noho-platform 1.0.0

package/noho-server.js

@@ -0,0 +1,441 @@
+/**
+ * NOHO Server v3.2 - Express v5 Final Fix
+ */
+
+const express = require('express');
+const http = require('http');
+const WebSocket = require('ws');
+const cors = require('cors');
+const helmet = require('helmet');
+const rateLimit = require('express-rate-limit');
+const path = require('path');
+const crypto = require('crypto');
+const fetch = require('node-fetch');
+const NOHOLibrary = require('./noho-lib');
+
+class NOHOServer {
+  constructor(config = {}) {
+    this.config = {
+      port: config.port || 5000,
+      host: config.host || '0.0.0.0',
+      ...config
+    };
+    
+    this.lib = new NOHOLibrary(config);
+    this.app = express();
+    this.server = null;
+    this.wss = null;
+    this.clients = new Map();
+    
+    this.setupMiddleware();
+    this.setupRoutes();
+    this.setupWebSocket();
+  }
+
+  setupMiddleware() {
+    this.app.use(helmet({
+      contentSecurityPolicy: {
+        directives: {
+          defaultSrc: ["'self'"],
+          styleSrc: ["'self'", "'unsafe-inline'", "https:"],
+          scriptSrc: ["'self'", "'unsafe-inline'"],
+          imgSrc: ["'self'", "data:", "https:"],
+        }
+      }
+    }));
+
+    this.app.use(cors({
+      origin: '*',
+      methods: ['GET', 'POST', 'PUT', 'DELETE', 'OPTIONS'],
+      allowedHeaders: ['Content-Type', 'Authorization', 'X-API-Key']
+    }));
+
+    this.app.use(express.json({ limit: '10mb' }));
+    this.app.use(express.urlencoded({ extended: true, limit: '10mb' }));
+    this.app.use('/static', express.static('public'));
+    
+    const limiter = rateLimit({
+      windowMs: 15 * 60 * 1000,
+      max: (req) => req.user ? 100 : 30,
+      message: { error: 'Too many requests' },
+      standardHeaders: true,
+      legacyHeaders: false
+    });
+    this.app.use('/api/', limiter);
+
+    this.app.use(this.extractAuth.bind(this));
+  }
+
+  extractAuth(req, res, next) {
+    const token = req.headers.authorization?.replace('Bearer ', '') || 
+                  req.cookies?.token || 
+                  req.query.token;
+    
+    const apiKey = req.headers['x-api-key'] || req.query.apiKey;
+
+    if (token) {
+      req.user = this.lib.validateToken(token);
+      if (req.user) req.authType = 'session';
+    }
+    
+    if (apiKey && !req.user) {
+      req.user = this.lib.getUserByApiKey(apiKey);
+      if (req.user) req.authType = 'apikey';
+    }
+
+    next();
+  }
+
+  requireAuth(req, res, next) {
+    if (!req.user) {
+      return res.status(401).json({ error: 'Authentication required' });
+    }
+    next();
+  }
+
+  setupRoutes() {
+    this.app.get('/health', (req, res) => {
+      res.json({ 
+        status: 'ok', 
+        timestamp: new Date().toISOString(),
+        users: this.lib.users.size,
+        pages: this.lib.pages.size,
+        uptime: process.uptime()
+      });
+    });
+
+    this.app.post('/api/auth/register', async (req, res) => {
+      try {
+        const { email, password, username } = req.body;
+        const result = await this.lib.registerUser(email, password, username);
+        res.status(201).json({
+          success: true,
+          message: 'User created',
+          data: {
+            userId: result.userId,
+            apiKey: result.apiKey,
+            username: result.username
+          }
+        });
+      } catch (error) {
+        res.status(400).json({ success: false, error: error.message });
+      }
+    });
+
+    this.app.post('/api/auth/login', async (req, res) => {
+      try {
+        const { email, password } = req.body;
+        const result = await this.lib.loginUser(email, password);
+        res.json({
+          success: true,
+          token: result.token,
+          user: result.user
+        });
+      } catch (error) {
+        res.status(401).json({ success: false, error: error.message });
+      }
+    });
+
+    this.app.post('/api/auth/logout', this.requireAuth, (req, res) => {
+      const token = req.headers.authorization?.replace('Bearer ', '');
+      if (token) this.lib.sessions.delete(token);
+      res.json({ success: true });
+    });
+
+    this.app.get('/api/auth/me', this.requireAuth, (req, res) => {
+      res.json({
+        success: true,
+        user: this.lib.sanitizeUser(req.user),
+        stats: this.lib.getUserStats(req.user.id)
+      });
+    });
+
+    this.app.post('/api/auth/regenerate-key', this.requireAuth, async (req, res) => {
+      try {
+        const newKey = await this.lib.regenerateApiKey(req.user.id);
+        res.json({ success: true, apiKey: newKey });
