import express from 'express';

import multer from 'multer';

import B2 from 'backblaze-b2';
import path from 'path';
import bcrypt from 'bcrypt';
import session from 'express-session';
import cors from 'cors';
import webpush from 'web-push';
import pkg from 'pg';
const { Pool } = pkg;
import dotenv from 'dotenv';
import { createServer } from 'http';
import { Server } from '[Link]';
import fs from 'fs';
import { fileURLToPath } from 'url';
import Groq from 'groq-sdk';
import mongoose from 'mongoose';
import crypto from 'crypto';

[Link]();
const groq = new Groq({ apiKey: [Link].GROQ_API_KEY });

// Resolve __dirname in ES modules

const __filename = fileURLToPath([Link]);
const __dirname = [Link](__filename);

const app = express();

const port = [Link] || 3000;
[Link]([Link]());

// ----------------------------
// Initialize Backblaze B2 & Multer
// ----------------------------
const b2 = new B2({
applicationKeyId: [Link].B2_APPLICATION_KEY_ID,
applicationKey: [Link].B2_APPLICATION_KEY
});
const upload = multer({ storage: [Link]() });

// ----------------------------
// Serve Static Files & Fallback Route
// ----------------------------
[Link]([Link]([Link](__dirname, 'public')));
[Link]("/", (req, res) => {
[Link]([Link](__dirname, 'public', '[Link]'));
});

// ----------------------------
// File Upload Endpoint (Backblaze B2)
// ----------------------------
[Link]('/upload', [Link]('file'), async (req, res) => {
if (![Link]) {
return [Link](400).json({ error: 'No file uploaded.' });
}
 try {
await [Link]();
const { data: { uploadUrl, authorizationToken } } = await [Link]({
bucketId: [Link].B2_BUCKET_ID
});
const fileBuffer = [Link];
const fileName = [Link];
await [Link]({
uploadUrl,
uploadAuthToken: authorizationToken,
fileName,
data: fileBuffer,
contentType: [Link]
});
const publicUrl = `${[Link].B2_BUCKET_URL}/${fileName}`;
[Link]({ url: publicUrl });
} catch (err) {
[Link]('Error uploading file:', err);
[Link](500).json({ error: 'Error uploading the file.' });
}
});

// ----------------------------
// Transcription Endpoint (Groq API)
// ----------------------------
[Link]("/transcribe", [Link]('audio'), async (req, res) => {
try {
let audioBuffer;
let filename;

if ([Link]) {
audioBuffer = [Link];
filename = [Link];
const MAX_FILE_SIZE = 25 * 1024 * 1024;
if ([Link] > MAX_FILE_SIZE) {
return [Link](400).json({ error: "File size exceeds 25MB limit." });
}
const supportedTypes = [
'audio/flac', 'audio/mp3', 'audio/mp4', 'audio/mpeg',
'audio/mpga', 'audio/m4a', 'audio/ogg', 'audio/wav', 'audio/webm'
];
if () {
return [Link](400).json({
error: "Unsupported file type. Supported types: flac, mp3, mp4, mpeg,
mpga, m4a, ogg, wav, webm"
});
}
} else if ([Link] && [Link]) {
const audioUrl = [Link];
[Link]("Fetching audio from URL:", audioUrl);
const response = await fetch(audioUrl);
if (![Link]) {
return [Link](400).json({ error: `Failed to fetch audio from URL.
Status: ${[Link]}` });
 }
const contentType = [Link]('content-type');
if (contentType) [Link]("Fetched content-type:", contentType);
audioBuffer = [Link](await [Link]());
filename = [Link](audioUrl) || `audio_${[Link]()}.mp3`;
const MAX_FILE_SIZE = 25 * 1024 * 1024;
if ([Link] > MAX_FILE_SIZE) {
return [Link](400).json({ error: "File size exceeds 25MB limit." });
}
} else {
return [Link](400).json({ error: "No audio provided. Please upload a
file or provide a URL." });
}

if (!audioBuffer) {
return [Link](400).json({ error: "Failed to process audio." });
}

const tempDir = [Link](__dirname, "temp");

if () {
[Link](tempDir);
}
const tempPath = [Link](tempDir, `temp_${[Link]()}_${filename}`);
[Link](tempPath, audioBuffer);
[Link](`Temporary file created: ${tempPath}`);

const fileStream = [Link](tempPath);

[Link]("Calling Groq API for transcription...");

const transcription = await [Link]({
file: fileStream,
model: "whisper-large-v3-turbo",
response_format: "json",
temperature: 0.0,
});
[Link]("Transcription result:", transcription);

[Link](tempPath);
[Link](`Temporary file deleted: ${tempPath}`);

[Link]({ text: [Link] });

} catch (error) {
[Link]("Transcription error:", error);
[Link](500).json({ error: [Link] });
}
});

// ----------------------------
// Session Middleware
// ----------------------------
[Link](session({
secret: [Link].SESSION_SECRET || 'your-secret-key',
resave: false,
saveUninitialized: true,
 cookie: {
secure: [Link].NODE_ENV === 'production',
maxAge: 24 * 60 * 60 * 1000
}
}));

// ----------------------------
// Initialize PostgreSQL Personal Database Pool
// ----------------------------
const personalPool = new Pool({
connectionString: [Link].DATABASE_PUBLIC_URL || [Link].DATABASE_URL,
ssl: [Link].NODE_ENV === 'production' ? { rejectUnauthorized: false } :
false,
});

