Index: kupi-mk/backend/config/database.js =================================================================== --- kupi-mk/backend/config/database.js (revision 65be0725ca7d5c8f5e0679e3088e41ea41abfcec) +++ kupi-mk/backend/config/database.js (revision a50634e742db5be5422ca0b5c8ddead0ccf398f8) @@ -98,3 +98,8 @@ }; -module.exports = { pool, connectDB }; +module.exports = { + pool, + connectDB, + query: (text, params) => pool.query(text, params), + getClient: () => pool.connect() +}; Index: kupi-mk/backend/routes/cart.js =================================================================== --- kupi-mk/backend/routes/cart.js (revision a50634e742db5be5422ca0b5c8ddead0ccf398f8) +++ kupi-mk/backend/routes/cart.js (revision a50634e742db5be5422ca0b5c8ddead0ccf398f8) @@ -0,0 +1,242 @@ +const express = require('express'); +const router = express.Router(); +const { pool } = require('../config/database'); +const { auth } = require('../middleware/auth'); + +// Get user's cart items +router.get('/', auth, async (req, res) => { + try { + const userId = req.user.id; + + const result = await pool.query(` + SELECT + ci.id, + ci.quantity, + ci.added_at, + p.id as product_id, + p.title, + p.description, + p.price, + p.images, + p.stock_quantity, + c.name as category_name + FROM cart_items ci + JOIN products p ON ci.product_id = p.id + LEFT JOIN categories c ON p.category_id = c.id + WHERE ci.user_id = $1 AND p.is_active = true + ORDER BY ci.added_at DESC + `, [userId]); + + res.json({ + success: true, + cartItems: result.rows, + totalItems: result.rows.reduce((sum, item) => sum + item.quantity, 0), + totalPrice: result.rows.reduce((sum, item) => sum + (parseFloat(item.price) * item.quantity), 0) + }); + } catch (error) { + console.error('Error fetching cart:', error); + res.status(500).json({ success: false, message: 'Server error' }); + } +}); + +// Add item to cart +router.post('/add', auth, async (req, res) => { + try { + const userId = req.user.id; + const { productId, quantity = 1 } = req.body; + + if (!productId) { + return res.status(400).json({ success: false, message: 'Product ID is required' }); + } + + if (quantity < 1) { + return res.status(400).json({ success: false, message: 'Quantity must be at least 1' }); + } + + // Check if product exists and is active + const productResult = await pool.query( + 'SELECT id, title, stock_quantity, is_active FROM products WHERE id = $1', + [productId] + ); + + if (productResult.rows.length === 0) { + return res.status(404).json({ success: false, message: 'Product not found' }); + } + + const product = productResult.rows[0]; + + if (!product.is_active) { + return res.status(400).json({ success: false, message: 'Product is not available' }); + } + + if (product.stock_quantity < quantity) { + return res.status(400).json({ + success: false, + message: `Only ${product.stock_quantity} items available in stock` + }); + } + + // Check if item already exists in cart + const existingItem = await pool.query( + 'SELECT id, quantity FROM cart_items WHERE user_id = $1 AND product_id = $2', + [userId, productId] + ); + + let result; + + if (existingItem.rows.length > 0) { + // Update existing item quantity + const newQuantity = existingItem.rows[0].quantity + quantity; + + if (newQuantity > product.stock_quantity) { + return res.status(400).json({ + success: false, + message: `Cannot add more items. Only ${product.stock_quantity} available in stock` + }); + } + + result = await pool.query( + 'UPDATE cart_items SET quantity = $1, updated_at = CURRENT_TIMESTAMP WHERE user_id = $2 AND product_id = $3 RETURNING *', + [newQuantity, userId, productId] + ); + } else { + // Add new item to cart + result = await pool.query( + 'INSERT INTO cart_items (user_id, product_id, quantity) VALUES ($1, $2, $3) RETURNING *', + [userId, productId, quantity] + ); + } + + res.json({ + success: true, + message: `${product.title} added to cart`, + cartItem: result.rows[0] + }); + } catch (error) { + console.error('Error adding to cart:', error); + res.status(500).json({ success: false, message: 'Server error' }); + } +}); + +// Update cart item quantity +router.put('/update/:id', auth, async (req, res) => { + try { + const userId = req.user.id; + const cartItemId = req.params.id; + const { quantity } = req.body; + + if (!quantity || quantity < 1) { + return res.status(400).json({ success: false, message: 'Quantity must be at least 1' }); + } + + // Check if cart item belongs to user + const cartItemResult = await pool.query( + 'SELECT ci.