+      } catch (error) {
+        res.status(500).json({ error: error.message });
+      }
+    });
+
+    this.app.post('/api/pages', this.requireAuth, async (req, res) => {
+      try {
+        const { route, code, options } = req.body;
+        
+        if (!route || !code) {
+          return res.status(400).json({ error: 'Route and code required' });
+        }
+
+        const page = await this.lib.createPage(req.user.id, route, code, options);
+        
+        res.status(201).json({
+          success: true,
+          page: {
+            id: page.id,
+            route: page.route,
+            shortRoute: page.shortRoute,
+            createdAt: page.stats.createdAt,
+            analysis: page.analysis
+          }
+        });
+      } catch (error) {
+        res.status(400).json({ success: false, error: error.message });
+      }
+    });
+
+    this.app.get('/api/pages', this.requireAuth, (req, res) => {
+      const userPages = req.user.pages.map(pid => {
+        const p = this.lib.pages.get(pid);
+        return p ? {
+          id: p.id,
+          route: p.route,
+          views: p.stats.views,
+          createdAt: p.stats.createdAt,
+          public: p.options.public
+        } : null;
+      }).filter(Boolean);
+      
+      res.json({ success: true, pages: userPages });
+    });
+
+    this.app.get('/api/pages/:pageId', this.requireAuth, (req, res) => {
+      const page = this.lib.pages.get(req.params.pageId);
+      if (!page || page.userId !== req.user.id) {
+        return res.status(404).json({ error: 'Page not found' });
+      }
+      
+      res.json({
+        success: true,
+        page: {
+          ...page,
+          code: undefined,
+          originalCode: undefined
+        }
+      });
+    });
+
+    this.app.delete('/api/pages/:pageId', this.requireAuth, async (req, res) => {
+      try {
+        await this.lib.deletePage(req.user.id, req.params.pageId);
+        res.json({ success: true });
+      } catch (error) {
+        res.status(400).json({ error: error.message });
+      }
+    });
+
+    this.app.post('/api/ai/analyze', this.requireAuth, async (req, res) => {
+      try {
+        const { code, context } = req.body;
+        const result = await this.lib.analyzeCode(code, context);
+        res.json({ success: true, ...result });
+      } catch (error) {
+        res.status(500).json({ error: error.message });
+      }
+    });
+
+    this.app.post('/api/ai/generate', this.requireAuth, async (req, res) => {
+      try {
+        const { description } = req.body;
+        const code = await this.lib.generatePageCode(description, req.user.id);
+        res.json({ success: true, code });
+      } catch (error) {
+        res.status(500).json({ error: error.message });
+      }
+    });
+
+    // ===== PUBLIC PAGE SERVING - REGEXP FIX =====
+    // استخدام RegExp بدلاً من wildcard
+    this.app.get(/^\/u\/([^\/]+)\/(.+)$/, async (req, res) => {
+      try {
+        const username = req.params[0];
+        const pagePath = req.params[1];
+        const route = `/${username}/${pagePath}`;
+        
+        const page = this.lib.getPageByRoute(route);
+        
+        if (!page) {
+          return res.status(404).send(`
+            <!DOCTYPE html>
+            <html dir="rtl">
+            <head>
+              <meta charset="UTF-8">
+              <title>404 - NOHO</title>
+              <style>
+                body { font-family: system-ui, sans-serif; text-align: center; padding: 50px; background: #0f172a; color: #f8fafc; }
+                h1 { font-size: 72px; margin: 0; color: #6366f1; }
+                a { color: #6366f1; text-decoration: none; }
+                code { background: #1e293b; padding: 4px 8px; border-radius: 4px; }
+              </style>
+            </head>
+            <body>
+              <h1>404</h1>
+              <p>الصفحة غير موجودة</p>
+              <p><code>${route}</code></p>
+              <p><a href="/">العودة للرئيسية</a></p>
+            </body>
+            </html>
+          `);
+        }
+
+        if (!page.options.public) {
+          return res.status(403).send(`
+            <!DOCTYPE html>
+            <html dir="rtl">
+            <head><title>403 - Private</title></head>
+            <body style="text-align:center; padding:50px; font-family:sans-serif;">
+              <h1>🔒 صفحة خاصة</h1>
+            </body>
+            </html>
+          `);
+        }
+
+        await this.lib.trackPageView(page.id);
+
+        const sandbox = {
+          req, res,
+          console,
+          setTimeout, setInterval, clearTimeout, clearInterval,