[Link]('SELECT NOW()', (err, result) => {

if (err) {
[Link]('Error connecting to the personal database:', err);
} else {
[Link]('Connected to the personal database successfully');
}
});

// ----------------------------
// Initialize MongoDB (General Database) with Mongoose
// ----------------------------
const dbName = "openchat";
const generalDbURI = [Link].GENERAL_MONGO_URI ||

`mongodb+srv://londonjeremie:Narnia2010@[Link]/${dbName}?ret
ryWrites=true&w=majority`;

[Link](generalDbURI)
.then(() => {
[Link](`✅ Connected to MongoDB general database: "${dbName}" created
successfully!`);
})
.catch((error) => [Link]('❌ Connection error to MongoDB general
database:', error));

// Define a Mongoose schema and model for general users

const generalUserSchema = new [Link]({
authentificator: { type: String, required: true },
username: { type: String, required: true, unique: true },
password: String,
database_url: { type: String, required: true }
});
const GeneralUser = [Link]('GeneralUser', generalUserSchema);

// ----------------------------
// Create or Update Tables in Personal Database
// ----------------------------
[Link](`
DO $$
 BEGIN
-- Create users table if it doesn't exist
IF NOT EXISTS (
SELECT 1 FROM information_schema.tables
WHERE table_schema='public' AND table_name='users'
) THEN
CREATE TABLE users (
id SERIAL PRIMARY KEY,
username TEXT UNIQUE NOT NULL,
password TEXT,
online BOOLEAN DEFAULT FALSE,
push_subscription TEXT,
public_key TEXT,
private_key TEXT,
symmetric_key TEXT
);
ELSE
-- Add symmetric_key column if it doesn't exist
IF NOT EXISTS (
SELECT 1 FROM information_schema.columns
WHERE table_schema='public' AND table_name='users' AND
column_name='symmetric_key'
) THEN
ALTER TABLE users ADD COLUMN symmetric_key TEXT;
END IF;
END IF;

-- Create messages table if it doesn't exist

IF NOT EXISTS (
SELECT 1 FROM information_schema.tables
WHERE table_schema='public' AND table_name='messages'
) THEN
CREATE TABLE messages (
id SERIAL PRIMARY KEY,
sender TEXT,
receiver TEXT,
message TEXT,
file_url TEXT,
file_name TEXT,
file_type TEXT,
file_size INT,
timestamp TIMESTAMPTZ DEFAULT CURRENT_TIMESTAMP,
is_encrypted BOOLEAN DEFAULT TRUE
);
END IF;

-- Create external_databases table if it doesn't exist

IF NOT EXISTS (
SELECT 1 FROM information_schema.tables
WHERE table_schema='public' AND table_name='external_databases'
) THEN
CREATE TABLE external_databases (
id SERIAL PRIMARY KEY,
username TEXT NOT NULL,
 authentificator TEXT NOT NULL,
database_url TEXT NOT NULL,
public_key TEXT
);
END IF;

-- Add columns if they don't exist (for existing tables)

-- For users table
IF NOT EXISTS (
SELECT 1 FROM information_schema.columns
WHERE table_name='users' AND column_name='public_key'
) THEN
ALTER TABLE users ADD COLUMN public_key TEXT;
END IF;

IF NOT EXISTS (
SELECT 1 FROM information_schema.columns
WHERE table_name='users' AND column_name='private_key'
) THEN
ALTER TABLE users ADD COLUMN private_key TEXT;
END IF;

-- For external_databases table

IF NOT EXISTS (
SELECT 1 FROM information_schema.columns
WHERE table_name='external_databases' AND column_name='public_key'
) THEN
ALTER TABLE external_databases ADD COLUMN public_key TEXT;
END IF;

END $$;
`, (err) => {
if (err) {
[Link]('Error setting up database schema:', err);
} else {
[Link]('Database schema setup successfully.');
}
});

// ----------------------------
// Helper Functions for Authenticator and Registration
// ----------------------------
function generateAuthenticator() {
const chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
let result = '';
for (let i = 0; i < 8; i++) {
result += [Link]([Link]([Link]() * [Link]));
}
return result;
}

async function registerGeneralUser(username, password) {

// Generate unique authenticator
const generateUniqueAuthenticator = async () => {
 let attempts = 0;
const maxAttempts = 10;

while (attempts < maxAttempts) {

const code = generateAuthenticator();
const existing = await [Link]({ authentificator: code
}).exec();
if (!existing) {
return code;
}
attempts++;
}
throw new Error('Could not generate unique authenticator after multiple
attempts');
};

const databaseURL = [Link].DATABASE_PUBLIC_URL ||

[Link].DATABASE_URL;

try {
// Double-check if username already exists
const existingUser = await [Link]({ username }).exec();
if (existingUser) {
throw new Error(`Username '${username}' already exists in general
database`);
}

// Generate unique authenticator

const authentificator = await generateUniqueAuthenticator();

// Create and save the user

const newGeneralUser = new GeneralUser({
authentificator,
username,
password, // Should already be hashed
database_url: databaseURL
});

await [Link]();
return authentificator;
} catch (err) {
[Link](`Error registering user '${username}' in general database:`,
err);

// Better error handling

if ([Link] === 11000) { // MongoDB duplicate key error
if ([Link]?.username) {
throw new Error(`Username '${username}' already exists in general
database`);
} else if ([Link]?.authentificator) {
throw new Error('Authentication key collision. Please try again.');
}
}
 throw err;
}
}

