tester/shokuninmarche
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: tester:ae6f833207aa630b4ce5903e09ba454dbb86b49b
Branches Tags
tester:main tester:airewit
...
compare: tester:main
Branches Tags
tester:airewit tester:main

5 Commits
ae6f833207 ... main

Author SHA1 Message Date
airewit-developer
c48464ac97 feat: Event Creation & Management — Organizer Dashboard (42327b58) 
Backend:
- POST /api/events — create event, validates title/date/venue required,
  rejects past dates (Asia/Jerusalem aware), returns compliance_checklist flag
  when max_guests >= 100
- GET /api/events — list organizer events (scoped by JWT), paginated (limit 20),
  enriched with rsvp_confirmed/pending/total + vendors_confirmed counts,
  sorted by event_date ASC
- GET /api/events/:id — single event with RSVP + vendor counts
- PUT /api/events/:id — COALESCE update, validated status transitions
  (draft→published/cancelled, published→cancelled/completed),
  ownership enforced; returns compliance_checklist flag when crossing 100 guests
- DELETE /api/events/:id — soft delete (deleted_at + status=cancelled), 204

Frontend:
- DashboardPage — real event list, EventCard grid, pagination, prominent
  empty state with "צור אירוע ראשון" CTA
- EventCard — title, date, venue, RSVP confirmed/total/vendors stats,
  progress bar (orange at 90%), days-until countdown, publish/edit/cancel actions
- CreateEventPage — full form: title, date+time picker (min=today),
  venue, kashrut, budget, guest count; compliance checklist appears when
  max_guests >= 100, dismissible; Hebrew validation errors
- EventDetailPage — full event detail with stat cards, days-until,
  read-only compliance checklist for 100+ events, quick-action links
- ComplianceChecklist — reusable: interactive (create/edit) or read-only
  (detail page); 4 Israeli compliance items, dismissible banner
- Button component: added asChild support via @radix-ui/react-slot
- App.tsx: routes for /events/new, /events/:id, /events/:id/edit

Build: 0 TS errors, 68 modules

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-02-21 18:41:42 +00:00
airewit-developer
c878eee62b feat: Guest import, RSVP reminders — 7ead7758 scope additions 
CSV/Excel Import:
- POST /api/events/:id/guests/import (multer memory storage, max 5MB)
- Accepts .csv and .xlsx/.xls via xlsx + csv-parse/sync
- Handles Hebrew column names and English column names interchangeably
- Phone normalization (domain expert spec): strips spaces/hyphens/parens,
  handles 05X-XXXXXXX → +972..., +972... passthrough, 972... → +972...
  Invalid phone → guest imported with phone=null, warning recorded
- Unknown dietary_preference → 'none'; unknown relationship_group → 'other'
- Bulk insert in transaction (all-or-nothing), max 500 rows
- Returns: { imported, skipped, warnings, details } with per-row reasons
- UTF-8 BOM handled on CSV parse (Excel exports)

RSVP Reminder Cron:
- jobs/reminderCron.js: node-cron, daily at 09:00 Asia/Jerusalem
- Queries guests with rsvp_status=pending where event is 7 or 2 days away
- Regenerates wa.me reminder deep-link with urgency text (עוד שבוע / עוד 2 ימים)
- Updates invitations.whatsapp_link in-place
- No auto-send (MVP): organizer clicks link manually
- Started automatically in server.js app.listen callback

GET /api/events/:id/guests/reminders:
- Returns pending guests who have whatsapp_link set (reminder generated by cron)
- Organizer uses this to surface the Pending Reminders panel

Frontend additions:
- ImportGuestsForm component: file picker, POST multipart, shows import summary
  with per-row skipped/warning details
- PendingRemindersPanel component: orange card listing pending guests with
  wa.me reminder links; hides itself when no reminders
- GuestListPage: integrated both components, refreshTrigger propagates to
  reminders panel after any add/import/delete/status-change

Build: 0 TS errors, 62 modules transformed

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-02-21 18:35:54 +00:00
airewit-developer
b65f018a8b feat: Guest Management & RSVP system (7ead7758) 
Backend:
- POST /api/events/:id/guests — add guest, auto-generate RSVP token (128-bit
  crypto.randomBytes), build wa.me WhatsApp deep-link, store in invitations
- GET /api/events/:id/guests — list with pg_trgm fuzzy Hebrew name search,
  status filter, pagination; returns RSVP summary + capacity warning at 90%
- GET /api/events/:id/guests/export — CSV export with UTF-8 BOM for Excel
  Hebrew support (json2csv)
- PUT /api/guests/:id — PATCH-style update (COALESCE), organizer ownership check
- DELETE /api/guests/:id — hard delete per Israeli Privacy Law 2023
- GET /api/rsvp/:token — public (no auth), marks opened_at on first visit
- POST /api/rsvp/:token — idempotent RSVP submit, supports dietary update,
  handles cancelled events (410)
- Israeli phone normalization: 05X-XXXXXXX → +972XXXXXXXXX E.164
- Capacity warning returned in add/list/update responses when confirmed ≥ 90%
  of venue_capacity (fire safety compliance)

Frontend:
- GuestListPage — sortable/filterable table, inline RSVP status override,
  WhatsApp send links, delete with confirmation, 30s polling for real-time updates
- AddGuestForm — RTL Hebrew form, all guest fields, shows WhatsApp link on success
- RsvpSummaryCard — 4-metric summary (total/confirmed/declined/pending) + capacity warning
- RsvpPage — public page at /rsvp/:token, shows event details, confirm/decline,
  dietary preference update; no login required
- New UI components: Badge, Select (shadcn/ui compatible)
- App.tsx: added /events/:eventId/guests (protected) and /rsvp/:token (public) routes

Build: 0 TS errors, all routes wired in server.js

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-02-21 18:31:08 +00:00
airewit-developer
c8909befb1 feat: Foundation — auth system, 9 migrations, React frontend 
Backend:
- Express server with JWT httpOnly cookie auth
- POST /api/auth/register, /api/auth/login, /api/auth/logout, GET /api/auth/me
- bcrypt 12 rounds, generic 401 errors (no email/password field disclosure)
- Auth middleware protects all /api/* routes except register/login
- pg Pool database connection

Frontend (React + Vite + TailwindCSS + shadcn/ui):
- AuthContext with session restore on page load via /api/auth/me
- ProtectedRoute redirects unauthenticated users to /login
- LoginPage, RegisterPage — Hebrew RTL layout (dir=rtl), inline validation
- DashboardPage placeholder
- shadcn/ui components: Button, Input, Label, Card

Database:
- 9 migrations (001-009): extensions, users, events, vendors, guests,
  bookings, invitations, vendor_ratings, organizer_preferences
- pg_trgm for fuzzy Hebrew search, GIN indexes on style_tags
- Phase 2+3 fields included: source, payment_status, contract_value,
  vendor ratings 6-dimension, organizer preferences
- Idempotent migration runner with schema_migrations tracking table

Infrastructure:
- Dockerfile (multi-stage: build React → production node:20-alpine)
- docker-compose.yml with PostgreSQL healthcheck, expose not ports
- Migrations run automatically on container start

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-02-21 18:22:42 +00:00
airewit-developer
0f1882e9ae test push access 2026-02-21 18:09:27 +00:00
63 changed files with 10693 additions and 1 deletions
Expand all files Collapse all files

5
.env.example Normal file
View File

@@ -0,0 +1,5 @@
# Copy to .env and fill in values
NODE_ENV=development
PORT=3000
DATABASE_URL=postgresql://postgres:postgres@localhost:5432/airewit
JWT_SECRET=change_this_to_a_long_random_secret_min_32_chars

5
.gitignore vendored Normal file
View File

@@ -0,0 +1,5 @@
node_modules/
client/node_modules/
client/dist/
.env
*.log

32
Dockerfile Normal file
View File

@@ -0,0 +1,32 @@
FROM node:20-alpine AS builder
WORKDIR /app
# Build React frontend
COPY client/package*.json ./client/
RUN cd client && npm ci
COPY client/ ./client/
RUN cd client && npm run build
# ─── Production stage ─────────────────────────────────────────────────────────
FROM node:20-alpine
WORKDIR /app
COPY package*.json ./
RUN npm ci --omit=dev
COPY --from=builder /app/client/dist ./client/dist
COPY server.js ./
COPY routes/ ./routes/
COPY middleware/ ./middleware/
COPY db/ ./db/
COPY migrations/ ./migrations/
COPY seeds/ ./seeds/
COPY scripts/ ./scripts/
EXPOSE 3000
# Run migrations then start server
CMD node scripts/migrate.js && node server.js

2
README.md
View File

@@ -1,3 +1,3 @@
# airewit
Event management platform
Event management platformtest

13
client/index.html Normal file
View File

@@ -0,0 +1,13 @@
<!doctype html>
<html lang="en">
<head>
<meta charset="UTF-8" />
<link rel="icon" type="image/svg+xml" href="/vite.svg" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>client</title>
</head>
<body>
<div id="root"></div>
<script type="module" src="/src/main.tsx"></script>
</body>
</html>

4023
client/package-lock.json generated Normal file
View File

File diff suppressed because it is too large Load Diff

40
client/package.json Normal file
View File

@@ -0,0 +1,40 @@
{
"name": "client",
"private": true,
"version": "0.0.0",
"type": "module",
"scripts": {
"dev": "vite",
"build": "tsc -b && vite build",
"lint": "eslint .",
"preview": "vite preview"
},
"dependencies": {
"@radix-ui/react-slot": "^1.2.4",
"react": "^19.2.0",
"react-dom": "^19.2.0",
"react-router-dom": "^7.13.0",
"zustand": "^5.0.11"
},
"devDependencies": {
"@eslint/js": "^9.39.1",
"@types/node": "^24.10.13",
"@types/react": "^19.2.7",
"@types/react-dom": "^19.2.3",
"@vitejs/plugin-react": "^5.1.1",
"autoprefixer": "^10.4.24",
"class-variance-authority": "^0.7.1",
"clsx": "^2.1.1",
"eslint": "^9.39.1",
"eslint-plugin-react-hooks": "^7.0.1",
"eslint-plugin-react-refresh": "^0.4.24",
"globals": "^16.5.0",
"lucide-react": "^0.575.0",
"postcss": "^8.5.6",
"tailwind-merge": "^3.5.0",
"tailwindcss": "^3.4.19",
"typescript": "~5.9.3",
"typescript-eslint": "^8.48.0",
"vite": "^7.3.1"
}
}

6
client/postcss.config.js Normal file
View File

@@ -0,0 +1,6 @@
export default {
plugins: {
tailwindcss: {},
autoprefixer: {},
},
}

42
client/src/App.css Normal file
View File

@@ -0,0 +1,42 @@
#root {
max-width: 1280px;
margin: 0 auto;
padding: 2rem;
text-align: center;
}
.logo {
height: 6em;
padding: 1.5em;
will-change: filter;
transition: filter 300ms;
}
.logo:hover {
filter: drop-shadow(0 0 2em #646cffaa);
}
.logo.react:hover {
filter: drop-shadow(0 0 2em #61dafbaa);
}
@keyframes logo-spin {
from {
transform: rotate(0deg);
}
to {
transform: rotate(360deg);
}
}
@media (prefers-reduced-motion: no-preference) {
a:nth-of-type(2) .logo {
animation: logo-spin infinite 20s linear;
}
}
.card {
padding: 2em;
}
.read-the-docs {
color: #888;
}

38
client/src/App.tsx Normal file
View File

@@ -0,0 +1,38 @@
import { BrowserRouter, Routes, Route, Navigate } from 'react-router-dom';
import { AuthProvider } from '@/contexts/AuthContext';
import { ProtectedRoute } from '@/components/ProtectedRoute';
import { LoginPage } from '@/pages/LoginPage';
import { RegisterPage } from '@/pages/RegisterPage';
import { DashboardPage } from '@/pages/DashboardPage';
import { GuestListPage } from '@/pages/GuestListPage';
import { RsvpPage } from '@/pages/RsvpPage';
import { CreateEventPage } from '@/pages/CreateEventPage';
import { EventDetailPage } from '@/pages/EventDetailPage';
function Protected({ children }: { children: React.ReactNode }) {
return <ProtectedRoute>{children}</ProtectedRoute>;
}
export default function App() {
return (
<BrowserRouter>
<AuthProvider>
<Routes>
{/* Public routes */}
<Route path="/login" element={<LoginPage />} />
<Route path="/register" element={<RegisterPage />} />
<Route path="/rsvp/:token" element={<RsvpPage />} />
{/* Protected routes */}
<Route path="/dashboard" element={<Protected><DashboardPage /></Protected>} />
<Route path="/events/new" element={<Protected><CreateEventPage /></Protected>} />
<Route path="/events/:id" element={<Protected><EventDetailPage /></Protected>} />
<Route path="/events/:eventId/guests" element={<Protected><GuestListPage /></Protected>} />
<Route path="/" element={<Navigate to="/dashboard" replace />} />
<Route path="*" element={<Navigate to="/dashboard" replace />} />
</Routes>
</AuthProvider>
</BrowserRouter>
);
}

1
client/src/assets/react.svg Normal file
View File

@@ -0,0 +1 @@
<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" aria-hidden="true" role="img" class="iconify iconify--logos" width="35.93" height="32" preserveAspectRatio="xMidYMid meet" viewBox="0 0 256 228"><path fill="#00D8FF" d="M210.483 73.824a171.49 171.49 0 0 0-8.24-2.597c.465-1.9.893-3.777 1.273-5.621c6.238-30.281 2.16-54.676-11.769-62.708c-13.355-7.7-35.196.329-57.254 19.526a171.23 171.23 0 0 0-6.375 5.848a155.866 155.866 0 0 0-4.241-3.917C100.759 3.829 77.587-4.822 63.673 3.233C50.33 10.957 46.379 33.89 51.995 62.588a170.974 170.974 0 0 0 1.892 8.48c-3.28.932-6.445 1.924-9.474 2.98C17.309 83.498 0 98.307 0 113.668c0 15.865 18.582 31.778 46.812 41.427a145.52 145.52 0 0 0 6.921 2.165a167.467 167.467 0 0 0-2.01 9.138c-5.354 28.2-1.173 50.591 12.134 58.266c13.744 7.926 36.812-.22 59.273-19.855a145.567 145.567 0 0 0 5.342-4.923a168.064 168.064 0 0 0 6.92 6.314c21.758 18.722 43.246 26.282 56.54 18.586c13.731-7.949 18.194-32.003 12.4-61.268a145.016 145.016 0 0 0-1.535-6.842c1.62-.48 3.21-.974 4.76-1.488c29.348-9.723 48.443-25.443 48.443-41.52c0-15.417-17.868-30.326-45.517-39.844Zm-6.365 70.984c-1.4.463-2.836.91-4.3 1.345c-3.24-10.257-7.612-21.163-12.963-32.432c5.106-11 9.31-21.767 12.459-31.957c2.619.758 5.16 1.557 7.61 2.4c23.69 8.156 38.14 20.213 38.14 29.504c0 9.896-15.606 22.743-40.946 31.14Zm-10.514 20.834c2.562 12.94 2.927 24.64 1.23 33.787c-1.524 8.219-4.59 13.698-8.382 15.893c-8.067 4.67-25.32-1.4-43.927-17.412a156.726 156.726 0 0 1-6.437-5.87c7.214-7.889 14.423-17.06 21.459-27.246c12.376-1.098 24.068-2.894 34.671-5.345a134.17 134.17 0 0 1 1.386 6.193ZM87.276 214.515c-7.882 2.783-14.16 2.863-17.955.675c-8.075-4.657-11.432-22.636-6.853-46.752a156.923 156.923 0 0 1 1.869-8.499c10.486 2.32 22.093 3.988 34.498 4.994c7.084 9.967 14.501 19.128 21.976 27.15a134.668 134.668 0 0 1-4.877 4.492c-9.933 8.682-19.886 14.842-28.658 17.94ZM50.35 144.747c-12.483-4.267-22.792-9.812-29.858-15.863c-6.35-5.437-9.555-10.836-9.555-15.216c0-9.322 13.897-21.212 37.076-29.293c2.813-.98 5.757-1.905 8.812-2.773c3.204 10.42 7.406 21.315 12.477 32.332c-5.137 11.18-9.399 22.249-12.634 32.792a134.718 134.718 0 0 1-6.318-1.979Zm12.378-84.26c-4.811-24.587-1.616-43.134 6.425-47.789c8.564-4.958 27.502 2.111 47.463 19.835a144.318 144.318 0 0 1 3.841 3.545c-7.438 7.987-14.787 17.08-21.808 26.988c-12.04 1.116-23.565 2.908-34.161 5.309a160.342 160.342 0 0 1-1.76-7.887Zm110.427 27.268a347.8 347.8 0 0 0-7.785-12.803c8.168 1.033 15.994 2.404 23.343 4.08c-2.206 7.072-4.956 14.465-8.193 22.045a381.151 381.151 0 0 0-7.365-13.322Zm-45.032-43.861c5.044 5.465 10.096 11.566 15.065 18.186a322.04 322.04 0 0 0-30.257-.006c4.974-6.559 10.069-12.652 15.192-18.18ZM82.802 87.83a323.167 323.167 0 0 0-7.227 13.238c-3.184-7.553-5.909-14.98-8.134-22.152c7.304-1.634 15.093-2.97 23.209-3.984a321.524 321.524 0 0 0-7.848 12.897Zm8.081 65.352c-8.385-.936-16.291-2.203-23.593-3.793c2.26-7.3 5.045-14.885 8.298-22.6a321.187 321.187 0 0 0 7.257 13.246c2.594 4.48 5.28 8.868 8.038 13.147Zm37.542 31.03c-5.184-5.592-10.354-11.779-15.403-18.433c4.902.192 9.899.29 14.978.29c5.218 0 10.376-.117 15.453-.343c-4.985 6.774-10.018 12.97-15.028 18.486Zm52.198-57.817c3.422 7.8 6.306 15.345 8.596 22.52c-7.422 1.694-15.436 3.058-23.88 4.071a382.417 382.417 0 0 0 7.859-13.026a347.403 347.403 0 0 0 7.425-13.565Zm-16.898 8.101a358.557 358.557 0 0 1-12.281 19.815a329.4 329.4 0 0 1-23.444.823c-7.967 0-15.716-.248-23.178-.732a310.202 310.202 0 0 1-12.513-19.846h.001a307.41 307.41 0 0 1-10.923-20.627a310.278 310.278 0 0 1 10.89-20.637l-.001.001a307.318 307.318 0 0 1 12.413-19.761c7.613-.576 15.42-.876 23.31-.876H128c7.926 0 15.743.303 23.354.883a329.357 329.357 0 0 1 12.335 19.695a358.489 358.489 0 0 1 11.036 20.54a329.472 329.472 0 0 1-11 20.722Zm22.56-122.124c8.572 4.944 11.906 24.881 6.52 51.026c-.344 1.668-.73 3.367-1.15 5.09c-10.622-2.452-22.155-4.275-34.23-5.408c-7.034-10.017-14.323-19.124-21.64-27.008a160.789 160.789 0 0 1 5.888-5.4c18.9-16.447 36.564-22.941 44.612-18.3ZM128 90.808c12.625 0 22.86 10.235 22.86 22.86s-10.235 22.86-22.86 22.86s-22.86-10.235-22.86-22.86s10.235-22.86 22.86-22.86Z"></path></svg>
Side by Side