+          Date, Math, JSON, Object, Array, String, Number, Boolean, Promise,
+          fetch: fetch,
+          Buffer, 
+          process: { env: {} }
+        };
+        
+        const fn = new Function(...Object.keys(sandbox), `
+          "use strict";
+          return (async () => {
+            ${page.code}
+          })();
+        `);
+        
+        await fn(...Object.values(sandbox));
+        
+      } catch (error) {
+        console.error(`[PAGE ERROR]`, error);
+        res.status(500).send(`
+          <!DOCTYPE html>
+          <html dir="rtl">
+          <head>
+            <meta charset="UTF-8">
+            <title>Error - NOHO</title>
+            <style>
+              body { font-family: system-ui; text-align: center; padding: 50px; background: #0f172a; color: #f8fafc; }
+              .error-box { color: #ef4444; background: #1e293b; padding: 20px; border-radius: 8px; display: inline-block; margin-top: 20px; }
+            </style>
+          </head>
+          <body>
+            <h1 style="color: #ef4444;">⚠️ خطأ في تنفيذ الصفحة</h1>
+            <div class="error-box">${error.message}</div>
+          </body>
+          </html>
+        `);
+      }
+    });
+
+    this.app.get('/api/admin/users', this.requireAuth, (req, res) => {
+      if (req.user.email !== 'admin@noho.local') {
+        return res.status(403).json({ error: 'Admin only' });
+      }
+      res.json({ users: this.lib.listUsers() });
+    });
+
+    this.app.get('/', (req, res) => {
+      res.sendFile(path.join(__dirname, 'noho-dashboard.html'));
+    });
+
+    this.app.use((req, res) => {
+      res.status(404).json({ error: 'Not found' });
+    });
+
+    this.app.use((err, req, res, next) => {
+      console.error('[SERVER ERROR]', err);
+      res.status(500).json({ error: 'Internal server error' });
+    });
+  }
+
+  setupWebSocket() {
+    this.wss = new WebSocket.Server({ noServer: true });
+    
+    this.wss.on('connection', (ws, req) => {
+      const clientId = crypto.randomUUID();
+      this.clients.set(clientId, { ws, authenticated: false });
+      
+      ws.on('message', async (data) => {
+        try {
+          const msg = JSON.parse(data);
+          
+          if (msg.type === 'auth') {
+            const user = this.lib.validateToken(msg.token) || 
+                        this.lib.getUserByApiKey(msg.apiKey);
+            if (user) {
+              this.clients.get(clientId).authenticated = true;
+              this.clients.get(clientId).userId = user.id;
+              ws.send(JSON.stringify({ type: 'auth_success', user: this.lib.sanitizeUser(user) }));
+            } else {
+              ws.send(JSON.stringify({ type: 'auth_failed' }));
+            }
+          }
+          else if (msg.type === 'analyze_code' && this.clients.get(clientId).authenticated) {
+            const result = await this.lib.analyzeCode(msg.code, msg.context);
+            ws.send(JSON.stringify({ type: 'analysis_result', ...result }));
+          }
+          else if (msg.type === 'ping') {
+            ws.send(JSON.stringify({ type: 'pong', timestamp: Date.now() }));
+          }
+          
+        } catch (e) {
+          ws.send(JSON.stringify({ type: 'error', message: e.message }));
+        }
+      });
+      
+      ws.on('close', () => {
+        this.clients.delete(clientId);
+      });
+    });
+  }
+
+  handleUpgrade(request, socket, head) {
+    this.wss.handleUpgrade(request, socket, head, (ws) => {
+      this.wss.emit('connection', ws, request);
+    });
+  }
+
+  async start() {
+    await new Promise(resolve => setTimeout(resolve, 100));
+    
+    this.server = http.createServer(this.app);
+    this.server.on('upgrade', this.handleUpgrade.bind(this));
+    
+    this.server.listen(this.config.port, this.config.host, () => {
+      console.log(`
+╔════════════════════════════════════════╗
+║           NOHO SERVER v3.2             ║
+║      (Express v5 Compatible)           ║
+╠════════════════════════════════════════╣
+║  HTTP:  http://${this.config.host}:${this.config.port}        ║
+║  WS:    ws://${this.config.host}:${this.config.port}          ║
+║  Pages: /u/username/page-name          ║
+╚════════════════════════════════════════╝
+      `);
+    });
+  }
+
+  stop() {
+    if (this.server) {
+      this.server.close();
+      console.log('[SERVER] Stopped');
+    }
+  }
+}
+
+if (require.main === module) {
+  const server = new NOHOServer({
+    port: process.env.PORT || 5000,
+    aiKey: process.env.OPENAI_KEY
+  });
+  server.start();
+}
+
+module.exports = NOHOServer;
+