// Add these improved encryption utility functions

function generateKeyPair() {
return [Link]('rsa', {
modulusLength: 2048,
publicKeyEncoding: {
type: 'spki',
format: 'pem'
},
privateKeyEncoding: {
type: 'pkcs8',
format: 'pem'
}
});
}

// Generate a random symmetric key for local message encryption

function generateSymmetricKey() {
return [Link](32).toString('hex');
}

// Encrypt with public key (for E2E encryption)

function encryptWithPublicKey(publicKey, message) {
if (!message || !publicKey) return message;
try {
return [Link](
{
key: publicKey,
padding: [Link].RSA_PKCS1_OAEP_PADDING
},
[Link](String(message))
).toString('base64');
} catch (err) {
[Link]('RSA encryption error:', err);
return message;
}
}

// Decrypt with private key (for E2E encryption)

function decryptWithPrivateKey(privateKey, encryptedMessage) {
if (!encryptedMessage || !privateKey) return encryptedMessage;
try {
// Check if the message is actually encrypted (base64)
if (!/^[A-Za-z0-9+/=]+$/.test(encryptedMessage)) {
return encryptedMessage;
}

return [Link](
{
key: privateKey,
padding: [Link].RSA_PKCS1_OAEP_PADDING
 },
[Link](encryptedMessage, 'base64')
).toString();
} catch (err) {
[Link]('RSA decryption error:', err);
return encryptedMessage;
}
}

// AES encryption for local storage (symmetric)

function encryptWithSymmetricKey(key, message) {
if (!message || !key) return message;
try {
const iv = [Link](16);
const cipher = [Link]('aes-256-cbc', [Link](key, 'hex'),
iv);
let encrypted = [Link](String(message), 'utf8', 'base64');
encrypted += [Link]('base64');
return [Link]('hex') + ':' + encrypted; // Store IV with the message
} catch (err) {
[Link]('AES encryption error:', err);
return message;
}
}

// AES decryption for local storage (symmetric)

function decryptWithSymmetricKey(key, encryptedMessage) {
if (!encryptedMessage || !key || ) return
encryptedMessage;
try {
const parts = [Link](':');
const iv = [Link](parts[0], 'hex');
const encrypted = parts[1];
const decipher = [Link]('aes-256-cbc', [Link](key,
'hex'), iv);
let decrypted = [Link](encrypted, 'base64', 'utf8');
decrypted += [Link]('utf8');
return decrypted;
} catch (err) {
[Link]('AES decryption error:', err);
return encryptedMessage;
}
}

// ----------------------------
// New Endpoint to Link External Databases (Bidirectional Insertion)
// ----------------------------
// When a user (e.g. Alice) submits another user's authenticator (e.g. Bob's),
// - Step 1: Insert a record into the central external_databases for the
current user (Alice)
// using her own username as owner and storing Bob's authenticator
and Bob's database URL.
// - Step 2: Retrieve Alice's general record.
// - Step 3: Connect to Bob's external database (using Bob's database URL) and
insert a record
// so that Bob's external database now has a reciprocal record for
Alice.
// ----------------------------
// New Endpoint to Link External Databases (Bidirectional Insertion)
// ----------------------------
[Link]('/link-database', async (req, res) => {
// The linking user (e.g. Alice) sends in her own username and the
authenticator of the target user (e.g. Bob)
const { externalAuthenticator, username } = [Link];
// currentUser is the linking user (Alice)
const currentUser = [Link] || username;

if (!externalAuthenticator || !currentUser) {
return [Link](400).json({ error: 'Authenticator and username are
required.' });
}

try {
// 0. First, check if the authenticator belongs to the current user to
prevent self-linking
const currentUserRecord = await [Link]({ username: currentUser
}).exec();
if (!currentUserRecord) {
return [Link](404).json({ error: 'Current user not found in general
database.' });
}

if ([Link] === externalAuthenticator) {

return [Link](400).json({ error: 'Cannot link to your own database.'
});
}

// 1. Look up the target user (Bob) by his authenticator.

const targetUser = await [Link]({ authentificator:
externalAuthenticator }).exec();
if (!targetUser) {
return [Link](404).json({ error: 'Authenticator not found.' });
}

// Check if the databases are already linked

const existingLink = await [Link](
'SELECT * FROM external_databases WHERE username = $1 AND authentificator
= $2',
[[Link], externalAuthenticator]
);

if ([Link] > 0) {
return [Link](400).json({ error: 'Databases are already linked.' });
}

// Get current user's public key

const currentUserKeyQuery = await [Link](
'SELECT public_key FROM users WHERE username = $1',
 [currentUser]
);

if ([Link] === 0 ||
![Link][0].public_key) {
return [Link](400).json({ error: 'Current user public key not found.'
});
}

const currentUserPublicKey = [Link][0].public_key;

// 2. Insert Bob into Alice's users table

try {
await [Link](
`INSERT INTO users (username, password, online)
VALUES ($1, $2, FALSE)
ON CONFLICT (username) DO NOTHING`,
[[Link], null]
);
} catch (err) {
[Link]('Error inserting user into local database:', err);
return [Link](500).json({ error: 'Error inserting user into local
database.' });
}

// 3. Connect to Bob's database to get his public key

let targetExtPool = null;
let targetUserPublicKey = null;

try {
targetExtPool = new Pool({
connectionString: targetUser.database_url,
ssl: [Link].NODE_ENV === 'production' ? { rejectUnauthorized: false
} : false,
});