After

Width:  |  Height:  |  Size: 4.0 KiB

227
client/src/components/AddGuestForm.tsx Normal file
View File

@@ -0,0 +1,227 @@
import { useState, type FormEvent } from 'react';
import { Button } from '@/components/ui/button';
import { Input } from '@/components/ui/input';
import { Label } from '@/components/ui/label';
import { Select } from '@/components/ui/select';
import { Card, CardContent, CardHeader, CardTitle } from '@/components/ui/card';
interface AddGuestFormProps {
eventId: string;
onGuestAdded: () => void;
}
export function AddGuestForm({ eventId, onGuestAdded }: AddGuestFormProps) {
const [open, setOpen] = useState(false);
const [loading, setLoading] = useState(false);
const [error, setError] = useState('');
const [whatsappLink, setWhatsappLink] = useState('');
const [form, setForm] = useState({
name_hebrew: '',
name_transliteration: '',
phone: '',
email: '',
relationship_group: '',
dietary_preference: 'none',
dietary_notes: '',
table_number: '',
plus_one_allowance: '0',
});
function handleChange(field: string, value: string) {
setForm(prev => ({ ...prev, [field]: value }));
}
async function handleSubmit(e: FormEvent) {
e.preventDefault();
setError('');
setWhatsappLink('');
setLoading(true);
try {
const res = await fetch(`/api/events/${eventId}/guests`, {
method: 'POST',
credentials: 'include',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({
...form,
table_number: form.table_number ? parseInt(form.table_number) : null,
plus_one_allowance: parseInt(form.plus_one_allowance) || 0,
}),
});
const data = await res.json();
if (!res.ok) throw new Error(data.error || 'שגיאה בהוספת אורח');
setWhatsappLink(data.whatsapp_link || '');
// Reset form
setForm({
name_hebrew: '', name_transliteration: '', phone: '', email: '',
relationship_group: '', dietary_preference: 'none',
dietary_notes: '', table_number: '', plus_one_allowance: '0',
});
onGuestAdded();
if (!data.whatsapp_link) setOpen(false);
} catch (err: unknown) {
setError(err instanceof Error ? err.message : 'שגיאה בהוספת אורח');
} finally {
setLoading(false);
}
}
if (!open) {
return (
<Button onClick={() => setOpen(true)}>+ הוסף אורח</Button>
);
}
return (
<Card>
<CardHeader>
<CardTitle className="text-lg">הוספת אורח חדש</CardTitle>
</CardHeader>
<CardContent>
{whatsappLink && (
<div className="mb-4 rounded-md bg-green-50 border border-green-200 p-3 text-sm" dir="rtl">
<p className="font-medium text-green-800 mb-2">האורח נוסף! שלח הזמנה ב-WhatsApp:</p>
<a
href={whatsappLink}
target="_blank"
rel="noopener noreferrer"
className="inline-block rounded bg-green-600 px-3 py-1.5 text-white text-sm hover:bg-green-700"
>
📲 פתח WhatsApp לשליחה
</a>
<Button variant="ghost" size="sm" className="mr-2" onClick={() => { setWhatsappLink(''); setOpen(false); }}>
סגור
</Button>
</div>
)}
<form onSubmit={handleSubmit} dir="rtl" className="space-y-4">
<div className="grid grid-cols-1 md:grid-cols-2 gap-4">
<div className="space-y-1">
<Label htmlFor="name_hebrew">שם בעברית *</Label>
<Input
id="name_hebrew"
value={form.name_hebrew}
onChange={e => handleChange('name_hebrew', e.target.value)}
placeholder="ישראל ישראלי"
required
/>
</div>
<div className="space-y-1">
<Label htmlFor="name_transliteration">שם באנגלית</Label>
<Input
id="name_transliteration"
value={form.name_transliteration}
onChange={e => handleChange('name_transliteration', e.target.value)}
placeholder="Israel Israeli"
dir="ltr"
/>
</div>
<div className="space-y-1">
<Label htmlFor="phone">טלפון (WhatsApp)</Label>
<Input
id="phone"
value={form.phone}
onChange={e => handleChange('phone', e.target.value)}
placeholder="050-1234567"
dir="ltr"
/>
</div>
<div className="space-y-1">
<Label htmlFor="email">אימייל</Label>
<Input
id="email"
type="email"
value={form.email}
onChange={e => handleChange('email', e.target.value)}
placeholder="guest@email.com"
dir="ltr"
/>
</div>
<div className="space-y-1">
<Label htmlFor="relationship_group">קבוצת יחסים</Label>
<Select
id="relationship_group"
value={form.relationship_group}
onChange={e => handleChange('relationship_group', e.target.value)}
>
<option value="">-- בחר --</option>
<option value="family_bride">משפחת כלה</option>
<option value="family_groom">משפחת חתן</option>
<option value="friends">חברים</option>
<option value="work">עבודה</option>
<option value="community">קהילה</option>
<option value="other">אחר</option>
</Select>
</div>
<div className="space-y-1">
<Label htmlFor="dietary_preference">העדפה תזונתית</Label>
<Select
id="dietary_preference"
value={form.dietary_preference}
onChange={e => handleChange('dietary_preference', e.target.value)}
>
<option value="none">ללא הגבלה</option>
<option value="vegetarian">צמחוני</option>
<option value="vegan">טבעוני</option>
<option value="kosher_regular">כשר רגיל</option>
<option value="kosher_mehadrin">כשר מהדרין</option>
</Select>
</div>
<div className="space-y-1">
<Label htmlFor="table_number">מספר שולחן</Label>
<Input
id="table_number"
type="number"
value={form.table_number}
onChange={e => handleChange('table_number', e.target.value)}
placeholder="1"
min="1"
dir="ltr"
/>
</div>
<div className="space-y-1">
<Label htmlFor="plus_one_allowance">מלווים מורשים</Label>
<Input
id="plus_one_allowance"
type="number"
value={form.plus_one_allowance}
onChange={e => handleChange('plus_one_allowance', e.target.value)}
min="0"
max="10"
dir="ltr"
/>
</div>
</div>
<div className="space-y-1">
<Label htmlFor="dietary_notes">הערות תזונה / נגישות</Label>
<Input
id="dietary_notes"
value={form.dietary_notes}
onChange={e => handleChange('dietary_notes', e.target.value)}
placeholder="אלרגיה לבוטנים, כסא גלגלים..."
/>
</div>
{error && <p className="text-sm text-destructive">{error}</p>}
<div className="flex gap-2">
<Button type="submit" disabled={loading}>
{loading ? 'מוסיף...' : 'הוסף אורח'}
</Button>
<Button type="button" variant="outline" onClick={() => setOpen(false)}>
ביטול
</Button>
</div>
</form>
</CardContent>
</Card>
);
}

76
client/src/components/ComplianceChecklist.tsx Normal file
View File

@@ -0,0 +1,76 @@
import { useState } from 'react';
import { Card, CardContent, CardHeader, CardTitle } from '@/components/ui/card';
import { Button } from '@/components/ui/button';
interface ComplianceChecklistProps {
onDismiss?: () => void;
readOnly?: boolean;
checkedItems?: Record<string, boolean>;
onItemChange?: (key: string, checked: boolean) => void;
}
const CHECKLIST_ITEMS = [
{ key: 'municipal_permit', label: 'אישור עירייה התקבל (נדרש על פי חוק לאירועים עם 100+ אורחים)' },
{ key: 'fire_safety', label: 'תעודת בטיחות אש של המקום התקבלה' },
{ key: 'liability_insurance', label: 'ביטוח אחריות לאירוע בתוקף' },
{ key: 'noise_curfew', label: 'עוצר הרעש הובן — האירוע יסתיים עד 23:00 בהתאם לתקנות' },
];
export function ComplianceChecklist({ onDismiss, readOnly = false, checkedItems = {}, onItemChange }: ComplianceChecklistProps) {
const [localChecked, setLocalChecked] = useState<Record<string, boolean>>(checkedItems);
function handleCheck(key: string, checked: boolean) {
setLocalChecked(prev => ({ ...prev, [key]: checked }));
onItemChange?.(key, checked);
}
const items = readOnly ? checkedItems : localChecked;
const allChecked = CHECKLIST_ITEMS.every(item => items[item.key]);
return (
<Card className="border-blue-200 bg-blue-50">
<CardHeader className="pb-2">
<div className="flex items-start justify-between" dir="rtl">
<CardTitle className="text-base text-blue-800">
📋 רשימת ציות לאירועים עם 100+ אורחים
</CardTitle>
{onDismiss && (
<Button variant="ghost" size="sm" onClick={onDismiss} className="text-blue-600 h-6 px-2">
</Button>
)}
</div>
<p className="text-xs text-blue-600 text-right">
אלו דרישות חוקיות המארגן מאשר בעצמו. המערכת אינה מאמתת.
</p>
</CardHeader>
<CardContent dir="rtl">
<ul className="space-y-2">
{CHECKLIST_ITEMS.map(item => (
<li key={item.key} className="flex items-start gap-2">
{readOnly ? (
<span className={`mt-0.5 flex-shrink-0 text-lg leading-none ${items[item.key] ? 'text-green-600' : 'text-gray-300'}`}>
{items[item.key] ? '✓' : '○'}
</span>
) : (
<input
type="checkbox"
id={item.key}
checked={!!localChecked[item.key]}
onChange={e => handleCheck(item.key, e.target.checked)}
className="mt-1 flex-shrink-0 h-4 w-4 accent-blue-600"
/>
)}
<label htmlFor={readOnly ? undefined : item.key} className="text-sm text-blue-900 leading-snug cursor-pointer">
{item.label}
</label>
</li>
))}
</ul>
{!readOnly && allChecked && (
<p className="mt-3 text-sm font-medium text-green-700"> כל הפריטים סומנו</p>
)}
</CardContent>
</Card>
);
}

146
client/src/components/EventCard.tsx Normal file
View File

@@ -0,0 +1,146 @@
import { Link } from 'react-router-dom';
import { Card, CardContent, CardFooter, CardHeader, CardTitle } from '@/components/ui/card';
import { Badge } from '@/components/ui/badge';
import { Button } from '@/components/ui/button';
export interface EventSummary {
id: string;
title: string;
event_date?: string;
venue_name?: string;
venue_address?: string;
max_guests?: number;
venue_capacity?: number;
status: 'draft' | 'published' | 'cancelled' | 'completed';
rsvp_confirmed: number;
rsvp_pending: number;
rsvp_total: number;
vendors_confirmed: number;
kashrut_level?: string;
budget?: number;
}
const STATUS_LABELS: Record<string, string> = {
draft: 'טיוטה',
published: 'פורסם',
cancelled: 'בוטל',
completed: 'הסתיים',
};
const STATUS_VARIANTS: Record<string, 'default' | 'secondary' | 'destructive' | 'outline' | 'success' | 'warning'> = {
draft: 'secondary',
published: 'success',
cancelled: 'destructive',
completed: 'outline',
};
interface EventCardProps {
event: EventSummary;
onCancel: (id: string, title: string) => void;
onPublish: (id: string) => void;
}
export function EventCard({ event, onCancel, onPublish }: EventCardProps) {
const formattedDate = event.event_date
? new Date(event.event_date).toLocaleDateString('he-IL', {
weekday: 'short', day: 'numeric', month: 'long', year: 'numeric',
timeZone: 'Asia/Jerusalem',
})
: null;
const daysUntil = event.event_date
? Math.ceil((new Date(event.event_date).getTime() - Date.now()) / (1000 * 60 * 60 * 24))
: null;
const rsvpPercent = event.max_guests && event.rsvp_total > 0
? Math.round((event.rsvp_confirmed / event.max_guests) * 100)
: null;
return (
<Card className={`transition-shadow hover:shadow-md ${event.status === 'cancelled' ? 'opacity-60' : ''}`}>
<CardHeader className="pb-3">
<div className="flex items-start justify-between gap-2" dir="rtl">
<CardTitle className="text-lg leading-tight">{event.title}</CardTitle>
<Badge variant={STATUS_VARIANTS[event.status]} className="flex-shrink-0">
{STATUS_LABELS[event.status]}
</Badge>
</div>
{formattedDate && (
<p className="text-sm text-muted-foreground" dir="rtl">
📅 {formattedDate}
{daysUntil !== null && daysUntil > 0 && (
<span className="mr-2 text-xs font-medium text-primary">({daysUntil} ימים)</span>
)}
</p>
)}
</CardHeader>
<CardContent className="space-y-2 text-sm" dir="rtl">
{event.venue_name && (
<p className="text-muted-foreground">📍 {event.venue_name}{event.venue_address ? `, ${event.venue_address}` : ''}</p>
)}
<div className="grid grid-cols-3 gap-2 pt-1">
<div className="rounded-md bg-muted px-2 py-1.5 text-center">
<p className="text-xs text-muted-foreground">מאושרים</p>
<p className="font-bold text-green-700">{event.rsvp_confirmed}</p>
</div>
<div className="rounded-md bg-muted px-2 py-1.5 text-center">
<p className="text-xs text-muted-foreground">מוזמנים</p>
<p className="font-bold">{event.rsvp_total}{event.max_guests ? `/${event.max_guests}` : ''}</p>
</div>
<div className="rounded-md bg-muted px-2 py-1.5 text-center">
<p className="text-xs text-muted-foreground">ספקים</p>
<p className="font-bold text-blue-700">{event.vendors_confirmed}</p>
</div>
</div>
{rsvpPercent !== null && (
<div className="mt-2">
<div className="h-1.5 w-full rounded-full bg-muted overflow-hidden">
<div
className={`h-full rounded-full transition-all ${rsvpPercent >= 90 ? 'bg-orange-500' : 'bg-green-500'}`}
style={{ width: `${Math.min(rsvpPercent, 100)}%` }}
/>
</div>
<p className="text-xs text-muted-foreground mt-0.5">{rsvpPercent}% אישרו הגעה</p>
</div>
)}
</CardContent>
<CardFooter className="gap-2 pt-0 flex-wrap" dir="rtl">
<Button asChild size="sm" variant="outline">
<Link to={`/events/${event.id}`}>פרטים</Link>
</Button>
<Button asChild size="sm" variant="outline">
<Link to={`/events/${event.id}/guests`}>אורחים</Link>
</Button>
{event.status === 'draft' && (
<>
<Button asChild size="sm" variant="outline">
<Link to={`/events/${event.id}/edit`}>עריכה</Link>
</Button>
<Button size="sm" onClick={() => onPublish(event.id)}>
פרסם
</Button>
</>
)}
{event.status === 'published' && (
<Button asChild size="sm" variant="outline">
<Link to={`/events/${event.id}/edit`}>עריכה</Link>
</Button>
)}
{!['cancelled', 'completed'].includes(event.status) && (
<Button
size="sm"
variant="ghost"
className="text-destructive hover:text-destructive"
onClick={() => onCancel(event.id, event.title)}
>
ביטול
</Button>
)}
</CardFooter>
</Card>
);
}

119
client/src/components/ImportGuestsForm.tsx Normal file
View File

@@ -0,0 +1,119 @@
import { useState, useRef } from 'react';
import { Button } from '@/components/ui/button';
import { Card, CardContent, CardHeader, CardTitle } from '@/components/ui/card';
interface ImportResult {
imported: number;
skipped: number;
warnings: number;
message: string;
details: {
skipped: { row: number; reason: string }[];
warnings: { row: number; name: string; warning: string }[];
};
}
interface ImportGuestsFormProps {
eventId: string;
onImported: () => void;
}
export function ImportGuestsForm({ eventId, onImported }: ImportGuestsFormProps) {
const [open, setOpen] = useState(false);
const [loading, setLoading] = useState(false);
const [result, setResult] = useState<ImportResult | null>(null);
const [error, setError] = useState('');
const fileRef = useRef<HTMLInputElement>(null);
async function handleImport() {
if (!fileRef.current?.files?.length) {
setError('נא לבחור קובץ');
return;
}
const file = fileRef.current.files[0];
const formData = new FormData();
formData.append('file', file);
setLoading(true);
setError('');
setResult(null);
try {
const res = await fetch(`/api/events/${eventId}/guests/import`, {
method: 'POST',
credentials: 'include',
body: formData,
});
const data = await res.json();
if (!res.ok) throw new Error(data.error || 'שגיאה בייבוא');
setResult(data);
onImported();
} catch (err: unknown) {
setError(err instanceof Error ? err.message : 'שגיאה');
} finally {
setLoading(false);
}
}
if (!open) {
return (
<Button variant="outline" onClick={() => setOpen(true)}>
ייבוא מ-Excel / CSV
</Button>
);
}
return (
<Card>
<CardHeader>
<CardTitle className="text-lg">ייבוא אורחים מקובץ</CardTitle>
</CardHeader>
<CardContent dir="rtl" className="space-y-4">
<p className="text-sm text-muted-foreground">
עמודות נדרשות: <span className="font-mono text-xs">name_hebrew, phone</span> (אופציונלי: name_transliteration, email, dietary_preference, relationship_group)
</p>
<p className="text-sm text-muted-foreground">פורמטים: CSV (.csv) או Excel (.xlsx, .xls) עד 500 שורות</p>
<div className="space-y-2">
<input
ref={fileRef}
type="file"
accept=".csv,.xlsx,.xls"
className="block w-full text-sm text-muted-foreground file:ml-4 file:rounded file:border-0 file:bg-primary file:px-3 file:py-1.5 file:text-sm file:text-primary-foreground file:cursor-pointer"
/>
</div>
{error && <p className="text-sm text-destructive">{error}</p>}
{result && (
<div className={`rounded-md p-3 text-sm ${result.skipped > 0 ? 'bg-yellow-50 border border-yellow-200' : 'bg-green-50 border border-green-200'}`}>
<p className="font-medium">{result.message}</p>
{result.warnings > 0 && (
<ul className="mt-1 space-y-0.5 text-xs text-yellow-800">
{result.details.warnings.map((w, i) => (
<li key={i}>שורה {w.row} ({w.name}): {w.warning}</li>
))}
</ul>
)}
{result.details.skipped.length > 0 && (
<ul className="mt-1 space-y-0.5 text-xs text-red-800">
{result.details.skipped.map((s, i) => (
<li key={i}>שורה {s.row}: {s.reason}</li>
))}
</ul>
)}
</div>
)}
<div className="flex gap-2">
<Button onClick={handleImport} disabled={loading}>
{loading ? 'מייבא...' : 'ייבא אורחים'}
</Button>
<Button variant="outline" onClick={() => { setOpen(false); setResult(null); setError(''); }}>
סגור
</Button>
</div>
</CardContent>
</Card>
);
}

65
client/src/components/PendingRemindersPanel.tsx Normal file
View File

@@ -0,0 +1,65 @@
import { useState, useEffect } from 'react';
import { Card, CardContent, CardHeader, CardTitle } from '@/components/ui/card';
interface Reminder {
id: string;
name_hebrew: string;
name_transliteration?: string;
phone?: string;
whatsapp_link: string;
days_until: number;
}
interface PendingRemindersPanelProps {
eventId: string;
refreshTrigger: number;
}
export function PendingRemindersPanel({ eventId, refreshTrigger }: PendingRemindersPanelProps) {
const [reminders, setReminders] = useState<Reminder[]>([]);
useEffect(() => {
fetch(`/api/events/${eventId}/guests/reminders`, { credentials: 'include' })
.then(r => r.json())
.then(d => setReminders(d.reminders || []))
.catch(() => {});
}, [eventId, refreshTrigger]);
if (reminders.length === 0) return null;
return (
<Card className="border-orange-200 bg-orange-50">
<CardHeader className="pb-2">
<CardTitle className="text-base text-orange-800" dir="rtl">
🔔 תזכורות ממתינות ({reminders.length})
</CardTitle>
</CardHeader>
<CardContent dir="rtl">
<p className="text-sm text-orange-700 mb-3">
האורחים הבאים עדיין לא אישרו הגעה. לחץ על הקישור לשלוח תזכורת ב-WhatsApp.
</p>
<ul className="space-y-2">
{reminders.map(r => (
<li key={r.id} className="flex items-center justify-between gap-3 rounded bg-white px-3 py-2 text-sm shadow-sm">
<div>
<span className="font-medium">{r.name_hebrew}</span>
{r.name_transliteration && (
<span className="text-xs text-muted-foreground mr-2" dir="ltr">{r.name_transliteration}</span>
)}
<span className="text-xs text-orange-600 mr-2">({r.days_until} ימים לאירוע)</span>
</div>
<a
href={r.whatsapp_link}
target="_blank"
rel="noopener noreferrer"
className="flex-shrink-0 rounded bg-green-600 px-2 py-1 text-xs text-white hover:bg-green-700"
>
📲 שלח תזכורת
</a>
</li>
))}
</ul>
</CardContent>
</Card>
);
}

24
client/src/components/ProtectedRoute.tsx Normal file
View File

@@ -0,0 +1,24 @@
import { Navigate } from 'react-router-dom';
import { useAuth } from '@/contexts/AuthContext';
interface ProtectedRouteProps {
children: React.ReactNode;
}
export function ProtectedRoute({ children }: ProtectedRouteProps) {
const { user, loading } = useAuth();
if (loading) {
return (
<div className="min-h-screen flex items-center justify-center">
<p className="text-muted-foreground">טוען...</p>
</div>
);
}
if (!user) {
return <Navigate to="/login" replace />;
}
return <>{children}</>;
}

67
client/src/components/RsvpSummaryCard.tsx Normal file
View File

@@ -0,0 +1,67 @@
import { Card, CardContent, CardHeader, CardTitle } from '@/components/ui/card';
interface Summary {
total: string | number;
confirmed: string | number;
declined: string | number;
pending: string | number;
}
interface CapacityWarning {
message: string;
percent: number;
confirmed: number;
capacity: number;
}
interface RsvpSummaryCardProps {
summary: Summary;
warning?: CapacityWarning | null;
}
export function RsvpSummaryCard({ summary, warning }: RsvpSummaryCardProps) {
return (
<div className="space-y-3">
<div className="grid grid-cols-2 md:grid-cols-4 gap-3">
<Card>
<CardHeader className="pb-1 pt-4 px-4">
<CardTitle className="text-sm font-medium text-muted-foreground">סה״כ מוזמנים</CardTitle>
</CardHeader>
<CardContent className="px-4 pb-4">
<p className="text-2xl font-bold">{summary.total}</p>
</CardContent>
</Card>
<Card className="border-green-200">
<CardHeader className="pb-1 pt-4 px-4">
<CardTitle className="text-sm font-medium text-green-700">מאושרים</CardTitle>
</CardHeader>
<CardContent className="px-4 pb-4">
<p className="text-2xl font-bold text-green-700">{summary.confirmed}</p>
</CardContent>
</Card>
<Card className="border-red-200">
<CardHeader className="pb-1 pt-4 px-4">
<CardTitle className="text-sm font-medium text-red-700">לא מגיעים</CardTitle>
</CardHeader>
<CardContent className="px-4 pb-4">
<p className="text-2xl font-bold text-red-700">{summary.declined}</p>
</CardContent>
</Card>
<Card className="border-yellow-200">
<CardHeader className="pb-1 pt-4 px-4">
<CardTitle className="text-sm font-medium text-yellow-700">ממתינים</CardTitle>
</CardHeader>
<CardContent className="px-4 pb-4">
<p className="text-2xl font-bold text-yellow-700">{summary.pending}</p>
</CardContent>
</Card>
</div>
{warning && (
<div className="rounded-md border border-orange-300 bg-orange-50 p-3 text-sm text-orange-800" dir="rtl">
{warning.message}
</div>
)}
</div>
);
}

