, newFilename)
+        }
         const key = config.prefix ? join(config.prefix, finalPath) : finalPath
 
-        console.log(`Uploading ${key}...`)
         await s3.write(key, fileContent)
     }
 
@@ -132,15 +142,30 @@ export const createBackupService = getConfig => {
         const relativePath = config.prefix ? key.replace(config.prefix, '') : key
         const cleanRelative = relativePath.replace(/^[\/\\]/, '')
 
-        // Extract directory and filename
-        const dir = dirname(cleanRelative)
-        const filename = cleanRelative.split('/').pop()
+        // New structure: YYYY-MM-DD/[subdir/]HH-mm-ss_filename.ext
+        // Old structure: YYYY-MM-DD_HH-mm-ss_filename.ext or timestamp_filename.ext
+        const pathParts = cleanRelative.split('/')
+        const filename = pathParts.pop()
+
+        // Check if first part is a date folder (YYYY-MM-DD)
+        const dateFolderRegex = /^\d{4}-\d{2}-\d{2}$/
+        let subdir = ''
+
+        if (pathParts.length > 0 && dateFolderRegex.test(pathParts[0])) {
+            // New format: remove date folder, keep remaining subdirs
+            pathParts.shift() // Remove date folder
+            subdir = pathParts.join('/')
+        } else {
+            // Old format: use dir as-is
+            subdir = pathParts.join('/')
+        }
 
-        // Strip timestamp prefix to restore original filename
-        const timestampRegex = /^(\d{4}-\d{2}-\d{2}_\d{2}-\d{2}-\d{2}|\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}\.\d{3}Z)_/
-        const originalFilename = filename.replace(timestampRegex, '')
+        // Strip time prefix from filename (HH-mm-ss_filename or old YYYY-MM-DD_HH-mm-ss_filename)
+        const timeOnlyRegex = /^\d{2}-\d{2}-\d{2}_/
+        const fullTimestampRegex = /^(\d{4}-\d{2}-\d{2}_\d{2}-\d{2}-\d{2}|\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}\.\d{3}Z)_/
+        let originalFilename = filename.replace(timeOnlyRegex, '').replace(fullTimestampRegex, '')
 
-        const finalLocalRelativePath = dir === '.' ? originalFilename : join(dir, originalFilename)
+        const finalLocalRelativePath = subdir ? join(subdir, originalFilename) : originalFilename
         const localPath = join(config.sourceDir, finalLocalRelativePath)
 
         // Ensure directory exists

package/src/views/DashboardPage.js

@@ -11,6 +11,7 @@ import { ActionArea } from './components/ActionArea.js'
 import { FilesTab } from './components/FilesTab.js'
 import { SettingsTab } from './components/SettingsTab.js'
 import { SecuritySection } from './components/SecuritySection.js'
+import { Footer } from './components/Footer.js'
 import { backupAppScript } from './scripts/backupApp.js'
 
 export const DashboardPage = ({ config, jobStatus, hasAuth }) => `
@@ -48,6 +49,9 @@ export const DashboardPage = ({ config, jobStatus, hasAuth }) => `
             ${SettingsTab()}
             ${SecuritySection()}
         </div>
+        
+        <!-- Footer -->
+        ${Footer()}
     </div>
 
     ${backupAppScript({ config, jobStatus })}

package/src/views/LoginPage.js

@@ -6,6 +6,7 @@
  */
 import { Head } from './components/Head.js'
 import { LoginCard } from './components/LoginCard.js'
+import { Footer } from './components/Footer.js'
 import { loginAppScript } from './scripts/loginApp.js'
 
 export const LoginPage = ({ totpEnabled = false }) => `
@@ -14,8 +15,14 @@ export const LoginPage = ({ totpEnabled = false }) => `
 <head>
     ${Head({ title: 'Login - Backup Manager' })}
 </head>
-<body class="bg-gray-50 min-h-screen flex items-center justify-center p-6 antialiased">
-    ${LoginCard({ totpEnabled })}
+<body class="bg-gray-50 min-h-screen flex flex-col items-center justify-center p-6 antialiased">
+    <div class="flex-1 flex items-center justify-center w-full">
+        ${LoginCard({ totpEnabled })}
+    </div>
+    
+    <div class="w-full max-w-md">
+        ${Footer()}
+    </div>
 
     ${loginAppScript({ totpEnabled })}
 </body>

package/src/views/OnboardingPage.js

@@ -5,6 +5,7 @@
  */
 import { Head } from './components/Head.js'
 import { OnboardingCard } from './components/OnboardingCard.js'
+import { Footer } from './components/Footer.js'
 import { onboardingAppScript } from './scripts/onboardingApp.js'
 
 export const OnboardingPage = ({ sourceDir }) => `
@@ -13,8 +14,14 @@ export const OnboardingPage = ({ sourceDir }) => `
 <head>
     ${Head({ title: 'Setup - Backup Manager' })}
 </head>
-<body class="bg-gray-50 min-h-screen flex items-center justify-center p-6 antialiased">
-    ${OnboardingCard({ sourceDir })}
+<body class="bg-gray-50 min-h-screen flex flex-col items-center justify-center p-6 antialiased">
+    <div class="flex-1 flex items-center justify-center w-full">
+        ${OnboardingCard({ sourceDir })}
+    </div>
+    
+    <div class="w-full max-w-2xl">
+        ${Footer()}
+    </div>
 