// Get Bob's public key

const targetUserKeyQuery = await [Link](
'SELECT public_key FROM users WHERE username = $1',
[[Link]]
);

if ([Link] > 0 &&

[Link][0].public_key) {
targetUserPublicKey = [Link][0].public_key;
}
} catch (err) {
[Link]('Error retrieving target user public key:', err);
}

// 4. Insert into Alice's external_databases table a record for Bob with his
public key
try {
await [Link](
 'INSERT INTO external_databases (username, authentificator,
database_url, public_key) VALUES ($1, $2, $3, $4) ON CONFLICT DO NOTHING',
[[Link], externalAuthenticator, targetUser.database_url,
targetUserPublicKey]
);
} catch (err) {
[Link]('Error inserting external database record:', err);
return [Link](500).json({ error: 'Error inserting external database
record.' });
}

// 5. Insert Alice into Bob's users table

try {
if (targetExtPool) {
// Insert Alice into Bob's users table
await [Link](
`INSERT INTO users (username, password, online)
VALUES ($1, $2, FALSE)
ON CONFLICT (username) DO NOTHING`,
[currentUser, null]
);

// Insert Alice's details into Bob's external_databases table with her

public key
await [Link](
'INSERT INTO external_databases (username, authentificator,
database_url, public_key) VALUES ($1, $2, $3, $4) ON CONFLICT DO NOTHING',
[currentUser, [Link],
currentUserRecord.database_url, currentUserPublicKey]
);
}

// Ensure current user record has the public URL

if (currentUserRecord.database_url !== [Link].DATABASE_PUBLIC_URL &&
[Link].DATABASE_PUBLIC_URL) {
// Update the record to use the public URL
currentUserRecord.database_url = [Link].DATABASE_PUBLIC_URL;
await [Link]();
[Link](`Updated ${currentUser}'s database URL to public URL in
general database`);
}

[Link]({
message: 'External database linked successfully.',
linkedUser: [Link]
});
} catch (err) {
[Link]('Error connecting to or inserting into target database:',
err);
return [Link](500).json({
error: 'Error connecting to target database. Please verify the
authenticator is correct.'
});
} finally {
 if (targetExtPool) {
[Link]();
}
}
} catch (err) {
[Link]('Error linking database:', err);
[Link](500).json({ error: 'Internal server error: ' + [Link] });
}
});

// ----------------------------
// Helper Function: Save Message to an External Database
// ----------------------------
async function saveMessageExternal(database_url, sender, receiver, msg,
fileData) {
const extPool = new Pool({
connectionString: database_url,
ssl: [Link].NODE_ENV === 'production' ? { rejectUnauthorized: false } :
false,
});
try {
if (fileData) {
const query = `
INSERT INTO messages (sender, receiver, message, file_url, file_name,
file_type, file_size)
VALUES ($1, $2, $3, $4, $5, $6, $7)
`;
const placeholderMessage = 'File attachment';
await [Link](query, [sender, receiver, placeholderMessage,
[Link], [Link], [Link], [Link]]);
} else {
await [Link]('INSERT INTO messages (sender, receiver, message)
VALUES ($1, $2, $3)', [sender, receiver, msg]);
}
} catch (err) {
[Link]('Error inserting message into external DB:', err);
} finally {
[Link]();
}
}

// ----------------------------
// Track Users and Their Socket Connections
// ----------------------------
const users = {}; // { username: { socketId, online, pushSubscription } }

// ----------------------------
// Web Push Configuration
// ----------------------------
[Link](
'[Link]
[Link].VAPID_PUBLIC_KEY,
[Link].VAPID_PRIVATE_KEY
);
// ----------------------------
// Create HTTP Server and Attach [Link]
// ----------------------------
const server = createServer(app);
const io = new Server(server);

// ----------------------------
// Load Combined Users for a Socket (Local + External)
// ----------------------------
async function loadCombinedUsers(socket) {
const currentUser = [Link];
try {
const localResult = await [Link](
'SELECT username, online FROM users WHERE username <> $1',
[currentUser]
);
let allUsers = [Link];
const externalLinksResult = await [Link](
'SELECT * FROM external_databases WHERE username = $1',
[currentUser]
);
for (const link of [Link]) {
const externalPool = new Pool({
connectionString: link.database_url,
ssl: [Link].NODE_ENV === 'production' ? { rejectUnauthorized: false
} : false,
});
const externalUsersResult = await [Link](
'SELECT username, online FROM users WHERE username <> $1',
[currentUser]
);
allUsers = [Link]([Link]);
[Link]();
}
const uniqueUsers = {};
[Link](u => { uniqueUsers[[Link]] = u; });
const userList = [Link](uniqueUsers);
[Link]('users', userList);
[Link](`Users list for ${currentUser} updated:`, userList);
} catch (err) {
[Link](`Error fetching users list for ${currentUser}:`, err);
}
}

// ----------------------------
// [Link] Events
// ----------------------------
[Link]('connection', (socket) => {
[Link]('A user connected');

