- Add authMiddleware to all AI/transcribe routes (were unauthenticated) - Add full admin panel: user management, registration toggle, stats - Fix XSS in email verification (escape user.name in HTML) - Fix missing APP_URL fallback in password reset email - Add per-tab model selector (respects OpenRouter/Bedrock/Azure lists) - Fix transcribeAudio to send Authorization header - Fix labs input: textarea instead of single-line input - Add structured logging: audit_log, api_log, access_log tables - Add admin CLI (admin-cli.js) for Docker exec management - Fix duplicate var duration declaration in ai.js catch block - Fix RETURNING check case-sensitivity in database.js
62 lines
2.6 KiB
JavaScript
62 lines
2.6 KiB
JavaScript
require('dotenv').config();
|
|
const express = require('express');
|
|
const cors = require('cors');
|
|
const helmet = require('helmet');
|
|
const rateLimit = require('express-rate-limit');
|
|
const cookieParser = require('cookie-parser');
|
|
const path = require('path');
|
|
const http = require('http');
|
|
const loggingMiddleware = require('./src/middleware/logging');
|
|
|
|
const app = express();
|
|
const server = http.createServer(app);
|
|
|
|
app.use(helmet({ contentSecurityPolicy: false, crossOriginEmbedderPolicy: false }));
|
|
app.use(cors());
|
|
app.use(cookieParser());
|
|
app.use(express.json({ limit: '50mb' }));
|
|
app.use('/api/', rateLimit({ windowMs: 60000, max: 60, message: { error: 'Too many requests' } }));
|
|
app.use(loggingMiddleware);
|
|
app.use(express.static(path.join(__dirname, 'public')));
|
|
|
|
// Routes
|
|
app.use('/api/auth', require('./src/routes/auth'));
|
|
app.use('/api/admin', require('./src/routes/admin'));
|
|
app.use('/api', require('./src/routes/transcribe'));
|
|
app.use('/api', require('./src/routes/hpi'));
|
|
app.use('/api', require('./src/routes/hospitalCourse'));
|
|
app.use('/api', require('./src/routes/chartReview'));
|
|
app.use('/api', require('./src/routes/milestones'));
|
|
app.use('/api', require('./src/routes/soap'));
|
|
app.use('/api', require('./src/routes/tts'));
|
|
app.use('/api', require('./src/routes/nextcloud'));
|
|
app.use('/api', require('./src/routes/refine'));
|
|
app.use('/api', require('./src/routes/logs'));
|
|
|
|
const { getAvailableModels, activeProvider: modelsProvider } = require('./src/utils/models');
|
|
app.get('/api/models', (req, res) => res.json({ models: getAvailableModels(), provider: modelsProvider }));
|
|
|
|
const { activeProvider } = require('./src/utils/ai');
|
|
app.get('/api/health', (req, res) => {
|
|
res.json({
|
|
status: 'running', version: '2.1.0', provider: activeProvider,
|
|
timestamp: new Date().toISOString(),
|
|
openrouter: process.env.OPENROUTER_API_KEY ? 'configured' : 'missing',
|
|
bedrock: process.env.AWS_BEDROCK_REGION ? 'configured' : 'not configured',
|
|
azure: process.env.AZURE_OPENAI_ENDPOINT ? 'configured' : 'not configured',
|
|
whisper: process.env.OPENAI_API_KEY ? 'configured' : 'missing'
|
|
});
|
|
});
|
|
|
|
app.get('*', (req, res) => res.sendFile(path.join(__dirname, 'public', 'index.html')));
|
|
|
|
const PORT = process.env.PORT || 3000;
|
|
server.listen(PORT, () => {
|
|
console.log('');
|
|
console.log('==========================================');
|
|
console.log('🏥 PEDIATRIC AI SCRIBE v2.1');
|
|
console.log('==========================================');
|
|
console.log('🌐 http://localhost:' + PORT);
|
|
console.log('🤖 Provider: ' + activeProvider);
|
|
console.log('==========================================');
|
|
});
|