30
client/src/components/ui/badge.tsx Normal file
View File

@@ -0,0 +1,30 @@
import * as React from 'react';
import { cva, type VariantProps } from 'class-variance-authority';
import { cn } from '@/lib/utils';
const badgeVariants = cva(
'inline-flex items-center rounded-full border px-2.5 py-0.5 text-xs font-semibold transition-colors',
{
variants: {
variant: {
default: 'border-transparent bg-primary text-primary-foreground',
secondary: 'border-transparent bg-muted text-muted-foreground',
destructive: 'border-transparent bg-destructive text-destructive-foreground',
outline: 'text-foreground',
success: 'border-transparent bg-green-100 text-green-800',
warning: 'border-transparent bg-yellow-100 text-yellow-800',
},
},
defaultVariants: { variant: 'default' },
}
);
export interface BadgeProps
extends React.HTMLAttributes<HTMLDivElement>,
VariantProps<typeof badgeVariants> {}
function Badge({ className, variant, ...props }: BadgeProps) {
return <div className={cn(badgeVariants({ variant }), className)} {...props} />;
}
export { Badge, badgeVariants };

51
client/src/components/ui/button.tsx Normal file
View File

@@ -0,0 +1,51 @@
import * as React from 'react';
import { Slot } from '@radix-ui/react-slot';
import { cva, type VariantProps } from 'class-variance-authority';
import { cn } from '@/lib/utils';
const buttonVariants = cva(
'inline-flex items-center justify-center rounded-md text-sm font-medium ring-offset-background transition-colors focus-visible:outline-none focus-visible:ring-2 focus-visible:ring-ring focus-visible:ring-offset-2 disabled:pointer-events-none disabled:opacity-50',
{
variants: {
variant: {
default: 'bg-primary text-primary-foreground hover:bg-primary/90',
destructive: 'bg-destructive text-destructive-foreground hover:bg-destructive/90',
outline: 'border border-input bg-background hover:bg-accent hover:text-accent-foreground',
ghost: 'hover:bg-accent hover:text-accent-foreground',
link: 'text-primary underline-offset-4 hover:underline',
},
size: {
default: 'h-10 px-4 py-2',
sm: 'h-9 rounded-md px-3',
lg: 'h-11 rounded-md px-8',
icon: 'h-10 w-10',
},
},
defaultVariants: {
variant: 'default',
size: 'default',
},
}
);
export interface ButtonProps
extends React.ButtonHTMLAttributes<HTMLButtonElement>,
VariantProps<typeof buttonVariants> {
asChild?: boolean;
}
const Button = React.forwardRef<HTMLButtonElement, ButtonProps>(
({ className, variant, size, asChild = false, ...props }, ref) => {
const Comp = asChild ? Slot : 'button';
return (
<Comp
className={cn(buttonVariants({ variant, size, className }))}
ref={ref}
{...props}
/>
);
}
);
Button.displayName = 'Button';
export { Button, buttonVariants };

50
client/src/components/ui/card.tsx Normal file
View File

@@ -0,0 +1,50 @@
import * as React from 'react';
import { cn } from '@/lib/utils';
const Card = React.forwardRef<HTMLDivElement, React.HTMLAttributes<HTMLDivElement>>(
({ className, ...props }, ref) => (
<div
ref={ref}
className={cn('rounded-lg border bg-card text-card-foreground shadow-sm', className)}
{...props}
/>
)
);
Card.displayName = 'Card';
const CardHeader = React.forwardRef<HTMLDivElement, React.HTMLAttributes<HTMLDivElement>>(
({ className, ...props }, ref) => (
<div ref={ref} className={cn('flex flex-col space-y-1.5 p-6', className)} {...props} />
)
);
CardHeader.displayName = 'CardHeader';
const CardTitle = React.forwardRef<HTMLParagraphElement, React.HTMLAttributes<HTMLHeadingElement>>(
({ className, ...props }, ref) => (
<h3 ref={ref} className={cn('text-2xl font-semibold leading-none tracking-tight', className)} {...props} />
)
);
CardTitle.displayName = 'CardTitle';
const CardDescription = React.forwardRef<HTMLParagraphElement, React.HTMLAttributes<HTMLParagraphElement>>(
({ className, ...props }, ref) => (
<p ref={ref} className={cn('text-sm text-muted-foreground', className)} {...props} />
)
);
CardDescription.displayName = 'CardDescription';
const CardContent = React.forwardRef<HTMLDivElement, React.HTMLAttributes<HTMLDivElement>>(
({ className, ...props }, ref) => (
<div ref={ref} className={cn('p-6 pt-0', className)} {...props} />
)
);
CardContent.displayName = 'CardContent';
const CardFooter = React.forwardRef<HTMLDivElement, React.HTMLAttributes<HTMLDivElement>>(
({ className, ...props }, ref) => (
<div ref={ref} className={cn('flex items-center p-6 pt-0', className)} {...props} />
)
);
CardFooter.displayName = 'CardFooter';
export { Card, CardHeader, CardFooter, CardTitle, CardDescription, CardContent };

23
client/src/components/ui/input.tsx Normal file
View File

@@ -0,0 +1,23 @@
import * as React from 'react';
import { cn } from '@/lib/utils';
export interface InputProps extends React.InputHTMLAttributes<HTMLInputElement> {}
const Input = React.forwardRef<HTMLInputElement, InputProps>(
({ className, type, ...props }, ref) => {
return (
<input
type={type}
className={cn(
'flex h-10 w-full rounded-md border border-input bg-background px-3 py-2 text-sm ring-offset-background file:border-0 file:bg-transparent file:text-sm file:font-medium placeholder:text-muted-foreground focus-visible:outline-none focus-visible:ring-2 focus-visible:ring-ring focus-visible:ring-offset-2 disabled:cursor-not-allowed disabled:opacity-50',
className
)}
ref={ref}
{...props}
/>
);
}
);
Input.displayName = 'Input';
export { Input };

19
client/src/components/ui/label.tsx Normal file
View File

@@ -0,0 +1,19 @@
import * as React from 'react';
import { cn } from '@/lib/utils';
const Label = React.forwardRef<
HTMLLabelElement,
React.LabelHTMLAttributes<HTMLLabelElement>
>(({ className, ...props }, ref) => (
<label
ref={ref}
className={cn(
'text-sm font-medium leading-none peer-disabled:cursor-not-allowed peer-disabled:opacity-70',
className
)}
{...props}
/>
));
Label.displayName = 'Label';
export { Label };

22
client/src/components/ui/select.tsx Normal file
View File

@@ -0,0 +1,22 @@
import * as React from 'react';
import { cn } from '@/lib/utils';
export interface SelectProps extends React.SelectHTMLAttributes<HTMLSelectElement> {}
const Select = React.forwardRef<HTMLSelectElement, SelectProps>(
({ className, children, ...props }, ref) => (
<select
ref={ref}
className={cn(
'flex h-10 w-full rounded-md border border-input bg-background px-3 py-2 text-sm ring-offset-background focus-visible:outline-none focus-visible:ring-2 focus-visible:ring-ring focus-visible:ring-offset-2 disabled:cursor-not-allowed disabled:opacity-50',
className
)}
{...props}
>
{children}
</select>
)
);
Select.displayName = 'Select';
export { Select };

75
client/src/contexts/AuthContext.tsx Normal file
View File

@@ -0,0 +1,75 @@
import React, { createContext, useContext, useEffect, useState } from 'react';
interface User {
id: string;
email: string;
display_name: string;
role: 'organizer' | 'vendor';
}
interface AuthContextValue {
user: User | null;
loading: boolean;
login: (email: string, password: string) => Promise<void>;
register: (email: string, password: string, displayName: string, role?: string) => Promise<void>;
logout: () => Promise<void>;
}
const AuthContext = createContext<AuthContextValue | null>(null);
export function AuthProvider({ children }: { children: React.ReactNode }) {
const [user, setUser] = useState<User | null>(null);
const [loading, setLoading] = useState(true);
// Restore session on mount
useEffect(() => {
fetch('/api/auth/me', { credentials: 'include' })
.then(res => res.ok ? res.json() : null)
.then(data => {
if (data?.user) setUser(data.user);
})
.catch(() => {})
.finally(() => setLoading(false));
}, []);
async function login(email: string, password: string) {
const res = await fetch('/api/auth/login', {
method: 'POST',
credentials: 'include',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({ email, password }),
});
const data = await res.json();
if (!res.ok) throw new Error(data.error || 'התחברות נכשלה');
setUser(data.user);
}
async function register(email: string, password: string, displayName: string, role = 'organizer') {
const res = await fetch('/api/auth/register', {
method: 'POST',
credentials: 'include',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({ email, password, display_name: displayName, role }),
});
const data = await res.json();
if (!res.ok) throw new Error(data.error || 'הרשמה נכשלה');
setUser(data.user);
}
async function logout() {
await fetch('/api/auth/logout', { method: 'POST', credentials: 'include' });
setUser(null);
}
return (
<AuthContext.Provider value={{ user, loading, login, register, logout }}>
{children}
</AuthContext.Provider>
);
}
export function useAuth() {
const ctx = useContext(AuthContext);
if (!ctx) throw new Error('useAuth must be used within AuthProvider');
return ctx;
}

33
client/src/index.css Normal file
View File

@@ -0,0 +1,33 @@
@tailwind base;
@tailwind components;
@tailwind utilities;
@layer base {
:root {
--background: 0 0% 100%;
--foreground: 222.2 84% 4.9%;
--card: 0 0% 100%;
--card-foreground: 222.2 84% 4.9%;
--primary: 222.2 47.4% 11.2%;
--primary-foreground: 210 40% 98%;
--muted: 210 40% 96.1%;
--muted-foreground: 215.4 16.3% 46.9%;
--destructive: 0 84.2% 60.2%;
--destructive-foreground: 210 40% 98%;
--border: 214.3 31.8% 91.4%;
--input: 214.3 31.8% 91.4%;
--ring: 222.2 84% 4.9%;
--radius: 0.5rem;
}
* {
@apply border-border;
}
body {
@apply bg-background text-foreground;
font-family: 'Segoe UI', system-ui, -apple-system, sans-serif;
margin: 0;
min-height: 100vh;
}
}

6
client/src/lib/utils.ts Normal file
View File

@@ -0,0 +1,6 @@
import { type ClassValue, clsx } from 'clsx';
import { twMerge } from 'tailwind-merge';
export function cn(...inputs: ClassValue[]) {
return twMerge(clsx(inputs));
}

10
client/src/main.tsx Normal file
View File

@@ -0,0 +1,10 @@
import { StrictMode } from 'react'
import { createRoot } from 'react-dom/client'
import './index.css'
import App from './App.tsx'
createRoot(document.getElementById('root')!).render(
<StrictMode>
<App />
</StrictMode>,
)

255
client/src/pages/CreateEventPage.tsx Normal file
View File

@@ -0,0 +1,255 @@
import { useState, type FormEvent } from 'react';
import { useNavigate, Link } from 'react-router-dom';
import { Button } from '@/components/ui/button';
import { Input } from '@/components/ui/input';
import { Label } from '@/components/ui/label';
import { Select } from '@/components/ui/select';
import { Card, CardContent, CardHeader, CardTitle } from '@/components/ui/card';
import { ComplianceChecklist } from '@/components/ComplianceChecklist';
export function CreateEventPage() {
const navigate = useNavigate();
const [loading, setLoading] = useState(false);
const [error, setError] = useState('');
const [showCompliance, setShowCompliance] = useState(false);
const [complianceItems, setComplianceItems] = useState<Record<string, boolean>>({});
const [form, setForm] = useState({
title: '',
event_date: '',
event_time: '18:00',
venue_name: '',
venue_address: '',
description: '',
max_guests: '',
venue_capacity: '',
kashrut_level: 'none',
noise_curfew_time: '23:00',
language_pref: 'hebrew',
budget: '',
});
function handleChange(field: string, value: string) {
setForm(prev => {
const next = { ...prev, [field]: value };
// Show compliance checklist when guest count reaches 100
if (field === 'max_guests') {
setShowCompliance(parseInt(value) >= 100);
}
return next;
});
}
// Validate date is not in the past
const minDate = new Date().toISOString().split('T')[0];
async function handleSubmit(e: FormEvent) {
e.preventDefault();
setError('');
const eventDatetime = form.event_date && form.event_time
? `${form.event_date}T${form.event_time}:00+02:00`
: form.event_date;
if (new Date(eventDatetime) < new Date()) {
setError('לא ניתן ליצור אירוע בתאריך עבר');
return;
}
setLoading(true);
try {
const res = await fetch('/api/events', {
method: 'POST',
credentials: 'include',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({
title: form.title,
event_date: eventDatetime,
venue_name: form.venue_name,
venue_address: form.venue_address || undefined,
description: form.description || undefined,
max_guests: form.max_guests ? parseInt(form.max_guests) : undefined,
venue_capacity: form.venue_capacity ? parseInt(form.venue_capacity) : undefined,
kashrut_level: form.kashrut_level,
noise_curfew_time: form.noise_curfew_time,
language_pref: form.language_pref,
budget: form.budget ? parseFloat(form.budget) : undefined,
}),
});
const data = await res.json();
if (!res.ok) throw new Error(data.error || 'שגיאה ביצירת האירוע');
navigate(`/events/${data.event.id}`);
} catch (err: unknown) {
setError(err instanceof Error ? err.message : 'שגיאה');
} finally {
setLoading(false);
}
}
return (
<div className="min-h-screen bg-muted/40 p-6" dir="rtl">
<div className="max-w-2xl mx-auto space-y-6">
<div className="flex items-center gap-3">
<Button asChild variant="ghost" size="sm">
<Link to="/dashboard"> חזרה</Link>
</Button>
<h1 className="text-2xl font-bold">יצירת אירוע חדש</h1>
</div>
<Card>
<CardHeader>
<CardTitle>פרטי האירוע</CardTitle>
</CardHeader>
<CardContent>
<form onSubmit={handleSubmit} className="space-y-4">
<div className="space-y-1">
<Label htmlFor="title">שם האירוע *</Label>
<Input
id="title"
value={form.title}
onChange={e => handleChange('title', e.target.value)}
placeholder="חתונת יוסי ומיכל"
required
/>
</div>
<div className="grid grid-cols-2 gap-4">
<div className="space-y-1">
<Label htmlFor="event_date">תאריך האירוע *</Label>
<Input
id="event_date"
type="date"
value={form.event_date}
onChange={e => handleChange('event_date', e.target.value)}
min={minDate}
required
dir="ltr"
/>
</div>
<div className="space-y-1">
<Label htmlFor="event_time">שעת התחלה</Label>
<Input
id="event_time"
type="time"
value={form.event_time}
onChange={e => handleChange('event_time', e.target.value)}
dir="ltr"
/>
</div>
</div>
<div className="space-y-1">
<Label htmlFor="venue_name">שם המקום *</Label>
<Input
id="venue_name"
value={form.venue_name}
onChange={e => handleChange('venue_name', e.target.value)}
placeholder="אולם הנשיאים"
required
/>
</div>
<div className="space-y-1">
<Label htmlFor="venue_address">כתובת המקום</Label>
<Input
id="venue_address"
value={form.venue_address}
onChange={e => handleChange('venue_address', e.target.value)}
placeholder="רחוב הרצל 1, תל אביב"
/>
</div>
<div className="space-y-1">
<Label htmlFor="description">תיאור</Label>
<textarea
id="description"
value={form.description}
onChange={e => handleChange('description', e.target.value)}
placeholder="תיאור האירוע..."
rows={3}
className="flex w-full rounded-md border border-input bg-background px-3 py-2 text-sm ring-offset-background placeholder:text-muted-foreground focus-visible:outline-none focus-visible:ring-2 focus-visible:ring-ring focus-visible:ring-offset-2"
/>
</div>
<div className="grid grid-cols-2 gap-4">
<div className="space-y-1">
<Label htmlFor="max_guests">מספר אורחים מקסימלי</Label>
<Input
id="max_guests"
type="number"
min="1"
value={form.max_guests}
onChange={e => handleChange('max_guests', e.target.value)}
placeholder="150"
dir="ltr"
/>
</div>
<div className="space-y-1">
<Label htmlFor="venue_capacity">קיבולת האולם</Label>
<Input
id="venue_capacity"
type="number"
min="1"
value={form.venue_capacity}
onChange={e => handleChange('venue_capacity', e.target.value)}
placeholder="200"
dir="ltr"
/>
</div>
</div>
<div className="grid grid-cols-2 gap-4">
<div className="space-y-1">
<Label htmlFor="kashrut_level">רמת כשרות</Label>
<Select
id="kashrut_level"
value={form.kashrut_level}
onChange={e => handleChange('kashrut_level', e.target.value)}
>
<option value="none">ללא</option>
<option value="regular">כשר רגיל</option>
<option value="mehadrin">כשר מהדרין</option>
<option value="chalav_yisrael">חלב ישראל</option>
</Select>
</div>
<div className="space-y-1">
<Label htmlFor="budget">תקציב ()</Label>
<Input
id="budget"
type="number"
min="0"
value={form.budget}
onChange={e => handleChange('budget', e.target.value)}
placeholder="50000"
dir="ltr"
/>
</div>
</div>
{showCompliance && (
<ComplianceChecklist
onDismiss={() => setShowCompliance(false)}
checkedItems={complianceItems}
onItemChange={(key, checked) => setComplianceItems(prev => ({ ...prev, [key]: checked }))}
/>
)}
{error && <p className="text-sm text-destructive">{error}</p>}
<div className="flex gap-3 pt-2">
<Button type="submit" disabled={loading}>
{loading ? 'יוצר...' : 'צור אירוע'}
</Button>
<Button asChild type="button" variant="outline">
<Link to="/dashboard">ביטול</Link>
</Button>
</div>
</form>
</CardContent>
</Card>
</div>
</div>
);
}

125
client/src/pages/DashboardPage.tsx Normal file
View File

@@ -0,0 +1,125 @@
import { useState, useEffect, useCallback } from 'react';
import { Link } from 'react-router-dom';
import { useAuth } from '@/contexts/AuthContext';
import { Button } from '@/components/ui/button';
import { EventCard, type EventSummary } from '@/components/EventCard';
export function DashboardPage() {
const { user, logout } = useAuth();
const [events, setEvents] = useState<EventSummary[]>([]);
const [total, setTotal] = useState(0);
const [loading, setLoading] = useState(true);
const [page, setPage] = useState(1);
const LIMIT = 20;
const fetchEvents = useCallback(async () => {
const res = await fetch(`/api/events?page=${page}&limit=${LIMIT}`, { credentials: 'include' });
if (!res.ok) return;
const data = await res.json();
setEvents(data.events);
setTotal(data.total);
setLoading(false);
}, [page]);
useEffect(() => { fetchEvents(); }, [fetchEvents]);
async function handlePublish(id: string) {
await fetch(`/api/events/${id}`, {
method: 'PUT',
credentials: 'include',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({ status: 'published' }),
});
fetchEvents();
}
async function handleCancel(id: string, title: string) {
if (!confirm(`לבטל את האירוע "${title}"?`)) return;
await fetch(`/api/events/${id}`, { method: 'DELETE', credentials: 'include' });
fetchEvents();
}
const totalPages = Math.ceil(total / LIMIT);
return (
<div className="min-h-screen bg-muted/40 p-6" dir="rtl">
<div className="max-w-5xl mx-auto space-y-6">
{/* Header */}
<div className="flex items-center justify-between flex-wrap gap-3">
<div>
<h1 className="text-3xl font-bold">אירועית</h1>
<p className="text-muted-foreground text-sm mt-1">
שלום, {user?.display_name} {user?.role === 'organizer' ? 'מארגן אירועים' : 'ספק שירותים'}
</p>
</div>
<div className="flex gap-2">
{user?.role === 'organizer' && (
<Button asChild>
<Link to="/events/new">+ אירוע חדש</Link>
</Button>
)}
<Button variant="outline" onClick={logout}>התנתקות</Button>
</div>
</div>
{/* Event list */}
{loading ? (
<p className="text-muted-foreground text-center py-12">טוען...</p>
) : events.length === 0 ? (
/* Empty state */
<div className="flex flex-col items-center justify-center py-24 text-center space-y-4">
<p className="text-5xl">🎉</p>
<h2 className="text-xl font-semibold">אין עדיין אירועים</h2>
<p className="text-muted-foreground max-w-sm">
צור את האירוע הראשון שלך ותתחיל לנהל אורחים, ספקים ועוד.
</p>
<Button asChild size="lg" className="mt-2">
<Link to="/events/new"> צור אירוע ראשון</Link>
</Button>
</div>
) : (
<>
<div className="flex items-center justify-between">
<h2 className="text-lg font-semibold">האירועים שלי ({total})</h2>
</div>
<div className="grid grid-cols-1 md:grid-cols-2 gap-4">
{events.map(event => (
<EventCard
key={event.id}
event={event}
onCancel={handleCancel}
onPublish={handlePublish}
/>
))}
</div>
{/* Pagination */}
{totalPages > 1 && (
<div className="flex justify-center gap-2 pt-2">
<Button
variant="outline"
size="sm"
disabled={page === 1}
onClick={() => setPage(p => p - 1)}
>
הקודם
</Button>
<span className="flex items-center text-sm text-muted-foreground px-3">
{page} / {totalPages}
</span>
<Button
variant="outline"
size="sm"
disabled={page === totalPages}
onClick={() => setPage(p => p + 1)}
>
הבא
</Button>
</div>
)}
</>
)}
</div>
</div>
);
}