[Link]('login', async ({ username, password }) => {

try {
const existingGeneralUser = await [Link]({ username
}).exec();
const userQuery = await [Link]('SELECT * FROM users WHERE
username = $1', [username]);
const user = [Link][0];
if (existingGeneralUser) {
if (![Link]) {
[Link]('prompt signup', 'User exists but no password set. Would
you like to set a password?');
} else {
const match = await [Link](password, [Link]);
if (match) {
await loginUser(socket, username);
} else {
[Link]('login failed', 'Invalid password.');
}
}
} else {
[Link]('prompt signup', 'User not found. Would you like to sign
up?');
}
} catch (err) {
[Link]('Error during login:', err);
[Link]('login failed', 'An error occurred during login.');
}
});

[Link]('signup', async ({ username, password }) => {

try {
// Validate inputs
if (!username || [Link]() === '') {
return [Link]('signup failed', 'Username cannot be empty.');
}

if (!password || [Link] < 6) {

return [Link]('signup failed', 'Password must be at least 6
characters long.');
}

// FIRST: Check if user exists in the general database (MongoDB)

[Link](`Checking if username '${username}' exists in general
database...`);
const existingGeneralUser = await [Link]({ username
}).exec();

if (existingGeneralUser) {
[Link](`Username '${username}' already exists in general
database.`);
return [Link]('signup failed', 'Username already exists in our
system.');
}

// THEN: Check if user exists in personal database (PostgreSQL)

[Link](`Checking if username '${username}' exists in personal
database...`);
 const userQuery = await [Link]('SELECT * FROM users WHERE
username = $1', [username]);

if ([Link] > 0) {
[Link](`Username '${username}' already exists in personal
database.`);
return [Link]('signup failed', 'Username already exists in local
database.');
}

[Link](`Username '${username}' is available. Creating account...`);

// Hash password and create user

const hashedPassword = await [Link](password, 10);

// Generate RSA keypair for E2E encryption

const { publicKey, privateKey } = generateKeyPair();

// Insert user into both databases in correct order

try {
// First register in general database to get authenticator
const generalAuthenticator = await registerGeneralUser(username,
hashedPassword);
[Link](`User ${username} registered in general database with
authenticator: ${generalAuthenticator}`);

// Then insert into personal database with keypair

await [Link](
'INSERT INTO users (username, password, online, public_key,
private_key) VALUES ($1, $2, TRUE, $3, $4)',
[username, hashedPassword, publicKey, privateKey]
);

await loginUser(socket, username);

} catch (err) {
[Link](`Error during account creation for ${username}:`, err);

// If the general DB insertion succeeded but the personal DB failed,

// we should roll back the general DB entry
try {
await [Link]({ username });
[Link](`Rolled back general DB entry for ${username} due to
error.`);
} catch (rollbackErr) {
[Link](`Failed to roll back general DB entry for ${username}:`,
rollbackErr);
}

return [Link]('signup failed', 'Error creating account. Please try

again.');
}

} catch (err) {
[Link]('Error during signup:', err);
 [Link]('signup failed', 'Registration failed. Please try again
later.');
}
});

[Link]('chat message', async ({ to, msg }) => {

if (![Link]) return;
const now = new Date();
const messageId = generateMessageId();
const message = {
from: [Link],
msg,
to,
timestamp: formatTime(now),
dayLabel: formatDayLabel(now),
messageId
};

try {
// Get recipient's public key for E2E encryption
let recipientPublicKey = null;
const userQuery = await [Link](
'SELECT public_key FROM users WHERE username = $1',
[to]
);

if ([Link] > 0 && [Link][0].public_key) {

recipientPublicKey = [Link][0].public_key;
}

// Also check external database users

if (!recipientPublicKey) {
const externalUserQuery = await [Link](
'SELECT public_key FROM external_databases WHERE username = $1',
[to]
);

if ([Link] > 0 &&

[Link][0].public_key) {
recipientPublicKey = [Link][0].public_key;
}
}

// Get sender's symmetric key for local encryption

const senderQuery = await [Link](
'SELECT symmetric_key FROM users WHERE username = $1',
[[Link]]
);

const symmetricKey = [Link] > 0 ?

[Link][0].symmetric_key : null;

// For recipient DB: encrypt with recipient's public key (E2E)

let recipientEncryptedMsg = recipientPublicKey ?
 encryptWithPublicKey(recipientPublicKey, msg) : msg;

// For sender DB: encrypt with sender's symmetric key

let senderStoredMsg = symmetricKey ?
encryptWithSymmetricKey(symmetricKey, msg) : msg;

// Both are encrypted, just with different methods

const isEncrypted = true;

// Save message to local database (encrypted with symmetric key)

saveMessage([Link], to, senderStoredMsg, isEncrypted);

// Send to recipient if online

if (users[to] && users[to].online) {
[Link](users[to].socketId).emit('chat message', message);
[Link](users[to].socketId).emit('notification', `New message from
${[Link]}`);
if (users[to].pushSubscription) {
sendPushNotification([Link](users[to].pushSubscription), {
title: 'New Message',
body: `You have a new message from ${[Link]}`
});
}
}

// Send back to sender for UI update

[Link]('chat message', message);

// Cross-database messaging
const recipientExternalResult = await [Link](
'SELECT * FROM external_databases WHERE username = $1',
[to]
);

if ([Link] > 0) {
const recipientDB = [Link][0];
saveMessageToExternalDB(
recipientDB.database_url,
[Link],
to,
recipientEncryptedMsg,
null,
true // E2E encrypted
);
}
} catch (err) {
[Link]('Error in chat message:', err);
}
});