*, p.stock_quantity, p.title FROM cart_items ci JOIN products p ON ci.product_id = p.id WHERE ci.id = $1 AND ci.user_id = $2', + [cartItemId, userId] + ); + + if (cartItemResult.rows.length === 0) { + return res.status(404).json({ success: false, message: 'Cart item not found' }); + } + + const cartItem = cartItemResult.rows[0]; + + if (quantity > cartItem.stock_quantity) { + return res.status(400).json({ + success: false, + message: `Only ${cartItem.stock_quantity} items available in stock` + }); + } + + const result = await pool.query( + 'UPDATE cart_items SET quantity = $1, updated_at = CURRENT_TIMESTAMP WHERE id = $2 RETURNING *', + [quantity, cartItemId] + ); + + res.json({ + success: true, + message: 'Cart updated successfully', + cartItem: result.rows[0] + }); + } catch (error) { + console.error('Error updating cart:', error); + res.status(500).json({ success: false, message: 'Server error' }); + } +}); + +// Remove item from cart +router.delete('/remove/:id', auth, async (req, res) => { + try { + const userId = req.user.id; + const cartItemId = req.params.id; + + const result = await pool.query( + 'DELETE FROM cart_items WHERE id = $1 AND user_id = $2 RETURNING *', + [cartItemId, userId] + ); + + if (result.rows.length === 0) { + return res.status(404).json({ success: false, message: 'Cart item not found' }); + } + + res.json({ + success: true, + message: 'Item removed from cart', + removedItem: result.rows[0] + }); + } catch (error) { + console.error('Error removing from cart:', error); + res.status(500).json({ success: false, message: 'Server error' }); + } +}); + +// Clear entire cart +router.delete('/clear', auth, async (req, res) => { + try { + const userId = req.user.id; + + const result = await pool.query( + 'DELETE FROM cart_items WHERE user_id = $1 RETURNING COUNT(*)', + [userId] + ); + + res.json({ + success: true, + message: 'Cart cleared successfully' + }); + } catch (error) { + console.error('Error clearing cart:', error); + res.status(500).json({ success: false, message: 'Server error' }); + } +}); + +// Get cart summary (total items and price) +router.get('/summary', auth, async (req, res) => { + try { + const userId = req.user.id; + + const result = await pool.query(` + SELECT + COUNT(ci.id) as total_items, + COALESCE(SUM(ci.quantity), 0) as total_quantity, + COALESCE(SUM(p.price * ci.quantity), 0) as total_price + FROM cart_items ci + JOIN products p ON ci.product_id = p.id + WHERE ci.user_id = $1 AND p.is_active = true + `, [userId]); + + res.json({ + success: true, + summary: { + totalItems: parseInt(result.rows[0].total_items), + totalQuantity: parseInt(result.rows[0].total_quantity), + totalPrice: parseFloat(result.rows[0].total_price) + } + }); + } catch (error) { + console.error('Error fetching cart summary:', error); + res.status(500).json({ success: false, message: 'Server error' }); + } +}); + +module.exports = router; Index: kupi-mk/backend/routes/orders.js =================================================================== --- kupi-mk/backend/routes/orders.js (revision a50634e742db5be5422ca0b5c8ddead0ccf398f8) +++ kupi-mk/backend/routes/orders.js (revision a50634e742db5be5422ca0b5c8ddead0ccf398f8) @@ -0,0 +1,289 @@ +const express = require('express'); +const router = express.Router(); +const { pool } = require('../config/database'); +const { auth } = require('../middleware/auth'); + +// Create new order from cart (checkout) +router.post('/checkout', auth, async (req, res) => { + const client = await pool.connect(); + + try { + await client.query('BEGIN'); + + const userId = req.user.id; + const { + shippingAddress, + billingAddress, + phone, + paymentMethod = 'cash_on_delivery', + notes + } = req.body; + + if (!shippingAddress || !phone) { + return res.status(400).json({ + success: false, + message: 'Shipping address and phone are required' + }); + } + + // Get cart items with current prices + const cartResult = await client.query(` + SELECT + ci.id as cart_item_id, + ci.product_id, + ci.quantity, + p.title, + p.price, + p.stock_quantity, + p.is_active + FROM cart_items ci + JOIN products p ON ci.product_id = p.id + WHERE ci.user_id = $1 AND p.is_active = true + `, [userId]); + + if (cartResult.rows.length === 0) { + await client.query('ROLLBACK'); + return res.status(400).json({ + success: false, + message: 'Cart is empty' + }); + } + + const cartItems = cartResult.rows; + + // Validate stock availability + for (const item of cartItems) { + if (item.quantity > item.stock_quantity) { + await client.query('ROLLBACK'); + return res.status(400).json({ + success: false, + message: `Insufficient stock for ${item.title}. Only ${item.stock_quantity} available.