     ${onboardingAppScript({ sourceDir })}
 </body>

package/src/views/components/Footer.js

@@ -0,0 +1,25 @@
+/**
+ * Footer component with RiLiGar branding
+ * Shows open source project attribution
+ * @returns {string} HTML string
+ */
+export const Footer = () => `
+    <footer class="pt-4 text-center">
+        <p class="text-sm text-gray-500">
+            Open source project by 
+            <a href="https://riligar.click/" target="_blank" rel="noopener noreferrer" 
+               class="text-gray-700 hover:text-gray-900 font-medium transition-colors underline underline-offset-2 decoration-gray-300 hover:decoration-gray-600">
+                RiLiGar
+            </a>
+        </p>
+        <p class="text-xs text-gray-400 mt-1">
+            <a href="https://github.com/riligar/elysia-backup" target="_blank" rel="noopener noreferrer"
+               class="hover:text-gray-600 transition-colors inline-flex items-center gap-1">
+                <svg class="w-3.5 h-3.5" fill="currentColor" viewBox="0 0 24 24" aria-hidden="true">
+                    <path fill-rule="evenodd" d="M12 2C6.477 2 2 6.484 2 12.017c0 4.425 2.865 8.18 6.839 9.504.5.092.682-.217.682-.483 0-.237-.008-.868-.013-1.703-2.782.605-3.369-1.343-3.369-1.343-.454-1.158-1.11-1.466-1.11-1.466-.908-.62.069-.608.069-.608 1.003.07 1.531 1.032 1.531 1.032.892 1.53 2.341 1.088 2.91.832.092-.647.35-1.088.636-1.338-2.22-.253-4.555-1.113-4.555-4.951 0-1.093.39-1.988 1.029-2.688-.103-.253-.446-1.272.098-2.65 0 0 .84-.27 2.75 1.026A9.564 9.564 0 0112 6.844c.85.004 1.705.115 2.504.337 1.909-1.296 2.747-1.027 2.747-1.027.546 1.379.202 2.398.1 2.651.64.7 1.028 1.595 1.028 2.688 0 3.848-2.339 4.695-4.566 4.943.359.309.678.92.678 1.855 0 1.338-.012 2.419-.012 2.747 0 .268.18.58.688.482A10.019 10.019 0 0022 12.017C22 6.484 17.522 2 12 2z" clip-rule="evenodd" />
+                </svg>
+                View on GitHub
+            </a>
+        </p>
+    </footer>
+`

package/src/views/scripts/backupApp.js

@@ -201,6 +201,14 @@ export const backupAppScript = ({ config, jobStatus }) => `
                             headers: { 'Content-Type': 'application/json' },
                             body: JSON.stringify({ timestamp })
                         })
+                        
+                        // Handle session expiration
+                        if (res.status === 401) {
+                            this.addLog('Session expired. Redirecting to login...', 'error')
+                            setTimeout(() => window.location.href = '/backup/login', 1500)
+                            return
+                        }
+                        
                         const data = await res.json()
                         if (data.status === 'success') {
                             this.lastBackup = new Date().toLocaleString()
@@ -220,14 +228,31 @@ export const backupAppScript = ({ config, jobStatus }) => `
                     this.loadingFiles = true
                     try {
                         const res = await fetch('/backup/api/files')
+                        
+                        // Handle session expiration
+                        if (res.status === 401) {
+                            this.addLog('Session expired. Redirecting to login...', 'error')
+                            setTimeout(() => window.location.href = '/backup/login', 1500)
+                            return
+                        }
+                        
                         const data = await res.json()
+                        
+                        // Check for error response
+                        if (data.status === 'error') {
+                            throw new Error(data.message)
+                        }
+                        
                         if (data.files) {
                             const sortedFiles = data.files.sort((a, b) => b.key.localeCompare(a.key));
                             
                             const groupsMap = {};
                             sortedFiles.forEach(file => {
-                                const match = file.key.match(/(?:^|\\/)(\\d{4}-\\d{2}-\\d{2})[_T]/);
-                                const dateKey = match ? match[1] : 'Others';
+                                // Try to extract date from folder path first (new format: YYYY-MM-DD/)
+                                // Then fall back to extracting from filename (legacy format: YYYY-MM-DD_HH-mm-ss_filename)
+                                const folderMatch = file.key.match(/(?:^|\\/)(\\d{4}-\\d{2}-\\d{2})\\//);
+                                const filenameMatch = file.key.match(/(?:^|\\/)(\\d{4}-\\d{2}-\\d{2})[_T]/);
+                                const dateKey = folderMatch ? folderMatch[1] : (filenameMatch ? filenameMatch[1] : 'Others');
                                 
                                 if (!groupsMap[dateKey]) {
                                     groupsMap[dateKey] = [];