[Link]('file message', async ({ to, fileUrl, name, type, size,

transcription }) => {
if (![Link]) return;
const now = new Date();
 const messageId = generateMessageId();
const message = {
from: [Link],
fileUrl: fileUrl,
fileName: name,
fileType: type,
fileSize: size,
to,
timestamp: formatTime(now),
dayLabel: formatDayLabel(now),
messageId,
isFileMessage: true
};

try {
// Get recipient's public key for encryption
let recipientPublicKey = null;
const userQuery = await [Link](
'SELECT public_key FROM users WHERE username = $1',
[to]
);

if ([Link] > 0 && [Link][0].public_key) {

recipientPublicKey = [Link][0].public_key;
}

// Also check external database users

if (!recipientPublicKey) {
const externalUserQuery = await [Link](
'SELECT public_key FROM external_databases WHERE username = $1',
[to]
);

if ([Link] > 0 &&

[Link][0].public_key) {
recipientPublicKey = [Link][0].public_key;
}
}

// Get sender's symmetric key for self-encryption

const senderQuery = await [Link](
'SELECT symmetric_key FROM users WHERE username = $1',
[[Link]]
);

const symmetricKey = [Link] > 0 ?

[Link][0].symmetric_key : null;

// For recipient: encrypt with recipient's key if available

let recipientEncryptedUrl = recipientPublicKey ?
encryptWithPublicKey(recipientPublicKey, fileUrl) : fileUrl;
let recipientEncryptedName = recipientPublicKey ?
encryptWithPublicKey(recipientPublicKey, name) : name;
let recipientEncryptedType = recipientPublicKey ?
encryptWithPublicKey(recipientPublicKey, type) : type;

// For sender: encrypt with symmetric key

let senderEncryptedUrl = symmetricKey ?
encryptWithSymmetricKey(symmetricKey, fileUrl) : fileUrl;
let senderEncryptedName = symmetricKey ?
encryptWithSymmetricKey(symmetricKey, name) : name;
let senderEncryptedType = symmetricKey ?
encryptWithSymmetricKey(symmetricKey, type) : type;

// All data is encrypted (with different methods)

const isEncrypted = true;

// Save to sender's database (encrypted with symmetric key)

saveFileMessage([Link], to, senderEncryptedUrl,
senderEncryptedName, senderEncryptedType, size, isEncrypted);

// Send to recipient if online

if (users[to] && users[to].online) {
[Link](users[to].socketId).emit('file message', message);
[Link](users[to].socketId).emit('notification', `New file from
${[Link]}`);
}

// Send back to sender for UI update (just once)

[Link]('file message', message);

// Cross-database file message handling

const recipientExternalResult = await [Link](
'SELECT * FROM external_databases WHERE username = $1',
[to]
);

if ([Link] > 0) {
const recipientDB = [Link][0];
saveMessageToExternalDB(
recipientDB.database_url,
[Link],
to,
null,
{
fileUrl: recipientEncryptedUrl,
name: recipientEncryptedName,
type: recipientEncryptedType,
size
},
true
);
}
} catch (err) {
[Link]('Error in file message:', err);
}
});
 [Link]('load messages', ({ user }) => {
if ([Link] && user) {
loadPrivateMessageHistory([Link], user, (messages) => {
[Link]('chat history', messages);
});
} else {
[Link]('chat history', []);
}
});

[Link]('load users', () => {

if ([Link]) {
loadCombinedUsers(socket);
}
});

[Link]('disconnect', () => {
if ([Link]) {
[Link]('UPDATE users SET online = FALSE WHERE username = $1',
[[Link]], (err) => {
if (err) [Link]('Error marking user offline:', err);
if (users[[Link]]) {
users[[Link]].online = false;
}
for (const [id, sock] of [Link]("/").sockets) {
if ([Link]) {
loadCombinedUsers(sock);
}
}
});
}
[Link]('A user disconnected');
});

[Link]('setup password', async ({ username, password }) => {

try {
const hashedPassword = await [Link](password, 10);
await [Link]('UPDATE users SET password = $1 WHERE username =
$2', [hashedPassword, username]);
[Link]('password setup successful');
await loginUser(socket, username);
} catch (err) {
[Link]('Error setting up password:', err);
[Link]('setup failed', 'Password setup failed.');
}
});

[Link]('subscribe', async (subscription) => {

try {
await [Link]('UPDATE users SET push_subscription = $1 WHERE
username = $2', [[Link](subscription), [Link]]);
[Link](`User ${[Link]} subscribed to push notifications.`);
} catch (err) {
[Link]('Error saving push subscription:', err);
 }
});

async function sendPushNotification(subscription, message) {

try {
await [Link](subscription, [Link](message));
} catch (err) {
[Link]('Error sending push notification:', err);
}
}
});

// ----------------------------
// Helper Functions (Outside [Link])
// ----------------------------
async function loginUser(socket, username) {
await [Link]('UPDATE users SET online = TRUE WHERE username = $1',
[username]);
users[username] = { socketId: [Link], online: true };
[Link] = username;