package/noho_data/pages/3f550d44-2383-45cd-bd12-96d5c16f7fb7_1429be93890e6120.json

@@ -0,0 +1,21 @@
+{
+  "id": "3f550d44-2383-45cd-bd12-96d5c16f7fb7_1429be93890e6120",
+  "userId": "3f550d44-2383-45cd-bd12-96d5c16f7fb7",
+  "route": "/ahmed/welcome",
+  "shortRoute": "/welcome",
+  "code": "res.send(\"<h1>Welcome to NOHO!</h1><p>Created by ahmed</p>\")",
+  "originalCode": "res.send(\"<h1>Welcome to NOHO!</h1><p>Created by ahmed</p>\")",
+  "analysis": {
+    "warnings": [],
+    "changes": []
+  },
+  "options": {
+    "public": true,
+    "allowApi": true
+  },
+  "stats": {
+    "views": 0,
+    "lastAccessed": null,
+    "createdAt": "2026-03-23T12:04:05.614Z"
+  }
+}

package/noho_data/users/3444499b-de5a-4931-b802-e02a054ef0c1.json

@@ -0,0 +1,20 @@
+{
+  "id": "3444499b-de5a-4931-b802-e02a054ef0c1",
+  "email": "test@test.com",
+  "username": "test",
+  "password": "ef797c8118f02dfb649607dd5d3f8c7623048c9c063d532cc95c5ed7a898a64f",
+  "apiKey": "noho_mn32pieq_15c407b3681e9882c87cc41e",
+  "createdAt": "2026-03-23T10:59:11.858Z",
+  "lastLogin": null,
+  "pages": [],
+  "stats": {
+    "requests": 0,
+    "pagesCreated": 0,
+    "lastActive": 1774263551858
+  },
+  "settings": {
+    "autoFix": true,
+    "notifications": true,
+    "theme": "dark"
+  }
+}

package/noho_data/users/3f550d44-2383-45cd-bd12-96d5c16f7fb7.json

@@ -0,0 +1,22 @@
+{
+  "id": "3f550d44-2383-45cd-bd12-96d5c16f7fb7",
+  "email": "ahmed@test.com",
+  "username": "ahmed",
+  "password": "ef797c8118f02dfb649607dd5d3f8c7623048c9c063d532cc95c5ed7a898a64f",
+  "apiKey": "noho_mn32p0wc_0c2b22b0f50585a560589e4c",
+  "createdAt": "2026-03-23T10:58:49.165Z",
+  "lastLogin": "2026-03-23T12:03:33.321Z",
+  "pages": [
+    "3f550d44-2383-45cd-bd12-96d5c16f7fb7_1429be93890e6120"
+  ],
+  "stats": {
+    "requests": 0,
+    "pagesCreated": 1,
+    "lastActive": 1774267413323
+  },
+  "settings": {
+    "autoFix": true,
+    "notifications": true,
+    "theme": "dark"
+  }
+}

package/noho_data/users/d4555ad8-9324-4ad3-a485-c234f17c2708.json

@@ -0,0 +1,20 @@
+{
+  "id": "d4555ad8-9324-4ad3-a485-c234f17c2708",
+  "email": "ali@test.com",
+  "username": "ali",
+  "password": "ef797c8118f02dfb649607dd5d3f8c7623048c9c063d532cc95c5ed7a898a64f",
+  "apiKey": "noho_mn33mh72_fa58da8ba86f656cb884f1eb",
+  "createdAt": "2026-03-23T11:24:49.935Z",
+  "lastLogin": null,
+  "pages": [],
+  "stats": {
+    "requests": 0,
+    "pagesCreated": 0,
+    "lastActive": 1774265089935
+  },
+  "settings": {
+    "autoFix": true,
+    "notifications": true,
+    "theme": "dark"
+  }
+}