` + }); + } + } + + // Calculate total amount + const totalAmount = cartItems.reduce((sum, item) => sum + (parseFloat(item.price) * item.quantity), 0); + + // Create order + const orderResult = await client.query(` + INSERT INTO orders (user_id, total_amount, shipping_address, billing_address, phone, payment_method, notes) + VALUES ($1, $2, $3, $4, $5, $6, $7) + RETURNING * + `, [userId, totalAmount, shippingAddress, billingAddress || shippingAddress, phone, paymentMethod, notes]); + + const order = orderResult.rows[0]; + + // Create order items and update stock + for (const item of cartItems) { + // Add to order_items + await client.query(` + INSERT INTO order_items (order_id, product_id, quantity, price_at_time) + VALUES ($1, $2, $3, $4) + `, [order.id, item.product_id, item.quantity, item.price]); + + // Update product stock + await client.query(` + UPDATE products + SET stock_quantity = stock_quantity - $1 + WHERE id = $2 + `, [item.quantity, item.product_id]); + } + + // Clear cart + await client.query('DELETE FROM cart_items WHERE user_id = $1', [userId]); + + await client.query('COMMIT'); + + res.json({ + success: true, + message: 'Order placed successfully', + order: { + id: order.id, + totalAmount: order.total_amount, + status: order.status, + createdAt: order.created_at + } + }); + + } catch (error) { + await client.query('ROLLBACK'); + console.error('Error during checkout:', error); + res.status(500).json({ success: false, message: 'Server error during checkout' }); + } finally { + client.release(); + } +}); + +// Get user's order history +router.get('/history', auth, async (req, res) => { + try { + const userId = req.user.id; + const page = parseInt(req.query.page) || 1; + const limit = parseInt(req.query.limit) || 10; + const offset = (page - 1) * limit; + + const result = await pool.query(` + SELECT + o.*, + COUNT(oi.id) as item_count + FROM orders o + LEFT JOIN order_items oi ON o.id = oi.order_id + WHERE o.user_id = $1 + GROUP BY o.id + ORDER BY o.created_at DESC + LIMIT $2 OFFSET $3 + `, [userId, limit, offset]); + + // Get total count for pagination + const countResult = await pool.query( + 'SELECT COUNT(*) FROM orders WHERE user_id = $1', + [userId] + ); + + res.json({ + success: true, + orders: result.rows, + pagination: { + page, + limit, + totalOrders: parseInt(countResult.rows[0].count), + totalPages: Math.ceil(countResult.rows[0].count / limit) + } + }); + } catch (error) { + console.error('Error fetching order history:', error); + res.status(500).json({ success: false, message: 'Server error' }); + } +}); + +// Get specific order details +router.get('/:orderId', auth, async (req, res) => { + try { + const userId = req.user.id; + const orderId = req.params.orderId; + + // Get order details + const orderResult = await pool.query(` + SELECT * FROM orders + WHERE id = $1 AND user_id = $2 + `, [orderId, userId]); + + if (orderResult.rows.length === 0) { + return res.status(404).json({ success: false, message: 'Order not found' }); + } + + const order = orderResult.rows[0]; + + // Get order items + const itemsResult = await pool.query(` + SELECT + oi.