// Check if user has encryption keys (public, private, and symmetric)

try {
const userQuery = await [Link](
'SELECT public_key, private_key, symmetric_key FROM users WHERE username =
$1',
[username]
);

if ([Link] > 0) {
const user = [Link][0];

if (!user.public_key || !user.private_key) {
[Link](`User ${username} is missing RSA keys. Generating...`);
const { publicKey, privateKey } = generateKeyPair();
await [Link](
'UPDATE users SET public_key = $1, private_key = $2 WHERE username =
$3',
[publicKey, privateKey, username]
);
}

if (!user.symmetric_key) {
[Link](`User ${username} is missing symmetric key. Generating...`);
const symmetricKey = generateSymmetricKey();
await [Link](
'UPDATE users SET symmetric_key = $1 WHERE username = $2',
[symmetricKey, username]
);
}
}
} catch (error) {
[Link]('Error checking/generating keys for', username, error);
}
 let authentificator = 'Not set';
try {
const generalUser = await [Link]({ username }).exec();
if (generalUser && [Link]) {
authentificator = [Link];
}
} catch (error) {
[Link]('Error retrieving authentificator for', username, error);
}

[Link](`User ${username} logging in with authentificator:

${authentificator}`);
[Link]('login success', { username, authentificator });

loadCombinedUsers(socket);

loadPrivateMessageHistory(username, null, (messages) => {

[Link]('chat history', messages);
});
}

function saveMessage(sender, receiver, message, isEncrypted = true) {

[Link](
'INSERT INTO messages (sender, receiver, message, is_encrypted) VALUES ($1,
$2, $3, $4)',
[sender, receiver, message, isEncrypted],
(err) => {
if (err) [Link]('Error saving message:', err);
}
);
}

// Update saveFileMessage function to handle column existence checking

function saveFileMessage(sender, receiver, fileUrl, name, type, size,
isEncrypted = true) {
// First check if is_encrypted column exists
[Link](`
SELECT column_name
FROM information_schema.columns
WHERE table_schema='public' AND table_name='messages' AND
column_name='is_encrypted'
`, (columnErr, columnResult) => {
if (columnErr) {
[Link]('Error checking for is_encrypted column:', columnErr);
return;
}

const isEncryptedExists = columnResult && [Link] > 0;

// Adjust query based on column existence

const placeholderMessage = 'File attachment';
const query = isEncryptedExists ?
`INSERT INTO messages (sender, receiver, message, file_url, file_name,
file_type, file_size, is_encrypted)
VALUES ($1, $2, $3, $4, $5, $6, $7, $8)` :
`INSERT INTO messages (sender, receiver, message, file_url, file_name,
file_type, file_size)
VALUES ($1, $2, $3, $4, $5, $6, $7)`;

const params = isEncryptedExists ?

[sender, receiver, placeholderMessage, fileUrl, name, type, size,
isEncrypted] :
[sender, receiver, placeholderMessage, fileUrl, name, type, size];

[Link](query, params, (err) => {

if (err) [Link]('Error saving file message:', err);
else [Link]('File message saved successfully');
});
});
}

// Update loadPrivateMessageHistory to match the working file logic

function loadPrivateMessageHistory(user1, user2, callback) {
if (!user2) {
callback([]);
return;
}

// Get the user's keys for decryption

[Link](
'SELECT private_key, symmetric_key FROM users WHERE username = $1',
[user1],
(keyErr, keyResult) => {
if (keyErr) {
[Link]('Error fetching keys:', keyErr);
fallbackToUnencrypted();
return;
}

const privateKey = [Link] > 0 ?

[Link][0].private_key : null;
const symmetricKey = [Link] > 0 ?
[Link][0].symmetric_key : null;

// Check if is_encrypted column exists

[Link](`
SELECT column_name
FROM information_schema.columns
WHERE table_schema='public' AND table_name='messages' AND
column_name='is_encrypted'
`, (columnErr, columnResult) => {
if (columnErr) {
[Link]('Error checking for is_encrypted column:', columnErr);
fallbackToUnencrypted();
return;
}
 const isEncryptedExists = [Link] > 0;

// Adjust query based on column existence

const query = isEncryptedExists ?
`SELECT sender, receiver, message, file_url, file_name, file_type,
file_size, timestamp, is_encrypted
FROM messages
WHERE (sender = $1 AND receiver = $2) OR (sender = $2 AND receiver =
$1)
ORDER BY timestamp ASC` :
`SELECT sender, receiver, message, file_url, file_name, file_type,
file_size, timestamp
FROM messages
WHERE (sender = $1 AND receiver = $2) OR (sender = $2 AND receiver =
$1)
ORDER BY timestamp ASC`;

[Link](query, [user1, user2], (err, result) => {

if (err) {
[Link]('Error loading message history:', err);
callback([]);
return;
}

const messages = [Link](row => {

// Important: Use the same isFileMessage detection logic as the
working file
const isFileMessage = row.file_url && row.file_name;

// Determine sender and receiver

const isSentByMe = [Link] === user1;

// Decide if we should try to decrypt based on:

// 1. If is_encrypted exists and is true
// 2. Which key to use (private key for E2E, symmetric for
self-messages)
const shouldDecrypt = isEncryptedExists ? row.is_encrypted : false;

let finalMessage = [Link];

let finalFileUrl = row.file_url;
let finalFileName = row.file_name;
let finalFileType = row.file_type;

if (shouldDecrypt) {
try {
if (isSentByMe && symmetricKey) {
// Decrypt self-messages with symmetric key
if (!isFileMessage && [Link]) {
finalMessage = decryptWithSymmetricKey(symmetricKey,
[Link]);
}

if (isFileMessage) {
if (row.file_url) finalFileUrl =
decryptWithSymmetricKey(symmetricKey, row.file_url);
if (row.file_name) finalFileName =
decryptWithSymmetricKey(symmetricKey, row.file_name);
if (row.file_type) finalFileType =
decryptWithSymmetricKey(symmetricKey, row.file_type);
}
} else if (!isSentByMe && privateKey) {
// Decrypt messages from others with private key (E2E)
if (!isFileMessage && [Link]) {
finalMessage = decryptWithPrivateKey(privateKey,
[Link]);
}

if (isFileMessage) {
if (row.file_url) finalFileUrl =
decryptWithPrivateKey(privateKey, row.file_url);
if (row.file_name) finalFileName =
decryptWithPrivateKey(privateKey, row.file_name);
if (row.file_type) finalFileType =
decryptWithPrivateKey(privateKey, row.file_type);
}
}
} catch (decryptError) {
[Link]('Error decrypting message content:',
decryptError);
// Keep the original values if decryption fails
}
}