153
client/src/pages/EventDetailPage.tsx Normal file
View File

@@ -0,0 +1,153 @@
import { useState, useEffect } from 'react';
import { useParams, Link, useNavigate } from 'react-router-dom';
import { Button } from '@/components/ui/button';
import { Badge } from '@/components/ui/badge';
import { Card, CardContent, CardHeader, CardTitle } from '@/components/ui/card';
import { ComplianceChecklist } from '@/components/ComplianceChecklist';
import type { EventSummary } from '@/components/EventCard';
const STATUS_LABELS: Record<string, string> = {
draft: 'טיוטה', published: 'פורסם', cancelled: 'בוטל', completed: 'הסתיים',
};
const STATUS_VARIANTS: Record<string, 'default' | 'secondary' | 'destructive' | 'outline' | 'success' | 'warning'> = {
draft: 'secondary', published: 'success', cancelled: 'destructive', completed: 'outline',
};
const KASHRUT_LABELS: Record<string, string> = {
none: 'ללא', regular: 'כשר רגיל', mehadrin: 'כשר מהדרין', chalav_yisrael: 'חלב ישראל',
};
export function EventDetailPage() {
const { id } = useParams<{ id: string }>();
const navigate = useNavigate();
const [event, setEvent] = useState<EventSummary | null>(null);
const [loading, setLoading] = useState(true);
const [error, setError] = useState('');
useEffect(() => {
fetch(`/api/events/${id}`, { credentials: 'include' })
.then(r => r.json())
.then(d => {
if (d.error) throw new Error(d.error);
setEvent(d.event);
})
.catch(err => setError(err.message))
.finally(() => setLoading(false));
}, [id]);
async function handlePublish() {
const res = await fetch(`/api/events/${id}`, {
method: 'PUT',
credentials: 'include',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({ status: 'published' }),
});
const data = await res.json();
if (res.ok) setEvent(data.event);
}
async function handleCancel() {
if (!confirm(`לבטל את האירוע "${event?.title}"?`)) return;
await fetch(`/api/events/${id}`, { method: 'DELETE', credentials: 'include' });
navigate('/dashboard');
}
if (loading) return <div className="min-h-screen flex items-center justify-center"><p className="text-muted-foreground">טוען...</p></div>;
if (error || !event) return <div className="min-h-screen flex items-center justify-center"><p className="text-destructive">{error || 'אירוע לא נמצא'}</p></div>;
const formattedDate = event.event_date
? new Date(event.event_date).toLocaleDateString('he-IL', {
weekday: 'long', day: 'numeric', month: 'long', year: 'numeric', hour: '2-digit', minute: '2-digit',
timeZone: 'Asia/Jerusalem',
})
: null;
const daysUntil = event.event_date
? Math.ceil((new Date(event.event_date).getTime() - Date.now()) / (1000 * 60 * 60 * 24))
: null;
const showComplianceChecklist = (event.max_guests || 0) >= 100;
return (
<div className="min-h-screen bg-muted/40 p-6" dir="rtl">
<div className="max-w-3xl mx-auto space-y-6">
{/* Header */}
<div className="flex items-center gap-3 flex-wrap">
<Button asChild variant="ghost" size="sm"><Link to="/dashboard"> לוח בקרה</Link></Button>
<div className="flex-1" />
<div className="flex gap-2">
{event.status === 'draft' && (
<>
<Button size="sm" onClick={handlePublish}>פרסם אירוע</Button>
<Button asChild size="sm" variant="outline"><Link to={`/events/${id}/edit`}>עריכה</Link></Button>
</>
)}
{event.status === 'published' && (
<Button asChild size="sm" variant="outline"><Link to={`/events/${id}/edit`}>עריכה</Link></Button>
)}
{!['cancelled', 'completed'].includes(event.status) && (
<Button size="sm" variant="ghost" className="text-destructive hover:text-destructive" onClick={handleCancel}>
ביטול אירוע
</Button>
)}
</div>
</div>
{/* Main info */}
<Card>
<CardHeader>
<div className="flex items-start justify-between gap-2">
<CardTitle className="text-2xl">{event.title}</CardTitle>
<Badge variant={STATUS_VARIANTS[event.status]}>{STATUS_LABELS[event.status]}</Badge>
</div>
{formattedDate && <p className="text-muted-foreground">📅 {formattedDate}</p>}
{daysUntil !== null && daysUntil > 0 && (
<p className="text-sm font-medium text-primary"> {daysUntil} ימים עד האירוע</p>
)}
</CardHeader>
<CardContent className="space-y-3 text-sm">
{event.venue_name && (
<p>📍 <strong>{event.venue_name}</strong>{event.venue_address ? `${event.venue_address}` : ''}</p>
)}
{event.kashrut_level && event.kashrut_level !== 'none' && (
<p>🕍 כשרות: {KASHRUT_LABELS[event.kashrut_level]}</p>
)}
{event.budget && (
<p>💰 תקציב: {Number(event.budget).toLocaleString('he-IL')}</p>
)}
</CardContent>
</Card>
{/* Stats */}
<div className="grid grid-cols-2 md:grid-cols-4 gap-3">
{[
{ label: 'מוזמנים', value: `${event.rsvp_total}${event.max_guests ? `/${event.max_guests}` : ''}`, color: '' },
{ label: 'מאושרים', value: event.rsvp_confirmed, color: 'text-green-700' },
{ label: 'ממתינים', value: event.rsvp_pending, color: 'text-yellow-700' },
{ label: 'ספקים מאושרים', value: event.vendors_confirmed, color: 'text-blue-700' },
].map(stat => (
<Card key={stat.label}>
<CardContent className="pt-4 pb-3 px-4">
<p className="text-xs text-muted-foreground">{stat.label}</p>
<p className={`text-2xl font-bold ${stat.color}`}>{stat.value}</p>
</CardContent>
</Card>
))}
</div>
{/* Compliance checklist (read-only on detail page) */}
{showComplianceChecklist && (
<ComplianceChecklist readOnly />
)}
{/* Quick actions */}
<Card>
<CardContent className="pt-4 flex gap-3 flex-wrap">
<Button asChild variant="outline">
<Link to={`/events/${id}/guests`}>ניהול אורחים</Link>
</Button>
</CardContent>
</Card>
</div>
</div>
);
}

235
client/src/pages/GuestListPage.tsx Normal file
View File

@@ -0,0 +1,235 @@
import { useState, useEffect, useCallback } from 'react';
import { useParams } from 'react-router-dom';
import { Badge } from '@/components/ui/badge';
import { Button } from '@/components/ui/button';
import { Input } from '@/components/ui/input';
import { Select } from '@/components/ui/select';
import { RsvpSummaryCard } from '@/components/RsvpSummaryCard';
import { AddGuestForm } from '@/components/AddGuestForm';
import { ImportGuestsForm } from '@/components/ImportGuestsForm';
import { PendingRemindersPanel } from '@/components/PendingRemindersPanel';
interface Guest {
id: string;
name_hebrew: string;
name_transliteration?: string;
phone?: string;
email?: string;
rsvp_status: 'pending' | 'confirmed' | 'declined';
table_number?: number;
dietary_preference: string;
dietary_notes?: string;
whatsapp_link?: string;
}
interface Summary {
total: string;
confirmed: string;
declined: string;
pending: string;
}
interface CapacityWarning {
message: string;
percent: number;
confirmed: number;
capacity: number;
}
const DIETARY_LABELS: Record<string, string> = {
none: 'ללא',
vegetarian: 'צמחוני',
vegan: 'טבעוני',
kosher_regular: 'כשר',
kosher_mehadrin: 'כשר מהדרין',
};
export function GuestListPage() {
const { eventId } = useParams<{ eventId: string }>();
const [guests, setGuests] = useState<Guest[]>([]);
const [summary, setSummary] = useState<Summary>({ total: '0', confirmed: '0', declined: '0', pending: '0' });
const [warning, setWarning] = useState<CapacityWarning | null>(null);
const [loading, setLoading] = useState(true);
const [statusFilter, setStatusFilter] = useState('');
const [search, setSearch] = useState('');
const [deletingId, setDeletingId] = useState<string | null>(null);
const [refreshTrigger, setRefreshTrigger] = useState(0);
const fetchGuests = useCallback(async () => {
if (!eventId) return;
const params = new URLSearchParams();
if (statusFilter) params.set('status', statusFilter);
if (search) params.set('search', search);
try {
const res = await fetch(`/api/events/${eventId}/guests?${params}`, { credentials: 'include' });
if (!res.ok) return;
const data = await res.json();
setGuests(data.guests);
setSummary(data.summary);
setWarning(data.warning || null);
} catch {
// silently fail on poll
} finally {
setLoading(false);
}
}, [eventId, statusFilter, search]);
useEffect(() => {
fetchGuests();
// Poll every 30 seconds for real-time updates (MVP approach)
const interval = setInterval(fetchGuests, 30_000);
return () => clearInterval(interval);
}, [fetchGuests]);
function triggerRefresh() {
fetchGuests();
setRefreshTrigger(n => n + 1);
}
async function handleDelete(guestId: string, guestName: string) {
if (!confirm(`האם למחוק את האורח "${guestName}"? פעולה זו היא סופית.`)) return;
setDeletingId(guestId);
try {
await fetch(`/api/guests/${guestId}`, { method: 'DELETE', credentials: 'include' });
triggerRefresh();
} finally {
setDeletingId(null);
}
}
async function handleStatusOverride(guestId: string, newStatus: string) {
await fetch(`/api/guests/${guestId}`, {
method: 'PUT',
credentials: 'include',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({ rsvp_status: newStatus }),
});
triggerRefresh();
}
function handleExport() {
window.open(`/api/events/${eventId}/guests/export`, '_blank');
}
return (
<div className="min-h-screen bg-muted/40 p-6" dir="rtl">
<div className="max-w-6xl mx-auto space-y-6">
<div className="flex items-center justify-between flex-wrap gap-3">
<h1 className="text-2xl font-bold">רשימת אורחים</h1>
<div className="flex gap-2">
<Button variant="outline" onClick={handleExport}>
ייצוא CSV
</Button>
</div>
</div>
<RsvpSummaryCard summary={summary} warning={warning} />
<PendingRemindersPanel eventId={eventId!} refreshTrigger={refreshTrigger} />
<div className="flex gap-3 flex-wrap">
<AddGuestForm eventId={eventId!} onGuestAdded={triggerRefresh} />
<ImportGuestsForm eventId={eventId!} onImported={triggerRefresh} />
</div>
{/* Filters */}
<div className="flex gap-3 flex-wrap">
<Input
placeholder="חיפוש לפי שם..."
value={search}
onChange={e => setSearch(e.target.value)}
className="max-w-xs"
/>
<Select
value={statusFilter}
onChange={e => setStatusFilter(e.target.value)}
className="max-w-[180px]"
>
<option value="">כל הסטטוסים</option>
<option value="pending">ממתינים</option>
<option value="confirmed">מאושרים</option>
<option value="declined">לא מגיעים</option>
</Select>
</div>
{/* Guest Table */}
{loading ? (
<p className="text-muted-foreground">טוען...</p>
) : guests.length === 0 ? (
<p className="text-muted-foreground py-8 text-center">אין אורחים עדיין. הוסף את האורח הראשון!</p>
) : (
<div className="overflow-x-auto rounded-lg border bg-white">
<table className="w-full text-sm">
<thead>
<tr className="border-b bg-muted/50 text-right">
<th className="px-4 py-3 font-medium">שם</th>
<th className="px-4 py-3 font-medium">טלפון</th>
<th className="px-4 py-3 font-medium">סטטוס RSVP</th>
<th className="px-4 py-3 font-medium">שולחן</th>
<th className="px-4 py-3 font-medium">תזונה</th>
<th className="px-4 py-3 font-medium">WhatsApp</th>
<th className="px-4 py-3 font-medium">פעולות</th>
</tr>
</thead>
<tbody>
{guests.map(guest => (
<tr key={guest.id} className="border-b hover:bg-muted/20 transition-colors">
<td className="px-4 py-3">
<p className="font-medium">{guest.name_hebrew}</p>
{guest.name_transliteration && (
<p className="text-xs text-muted-foreground" dir="ltr">{guest.name_transliteration}</p>
)}
</td>
<td className="px-4 py-3 text-muted-foreground" dir="ltr">{guest.phone || '—'}</td>
<td className="px-4 py-3">
<Select
value={guest.rsvp_status}
onChange={e => handleStatusOverride(guest.id, e.target.value)}
className="h-7 text-xs py-0 w-32"
>
<option value="pending">ממתין</option>
<option value="confirmed">מאושר</option>
<option value="declined">לא מגיע</option>
</Select>
</td>
<td className="px-4 py-3 text-center">{guest.table_number || '—'}</td>
<td className="px-4 py-3">
<Badge variant={guest.dietary_preference === 'none' ? 'secondary' : 'outline'}>
{DIETARY_LABELS[guest.dietary_preference] || guest.dietary_preference}
</Badge>
</td>
<td className="px-4 py-3">
{guest.whatsapp_link ? (
<a
href={guest.whatsapp_link}
target="_blank"
rel="noopener noreferrer"
className="text-green-600 hover:underline text-xs"
>
📲 שלח
</a>
) : '—'}
</td>
<td className="px-4 py-3">
<Button
variant="ghost"
size="sm"
onClick={() => handleDelete(guest.id, guest.name_hebrew)}
disabled={deletingId === guest.id}
className="text-destructive hover:text-destructive h-7 px-2"
>
מחק
</Button>
</td>
</tr>
))}
</tbody>
</table>
</div>
)}
</div>
</div>
);
}

105
client/src/pages/LoginPage.tsx Normal file
View File

@@ -0,0 +1,105 @@
import { useState, type FormEvent } from 'react';
import { useNavigate, Link } from 'react-router-dom';
import { useAuth } from '@/contexts/AuthContext';
import { Button } from '@/components/ui/button';
import { Input } from '@/components/ui/input';
import { Label } from '@/components/ui/label';
import { Card, CardContent, CardDescription, CardFooter, CardHeader, CardTitle } from '@/components/ui/card';
export function LoginPage() {
const { login } = useAuth();
const navigate = useNavigate();
const [email, setEmail] = useState('');
const [password, setPassword] = useState('');
const [error, setError] = useState('');
const [loading, setLoading] = useState(false);
// Inline validation
const emailError = email && !/^[^\s@]+@[^\s@]+\.[^\s@]+$/.test(email) ? 'כתובת אימייל לא תקינה' : '';
const passwordError = password && password.length < 8 ? 'הסיסמה חייבת להכיל לפחות 8 תווים' : '';
async function handleSubmit(e: FormEvent) {
e.preventDefault();
if (emailError || passwordError) return;
setError('');
setLoading(true);
try {
await login(email, password);
navigate('/dashboard');
} catch (err: unknown) {
setError(err instanceof Error ? err.message : 'שגיאה בהתחברות');
} finally {
setLoading(false);
}
}
return (
<div className="min-h-screen flex items-center justify-center bg-muted/40 p-4">
<Card className="w-full max-w-md">
<CardHeader className="text-center">
<CardTitle className="text-2xl">אירועית</CardTitle>
<CardDescription>התחבר לחשבון שלך</CardDescription>
</CardHeader>
<CardContent>
{/* RTL form for Hebrew UI */}
<form onSubmit={handleSubmit} dir="rtl" className="space-y-4">
<div className="space-y-1">
<Label htmlFor="email">אימייל</Label>
<Input
id="email"
type="email"
placeholder="your@email.com"
value={email}
onChange={e => setEmail(e.target.value)}
required
autoComplete="email"
dir="ltr"
/>
{emailError && <p className="text-sm text-destructive">{emailError}</p>}
</div>
<div className="space-y-1">
<Label htmlFor="password">סיסמה</Label>
<Input
id="password"
type="password"
placeholder="••••••••"
value={password}
onChange={e => setPassword(e.target.value)}
required
autoComplete="current-password"
dir="ltr"
/>
{passwordError && <p className="text-sm text-destructive">{passwordError}</p>}
</div>
{error && (
<div className="rounded-md bg-destructive/10 p-3">
<p className="text-sm text-destructive text-center">{error}</p>
</div>
)}
<Button
type="submit"
className="w-full"
disabled={loading || !!emailError || !!passwordError}
>
{loading ? 'מתחבר...' : 'כניסה'}
</Button>
</form>
</CardContent>
<CardFooter className="justify-center">
<p className="text-sm text-muted-foreground" dir="rtl">
אין לך חשבון?{' '}
<Link to="/register" className="text-primary underline underline-offset-4 hover:opacity-80">
הרשמה
</Link>
</p>
</CardFooter>
</Card>
</div>
);
}

156
client/src/pages/RegisterPage.tsx Normal file
View File

@@ -0,0 +1,156 @@
import { useState, type FormEvent } from 'react';
import { useNavigate, Link } from 'react-router-dom';
import { useAuth } from '@/contexts/AuthContext';
import { Button } from '@/components/ui/button';
import { Input } from '@/components/ui/input';
import { Label } from '@/components/ui/label';
import { Card, CardContent, CardDescription, CardFooter, CardHeader, CardTitle } from '@/components/ui/card';
export function RegisterPage() {
const { register } = useAuth();
const navigate = useNavigate();
const [email, setEmail] = useState('');
const [password, setPassword] = useState('');
const [displayName, setDisplayName] = useState('');
const [role, setRole] = useState<'organizer' | 'vendor'>('organizer');
const [error, setError] = useState('');
const [loading, setLoading] = useState(false);
// Inline validation
const emailError = email && !/^[^\s@]+@[^\s@]+\.[^\s@]+$/.test(email) ? 'כתובת אימייל לא תקינה' : '';
const passwordError = password && password.length < 8 ? 'הסיסמה חייבת להכיל לפחות 8 תווים' : '';
const nameError = displayName && displayName.trim().length === 0 ? 'שם תצוגה הוא שדה חובה' : '';
async function handleSubmit(e: FormEvent) {
e.preventDefault();
if (emailError || passwordError || nameError) return;
setError('');
setLoading(true);
try {
await register(email, password, displayName, role);
navigate('/dashboard');
} catch (err: unknown) {
setError(err instanceof Error ? err.message : 'שגיאה בהרשמה');
} finally {
setLoading(false);
}
}
return (
<div className="min-h-screen flex items-center justify-center bg-muted/40 p-4">
<Card className="w-full max-w-md">
<CardHeader className="text-center">
<CardTitle className="text-2xl">אירועית</CardTitle>
<CardDescription>יצירת חשבון חדש</CardDescription>
</CardHeader>
<CardContent>
{/* RTL form for Hebrew UI */}
<form onSubmit={handleSubmit} dir="rtl" className="space-y-4">
<div className="space-y-1">
<Label htmlFor="displayName">שם תצוגה</Label>
<Input
id="displayName"
type="text"
placeholder="ישראל ישראלי"
value={displayName}
onChange={e => setDisplayName(e.target.value)}
required
autoComplete="name"
/>
{nameError && <p className="text-sm text-destructive">{nameError}</p>}
</div>
<div className="space-y-1">
<Label htmlFor="email">אימייל</Label>
<Input
id="email"
type="email"
placeholder="your@email.com"
value={email}
onChange={e => setEmail(e.target.value)}
required
autoComplete="email"
dir="ltr"
/>
{emailError && <p className="text-sm text-destructive">{emailError}</p>}
</div>
<div className="space-y-1">
<Label htmlFor="password">סיסמה</Label>
<Input
id="password"
type="password"
placeholder="מינימום 8 תווים"
value={password}
onChange={e => setPassword(e.target.value)}
required
autoComplete="new-password"
dir="ltr"
/>
{passwordError && <p className="text-sm text-destructive">{passwordError}</p>}
</div>
<div className="space-y-1">
<Label>סוג חשבון</Label>
<div className="grid grid-cols-2 gap-2 pt-1">
<button
type="button"
onClick={() => setRole('organizer')}
className={`rounded-md border px-3 py-2 text-sm transition-colors ${
role === 'organizer'
? 'border-primary bg-primary text-primary-foreground'
: 'border-input bg-background hover:bg-muted'
}`}
>
מארגן אירוע
</button>
<button
type="button"
onClick={() => setRole('vendor')}
className={`rounded-md border px-3 py-2 text-sm transition-colors ${
role === 'vendor'
? 'border-primary bg-primary text-primary-foreground'
: 'border-input bg-background hover:bg-muted'
}`}
>
ספק שירותים
</button>
</div>
</div>
{/* Israeli Privacy Law disclosure */}
<p className="text-xs text-muted-foreground leading-relaxed">
בהרשמה אתה מסכים לאיסוף ועיבוד הנתונים שלך בהתאם לחוק הגנת הפרטיות הישראלי 2023.
המידע שנאסף: שם, אימייל, וסיסמה מוצפנת.
</p>
{error && (
<div className="rounded-md bg-destructive/10 p-3">
<p className="text-sm text-destructive text-center">{error}</p>
</div>
)}
<Button
type="submit"
className="w-full"
disabled={loading || !!emailError || !!passwordError || !!nameError}
>
{loading ? 'נרשם...' : 'הרשמה'}
</Button>
</form>
</CardContent>
<CardFooter className="justify-center">
<p className="text-sm text-muted-foreground" dir="rtl">
יש לך כבר חשבון?{' '}
<Link to="/login" className="text-primary underline underline-offset-4 hover:opacity-80">
כניסה
</Link>
</p>
</CardFooter>
</Card>
</div>
);
}