*, + p.title, + p.images, + p.description + FROM order_items oi + JOIN products p ON oi.product_id = p.id + WHERE oi.order_id = $1 + ORDER BY oi.created_at + `, [orderId]); + + res.json({ + success: true, + order: { + ...order, + items: itemsResult.rows + } + }); + } catch (error) { + console.error('Error fetching order details:', error); + res.status(500).json({ success: false, message: 'Server error' }); + } +}); + +// Update order status (for sellers/admins - will implement later) +router.put('/:orderId/status', auth, async (req, res) => { + try { + const orderId = req.params.orderId; + const { status } = req.body; + + const validStatuses = ['pending', 'confirmed', 'processing', 'shipped', 'delivered', 'cancelled']; + + if (!validStatuses.includes(status)) { + return res.status(400).json({ + success: false, + message: 'Invalid status. Valid statuses: ' + validStatuses.join(', ') + }); + } + + // For now, only allow users to cancel their own pending orders + // Later we can add role-based permissions for sellers/admins + const userId = req.user.id; + + if (status === 'cancelled') { + const result = await pool.query(` + UPDATE orders + SET status = $1, updated_at = CURRENT_TIMESTAMP + WHERE id = $2 AND user_id = $3 AND status = 'pending' + RETURNING * + `, [status, orderId, userId]); + + if (result.rows.length === 0) { + return res.status(400).json({ + success: false, + message: 'Order cannot be cancelled or not found' + }); + } + + // Restore stock quantities when order is cancelled + await pool.query(` + UPDATE products + SET stock_quantity = stock_quantity + oi.quantity + FROM order_items oi + WHERE products.id = oi.product_id AND oi.order_id = $1 + `, [orderId]); + + res.json({ + success: true, + message: 'Order cancelled successfully', + order: result.rows[0] + }); + } else { + res.status(403).json({ + success: false, + message: 'Unauthorized to update order status' + }); + } + } catch (error) { + console.error('Error updating order status:', error); + res.status(500).json({ success: false, message: 'Server error' }); + } +}); + +// Get order statistics (for dashboard) +router.get('/stats/summary', auth, async (req, res) => { + try { + const userId = req.user.id; + + const result = await pool.query(` + SELECT + COUNT(*) as total_orders, + COUNT(CASE WHEN status = 'pending' THEN 1 END) as pending_orders, + COUNT(CASE WHEN status = 'delivered' THEN 1 END) as delivered_orders, + COALESCE(SUM(total_amount), 0) as total_spent, + COALESCE(SUM(CASE WHEN status = 'delivered' THEN total_amount ELSE 0 END), 0) as total_completed + FROM orders + WHERE user_id = $1 + `, [userId]); + + res.json({ + success: true, + stats: result.rows[0] + }); + } catch (error) { + console.error('Error fetching order stats:', error); + res.status(500).json({ success: false, message: 'Server error' }); + } +}); + +module.exports = router; Index: kupi-mk/backend/routes/reviews.js =================================================================== --- kupi-mk/backend/routes/reviews.js (revision a50634e742db5be5422ca0b5c8ddead0ccf398f8) +++ kupi-mk/backend/routes/reviews.js (revision a50634e742db5be5422ca0b5c8ddead0ccf398f8) @@ -0,0 +1,385 @@ +const express = require('express'); +const router = express.Router(); +const { pool } = require('../config/database'); +const { auth } = require('../middleware/auth'); + +// Get reviews for a product +router.get('/product/:productId', async (req, res) => { + try { + const productId = req.params.productId; + const page = parseInt(req.query.page) || 1; + const limit = parseInt(req.query.limit) || 10; + const sortBy = req.query.sortBy || 'newest'; // newest, oldest, rating_high, rating_low, helpful + const offset = (page - 1) * limit; + + let orderClause = 'pr.created_at DESC'; + + switch (sortBy) { + case 'oldest': + orderClause = 'pr.created_at ASC'; + break; + case 'rating_high': + orderClause = 'pr.rating DESC, pr.created_at DESC'; + break; + case 'rating_low': + orderClause = 'pr.rating ASC, pr.created_at DESC'; + break; + case 'helpful': + orderClause = 'pr.helpful_votes DESC, pr.created_at DESC'; + break; + default: + orderClause = 'pr.created_at DESC'; + } + + const result = await pool.query(` + SELECT + pr.