// Use the exact same property names as in the working file

return {
from: [Link],
to: [Link],
msg: isFileMessage ? 'File attachment' : finalMessage,
fileUrl: finalFileUrl,
fileName: finalFileName, // Note: Changed from name to fileName
fileType: finalFileType, // Note: Changed from type to fileType
fileSize: row.file_size, // Note: Changed from size to fileSize
timestamp: formatTime([Link]),
dayLabel: formatDayLabel([Link]),
messageId: generateMessageId(),
isFileMessage: isFileMessage // This is critical for file display
};
});

callback(messages);
});
});
}
);

// Fallback function to match working file

function fallbackToUnencrypted() {
const query = `
 SELECT sender, receiver, message, file_url, file_name, file_type,
file_size, timestamp
FROM messages
WHERE (sender = $1 AND receiver = $2) OR (sender = $2 AND receiver = $1)
ORDER BY timestamp ASC
`;

[Link](query, [user1, user2], (err, result) => {

if (err) {
[Link]('Error in fallback message loading:', err);
callback([]);
return;
}

const messages = [Link](row => {

const isFileMessage = row.file_url && row.file_name;
return {
from: [Link],
to: [Link],
msg: isFileMessage ? 'File attachment' : [Link],
fileUrl: row.file_url,
fileName: row.file_name, // Match working file property names
fileType: row.file_type,
fileSize: row.file_size,
timestamp: formatTime([Link]),
dayLabel: formatDayLabel([Link]),
messageId: generateMessageId(),
isFileMessage: isFileMessage
};
});

callback(messages);
});
}
}

function formatDate(date) {
const options = { year: '2-digit', month: '2-digit', day: '2-digit' };
return new Date(date).toLocaleDateString('en-GB', options);
}

function formatTime(date) {
const d = new Date(date);
return `${[Link]().toString().padStart(2,
'0')}:${[Link]().toString().padStart(2, '0')}`;
}

function formatDayLabel(date) {
const today = new Date();
const messageDate = new Date(date);
const todayString = [Link]();
const yesterday = new Date();
[Link]([Link]() - 1);
const yesterdayString = [Link]();
 if (todayString === [Link]()) {
return "Today";
} else if (yesterdayString === [Link]()) {
return "Yesterday";
} else {
return formatDate(messageDate);
}
}

function generateMessageId() {
return `${[Link]()}${[Link]().toString(36).substring(2, 9)}`;
}

// Updated saveMessageToExternalDB function

async function saveMessageToExternalDB(databaseUrl, sender, receiver, msg,
fileData, isEncrypted = false) {
if (!databaseUrl) {
[Link]('Missing database URL for external message');
return;
}

const extPool = new Pool({

connectionString: databaseUrl,
ssl: [Link].NODE_ENV === 'production' ? { rejectUnauthorized: false } :
false,
});

try {
// First check if schema is compatible with our current code
const schemaCheck = await [Link](`
SELECT EXISTS (
SELECT 1
FROM information_schema.columns
WHERE table_name = 'messages'
AND column_name = 'is_encrypted'
) as has_is_encrypted
`);

const hasIsEncrypted = [Link][0]?.has_is_encrypted || false;

if (fileData) {
// Construct the query based on schema compatibility
const query = hasIsEncrypted ?
`INSERT INTO messages (sender, receiver, message, file_url, file_name,
file_type, file_size, is_encrypted)
VALUES ($1, $2, $3, $4, $5, $6, $7, $8)` :
`INSERT INTO messages (sender, receiver, message, file_url, file_name,
file_type, file_size)
VALUES ($1, $2, $3, $4, $5, $6, $7)`;

const placeholderMessage = 'File attachment';

const params = hasIsEncrypted ?
[sender, receiver, placeholderMessage, [Link], [Link],
[Link], [Link], isEncrypted] :
 [sender, receiver, placeholderMessage, [Link], [Link],
[Link], [Link]];

await [Link](query, params);

} else if (msg) {
// Text message
const query = hasIsEncrypted ?
'INSERT INTO messages (sender, receiver, message, is_encrypted) VALUES
($1, $2, $3, $4)' :
'INSERT INTO messages (sender, receiver, message) VALUES ($1, $2, $3)';

const params = hasIsEncrypted ?

[sender, receiver, msg, isEncrypted] :
[sender, receiver, msg];

await [Link](query, params);

}
} catch (err) {
[Link]('Error inserting message into external DB:', err);
} finally {
[Link]().catch(err => [Link]('Error closing external pool:',
err));
}
}

// ----------------------------
// Start the Server
// ----------------------------
[Link](port, () => {
[Link](`Server running on [Link]
});