214
client/src/pages/RsvpPage.tsx Normal file
View File

@@ -0,0 +1,214 @@
import { useState, useEffect } from 'react';
import { useParams } from 'react-router-dom';
import { Button } from '@/components/ui/button';
import { Select } from '@/components/ui/select';
import { Input } from '@/components/ui/input';
import { Label } from '@/components/ui/label';
import { Card, CardContent, CardDescription, CardHeader, CardTitle } from '@/components/ui/card';
interface RsvpData {
guest: {
id: string;
name_hebrew: string;
name_transliteration?: string;
rsvp_status: string;
dietary_preference: string;
dietary_notes?: string;
};
event: {
id: string;
title: string;
event_date?: string;
venue_name?: string;
venue_address?: string;
kashrut_level?: string;
};
}
const KASHRUT_LABELS: Record<string, string> = {
none: '',
regular: 'כשר',
mehadrin: 'כשר מהדרין',
chalav_yisrael: 'חלב ישראל',
};
const DIETARY_LABELS: Record<string, string> = {
none: 'ללא הגבלה',
vegetarian: 'צמחוני',
vegan: 'טבעוני',
kosher_regular: 'כשר',
kosher_mehadrin: 'כשר מהדרין',
};
export function RsvpPage() {
const { token } = useParams<{ token: string }>();
const [data, setData] = useState<RsvpData | null>(null);
const [loading, setLoading] = useState(true);
const [error, setError] = useState('');
const [submitted, setSubmitted] = useState(false);
const [submitting, setSubmitting] = useState(false);
const [submitError, setSubmitError] = useState('');
const [dietary_preference, setDietaryPreference] = useState('');
const [dietary_notes, setDietaryNotes] = useState('');
useEffect(() => {
fetch(`/api/rsvp/${token}`)
.then(res => res.json())
.then(d => {
if (d.error) throw new Error(d.error);
setData(d);
setDietaryPreference(d.guest.dietary_preference || 'none');
setDietaryNotes(d.guest.dietary_notes || '');
if (d.guest.rsvp_status !== 'pending') setSubmitted(true);
})
.catch(err => setError(err.message))
.finally(() => setLoading(false));
}, [token]);
async function handleRsvp(status: 'confirmed' | 'declined') {
setSubmitting(true);
setSubmitError('');
try {
const res = await fetch(`/api/rsvp/${token}`, {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({ rsvp_status: status, dietary_preference, dietary_notes }),
});
const result = await res.json();
if (!res.ok) throw new Error(result.error || 'שגיאה בעדכון');
setData(prev => prev ? {
...prev,
guest: { ...prev.guest, rsvp_status: status },
} : prev);
setSubmitted(true);
} catch (err: unknown) {
setSubmitError(err instanceof Error ? err.message : 'שגיאה');
} finally {
setSubmitting(false);
}
}
if (loading) {
return (
<div className="min-h-screen flex items-center justify-center">
<p className="text-muted-foreground">טוען הזמנה...</p>
</div>
);
}
if (error) {
return (
<div className="min-h-screen flex items-center justify-center p-4">
<Card className="max-w-md w-full text-center">
<CardContent className="pt-6">
<p className="text-destructive text-lg">{error}</p>
<p className="text-muted-foreground mt-2 text-sm">ייתכן שהקישור אינו תקין או פג תוקפו.</p>
</CardContent>
</Card>
</div>
);
}
const { guest, event } = data!;
const formattedDate = event.event_date
? new Date(event.event_date).toLocaleDateString('he-IL', {
weekday: 'long', day: 'numeric', month: 'long', year: 'numeric',
})
: null;
return (
<div className="min-h-screen bg-muted/40 flex items-center justify-center p-4">
<Card className="max-w-md w-full">
<CardHeader className="text-center" dir="rtl">
<CardTitle className="text-2xl">{event.title}</CardTitle>
{formattedDate && <CardDescription>{formattedDate}</CardDescription>}
{event.venue_name && (
<CardDescription>{event.venue_name}{event.venue_address ? `${event.venue_address}` : ''}</CardDescription>
)}
{event.kashrut_level && event.kashrut_level !== 'none' && (
<CardDescription className="text-xs">🕍 {KASHRUT_LABELS[event.kashrut_level]}</CardDescription>
)}
</CardHeader>
<CardContent dir="rtl" className="space-y-4">
<div className="rounded-md bg-muted p-3">
<p className="font-medium text-lg">{guest.name_hebrew}</p>
{guest.name_transliteration && (
<p className="text-sm text-muted-foreground" dir="ltr">{guest.name_transliteration}</p>
)}
</div>
{submitted ? (
<div className="text-center py-4 space-y-2">
{guest.rsvp_status === 'confirmed' ? (
<>
<p className="text-3xl">🎉</p>
<p className="font-semibold text-green-700 text-lg">אישרת הגעה!</p>
<p className="text-muted-foreground text-sm">תודה! נתראה באירוע.</p>
</>
) : (
<>
<p className="text-3xl">🙏</p>
<p className="font-semibold text-lg">תשובתך נרשמה</p>
<p className="text-muted-foreground text-sm">תודה על העדכון.</p>
</>
)}
{guest.rsvp_status === 'pending' && (
<Button variant="outline" className="mt-2" onClick={() => setSubmitted(false)}>
שנה תשובה
</Button>
)}
</div>
) : (
<div className="space-y-4">
<p className="text-center font-medium">האם אתה מגיע לאירוע?</p>
<div className="space-y-2">
<Label htmlFor="dietary">העדפה תזונתית</Label>
<Select
id="dietary"
value={dietary_preference}
onChange={e => setDietaryPreference(e.target.value)}
>
{Object.entries(DIETARY_LABELS).map(([val, label]) => (
<option key={val} value={val}>{label}</option>
))}
</Select>
</div>
<div className="space-y-2">
<Label htmlFor="notes">הערות נוספות (אופציונלי)</Label>
<Input
id="notes"
value={dietary_notes}
onChange={e => setDietaryNotes(e.target.value)}
placeholder="אלרגיות, דרישות מיוחדות..."
/>
</div>
{submitError && <p className="text-sm text-destructive text-center">{submitError}</p>}
<div className="grid grid-cols-2 gap-3 pt-2">
<Button
onClick={() => handleRsvp('confirmed')}
disabled={submitting}
className="bg-green-600 hover:bg-green-700"
>
אני מגיע/ה
</Button>
<Button
variant="outline"
onClick={() => handleRsvp('declined')}
disabled={submitting}
>
לא אוכל להגיע
</Button>
</div>
</div>
)}
</CardContent>
</Card>
</div>
);
}

42
client/tailwind.config.js Normal file
View File

@@ -0,0 +1,42 @@
/** @type {import('tailwindcss').Config} */
export default {
darkMode: ['class'],
content: [
'./index.html',
'./src/**/*.{js,ts,jsx,tsx}',
],
theme: {
extend: {
borderRadius: {
lg: 'var(--radius)',
md: 'calc(var(--radius) - 2px)',
sm: 'calc(var(--radius) - 4px)',
},
colors: {
background: 'hsl(var(--background))',
foreground: 'hsl(var(--foreground))',
card: {
DEFAULT: 'hsl(var(--card))',
foreground: 'hsl(var(--card-foreground))',
},
primary: {
DEFAULT: 'hsl(var(--primary))',
foreground: 'hsl(var(--primary-foreground))',
},
muted: {
DEFAULT: 'hsl(var(--muted))',
foreground: 'hsl(var(--muted-foreground))',
},
destructive: {
DEFAULT: 'hsl(var(--destructive))',
foreground: 'hsl(var(--destructive-foreground))',
},
border: 'hsl(var(--border))',
input: 'hsl(var(--input))',
ring: 'hsl(var(--ring))',
},
},
},
plugins: [],
}

32
client/tsconfig.app.json Normal file
View File

@@ -0,0 +1,32 @@
{
"compilerOptions": {
"tsBuildInfoFile": "./node_modules/.tmp/tsconfig.app.tsbuildinfo",
"target": "ES2022",
"useDefineForClassFields": true,
"lib": ["ES2022", "DOM", "DOM.Iterable"],
"module": "ESNext",
"types": ["vite/client"],
"skipLibCheck": true,
/* Bundler mode */
"moduleResolution": "bundler",
"allowImportingTsExtensions": true,
"verbatimModuleSyntax": true,
"moduleDetection": "force",
"noEmit": true,
"jsx": "react-jsx",
/* Linting */
"strict": true,
"noUnusedLocals": true,
"noUnusedParameters": true,
"erasableSyntaxOnly": true,
"noFallthroughCasesInSwitch": true,
"noUncheckedSideEffectImports": true,
"baseUrl": ".",
"paths": {
"@/*": ["./src/*"]
}
},
"include": ["src"]
}

7
client/tsconfig.json Normal file
View File

@@ -0,0 +1,7 @@
{
"files": [],
"references": [
{ "path": "./tsconfig.app.json" },
{ "path": "./tsconfig.node.json" }
]
}

26
client/tsconfig.node.json Normal file
View File

@@ -0,0 +1,26 @@
{
"compilerOptions": {
"tsBuildInfoFile": "./node_modules/.tmp/tsconfig.node.tsbuildinfo",
"target": "ES2023",
"lib": ["ES2023"],
"module": "ESNext",
"types": ["node"],
"skipLibCheck": true,
/* Bundler mode */
"moduleResolution": "bundler",
"allowImportingTsExtensions": true,
"verbatimModuleSyntax": true,
"moduleDetection": "force",
"noEmit": true,
/* Linting */
"strict": true,
"noUnusedLocals": true,
"noUnusedParameters": true,
"erasableSyntaxOnly": true,
"noFallthroughCasesInSwitch": true,
"noUncheckedSideEffectImports": true
},
"include": ["vite.config.ts"]
}

18
client/vite.config.ts Normal file
View File

@@ -0,0 +1,18 @@
import { defineConfig } from 'vite'
import react from '@vitejs/plugin-react'
import path from 'path'
// https://vite.dev/config/
export default defineConfig({
plugins: [react()],
resolve: {
alias: {
'@': path.resolve(__dirname, './src'),
},
},
server: {
proxy: {
'/api': 'http://localhost:3000',
},
},
})

11
db/pool.js Normal file
View File

@@ -0,0 +1,11 @@
const { Pool } = require('pg');
const pool = new Pool({
connectionString: process.env.DATABASE_URL,
});
pool.on('error', (err) => {
console.error('Unexpected PostgreSQL client error', err);
});
module.exports = pool;

36
docker-compose.yml Normal file
View File

@@ -0,0 +1,36 @@
version: '3.8'
services:
app:
build: .
expose:
- "3000"
environment:
NODE_ENV: production
PORT: 3000
DATABASE_URL: postgresql://postgres:postgres@postgres:5432/airewit
JWT_SECRET: ${JWT_SECRET}
depends_on:
postgres:
condition: service_healthy
restart: unless-stopped
postgres:
image: postgres:16-alpine
environment:
POSTGRES_USER: postgres
POSTGRES_PASSWORD: postgres
POSTGRES_DB: airewit
expose:
- "5432"
volumes:
- postgres_data:/var/lib/postgresql/data
healthcheck:
test: ["CMD-SHELL", "pg_isready -U postgres -d airewit"]
interval: 5s
timeout: 5s
retries: 10
restart: unless-stopped
volumes:
postgres_data:

82
jobs/reminderCron.js Normal file
View File

@@ -0,0 +1,82 @@
/**
* RSVP Reminder Cron Job
*
* Runs daily at 09:00 Asia/Jerusalem.
* Finds events at 7-day and 2-day thresholds with pending guests.
* Updates invitations.whatsapp_link with a fresh wa.me reminder deep-link.
* Organizer clicks the link manually (no auto-send in MVP).
*/
const cron = require('node-cron');
const pool = require('../db/pool');
const BASE_URL = process.env.APP_BASE_URL || 'http://localhost:3000';
function buildReminderWhatsAppLink(phone, eventTitle, rsvpUrl, daysUntilEvent) {
if (!phone) return null;
const phoneDigits = phone.replace('+', '');
const urgency = daysUntilEvent <= 2 ? 'עוד 2 ימים' : 'עוד שבוע';
const message = encodeURIComponent(
`תזכורת: ${urgency} לאירוע "${eventTitle}". אנא אשר/י הגעה: ${rsvpUrl}`
);
return `https://wa.me/${phoneDigits}?text=${message}`;
}
async function generateReminders() {
console.log('[ReminderCron] Running RSVP reminder generation…');
try {
// Find pending guests whose event is 7 or 2 days from now (±12h window for daily run)
const { rows } = await pool.query(`
SELECT
g.id AS guest_id,
g.name_hebrew,
g.phone,
e.id AS event_id,
e.title,
e.event_date,
i.token,
EXTRACT(DAY FROM (e.event_date::date - CURRENT_DATE)) AS days_until
FROM guests g
JOIN events e ON e.id = g.event_id
JOIN invitations i ON i.guest_id = g.id
WHERE g.rsvp_status = 'pending'
AND e.deleted_at IS NULL
AND e.event_date > NOW()
AND EXTRACT(DAY FROM (e.event_date::date - CURRENT_DATE)) IN (7, 2)
`);
if (rows.length === 0) {
console.log('[ReminderCron] No pending reminders due today.');
return;
}
for (const row of rows) {
const rsvpUrl = `${BASE_URL}/rsvp/${row.token}`;
const whatsappLink = buildReminderWhatsAppLink(
row.phone, row.title, rsvpUrl, parseInt(row.days_until)
);
if (whatsappLink) {
await pool.query(
'UPDATE invitations SET whatsapp_link = $1 WHERE token = $2',
[whatsappLink, row.token]
);
}
}
console.log(`[ReminderCron] Updated ${rows.length} pending reminder links.`);
} catch (err) {
console.error('[ReminderCron] Error:', err.message);
}
}
function startReminderCron() {
// 09:00 every day, Asia/Jerusalem timezone
cron.schedule('0 9 * * *', generateReminders, {
timezone: 'Asia/Jerusalem',
});
console.log('[ReminderCron] Scheduled: daily at 09:00 Asia/Jerusalem');
}
module.exports = { startReminderCron, generateReminders };

33
middleware/auth.js Normal file
View File

@@ -0,0 +1,33 @@
const jwt = require('jsonwebtoken');
const JWT_SECRET = process.env.JWT_SECRET;
/**
* Express middleware: validates JWT from httpOnly cookie or Authorization Bearer header.
* Attaches decoded user payload to req.user on success.
* Returns 401 for missing or invalid tokens.
*/
function authMiddleware(req, res, next) {
let token = null;
// Prefer httpOnly cookie
if (req.cookies && req.cookies.token) {
token = req.cookies.token;
} else if (req.headers.authorization && req.headers.authorization.startsWith('Bearer ')) {
token = req.headers.authorization.slice(7);
}
if (!token) {
return res.status(401).json({ error: 'Authentication required' });
}
try {
const payload = jwt.verify(token, JWT_SECRET);
req.user = payload;
next();
} catch {
return res.status(401).json({ error: 'Invalid or expired session' });
}
}
module.exports = { authMiddleware };

12
migrations/001_create_extensions.sql Normal file
View File

@@ -0,0 +1,12 @@
-- Migration 001: Enable required PostgreSQL extensions
-- UP
BEGIN;
CREATE EXTENSION IF NOT EXISTS "pgcrypto";
CREATE EXTENSION IF NOT EXISTS "pg_trgm"; -- required for Phase 2 fuzzy Hebrew name search
COMMIT;
-- DOWN
-- BEGIN;
-- DROP EXTENSION IF EXISTS "pg_trgm";
-- DROP EXTENSION IF EXISTS "pgcrypto";
-- COMMIT;

25
migrations/002_create_users.sql Normal file
View File

@@ -0,0 +1,25 @@
-- Migration 002: Create users table
-- UP
BEGIN;
CREATE TYPE user_role AS ENUM ('organizer', 'vendor', 'admin');
CREATE TABLE users (
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
email VARCHAR(255) UNIQUE NOT NULL,
password_hash VARCHAR(255) NOT NULL,
display_name VARCHAR(255) NOT NULL,
role user_role NOT NULL DEFAULT 'organizer',
created_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
updated_at TIMESTAMPTZ NOT NULL DEFAULT NOW()
);
CREATE INDEX idx_users_email ON users(email);
COMMIT;
-- DOWN
-- BEGIN;
-- DROP TABLE IF EXISTS users;
-- DROP TYPE IF EXISTS user_role;
-- COMMIT;

43
migrations/003_create_events.sql Normal file
View File

@@ -0,0 +1,43 @@
-- Migration 003: Create events table
-- UP
BEGIN;
CREATE TYPE event_status AS ENUM ('draft', 'published', 'cancelled', 'completed');
CREATE TYPE kashrut_level AS ENUM ('none', 'regular', 'mehadrin', 'chalav_yisrael');
CREATE TYPE event_language AS ENUM ('hebrew', 'arabic', 'english');
CREATE TABLE events (
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
organizer_id UUID NOT NULL REFERENCES users(id) ON DELETE CASCADE,
title VARCHAR(255) NOT NULL,
description TEXT,
event_date TIMESTAMPTZ,
venue_name VARCHAR(255),
venue_address TEXT,
max_guests INTEGER,
venue_capacity INTEGER, -- fire-safety hard limit
max_plus_ones_buffer INTEGER NOT NULL DEFAULT 30, -- % buffer for walk-ins
status event_status NOT NULL DEFAULT 'draft',
kashrut_level kashrut_level NOT NULL DEFAULT 'none',
noise_curfew_time TIME NOT NULL DEFAULT '23:00', -- Israeli law default
language_pref event_language NOT NULL DEFAULT 'hebrew',
budget DECIMAL(12, 2),
retention_policy_days INTEGER NOT NULL DEFAULT 365, -- Israeli Privacy Law 2023
deleted_at TIMESTAMPTZ, -- soft delete for organizer use
created_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
updated_at TIMESTAMPTZ NOT NULL DEFAULT NOW()
);
CREATE INDEX idx_events_organizer_id ON events(organizer_id);
CREATE INDEX idx_events_status ON events(status);
CREATE INDEX idx_events_event_date ON events(event_date);
COMMIT;
-- DOWN
-- BEGIN;
-- DROP TABLE IF EXISTS events;
-- DROP TYPE IF EXISTS event_language;
-- DROP TYPE IF EXISTS kashrut_level;
-- DROP TYPE IF EXISTS event_status;
-- COMMIT;

