# LFG9 Forums - Backend

A robust Node.js backend for the LFG9 Forums application with TypeScript, Express, AWS DynamoDB, and S3 integration.

## Features

- **RESTful API**: Express.js with TypeScript
- **Database**: AWS DynamoDB with efficient queries and indexes
- **File Storage**: AWS S3 with image optimization and multiple sizes
- **Authentication**: JWT-based secure authentication
- **Rich Content**: JSON-based rich text content storage
- **Security**: Input validation, rate limiting, and content sanitization
- **Scalable**: Cloud-ready architecture with AWS services

## Technologies

- Node.js with Express.js
- TypeScript for type safety
- AWS DynamoDB for data storage
- AWS S3 for file storage
- JWT for authentication
- bcrypt for password hashing
- Sharp for image processing
- Joi for input validation

## Getting Started

### Prerequisites

- Node.js 18+
- AWS Account with DynamoDB and S3 access
- AWS CLI configured or environment variables set

### Installation

```bash
# Install dependencies
npm install

# Build the project
npm run build

# Start development server
npm run dev

# Start production server
npm start
```

### Environment Variables

Create a `.env` file in the backend directory:

```env
# Server Configuration
PORT=3000
NODE_ENV=development

# JWT Configuration
JWT_SECRET=your-super-secret-jwt-key-here
JWT_EXPIRES_IN=7d

# AWS Configuration
AWS_REGION=us-east-1
AWS_ACCESS_KEY_ID=your-aws-access-key-id
AWS_SECRET_ACCESS_KEY=your-aws-secret-access-key

# DynamoDB Configuration
DYNAMODB_TABLE_PREFIX=lfg9_forums_

# S3 Configuration
S3_BUCKET_NAME=lfg9-forums-uploads
S3_REGION=us-east-1

# Rate Limiting
RATE_LIMIT_WINDOW_MS=900000
RATE_LIMIT_MAX_REQUESTS=100

# File Upload Limits
MAX_FILE_SIZE=10485760
MAX_FILES_PER_USER=100

# CORS Configuration
CORS_ORIGIN=http://localhost:5173
```

## Database Schema

### DynamoDB Tables

#### Users Table
- **Primary Key**: userId (String)
- **Attributes**: username, email, passwordHash, createdAt, updatedAt, profileInfo, storageQuotaUsed, isAdmin

#### Categories Table
- **Primary Key**: categoryId (String)
- **Attributes**: name, description, createdAt, updatedAt, threadCount, lastActivity

#### Threads Table
- **Primary Key**: threadId (String)
- **GSI**: CategoryIdIndex (categoryId)
- **Attributes**: categoryId, title, richContent, authorId, authorUsername, createdAt, updatedAt, attachedFiles, postCount, lastPostAt, isLocked, isPinned

#### Posts Table
- **Primary Key**: postId (String)
- **GSI**: ThreadIdIndex (threadId), AuthorIdIndex (authorId)
- **Attributes**: threadId, richContent, authorId, authorUsername, createdAt, updatedAt, parentPostId, attachedFiles, isEdited, editedAt

#### Files Table
- **Primary Key**: fileId (String)
- **GSI**: UserIdIndex (userId)
- **Attributes**: userId, fileName, fileType, fileSize, s3Key, threadId, postId, uploadDate, thumbnailKey, mediumKey, altText

## API Endpoints

### Authentication
- `POST /api/auth/register` - User registration
- `POST /api/auth/login` - User login
- `POST /api/auth/logout` - User logout
- `GET /api/auth/me` - Get current user info

### Categories
- `GET /api/categories` - List all categories
- `POST /api/categories` - Create new category (admin only)
- `GET /api/categories/:id` - Get category by ID
- `PUT /api/categories/:id` - Update category (admin only)
- `DELETE /api/categories/:id` - Delete category (admin only)

### Threads
- `GET /api/threads` - List threads with filters
- `POST /api/threads` - Create new thread
- `GET /api/threads/:id` - Get thread by ID
- `PUT /api/threads/:id` - Update thread (author/admin only)
- `DELETE /api/threads/:id` - Delete thread (author/admin only)
- `GET /api/categories/:id/threads` - Get threads in category

### Posts
- `GET /api/threads/:id/posts` - Get posts in thread
- `POST /api/threads/:id/posts` - Create new post
- `GET /api/posts/:id` - Get post by ID
- `PUT /api/posts/:id` - Update post (author/admin only)
- `DELETE /api/posts/:id` - Delete post (author/admin only)

### Files
- `POST /api/files/upload` - Upload file
- `GET /api/files/:id` - Get file metadata
- `DELETE /api/files/:id` - Delete file (owner/admin only)
- `POST /api/files/presigned-url` - Get presigned upload URL

### Search
- `GET /api/search/threads` - Search threads
- `GET /api/search/posts` - Search posts

## Rich Content Structure

Rich content is stored as JSON following the TipTap/ProseMirror schema:

```json
{
  "type": "doc",
  "content": [
    {
      "type": "paragraph",
      "content": [
        {
          "type": "text",
          "text": "Hello world!",
          "marks": [
            {
              "type": "bold"
            }
          ]
        }
      ]
    }
  ]
}
```

## File Upload Process

1. Client requests presigned upload URL
2. Server generates presigned URL for S3
3. Client uploads file directly to S3
4. Server processes and optimizes images (thumbnail, medium, full size)
5. File metadata stored in DynamoDB

## Security Features

- JWT token authentication
- Password hashing with bcrypt
- Input validation with Joi
- Rate limiting per user and IP
- Content sanitization for rich text
- File type and size validation
- Secure S3 bucket configuration
- CORS protection

## Error Handling

Centralized error handling with consistent API responses:

```json
{
  "success": false,
  "error": "Error message",
  "code": "ERROR_CODE",
  "details": []
}
```

## Development

### Scripts
- `npm run dev` - Start development server with nodemon
- `npm run build` - Compile TypeScript
- `npm start` - Start production server
- `npm run clean` - Remove build files

### Project Structure

```
src/
├── config/           # Configuration files
├── controllers/      # Route handlers
├── middleware/       # Express middleware
├── models/          # Database models
├── routes/          # API routes
├── services/        # Business logic services
├── types/           # TypeScript interfaces
├── utils/           # Utility functions
└── index.ts         # Application entry point
```

## Deployment

### AWS Resources Required

1. **DynamoDB Tables**: Create tables with proper indexes
2. **S3 Bucket**: Configure for file uploads with proper permissions
3. **IAM Role**: Create role with DynamoDB and S3 permissions
4. **EC2/ECS**: For hosting the application

### Environment Setup

1. Set all required environment variables
2. Ensure AWS credentials are properly configured
3. Create DynamoDB tables with appropriate indexes
4. Configure S3 bucket with CORS and permissions

## Monitoring and Logging

- Structured logging with Winston (recommended)
- Health check endpoint at `/health`
- Request logging with Morgan
- Error tracking and monitoring

## Performance Considerations

- DynamoDB query optimization with proper indexes
- S3 image optimization and CDN integration
- Caching strategies for frequent queries
- Connection pooling and resource management
- Rate limiting to prevent abuse