*, + u.username, + u.first_name, + u.last_name + FROM product_reviews pr + JOIN users u ON pr.user_id = u.id + WHERE pr.product_id = $1 + ORDER BY ${orderClause} + LIMIT $2 OFFSET $3 + `, [productId, limit, offset]); + + // Get review statistics + const statsResult = await pool.query(` + SELECT + COUNT(*) as total_reviews, + AVG(rating) as average_rating, + COUNT(CASE WHEN rating = 5 THEN 1 END) as five_star, + COUNT(CASE WHEN rating = 4 THEN 1 END) as four_star, + COUNT(CASE WHEN rating = 3 THEN 1 END) as three_star, + COUNT(CASE WHEN rating = 2 THEN 1 END) as two_star, + COUNT(CASE WHEN rating = 1 THEN 1 END) as one_star + FROM product_reviews + WHERE product_id = $1 + `, [productId]); + + const stats = statsResult.rows[0]; + + res.json({ + success: true, + reviews: result.rows, + statistics: { + totalReviews: parseInt(stats.total_reviews), + averageRating: parseFloat(stats.average_rating) || 0, + ratingDistribution: { + 5: parseInt(stats.five_star), + 4: parseInt(stats.four_star), + 3: parseInt(stats.three_star), + 2: parseInt(stats.two_star), + 1: parseInt(stats.one_star) + } + }, + pagination: { + page, + limit, + totalPages: Math.ceil(stats.total_reviews / limit) + } + }); + } catch (error) { + console.error('Error fetching product reviews:', error); + res.status(500).json({ success: false, message: 'Server error' }); + } +}); + +// Add a review for a product +router.post('/add', auth, async (req, res) => { + try { + const userId = req.user.id; + const { productId, rating, title, comment } = req.body; + + if (!productId || !rating) { + return res.status(400).json({ + success: false, + message: 'Product ID and rating are required' + }); + } + + if (rating < 1 || rating > 5) { + return res.status(400).json({ + success: false, + message: 'Rating must be between 1 and 5' + }); + } + + // Check if product exists + const productResult = await pool.query( + 'SELECT id, title FROM products WHERE id = $1 AND is_active = true', + [productId] + ); + + if (productResult.rows.length === 0) { + return res.status(404).json({ success: false, message: 'Product not found' }); + } + + // Check if user already reviewed this product + const existingReview = await pool.query( + 'SELECT id FROM product_reviews WHERE product_id = $1 AND user_id = $2', + [productId, userId] + ); + + if (existingReview.rows.length > 0) { + return res.status(400).json({ + success: false, + message: 'You have already reviewed this product' + }); + } + + // Check if user has purchased this product (for verified purchase) + const purchaseResult = await pool.query(` + SELECT oi.id FROM order_items oi + JOIN orders o ON oi.order_id = o.id + WHERE o.user_id = $1 AND oi.product_id = $2 AND o.status IN ('delivered', 'confirmed') + `, [userId, productId]); + + const verifiedPurchase = purchaseResult.rows.length > 0; + + const result = await pool.query(` + INSERT INTO product_reviews (product_id, user_id, rating, title, comment, verified_purchase) + VALUES ($1, $2, $3, $4, $5, $6) + RETURNING * + `, [productId, userId, rating, title, comment, verifiedPurchase]); + + res.json({ + success: true, + message: 'Review added successfully', + review: result.rows[0] + }); + } catch (error) { + console.error('Error adding review:', error); + res.status(500).json({ success: false, message: 'Server error' }); + } +}); + +// Update a review +router.put('/:reviewId', auth, async (req, res) => { + try { + const userId = req.user.id; + const reviewId = req.params.reviewId; + const { rating, title, comment } = req.body; + + if (!rating) { + return res.status(400).json({ + success: false, + message: 'Rating is required' + }); + } + + if (rating < 1 || rating > 5) { + return res.status(400).json({ + success: false, + message: 'Rating must be between 1 and 5' + }); + } + + const result = await pool.query(` + UPDATE product_reviews + SET rating = $1, title = $2, comment = $3, updated_at = CURRENT_TIMESTAMP + WHERE id = $4 AND user_id = $5 + RETURNING * + `, [rating, title, comment, reviewId, userId]); + + if (result.rows.length === 0) { + return res.status(404).json({ + success: false, + message: 'Review not found or unauthorized' + }); + } + + res.json({ + success: true, + message: 'Review updated successfully', + review: result.rows[0] + }); + } catch (error) { + console.error('Error updating review:', error); + res.status(500).json({ success: false, message: 'Server error' }); + } +}); + +// Delete a review +router.delete('/:reviewId', auth, async (req, res) => { + try { + const userId = req.user.id; + const reviewId = req.params.reviewId; + + const result = await pool.query( + 'DELETE FROM product_reviews WHERE id = $1 AND user_id = $2 RETURNING *', + [reviewId, userId] + ); + + if (result.rows.length === 0) { + return res.status(404).json({ + success: false, + message: 'Review not found or unauthorized' + }); + } + + res.json({ + success: true, + message: 'Review deleted successfully' + }); + } catch (error) { + console.error('Error deleting review:', error); + res.status(500).json({ success: false, message: 'Server error' }); + } +}); + +// Vote on review helpfulness +router.post('/:reviewId/helpful', auth, async (req, res) => { + try { + const userId = req.user.id; + const reviewId = req.params.reviewId; + const { isHelpful } = req.body; // true or false + + if (typeof isHelpful !