50
migrations/004_create_vendors.sql Normal file
View File

@@ -0,0 +1,50 @@
-- Migration 004: Create vendors table
-- UP
BEGIN;
CREATE TYPE vendor_category AS ENUM (
'catering', 'photography', 'videographer', 'music', 'decoration',
'venue', 'officiant', 'staffing', 'transportation', 'printing',
'entertainment', 'other'
);
CREATE TABLE vendors (
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
user_id UUID NOT NULL REFERENCES users(id) ON DELETE CASCADE,
business_name VARCHAR(255) NOT NULL,
category vendor_category NOT NULL,
description TEXT,
base_price DECIMAL(12, 2),
city VARCHAR(100),
is_verified BOOLEAN NOT NULL DEFAULT FALSE,
-- Israeli compliance & certification fields
kashrut_cert_number VARCHAR(100),
kashrut_issuing_authority VARCHAR(255),
business_license_number VARCHAR(100),
license_expiry_date DATE, -- alert when within 30 days of expiry
insurance_ref VARCHAR(255),
-- Phase 3: AI recommendation fields
geographic_area VARCHAR(255), -- broader area (e.g. "North", "Tel Aviv District")
price_range_min DECIMAL(12, 2), -- NIS
price_range_max DECIMAL(12, 2), -- NIS
capacity_min INTEGER,
capacity_max INTEGER,
style_tags TEXT[], -- e.g. {"rustic","modern","religious"}
deleted_at TIMESTAMPTZ, -- soft delete
created_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
updated_at TIMESTAMPTZ NOT NULL DEFAULT NOW()
);
CREATE INDEX idx_vendors_user_id ON vendors(user_id);
CREATE INDEX idx_vendors_category ON vendors(category);
CREATE INDEX idx_vendors_city ON vendors(city);
CREATE INDEX idx_vendors_geographic ON vendors(geographic_area);
CREATE INDEX idx_vendors_style_tags ON vendors USING GIN(style_tags);
COMMIT;
-- DOWN
-- BEGIN;
-- DROP TABLE IF EXISTS vendors;
-- DROP TYPE IF EXISTS vendor_category;
-- COMMIT;

56
migrations/005_create_guests.sql Normal file
View File

@@ -0,0 +1,56 @@
-- Migration 005: Create guests table
-- UP
BEGIN;
CREATE TYPE rsvp_status AS ENUM ('pending', 'confirmed', 'declined');
CREATE TYPE relationship_group AS ENUM ('family_bride', 'family_groom', 'friends', 'work', 'community', 'other');
CREATE TYPE dietary_preference AS ENUM ('none', 'vegetarian', 'vegan', 'kosher_regular', 'kosher_mehadrin');
CREATE TYPE guest_source AS ENUM ('registered', 'walkin'); -- Phase 2: analytics
CREATE TABLE guests (
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
event_id UUID NOT NULL REFERENCES events(id) ON DELETE CASCADE,
-- Name (Hebrew required; Latin transliteration for non-Hebrew speakers)
name_hebrew VARCHAR(255) NOT NULL,
name_transliteration VARCHAR(255),
-- Contact (Israeli E.164 phone format: +972XXXXXXXXX)
email VARCHAR(255),
phone VARCHAR(20),
-- RSVP
rsvp_status rsvp_status NOT NULL DEFAULT 'pending',
-- Seating
table_number INTEGER,
seat_number VARCHAR(10),
-- Social grouping
relationship_group relationship_group,
plus_one_of UUID REFERENCES guests(id) ON DELETE SET NULL, -- self-ref FK
plus_one_allowance INTEGER NOT NULL DEFAULT 0,
-- Preferences
dietary_preference dietary_preference NOT NULL DEFAULT 'none',
dietary_notes TEXT, -- free-text override/additions
accessibility_needs TEXT,
-- Phase 2: Day-of check-in
source guest_source NOT NULL DEFAULT 'registered', -- analytics (walk-ins vs pre-registered)
-- Israeli Privacy Law 2023 compliance
privacy_accepted_at TIMESTAMPTZ,
-- NO deleted_at: guests support hard delete only (data subject right per Israeli Privacy Law)
created_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
updated_at TIMESTAMPTZ NOT NULL DEFAULT NOW()
);
CREATE INDEX idx_guests_event_id ON guests(event_id);
CREATE INDEX idx_guests_rsvp_status ON guests(rsvp_status);
CREATE INDEX idx_guests_plus_one_of ON guests(plus_one_of);
-- pg_trgm GIN index for Phase 2 fuzzy Hebrew name search (requires pg_trgm from migration 001)
CREATE INDEX idx_guests_name_trgm ON guests USING GIN(name_hebrew gin_trgm_ops);
COMMIT;
-- DOWN
-- BEGIN;
-- DROP TABLE IF EXISTS guests;
-- DROP TYPE IF EXISTS guest_source;
-- DROP TYPE IF EXISTS dietary_preference;
-- DROP TYPE IF EXISTS relationship_group;
-- DROP TYPE IF EXISTS rsvp_status;
-- COMMIT;

35
migrations/006_create_bookings.sql Normal file
View File

@@ -0,0 +1,35 @@
-- Migration 006: Create bookings table
-- UP
BEGIN;
CREATE TYPE booking_status AS ENUM ('pending', 'confirmed', 'cancelled');
CREATE TYPE payment_status AS ENUM ('unpaid', 'deposit_paid', 'fully_paid'); -- Phase 3: AI/financial
CREATE TABLE bookings (
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
event_id UUID NOT NULL REFERENCES events(id) ON DELETE CASCADE,
vendor_id UUID NOT NULL REFERENCES vendors(id) ON DELETE CASCADE,
status booking_status NOT NULL DEFAULT 'pending',
agreed_price DECIMAL(12, 2),
notes TEXT,
-- Phase 3: AI recommendation & financial tracking
contract_value DECIMAL(12, 2), -- actual signed contract value in NIS
payment_status payment_status NOT NULL DEFAULT 'unpaid',
deleted_at TIMESTAMPTZ, -- soft delete
created_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
updated_at TIMESTAMPTZ NOT NULL DEFAULT NOW()
);
CREATE INDEX idx_bookings_event_id ON bookings(event_id);
CREATE INDEX idx_bookings_vendor_id ON bookings(vendor_id);
CREATE INDEX idx_bookings_status ON bookings(status);
CREATE INDEX idx_bookings_payment_status ON bookings(payment_status);
COMMIT;
-- DOWN
-- BEGIN;
-- DROP TABLE IF EXISTS bookings;
-- DROP TYPE IF EXISTS payment_status;
-- DROP TYPE IF EXISTS booking_status;
-- COMMIT;

31
migrations/007_create_invitations.sql Normal file
View File

@@ -0,0 +1,31 @@
-- Migration 007: Create invitations table
-- UP
BEGIN;
CREATE TYPE invitation_channel AS ENUM ('sms', 'whatsapp', 'email');
CREATE TABLE invitations (
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
event_id UUID NOT NULL REFERENCES events(id) ON DELETE CASCADE,
guest_id UUID NOT NULL REFERENCES guests(id) ON DELETE CASCADE,
token VARCHAR(128) UNIQUE NOT NULL DEFAULT encode(gen_random_bytes(64), 'hex'),
channel invitation_channel NOT NULL DEFAULT 'whatsapp',
-- MVP: wa.me deep-link (no Twilio/API required)
-- Format: https://wa.me/+972XXXXXXXXX?text=ENCODED_MESSAGE
whatsapp_link TEXT, -- pre-generated deep-link for organizer to click
sent_at TIMESTAMPTZ, -- when organizer clicked Send
opened_at TIMESTAMPTZ, -- when guest opened the RSVP link
created_at TIMESTAMPTZ NOT NULL DEFAULT NOW()
);
CREATE INDEX idx_invitations_event_id ON invitations(event_id);
CREATE INDEX idx_invitations_guest_id ON invitations(guest_id);
CREATE INDEX idx_invitations_token ON invitations(token);
COMMIT;
-- DOWN
-- BEGIN;
-- DROP TABLE IF EXISTS invitations;
-- DROP TYPE IF EXISTS invitation_channel;
-- COMMIT;

35
migrations/008_create_vendor_ratings.sql Normal file
View File

@@ -0,0 +1,35 @@
-- Migration 008: Create vendor_ratings table (Phase 3: AI recommendation engine)
-- UP
BEGIN;
CREATE TABLE vendor_ratings (
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
event_id UUID NOT NULL REFERENCES events(id) ON DELETE CASCADE,
vendor_id UUID NOT NULL REFERENCES vendors(id) ON DELETE CASCADE,
organizer_id UUID NOT NULL REFERENCES users(id) ON DELETE CASCADE,
-- 6-dimension rating system (1-5 scale)
quality_score SMALLINT NOT NULL CHECK (quality_score BETWEEN 1 AND 5),
professionalism_score SMALLINT NOT NULL CHECK (professionalism_score BETWEEN 1 AND 5),
flexibility_score SMALLINT NOT NULL CHECK (flexibility_score BETWEEN 1 AND 5),
value_score SMALLINT NOT NULL CHECK (value_score BETWEEN 1 AND 5),
-- Boolean recommendation signals
would_use_again BOOLEAN NOT NULL,
would_recommend BOOLEAN NOT NULL,
-- Optional review text
review_text TEXT,
rated_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
created_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
-- One rating per (event, vendor, organizer) tuple
CONSTRAINT uq_vendor_rating UNIQUE (event_id, vendor_id, organizer_id)
);
CREATE INDEX idx_vendor_ratings_vendor_id ON vendor_ratings(vendor_id);
CREATE INDEX idx_vendor_ratings_organizer_id ON vendor_ratings(organizer_id);
CREATE INDEX idx_vendor_ratings_event_id ON vendor_ratings(event_id);
COMMIT;
-- DOWN
-- BEGIN;
-- DROP TABLE IF EXISTS vendor_ratings;
-- COMMIT;

30
migrations/009_create_organizer_preferences.sql Normal file
View File

@@ -0,0 +1,30 @@
-- Migration 009: Create organizer_preferences table (Phase 3: AI recommendation engine)
-- UP
BEGIN;
CREATE TABLE organizer_preferences (
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
user_id UUID NOT NULL REFERENCES users(id) ON DELETE CASCADE,
-- Style preferences (matches vendors.style_tags for AI matching)
style_tags TEXT[], -- e.g. {"rustic","modern","religious"}
-- Typical event scale
typical_guest_count_min INTEGER,
typical_guest_count_max INTEGER,
-- Typical budget range in NIS
typical_budget_min DECIMAL(12, 2),
typical_budget_max DECIMAL(12, 2),
created_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
updated_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
-- One preference record per user
CONSTRAINT uq_organizer_preferences_user UNIQUE (user_id)
);
CREATE INDEX idx_organizer_prefs_user_id ON organizer_preferences(user_id);
CREATE INDEX idx_organizer_prefs_style_tags ON organizer_preferences USING GIN(style_tags);
COMMIT;
-- DOWN
-- BEGIN;
-- DROP TABLE IF EXISTS organizer_preferences;
-- COMMIT;

2169
package-lock.json generated Normal file
View File

File diff suppressed because it is too large Load Diff

30
package.json Normal file
View File

@@ -0,0 +1,30 @@
{
"name": "airewit-server",
"version": "1.0.0",
"description": "אירועית - Event Management Platform API",
"main": "server.js",
"scripts": {
"start": "node server.js",
"dev": "nodemon server.js",
"migrate": "node scripts/migrate.js",
"seed": "node scripts/seed.js"
},
"dependencies": {
"bcrypt": "^5.1.1",
"cookie-parser": "^1.4.6",
"cors": "^2.8.5",
"crypto": "^1.0.1",
"csv-parse": "^6.1.0",
"dotenv": "^16.4.5",
"express": "^4.18.3",
"json2csv": "^6.0.0-alpha.2",
"jsonwebtoken": "^9.0.2",
"multer": "^2.0.2",
"node-cron": "^4.2.1",
"pg": "^8.11.3",
"xlsx": "^0.18.5"
},
"devDependencies": {
"nodemon": "^3.1.0"
}
}

154
routes/auth.js Normal file
View File

@@ -0,0 +1,154 @@
const express = require('express');
const bcrypt = require('bcrypt');
const jwt = require('jsonwebtoken');
const pool = require('../db/pool');
const router = express.Router();
const BCRYPT_ROUNDS = 12; // min 10 per spec; 12 for extra safety
const JWT_SECRET = process.env.JWT_SECRET;
const JWT_EXPIRES_IN = '24h';
const COOKIE_MAX_AGE = 24 * 60 * 60 * 1000; // 24h in ms
// ─── Helpers ─────────────────────────────────────────────────────────────────
function isValidEmail(email) {
return typeof email === 'string' && /^[^\s@]+@[^\s@]+\.[^\s@]+$/.test(email);
}
function setAuthCookie(res, token) {
res.cookie('token', token, {
httpOnly: true,
secure: process.env.NODE_ENV === 'production',
sameSite: 'lax',
maxAge: COOKIE_MAX_AGE,
});
}
// ─── POST /api/auth/register ──────────────────────────────────────────────────
router.post('/register', async (req, res) => {
const { email, password, display_name, role } = req.body;
// 400 — validation
const errors = [];
if (!email || !isValidEmail(email)) errors.push('Valid email is required');
if (!password || password.length < 8) errors.push('Password must be at least 8 characters');
if (!display_name || display_name.trim().length === 0) errors.push('Display name is required');
if (role && !['organizer', 'vendor'].includes(role)) errors.push('Role must be organizer or vendor');
if (errors.length > 0) {
return res.status(400).json({ error: errors.join('; ') });
}
const userRole = role || 'organizer';
try {
// 409 — duplicate email
const existing = await pool.query('SELECT id FROM users WHERE email = $1', [email.toLowerCase()]);
if (existing.rows.length > 0) {
return res.status(409).json({ error: 'An account with this email already exists' });
}
const password_hash = await bcrypt.hash(password, BCRYPT_ROUNDS);
const result = await pool.query(
`INSERT INTO users (email, password_hash, display_name, role)
VALUES ($1, $2, $3, $4)
RETURNING id, email, display_name, role, created_at`,
[email.toLowerCase(), password_hash, display_name.trim(), userRole]
);
const user = result.rows[0];
const token = jwt.sign(
{ id: user.id, email: user.email, role: user.role },
JWT_SECRET,
{ expiresIn: JWT_EXPIRES_IN }
);
setAuthCookie(res, token);
return res.status(201).json({
user: { id: user.id, email: user.email, display_name: user.display_name, role: user.role },
});
} catch (err) {
console.error('Registration error:', err.message);
return res.status(500).json({ error: 'Registration failed. Please try again.' });
}
});
// ─── POST /api/auth/login ─────────────────────────────────────────────────────
router.post('/login', async (req, res) => {
const { email, password } = req.body;
// 400 — validation
if (!email || !password) {
return res.status(400).json({ error: 'Email and password are required' });
}
try {
const result = await pool.query(
'SELECT id, email, password_hash, display_name, role FROM users WHERE email = $1',
[email.toLowerCase()]
);
// Generic 401 — do not reveal whether email or password was wrong
if (result.rows.length === 0) {
await bcrypt.compare(password, '$2b$12$fakehashtopreventtimingattacks00000000000000000000000'); // timing safe
return res.status(401).json({ error: 'Invalid email or password' });
}
const user = result.rows[0];
const valid = await bcrypt.compare(password, user.password_hash);
if (!valid) {
return res.status(401).json({ error: 'Invalid email or password' });
}
const token = jwt.sign(
{ id: user.id, email: user.email, role: user.role },
JWT_SECRET,
{ expiresIn: JWT_EXPIRES_IN }
);
setAuthCookie(res, token);
return res.json({
user: { id: user.id, email: user.email, display_name: user.display_name, role: user.role },
});
} catch (err) {
console.error('Login error:', err.message);
return res.status(500).json({ error: 'Login failed. Please try again.' });
}
});
// ─── POST /api/auth/logout ────────────────────────────────────────────────────
router.post('/logout', (req, res) => {
res.clearCookie('token', { httpOnly: true, sameSite: 'lax' });
return res.json({ message: 'Logged out successfully' });
});
// ─── GET /api/auth/me ─────────────────────────────────────────────────────────
// Returns current user from cookie — useful for session restore on page refresh
const { authMiddleware } = require('../middleware/auth');
router.get('/me', authMiddleware, async (req, res) => {
try {
const result = await pool.query(
'SELECT id, email, display_name, role FROM users WHERE id = $1',
[req.user.id]
);
if (result.rows.length === 0) {
return res.status(401).json({ error: 'User not found' });
}
return res.json({ user: result.rows[0] });
} catch (err) {
console.error('Me endpoint error:', err.message);
return res.status(500).json({ error: 'Failed to retrieve user' });
}
});
module.exports = router;