package/package.json

@@ -0,0 +1,22 @@
+{
+  "name": "noho-platform",
+  "version": "1.0.0",
+  "description": "",
+  "main": "index.js",
+  "scripts": {
+    "test": "echo \"Error: no test specified\" && exit 1"
+  },
+  "keywords": [],
+  "author": "",
+  "license": "ISC",
+  "type": "commonjs",
+  "dependencies": {
+    "cors": "^2.8.6",
+    "express": "^5.2.1",
+    "express-rate-limit": "^8.3.1",
+    "helmet": "^8.1.0",
+    "node-fetch": "^3.3.2",
+    "ws": "^8.19.0"
+  },
+  "devDependencies": {}
+}

package/test-lib.js

@@ -0,0 +1,56 @@
+const NOHOLibrary = require('./noho-lib');
+
+async function test() {
+    console.log('🧪 Testing NOHO Library...\n');
+    
+    const lib = new NOHOLibrary({
+        aiKey: 'test-key',
+        dbPath: './test_data'
+    });
+    
+    // انتظر التهيئة
+    await new Promise(r => setTimeout(r, 500));
+    
+    try {
+        // 1. اختبار التسجيل
+        console.log('1️⃣ Testing register...');
+        const user = await lib.registerUser('ahmed@test.com', '12345678', 'ahmed');
+        console.log('✅ User created:', user.username);
+        console.log('   API Key:', user.apiKey.substring(0, 20) + '...');
+        
+        // 2. اختبار تسجيل الدخول
+        console.log('\n2️⃣ Testing login...');
+        const login = await lib.loginUser('ahmed@test.com', '12345678');
+        console.log('✅ Login successful, token:', login.token.substring(0, 20) + '...');
+        
+        // 3. اختبار إنشاء صفحة
+        console.log('\n3️⃣ Testing create page...');
+        const page = await lib.createPage(
+            user.userId, 
+            '/hello', 
+            'res.send("<h1>Hello from NOHO!</h1>")',
+            { public: true }
+        );
+        console.log('✅ Page created:', page.route);
+        console.log('   ID:', page.id);
+        
+        // 4. اختبار استرجاع الصفحة
+        console.log('\n4️⃣ Testing get page...');
+        const found = lib.getPageByRoute('/ahmed/hello');
+        console.log('✅ Page found:', found ? 'YES' : 'NO');
+        console.log('   Views:', found.stats.views);
+        
+        // 5. اختبار الإحصائيات
+        console.log('\n5️⃣ Testing stats...');
+        const stats = lib.getUserStats(user.userId);
+        console.log('✅ Stats:', JSON.stringify(stats, null, 2));
+        
+        console.log('\n🎉 All tests passed!');
+        
+    } catch (error) {
+        console.error('\n❌ Test failed:', error.message);
+        console.error(error.stack);
+    }
+}
+
+test();

package/test_data/pages/a019aa48-0caf-478f-927e-266c812eae10_10022dfa5d34936d.json

@@ -0,0 +1,24 @@
+{
+  "id": "a019aa48-0caf-478f-927e-266c812eae10_10022dfa5d34936d",
+  "userId": "a019aa48-0caf-478f-927e-266c812eae10",
+  "route": "/ahmed/hello",
+  "shortRoute": "/hello",
+  "code": "res.send(\"<h1>Hello from NOHO!</h1>\")",
+  "originalCode": "res.send(\"<h1>Hello from NOHO!</h1>\")",
+  "analysis": {
+    "fixed": "res.send(\"<h1>Hello from NOHO!</h1>\")",
+    "warnings": [
+      "AI analysis failed"
+    ],
+    "changes": []
+  },
+  "options": {
+    "public": true,
+    "allowApi": true
+  },
+  "stats": {
+    "views": 0,
+    "lastAccessed": null,
+    "createdAt": "2026-03-23T11:57:31.495Z"
+  }
+}

package/test_data/users/a019aa48-0caf-478f-927e-266c812eae10.json

@@ -0,0 +1,22 @@
+{
+  "id": "a019aa48-0caf-478f-927e-266c812eae10",
+  "email": "ahmed@test.com",
+  "username": "ahmed",
+  "password": "ef797c8118f02dfb649607dd5d3f8c7623048c9c063d532cc95c5ed7a898a64f",
+  "apiKey": "noho_mn34sh7f_18e2d399a9501678df3eaf99",
+  "createdAt": "2026-03-23T11:57:29.500Z",
+  "lastLogin": "2026-03-23T11:57:29.510Z",
+  "pages": [
+    "a019aa48-0caf-478f-927e-266c812eae10_10022dfa5d34936d"
+  ],
+  "stats": {
+    "requests": 0,
+    "pagesCreated": 1,
+    "lastActive": 1774267049510
+  },
+  "settings": {
+    "autoFix": true,
+    "notifications": true,
+    "theme": "dark"
+  }
+}