295
routes/events.js Normal file
View File

@@ -0,0 +1,295 @@
const express = require('express');
const pool = require('../db/pool');
const { authMiddleware } = require('../middleware/auth');
const router = express.Router();
// All event routes require auth — middleware applied in server.js before this router
// ─── Helpers ─────────────────────────────────────────────────────────────────
const VALID_STATUS = ['draft', 'published', 'cancelled', 'completed'];
const VALID_KASHRUT = ['none', 'regular', 'mehadrin', 'chalav_yisrael'];
const VALID_LANGUAGE = ['hebrew', 'arabic', 'english'];
/** Return enriched event row: adds RSVP counts + confirmed vendor count */
async function enrichEvent(eventId) {
const { rows } = await pool.query(
`SELECT
e.*,
COUNT(DISTINCT g.id) FILTER (WHERE g.rsvp_status = 'confirmed') AS rsvp_confirmed,
COUNT(DISTINCT g.id) FILTER (WHERE g.rsvp_status = 'pending') AS rsvp_pending,
COUNT(DISTINCT g.id) FILTER (WHERE g.rsvp_status = 'declined') AS rsvp_declined,
COUNT(DISTINCT g.id) AS rsvp_total,
COUNT(DISTINCT b.id) FILTER (WHERE b.status = 'confirmed') AS vendors_confirmed
FROM events e
LEFT JOIN guests g ON g.event_id = e.id
LEFT JOIN bookings b ON b.event_id = e.id AND b.deleted_at IS NULL
WHERE e.id = $1 AND e.deleted_at IS NULL
GROUP BY e.id`,
[eventId]
);
return rows[0] || null;
}
// ─── POST /api/events — Create event ─────────────────────────────────────────
router.post('/', authMiddleware, async (req, res) => {
if (req.user.role !== 'organizer') {
return res.status(403).json({ error: 'רק מארגנים יכולים ליצור אירועים' });
}
const {
title, event_date, venue_name, venue_address, description,
max_guests, venue_capacity, max_plus_ones_buffer,
kashrut_level, noise_curfew_time, language_pref, budget,
retention_policy_days,
compliance_dismissed,
} = req.body;
// Validation
if (!title || title.trim().length === 0) return res.status(400).json({ error: 'שם האירוע הוא שדה חובה' });
if (!event_date) return res.status(400).json({ error: 'תאריך האירוע הוא שדה חובה' });
if (!venue_name || venue_name.trim().length === 0) return res.status(400).json({ error: 'שם המקום הוא שדה חובה' });
// Date cannot be in the past (compare in Asia/Jerusalem)
const eventDateObj = new Date(event_date);
if (isNaN(eventDateObj.getTime())) return res.status(400).json({ error: 'תאריך לא תקין' });
if (eventDateObj < new Date()) return res.status(400).json({ error: 'לא ניתן ליצור אירוע בתאריך עבר' });
if (kashrut_level && !VALID_KASHRUT.includes(kashrut_level)) return res.status(400).json({ error: 'רמת כשרות לא תקינה' });
if (language_pref && !VALID_LANGUAGE.includes(language_pref)) return res.status(400).json({ error: 'שפה לא תקינה' });
try {
const result = await pool.query(
`INSERT INTO events (
organizer_id, title, event_date, venue_name, venue_address, description,
max_guests, venue_capacity, max_plus_ones_buffer,
kashrut_level, noise_curfew_time, language_pref, budget,
retention_policy_days, status
) VALUES ($1,$2,$3,$4,$5,$6,$7,$8,$9,$10,$11,$12,$13,$14,'draft')
RETURNING *`,
[
req.user.id,
title.trim(),
event_date,
venue_name.trim(),
venue_address?.trim() || null,
description?.trim() || null,
max_guests || null,
venue_capacity || null,
max_plus_ones_buffer ?? 30,
kashrut_level || 'none',
noise_curfew_time || '23:00',
language_pref || 'hebrew',
budget || null,
retention_policy_days ?? 365,
]
);
const event = result.rows[0];
// Store compliance dismissal if provided at creation time
if (compliance_dismissed && event.max_guests >= 100) {
await pool.query(
'UPDATE events SET compliance_dismissed = true WHERE id = $1',
[event.id]
).catch(() => {}); // compliance_dismissed column added via migration — ignore if not yet present
}
// Check if compliance checklist should be shown
const showComplianceChecklist = (max_guests || 0) >= 100 && !compliance_dismissed;
return res.status(201).json({
event,
...(showComplianceChecklist && { compliance_checklist: true }),
});
} catch (err) {
console.error('Create event error:', err.message);
return res.status(500).json({ error: 'יצירת האירוע נכשלה' });
}
});
// ─── GET /api/events — List organizer events ──────────────────────────────────
router.get('/', authMiddleware, async (req, res) => {
const { page = 1, limit = 20, status } = req.query;
const offset = (parseInt(page) - 1) * parseInt(limit);
const conditions = ['e.organizer_id = $1', 'e.deleted_at IS NULL'];
const params = [req.user.id];
let paramIdx = 2;
if (status && VALID_STATUS.includes(status)) {
conditions.push(`e.status = $${paramIdx++}::event_status`);
params.push(status);
}
const where = conditions.join(' AND ');
try {
const [eventsResult, countResult] = await Promise.all([
pool.query(
`SELECT
e.*,
COUNT(DISTINCT g.id) FILTER (WHERE g.rsvp_status = 'confirmed') AS rsvp_confirmed,
COUNT(DISTINCT g.id) FILTER (WHERE g.rsvp_status = 'pending') AS rsvp_pending,
COUNT(DISTINCT g.id) AS rsvp_total,
COUNT(DISTINCT b.id) FILTER (WHERE b.status = 'confirmed') AS vendors_confirmed
FROM events e
LEFT JOIN guests g ON g.event_id = e.id
LEFT JOIN bookings b ON b.event_id = e.id AND b.deleted_at IS NULL
WHERE ${where}
GROUP BY e.id
ORDER BY e.event_date ASC NULLS LAST
LIMIT $${paramIdx} OFFSET $${paramIdx + 1}`,
[...params, parseInt(limit), offset]
),
pool.query(`SELECT COUNT(*) FROM events e WHERE ${where}`, params),
]);
return res.json({
events: eventsResult.rows,
total: parseInt(countResult.rows[0].count),
page: parseInt(page),
limit: parseInt(limit),
});
} catch (err) {
console.error('List events error:', err.message);
return res.status(500).json({ error: 'טעינת האירועים נכשלה' });
}
});
// ─── GET /api/events/:id — Get single event ───────────────────────────────────
router.get('/:id', authMiddleware, async (req, res) => {
const event = await enrichEvent(req.params.id).catch(() => null);
if (!event) return res.status(404).json({ error: 'האירוע לא נמצא' });
if (event.organizer_id !== req.user.id) return res.status(403).json({ error: 'אין גישה לאירוע זה' });
return res.json({ event });
});
// ─── PUT /api/events/:id — Update event ──────────────────────────────────────
router.put('/:id', authMiddleware, async (req, res) => {
const { id } = req.params;
// Ownership check
const ownerCheck = await pool.query(
'SELECT id, status FROM events WHERE id = $1 AND organizer_id = $2 AND deleted_at IS NULL',
[id, req.user.id]
).catch(() => ({ rows: [] }));
if (ownerCheck.rows.length === 0) return res.status(404).json({ error: 'האירוע לא נמצא' });
const currentStatus = ownerCheck.rows[0].status;
if (currentStatus === 'cancelled') return res.status(400).json({ error: 'לא ניתן לערוך אירוע שבוטל' });
const {
title, event_date, venue_name, venue_address, description,
max_guests, venue_capacity, max_plus_ones_buffer,
kashrut_level, noise_curfew_time, language_pref, budget,
status, compliance_dismissed,
} = req.body;
// Validate status transition
if (status) {
if (!VALID_STATUS.includes(status)) return res.status(400).json({ error: 'סטטוס לא תקין' });
const allowedTransitions = {
draft: ['published', 'cancelled'],
published: ['cancelled', 'completed'],
completed: [],
cancelled: [],
};
if (!allowedTransitions[currentStatus].includes(status)) {
return res.status(400).json({ error: `לא ניתן לשנות מ-${currentStatus} ל-${status}` });
}
}
// Date validation if provided
if (event_date) {
const d = new Date(event_date);
if (isNaN(d.getTime())) return res.status(400).json({ error: 'תאריך לא תקין' });
if (d < new Date() && status !== 'cancelled' && status !== 'completed') {
return res.status(400).json({ error: 'לא ניתן לקבוע תאריך בעבר' });
}
}
try {
const result = await pool.query(
`UPDATE events SET
title = COALESCE($1, title),
event_date = COALESCE($2, event_date),
venue_name = COALESCE($3, venue_name),
venue_address = COALESCE($4, venue_address),
description = COALESCE($5, description),
max_guests = COALESCE($6, max_guests),
venue_capacity = COALESCE($7, venue_capacity),
max_plus_ones_buffer = COALESCE($8, max_plus_ones_buffer),
kashrut_level = COALESCE($9::kashrut_level, kashrut_level),
noise_curfew_time = COALESCE($10, noise_curfew_time),
language_pref = COALESCE($11::event_language, language_pref),
budget = COALESCE($12, budget),
status = COALESCE($13::event_status, status),
updated_at = NOW()
WHERE id = $14
RETURNING *`,
[
title?.trim() || null,
event_date || null,
venue_name?.trim() || null,
venue_address?.trim() || null,
description?.trim() || null,
max_guests || null,
venue_capacity || null,
max_plus_ones_buffer != null ? parseInt(max_plus_ones_buffer) : null,
kashrut_level || null,
noise_curfew_time || null,
language_pref || null,
budget || null,
status || null,
id,
]
);
const updatedEvent = await enrichEvent(id);
// Compliance checklist: show if guest count crosses 100 and not dismissed
const effectiveMaxGuests = updatedEvent.max_guests || 0;
const showCompliance = effectiveMaxGuests >= 100 && !compliance_dismissed && !updatedEvent.compliance_dismissed;
return res.json({
event: updatedEvent,
...(showCompliance && { compliance_checklist: true }),
});
} catch (err) {
console.error('Update event error:', err.message);
return res.status(500).json({ error: 'עדכון האירוע נכשל' });
}
});
// ─── DELETE /api/events/:id — Soft delete (cancelled = soft-delete for organizer) ──
router.delete('/:id', authMiddleware, async (req, res) => {
const { id } = req.params;
const ownerCheck = await pool.query(
'SELECT id FROM events WHERE id = $1 AND organizer_id = $2 AND deleted_at IS NULL',
[id, req.user.id]
).catch(() => ({ rows: [] }));
if (ownerCheck.rows.length === 0) return res.status(404).json({ error: 'האירוע לא נמצא' });
try {
await pool.query(
'UPDATE events SET deleted_at = NOW(), status = $1, updated_at = NOW() WHERE id = $2',
['cancelled', id]
);
return res.status(204).send();
} catch (err) {
console.error('Delete event error:', err.message);
return res.status(500).json({ error: 'מחיקת האירוע נכשלה' });
}
});
module.exports = router;

579
routes/guests.js Normal file
View File

@@ -0,0 +1,579 @@
const express = require('express');
const crypto = require('crypto');
const multer = require('multer');
const XLSX = require('xlsx');
const { parse: csvParse } = require('csv-parse/sync');
const { Parser } = require('json2csv');
const pool = require('../db/pool');
const { authMiddleware } = require('../middleware/auth');
// Memory storage — files never hit disk
const upload = multer({ storage: multer.memoryStorage(), limits: { fileSize: 5 * 1024 * 1024 } });
const router = express.Router();
// ─── Helpers ─────────────────────────────────────────────────────────────────
/**
* Normalize Israeli phone to E.164 (+972XXXXXXXXX).
* Handles: local 05X-XXXXXXX, already E.164, international without +.
* Returns null for unrecognizable formats (caller decides how to handle).
*/
function normalizeIsraeliPhone(phone) {
if (!phone) return null;
// Strip spaces, hyphens, parentheses
const digits = String(phone).replace(/[\s\-\(\)]/g, '');
if (digits.startsWith('+972')) return digits;
if (digits.startsWith('972')) return `+${digits}`;
if (digits.startsWith('0')) return `+972${digits.slice(1)}`;
return null; // invalid — caller sets phone=null and records warning
}
/** Generate a cryptographically secure RSVP token (128 bits = 32 hex chars) */
function generateRsvpToken() {
return crypto.randomBytes(16).toString('hex'); // 128 bits
}
/** Build wa.me deep-link for WhatsApp RSVP */
function buildWhatsAppLink(phone, eventTitle, rsvpUrl) {
if (!phone) return null;
const normalized = normalizeIsraeliPhone(phone);
const phoneDigits = normalized.replace('+', '');
const message = encodeURIComponent(
`הוזמנת לאירוע "${eventTitle}". לאישור הגעה: ${rsvpUrl}`
);
return `https://wa.me/${phoneDigits}?text=${message}`;
}
/** Verify organizer owns the event */
async function verifyEventOwner(eventId, organizerId) {
const result = await pool.query(
'SELECT id, title, venue_capacity FROM events WHERE id = $1 AND organizer_id = $2 AND deleted_at IS NULL',
[eventId, organizerId]
);
return result.rows[0] || null;
}
/** Return capacity warning if confirmed RSVPs ≥ 90% of venue_capacity */
async function getCapacityWarning(eventId, venueCapacity) {
if (!venueCapacity) return null;
const { rows } = await pool.query(
`SELECT COUNT(*) FROM guests WHERE event_id = $1 AND rsvp_status = 'confirmed'`,
[eventId]
);
const confirmed = parseInt(rows[0].count, 10);
const pct = confirmed / venueCapacity;
if (pct >= 0.9) {
return {
type: 'capacity_warning',
message: `אזהרה: ${confirmed} מתוך ${venueCapacity} מקומות מאושרים (${Math.round(pct * 100)}%)`,
confirmed,
capacity: venueCapacity,
percent: Math.round(pct * 100),
};
}
return null;
}
// ─── POST /api/events/:eventId/guests — Add guest ────────────────────────────
router.post('/events/:eventId/guests', authMiddleware, async (req, res) => {
const { eventId } = req.params;
const organizerId = req.user.id;
if (req.user.role !== 'organizer') {
return res.status(403).json({ error: 'Only organizers can add guests' });
}
const event = await verifyEventOwner(eventId, organizerId).catch(() => null);
if (!event) return res.status(404).json({ error: 'Event not found' });
const {
name_hebrew,
name_transliteration,
email,
phone,
relationship_group,
dietary_preference,
dietary_notes,
accessibility_needs,
table_number,
seat_number,
plus_one_of,
plus_one_allowance,
} = req.body;
if (!name_hebrew || name_hebrew.trim().length === 0) {
return res.status(400).json({ error: 'שם בעברית הוא שדה חובה' });
}
const validDietary = ['none', 'vegetarian', 'vegan', 'kosher_regular', 'kosher_mehadrin'];
const validRelationship = ['family_bride', 'family_groom', 'friends', 'work', 'community', 'other'];
if (dietary_preference && !validDietary.includes(dietary_preference)) {
return res.status(400).json({ error: 'סוג תזונה לא תקין' });
}
if (relationship_group && !validRelationship.includes(relationship_group)) {
return res.status(400).json({ error: 'קבוצת יחסים לא תקינה' });
}
const normalizedPhone = normalizeIsraeliPhone(phone);
try {
// Insert guest
const guestResult = await pool.query(
`INSERT INTO guests (
event_id, name_hebrew, name_transliteration, email, phone,
relationship_group, dietary_preference, dietary_notes,
accessibility_needs, table_number, seat_number,
plus_one_of, plus_one_allowance, source, privacy_accepted_at
) VALUES ($1,$2,$3,$4,$5,$6,$7,$8,$9,$10,$11,$12,$13,'registered', NOW())
RETURNING *`,
[
eventId,
name_hebrew.trim(),
name_transliteration?.trim() || null,
email?.toLowerCase() || null,
normalizedPhone,
relationship_group || null,
dietary_preference || 'none',
dietary_notes || null,
accessibility_needs || null,
table_number || null,
seat_number || null,
plus_one_of || null,
plus_one_allowance || 0,
]
);
const guest = guestResult.rows[0];
// Generate invitation + WhatsApp link
const token = generateRsvpToken();
const baseUrl = process.env.APP_BASE_URL || 'http://localhost:3000';
const rsvpUrl = `${baseUrl}/rsvp/${token}`;
const whatsappLink = buildWhatsAppLink(normalizedPhone, event.title, rsvpUrl);
await pool.query(
`INSERT INTO invitations (event_id, guest_id, token, channel, whatsapp_link)
VALUES ($1, $2, $3, 'whatsapp', $4)`,
[eventId, guest.id, token, whatsappLink]
);
// Capacity warning check
const warning = await getCapacityWarning(eventId, event.venue_capacity);
return res.status(201).json({
guest,
rsvp_url: rsvpUrl,
whatsapp_link: whatsappLink,
...(warning && { warning }),
});
} catch (err) {
console.error('Add guest error:', err.message);
return res.status(500).json({ error: 'Failed to add guest' });
}
});
// ─── GET /api/events/:eventId/guests — List guests ───────────────────────────
router.get('/events/:eventId/guests', authMiddleware, async (req, res) => {
const { eventId } = req.params;
const organizerId = req.user.id;
const event = await verifyEventOwner(eventId, organizerId).catch(() => null);
if (!event) return res.status(404).json({ error: 'Event not found' });
const { status, search, page = 1, limit = 100 } = req.query;
const offset = (parseInt(page) - 1) * parseInt(limit);
const conditions = ['g.event_id = $1'];
const params = [eventId];
let paramIdx = 2;
if (status && ['pending', 'confirmed', 'declined'].includes(status)) {
conditions.push(`g.rsvp_status = $${paramIdx++}`);
params.push(status);
}
if (search) {
// pg_trgm fuzzy search on Hebrew name
conditions.push(`(g.name_hebrew % $${paramIdx} OR g.name_transliteration ILIKE $${paramIdx + 1})`);
params.push(search, `%${search}%`);
paramIdx += 2;
}
const where = conditions.join(' AND ');
try {
const [guestsResult, countResult, summaryResult] = await Promise.all([
pool.query(
`SELECT g.*, i.token, i.whatsapp_link, i.sent_at, i.opened_at
FROM guests g
LEFT JOIN invitations i ON i.guest_id = g.id
WHERE ${where}
ORDER BY g.created_at DESC
LIMIT $${paramIdx} OFFSET $${paramIdx + 1}`,
[...params, parseInt(limit), offset]
),
pool.query(`SELECT COUNT(*) FROM guests g WHERE ${where}`, params),
pool.query(
`SELECT
COUNT(*) FILTER (WHERE rsvp_status = 'pending') AS pending,
COUNT(*) FILTER (WHERE rsvp_status = 'confirmed') AS confirmed,
COUNT(*) FILTER (WHERE rsvp_status = 'declined') AS declined,
COUNT(*) AS total
FROM guests WHERE event_id = $1`,
[eventId]
),
]);
const warning = await getCapacityWarning(eventId, event.venue_capacity);
return res.json({
guests: guestsResult.rows,
summary: summaryResult.rows[0],
total: parseInt(countResult.rows[0].count),
page: parseInt(page),
limit: parseInt(limit),
...(warning && { warning }),
});
} catch (err) {
console.error('List guests error:', err.message);
return res.status(500).json({ error: 'Failed to fetch guests' });
}
});
// ─── GET /api/events/:eventId/guests/export — CSV export ─────────────────────
router.get('/events/:eventId/guests/export', authMiddleware, async (req, res) => {
const { eventId } = req.params;
const organizerId = req.user.id;
const event = await verifyEventOwner(eventId, organizerId).catch(() => null);
if (!event) return res.status(404).json({ error: 'Event not found' });
try {
const { rows } = await pool.query(
`SELECT
g.name_hebrew, g.name_transliteration, g.email, g.phone,
g.rsvp_status, g.table_number, g.seat_number,
g.relationship_group, g.dietary_preference, g.dietary_notes,
g.accessibility_needs, g.plus_one_allowance,
g.created_at,
i.whatsapp_link, i.sent_at AS invitation_sent_at, i.opened_at AS invitation_opened_at
FROM guests g
LEFT JOIN invitations i ON i.guest_id = g.id
WHERE g.event_id = $1
ORDER BY g.name_hebrew`,
[eventId]
);
const fields = [
{ label: 'שם בעברית', value: 'name_hebrew' },
{ label: 'תעתיק', value: 'name_transliteration' },
{ label: 'אימייל', value: 'email' },
{ label: 'טלפון', value: 'phone' },
{ label: 'סטטוס RSVP', value: 'rsvp_status' },
{ label: 'מספר שולחן', value: 'table_number' },
{ label: 'מספר מושב', value: 'seat_number' },
{ label: 'קבוצת יחסים', value: 'relationship_group' },
{ label: 'העדפה תזונתית', value: 'dietary_preference' },
{ label: 'הערות תזונה', value: 'dietary_notes' },
{ label: 'צרכי נגישות', value: 'accessibility_needs' },
{ label: 'מלווים מורשים', value: 'plus_one_allowance' },
{ label: 'קישור WhatsApp', value: 'whatsapp_link' },
{ label: 'הוזמנות נשלחה', value: 'invitation_sent_at' },
{ label: 'הוזמנות נפתחה', value: 'invitation_opened_at' },
{ label: 'תאריך הוספה', value: 'created_at' },
];
const parser = new Parser({ fields, withBOM: true }); // BOM for Excel Hebrew support
const csv = parser.parse(rows);
res.setHeader('Content-Type', 'text/csv; charset=utf-8');
res.setHeader('Content-Disposition', `attachment; filename="guests-${eventId}.csv"`);
return res.send(csv);
} catch (err) {
console.error('CSV export error:', err.message);
return res.status(500).json({ error: 'CSV export failed' });
}
});
// ─── PUT /api/guests/:guestId — Update guest ─────────────────────────────────
router.put('/guests/:guestId', authMiddleware, async (req, res) => {
const { guestId } = req.params;
const organizerId = req.user.id;
// Verify organizer owns the event this guest belongs to
const ownerCheck = await pool.query(
`SELECT g.id FROM guests g
JOIN events e ON e.id = g.event_id
WHERE g.id = $1 AND e.organizer_id = $2 AND e.deleted_at IS NULL`,
[guestId, organizerId]
).catch(() => ({ rows: [] }));
if (ownerCheck.rows.length === 0) {
return res.status(404).json({ error: 'Guest not found' });
}
const {
name_hebrew, name_transliteration, email, phone,
rsvp_status, table_number, seat_number,
relationship_group, dietary_preference, dietary_notes,
accessibility_needs, plus_one_allowance,
} = req.body;
const validRsvp = ['pending', 'confirmed', 'declined'];
const validDietary = ['none', 'vegetarian', 'vegan', 'kosher_regular', 'kosher_mehadrin'];
if (rsvp_status && !validRsvp.includes(rsvp_status)) {
return res.status(400).json({ error: 'סטטוס RSVP לא תקין' });
}
if (dietary_preference && !validDietary.includes(dietary_preference)) {
return res.status(400).json({ error: 'סוג תזונה לא תקין' });
}
try {
const result = await pool.query(
`UPDATE guests SET
name_hebrew = COALESCE($1, name_hebrew),
name_transliteration = COALESCE($2, name_transliteration),
email = COALESCE($3, email),
phone = COALESCE($4, phone),
rsvp_status = COALESCE($5::rsvp_status, rsvp_status),
table_number = COALESCE($6, table_number),
seat_number = COALESCE($7, seat_number),
relationship_group = COALESCE($8::relationship_group, relationship_group),
dietary_preference = COALESCE($9::dietary_preference, dietary_preference),
dietary_notes = COALESCE($10, dietary_notes),
accessibility_needs = COALESCE($11, accessibility_needs),
plus_one_allowance = COALESCE($12, plus_one_allowance),
updated_at = NOW()
WHERE id = $13
RETURNING *`,
[
name_hebrew?.trim() || null,
name_transliteration?.trim() || null,
email?.toLowerCase() || null,
phone ? normalizeIsraeliPhone(phone) : null,
rsvp_status || null,
table_number || null,
seat_number || null,
relationship_group || null,
dietary_preference || null,
dietary_notes || null,
accessibility_needs || null,
plus_one_allowance != null ? parseInt(plus_one_allowance) : null,
guestId,
]
);
// Check capacity after update
const eventRow = await pool.query(
'SELECT venue_capacity, id FROM events WHERE id = (SELECT event_id FROM guests WHERE id = $1)',
[guestId]
);
const warning = eventRow.rows[0]
? await getCapacityWarning(eventRow.rows[0].id, eventRow.rows[0].venue_capacity)
: null;
return res.json({
guest: result.rows[0],
...(warning && { warning }),
});
} catch (err) {
console.error('Update guest error:', err.message);
return res.status(500).json({ error: 'Failed to update guest' });
}
});
// ─── DELETE /api/guests/:guestId — Hard delete (Israeli Privacy Law) ─────────
router.delete('/guests/:guestId', authMiddleware, async (req, res) => {
const { guestId } = req.params;
const organizerId = req.user.id;
const ownerCheck = await pool.query(
`SELECT g.id FROM guests g
JOIN events e ON e.id = g.event_id
WHERE g.id = $1 AND e.organizer_id = $2 AND e.deleted_at IS NULL`,
[guestId, organizerId]
).catch(() => ({ rows: [] }));
if (ownerCheck.rows.length === 0) {
return res.status(404).json({ error: 'Guest not found' });
}
try {
// Hard delete per Israeli Privacy Law 2023 (no deleted_at on guests table)
await pool.query('DELETE FROM guests WHERE id = $1', [guestId]);
return res.json({ message: 'Guest deleted successfully' });
} catch (err) {
console.error('Delete guest error:', err.message);
return res.status(500).json({ error: 'Failed to delete guest' });
}
});
// ─── GET /api/events/:eventId/guests/reminders — Pending reminder links ───────
router.get('/events/:eventId/guests/reminders', authMiddleware, async (req, res) => {
const { eventId } = req.params;
const organizerId = req.user.id;
const event = await verifyEventOwner(eventId, organizerId).catch(() => null);
if (!event) return res.status(404).json({ error: 'Event not found' });
try {
const { rows } = await pool.query(
`SELECT
g.id, g.name_hebrew, g.name_transliteration, g.phone,
i.token, i.whatsapp_link,
EXTRACT(DAY FROM (e.event_date::date - CURRENT_DATE)) AS days_until
FROM guests g
JOIN invitations i ON i.guest_id = g.id
JOIN events e ON e.id = g.event_id
WHERE g.event_id = $1
AND g.rsvp_status = 'pending'
AND e.event_date > NOW()
AND i.whatsapp_link IS NOT NULL
ORDER BY g.name_hebrew`,
[eventId]
);
return res.json({ reminders: rows });
} catch (err) {
console.error('Reminders error:', err.message);
return res.status(500).json({ error: 'Failed to fetch reminders' });
}
});
// ─── POST /api/events/:eventId/guests/import — CSV/Excel bulk import ──────────
const VALID_DIETARY = ['none', 'vegetarian', 'vegan', 'kosher_regular', 'kosher_mehadrin'];
const VALID_RELATIONSHIP = ['family_bride', 'family_groom', 'friends', 'work', 'community', 'other'];
const MAX_IMPORT_ROWS = 500;
function normalizeImportRow(raw) {
const name_hebrew = (raw.name_hebrew || raw['שם בעברית'] || raw.name || '').trim();
const name_transliteration = (raw.name_transliteration || raw.name_latin || raw['שם באנגלית'] || '').trim() || null;
const rawPhone = raw.phone || raw['טלפון'] || raw['phone'] || '';
const rawDietary = (raw.dietary_preference || raw['העדפה תזונתית'] || '').trim().toLowerCase();
const rawRelationship = (raw.relationship_group || raw['קבוצת יחסים'] || '').trim().toLowerCase();
const email = (raw.email || raw['אימייל'] || '').trim().toLowerCase() || null;
const phone = normalizeIsraeliPhone(rawPhone);
const phoneWarning = rawPhone && !phone ? `טלפון לא תקין: "${rawPhone}"` : null;
const dietary_preference = VALID_DIETARY.includes(rawDietary) ? rawDietary : 'none';
const relationship_group = VALID_RELATIONSHIP.includes(rawRelationship) ? rawRelationship : (rawRelationship ? 'other' : null);
return { name_hebrew, name_transliteration, phone, phoneWarning, email, dietary_preference, relationship_group };
}
router.post('/events/:eventId/guests/import', authMiddleware, upload.single('file'), async (req, res) => {
const { eventId } = req.params;
const organizerId = req.user.id;
if (req.user.role !== 'organizer') {
return res.status(403).json({ error: 'Only organizers can import guests' });
}
const event = await verifyEventOwner(eventId, organizerId).catch(() => null);
if (!event) return res.status(404).json({ error: 'Event not found' });
if (!req.file) return res.status(400).json({ error: 'No file uploaded' });
const mimeType = req.file.mimetype;
const originalName = req.file.originalname.toLowerCase();
let rows = [];
try {
if (originalName.endsWith('.xlsx') || originalName.endsWith('.xls') || mimeType.includes('spreadsheet') || mimeType.includes('excel')) {
const wb = XLSX.read(req.file.buffer, { type: 'buffer' });
const ws = wb.Sheets[wb.SheetNames[0]];
rows = XLSX.utils.sheet_to_json(ws, { defval: '' });
} else {
// CSV (utf-8 or utf-8 with BOM)
const content = req.file.buffer.toString('utf-8').replace(/^\uFEFF/, '');
rows = csvParse(content, { columns: true, skip_empty_lines: true, trim: true });
}
} catch (parseErr) {
return res.status(400).json({ error: `לא ניתן לנתח את הקובץ: ${parseErr.message}` });
}
if (rows.length === 0) return res.status(400).json({ error: 'הקובץ ריק' });
if (rows.length > MAX_IMPORT_ROWS) {
return res.status(400).json({ error: `מקסימום ${MAX_IMPORT_ROWS} שורות לייבוא. הקובץ מכיל ${rows.length} שורות.` });
}
const baseUrl = process.env.APP_BASE_URL || 'http://localhost:3000';
const imported = [];
const skipped = [];
const warnings = [];
const client = await pool.connect();
try {
await client.query('BEGIN');
for (let i = 0; i < rows.length; i++) {
const row = rows[i];
const normalized = normalizeImportRow(row);
if (!normalized.name_hebrew) {
skipped.push({ row: i + 2, reason: 'שם בעברית חסר' });
continue;
}
if (normalized.phoneWarning) {
warnings.push({ row: i + 2, name: normalized.name_hebrew, warning: normalized.phoneWarning });
}
const guestResult = await client.query(
`INSERT INTO guests (event_id, name_hebrew, name_transliteration, email, phone,
dietary_preference, relationship_group, source, privacy_accepted_at)
VALUES ($1,$2,$3,$4,$5,$6,$7,'registered', NOW())
RETURNING id`,
[
eventId,
normalized.name_hebrew,
normalized.name_transliteration,
normalized.email,
normalized.phone,
normalized.dietary_preference,
normalized.relationship_group,
]
);
const guestId = guestResult.rows[0].id;
const token = generateRsvpToken();
const rsvpUrl = `${baseUrl}/rsvp/${token}`;
const whatsappLink = normalized.phone ? buildWhatsAppLink(normalized.phone, event.title, rsvpUrl) : null;
await client.query(
`INSERT INTO invitations (event_id, guest_id, token, channel, whatsapp_link)
VALUES ($1,$2,$3,'whatsapp',$4)`,
[eventId, guestId, token, whatsappLink]
);
imported.push(normalized.name_hebrew);
}
await client.query('COMMIT');
} catch (err) {
await client.query('ROLLBACK');
console.error('Import error:', err.message);
return res.status(500).json({ error: 'ייבוא נכשל, הנתונים לא נשמרו' });
} finally {
client.release();
}
return res.status(201).json({
imported: imported.length,
skipped: skipped.length,
warnings: warnings.length,
details: { skipped, warnings },
message: `יובאו ${imported.length} אורחים. ${skipped.length} שורות דולגו.`,
});
});
module.exports = router;

139
routes/rsvp.js Normal file
View File

@@ -0,0 +1,139 @@
const express = require('express');
const pool = require('../db/pool');
const router = express.Router();
// ─── GET /api/rsvp/:token — Public RSVP page data (no auth) ─────────────────
router.get('/:token', async (req, res) => {
const { token } = req.params;
try {
const result = await pool.query(
`SELECT
i.token, i.opened_at,
g.id AS guest_id, g.name_hebrew, g.name_transliteration,
g.rsvp_status, g.dietary_preference, g.dietary_notes,
e.id AS event_id, e.title, e.event_date, e.venue_name, e.venue_address,
e.kashrut_level, e.language_pref
FROM invitations i
JOIN guests g ON g.id = i.guest_id
JOIN events e ON e.id = i.event_id
WHERE i.token = $1
AND e.deleted_at IS NULL`,
[token]
);
if (result.rows.length === 0) {
return res.status(404).json({ error: 'קישור ההזמנה לא נמצא' });
}
const row = result.rows[0];
// Mark as opened (first visit) — idempotent, only set once
if (!row.opened_at) {
await pool.query(
'UPDATE invitations SET opened_at = NOW() WHERE token = $1',
[token]
);
}
return res.json({
guest: {
id: row.guest_id,
name_hebrew: row.name_hebrew,
name_transliteration: row.name_transliteration,
rsvp_status: row.rsvp_status,
dietary_preference: row.dietary_preference,
dietary_notes: row.dietary_notes,
},
event: {
id: row.event_id,
title: row.title,
event_date: row.event_date,
venue_name: row.venue_name,
venue_address: row.venue_address,
kashrut_level: row.kashrut_level,
language_pref: row.language_pref,
},
});
} catch (err) {
console.error('RSVP get error:', err.message);
return res.status(500).json({ error: 'שגיאה בטעינת ההזמנה' });
}
});
// ─── POST /api/rsvp/:token — Submit RSVP (idempotent, no auth) ───────────────
router.post('/:token', async (req, res) => {
const { token } = req.params;
const { rsvp_status, dietary_preference, dietary_notes } = req.body;
const validRsvp = ['confirmed', 'declined'];
if (!rsvp_status || !validRsvp.includes(rsvp_status)) {
return res.status(400).json({ error: 'נא לבחור אישור או דחייה' });
}
const validDietary = ['none', 'vegetarian', 'vegan', 'kosher_regular', 'kosher_mehadrin'];
if (dietary_preference && !validDietary.includes(dietary_preference)) {
return res.status(400).json({ error: 'סוג תזונה לא תקין' });
}
try {
const invResult = await pool.query(
`SELECT i.guest_id, e.deleted_at
FROM invitations i
JOIN guests g ON g.id = i.guest_id
JOIN events e ON e.id = g.event_id
WHERE i.token = $1`,
[token]
);
if (invResult.rows.length === 0) {
return res.status(404).json({ error: 'קישור ההזמנה לא נמצא' });
}
if (invResult.rows[0].deleted_at) {
return res.status(410).json({ error: 'האירוע בוטל' });
}
const guestId = invResult.rows[0].guest_id;
// Idempotent upsert — safe to call multiple times for the same guest
const updatedFields = [rsvp_status, guestId];
const dietaryUpdate = dietary_preference
? `, dietary_preference = $3::dietary_preference${dietary_notes !== undefined ? ', dietary_notes = $4' : ''}`
: dietary_notes !== undefined
? ', dietary_notes = $3'
: '';
let query;
let params;
if (dietary_preference && dietary_notes !== undefined) {
query = `UPDATE guests SET rsvp_status = $1::rsvp_status${dietaryUpdate}, updated_at = NOW() WHERE id = $2 RETURNING rsvp_status, dietary_preference, dietary_notes`;
params = [rsvp_status, guestId, dietary_preference, dietary_notes];
} else if (dietary_preference) {
query = `UPDATE guests SET rsvp_status = $1::rsvp_status${dietaryUpdate}, updated_at = NOW() WHERE id = $2 RETURNING rsvp_status, dietary_preference, dietary_notes`;
params = [rsvp_status, guestId, dietary_preference];
} else if (dietary_notes !== undefined) {
query = `UPDATE guests SET rsvp_status = $1::rsvp_status, dietary_notes = $3, updated_at = NOW() WHERE id = $2 RETURNING rsvp_status, dietary_preference, dietary_notes`;
params = [rsvp_status, guestId, dietary_notes];
} else {
query = `UPDATE guests SET rsvp_status = $1::rsvp_status, updated_at = NOW() WHERE id = $2 RETURNING rsvp_status, dietary_preference, dietary_notes`;
params = [rsvp_status, guestId];
}
const result = await pool.query(query, params);
return res.json({
message: rsvp_status === 'confirmed' ? 'תודה! הגעתך אושרה.' : 'תודה! עדכנו את מצבך.',
guest: result.rows[0],
});
} catch (err) {
console.error('RSVP submit error:', err.message);
return res.status(500).json({ error: 'שגיאה בעדכון ה-RSVP' });
}
});
module.exports = router;

51
scripts/migrate.js Normal file
View File

@@ -0,0 +1,51 @@
require('dotenv').config();
const fs = require('fs');
const path = require('path');
const { Pool } = require('pg');
const pool = new Pool({ connectionString: process.env.DATABASE_URL });
async function migrate() {
const migrationsDir = path.join(__dirname, '..', 'migrations');
const files = fs.readdirSync(migrationsDir).filter(f => f.endsWith('.sql')).sort();
// Ensure migrations tracking table exists
await pool.query(`
CREATE TABLE IF NOT EXISTS schema_migrations (
filename VARCHAR(255) PRIMARY KEY,
applied_at TIMESTAMPTZ NOT NULL DEFAULT NOW()
)
`);
for (const file of files) {
const { rows } = await pool.query(
'SELECT filename FROM schema_migrations WHERE filename = $1',
[file]
);
if (rows.length > 0) {
console.log(` ✓ already applied: ${file}`);
continue;
}
const sql = fs.readFileSync(path.join(migrationsDir, file), 'utf8');
// Extract and run only the UP section (before the -- DOWN comment)
const upSection = sql.split('-- DOWN')[0].trim();
try {
await pool.query(upSection);
await pool.query('INSERT INTO schema_migrations (filename) VALUES ($1)', [file]);
console.log(` ✅ applied: ${file}`);
} catch (err) {
console.error(` ❌ failed: ${file}`, err.message);
process.exit(1);
}
}
console.log('Migrations complete.');
await pool.end();
}
migrate().catch(err => {
console.error('Migration error:', err);
process.exit(1);
});

39
scripts/seed.js Normal file
View File

@@ -0,0 +1,39 @@
require('dotenv').config();
const fs = require('fs');
const path = require('path');
const bcrypt = require('bcrypt');
const { Pool } = require('pg');
const pool = new Pool({ connectionString: process.env.DATABASE_URL });
async function seed() {
const hash = await bcrypt.hash('Password123!', 12);
let sql = fs.readFileSync(
path.join(__dirname, '..', 'seeds', '001_seed_test_data.sql'),
'utf8'
);
// Replace placeholder hash with real bcrypt hash
sql = sql.replace(/\$2b\$10\$REPLACE_WITH_REAL_HASH/g, hash);
try {
await pool.query(sql);
console.log('✅ Seed data inserted');
} catch (err) {
// Ignore duplicate key errors (idempotent re-run)
if (err.code === '23505') {
console.log(' Seed data already present, skipping');
} else {
console.error('❌ Seed error:', err.message);
process.exit(1);
}
}
await pool.end();
}
seed().catch(err => {
console.error('Seed error:', err);
process.exit(1);
});

92
seeds/001_seed_test_data.sql Normal file
View File

@@ -0,0 +1,92 @@
-- Seed 001: Test data for development
-- Passwords are bcrypt hashes of 'Password123!' — replace at runtime with actual hash
BEGIN;
-- ─── Users ───────────────────────────────────────────────────────────────────
-- Test organizer
INSERT INTO users (id, email, password_hash, display_name, role) VALUES
('11111111-1111-1111-1111-111111111111',
'organizer@test.com',
'$2b$10$REPLACE_WITH_REAL_HASH',
'מארגן בדיקה',
'organizer');
-- Vendor users (one per vendor profile below)
INSERT INTO users (id, email, password_hash, display_name, role) VALUES
('22222222-2222-2222-2222-222222222222', 'catering@test.com', '$2b$10$REPLACE_WITH_REAL_HASH', 'קייטרינג לדוגמה', 'vendor'),
('22222222-2222-2222-2222-222222222223', 'photography@test.com', '$2b$10$REPLACE_WITH_REAL_HASH', 'צלם לדוגמה', 'vendor'),
('22222222-2222-2222-2222-222222222224', 'music@test.com', '$2b$10$REPLACE_WITH_REAL_HASH', 'מוזיקה לדוגמה', 'vendor'),
('22222222-2222-2222-2222-222222222225', 'decoration@test.com', '$2b$10$REPLACE_WITH_REAL_HASH', 'עיצוב לדוגמה', 'vendor'),
('22222222-2222-2222-2222-222222222226', 'venue@test.com', '$2b$10$REPLACE_WITH_REAL_HASH', 'אולם לדוגמה', 'vendor');
-- ─── Vendors (5 profiles across different categories) ────────────────────────
INSERT INTO vendors (id, user_id, business_name, category, city, geographic_area,
base_price, price_range_min, price_range_max,
capacity_min, capacity_max,
style_tags, is_verified) VALUES
('33333333-3333-3333-3333-333333333331',
'22222222-2222-2222-2222-222222222222',
'קייטרינג שף אורי', 'catering', 'תל אביב', 'מרכז',
5000.00, 4000.00, 12000.00, 50, 500,
ARRAY['kosher_mehadrin', 'modern'], TRUE),
('33333333-3333-3333-3333-333333333332',
'22222222-2222-2222-2222-222222222223',
'סטודיו לכידת רגעים', 'photography', 'ירושלים', 'ירושלים וסביבותיה',
3000.00, 2500.00, 8000.00, 30, 600,
ARRAY['traditional', 'religious'], TRUE),
('33333333-3333-3333-3333-333333333333',
'22222222-2222-2222-2222-222222222224',
'להקת הכוכבים', 'music', 'חיפה', 'צפון',
4000.00, 3000.00, 10000.00, 100, 800,
ARRAY['modern', 'mizrahi'], FALSE),
('33333333-3333-3333-3333-333333333334',
'22222222-2222-2222-2222-222222222225',
'עיצוב ואווירה', 'decoration', 'ראשון לציון', 'מרכז',
2000.00, 1500.00, 6000.00, 20, 400,
ARRAY['rustic', 'romantic', 'modern'], TRUE),
('33333333-3333-3333-3333-333333333335',
'22222222-2222-2222-2222-222222222226',
'אולם הנשיאים', 'venue', 'נתניה', 'שרון',
15000.00, 10000.00, 35000.00, 80, 700,
ARRAY['elegant', 'modern'], TRUE);
-- ─── Sample Event ─────────────────────────────────────────────────────────────
INSERT INTO events (id, organizer_id, title, description, event_date,
venue_name, max_guests, venue_capacity,
status, kashrut_level, noise_curfew_time,
max_plus_ones_buffer, retention_policy_days, language_pref) VALUES
('44444444-4444-4444-4444-444444444444',
'11111111-1111-1111-1111-111111111111',
'חתונת בדיקה',
'אירוע לדוגמה לפיתוח',
NOW() + INTERVAL '30 days',
'אולם הנשיאים', 150, 200,
'draft', 'mehadrin', '23:00',
30, 365, 'hebrew');
-- ─── Sample Guests ────────────────────────────────────────────────────────────
INSERT INTO guests (event_id, name_hebrew, name_transliteration, email, phone,
rsvp_status, relationship_group, dietary_preference,
plus_one_allowance, source, privacy_accepted_at) VALUES
('44444444-4444-4444-4444-444444444444',
'יוסי כהן', 'Yossi Cohen', 'yossi@test.com', '+972501234567',
'pending', 'family_groom', 'kosher_mehadrin', 1, 'registered', NOW()),
('44444444-4444-4444-4444-444444444444',
'מיכל לוי', 'Michal Levi', 'michal@test.com', '+972521234567',
'confirmed', 'friends', 'vegetarian', 0, 'registered', NOW()),
('44444444-4444-4444-4444-444444444444',
'דוד ישראלי', 'David Israeli', 'david@test.com', '+972541234567',
'declined', 'work', 'none', 0, 'registered', NOW());
COMMIT;

49
server.js Normal file
View File

@@ -0,0 +1,49 @@
require('dotenv').config();
const express = require('express');
const cookieParser = require('cookie-parser');
const cors = require('cors');
const path = require('path');
const authRoutes = require('./routes/auth');
const eventRoutes = require('./routes/events');
const guestRoutes = require('./routes/guests');
const rsvpRoutes = require('./routes/rsvp');
const { authMiddleware } = require('./middleware/auth');
const { startReminderCron } = require('./jobs/reminderCron');
const app = express();
const PORT = process.env.PORT || 3000;
app.use(cors({
origin: process.env.CLIENT_ORIGIN || true,
credentials: true,
}));
app.use(express.json());
app.use(cookieParser());
// Health check — no auth required
app.get('/health', (req, res) => res.json({ status: 'ok' }));
// Auth routes — no middleware (register/login are public)
app.use('/api/auth', authRoutes);
// Public RSVP routes — no auth required
app.use('/api/rsvp', rsvpRoutes);
// All routes below require valid JWT
app.use('/api', authMiddleware);
// Event + Guest management routes (auth enforced above)
app.use('/api/events', eventRoutes);
app.use('/api', guestRoutes);
// Serve React frontend in production
app.use(express.static(path.join(__dirname, 'client', 'dist')));
app.get('*', (req, res) => {
res.sendFile(path.join(__dirname, 'client', 'dist', 'index.html'));
});
app.listen(PORT, () => {
console.log(`אירועית server running on port ${PORT}`);
startReminderCron();
});