== 'boolean') { + return res.status(400).json({ + success: false, + message: 'isHelpful must be true or false' + }); + } + + // Check if review exists + const reviewResult = await pool.query( + 'SELECT id, user_id FROM product_reviews WHERE id = $1', + [reviewId] + ); + + if (reviewResult.rows.length === 0) { + return res.status(404).json({ success: false, message: 'Review not found' }); + } + + // Don't allow users to vote on their own reviews + if (reviewResult.rows[0].user_id === userId) { + return res.status(400).json({ + success: false, + message: 'Cannot vote on your own review' + }); + } + + // Check if user already voted + const existingVote = await pool.query( + 'SELECT id, is_helpful FROM review_helpfulness WHERE review_id = $1 AND user_id = $2', + [reviewId, userId] + ); + + if (existingVote.rows.length > 0) { + // Update existing vote + await pool.query( + 'UPDATE review_helpfulness SET is_helpful = $1 WHERE review_id = $2 AND user_id = $3', + [isHelpful, reviewId, userId] + ); + } else { + // Add new vote + await pool.query( + 'INSERT INTO review_helpfulness (review_id, user_id, is_helpful) VALUES ($1, $2, $3)', + [reviewId, userId, isHelpful] + ); + } + + // Update helpful_votes count on the review + const helpfulCount = await pool.query( + 'SELECT COUNT(*) as count FROM review_helpfulness WHERE review_id = $1 AND is_helpful = true', + [reviewId] + ); + + await pool.query( + 'UPDATE product_reviews SET helpful_votes = $1 WHERE id = $2', + [helpfulCount.rows[0].count, reviewId] + ); + + res.json({ + success: true, + message: 'Vote recorded successfully', + helpfulVotes: parseInt(helpfulCount.rows[0].count) + }); + } catch (error) { + console.error('Error voting on review:', error); + res.status(500).json({ success: false, message: 'Server error' }); + } +}); + +// Get user's reviews +router.get('/user/my-reviews', auth, async (req, res) => { + try { + const userId = req.user.id; + const page = parseInt(req.query.page) || 1; + const limit = parseInt(req.query.limit) || 10; + const offset = (page - 1) * limit; + + const result = await pool.query(` + SELECT + pr.*, + p.title as product_title, + p.images as product_images + FROM product_reviews pr + JOIN products p ON pr.product_id = p.id + WHERE pr.user_id = $1 + ORDER BY pr.created_at DESC + LIMIT $2 OFFSET $3 + `, [userId, limit, offset]); + + const countResult = await pool.query( + 'SELECT COUNT(*) FROM product_reviews WHERE user_id = $1', + [userId] + ); + + res.json({ + success: true, + reviews: result.rows, + pagination: { + page, + limit, + totalReviews: parseInt(countResult.rows[0].count), + totalPages: Math.ceil(countResult.rows[0].count / limit) + } + }); + } catch (error) { + console.error('Error fetching user reviews:', error); + res.status(500).json({ success: false, message: 'Server error' }); + } +}); + +// Check if user can review a product +router.get('/can-review/:productId', auth, async (req, res) => { + try { + const userId = req.user.id; + const productId = req.params.productId; + + // Check if user already reviewed + const existingReview = await pool.query( + 'SELECT id FROM product_reviews WHERE product_id = $1 AND user_id = $2', + [productId, userId] + ); + + if (existingReview.rows.length > 0) { + return res.json({ + success: true, + canReview: false, + reason: 'already_reviewed' + }); + } + + // Check if user purchased the product + const purchaseResult = await pool.query(` + SELECT oi.id FROM order_items oi + JOIN orders o ON oi.order_id = o.id + WHERE o.user_id = $1 AND oi.product_id = $2 AND o.status IN ('delivered', 'confirmed') + `, [userId, productId]); + + res.json({ + success: true, + canReview: true, + hasPurchased: purchaseResult.rows.length > 0 + }); + } catch (error) { + console.error('Error checking review eligibility:', error); + res.status(500).json({ success: false, message: 'Server error' }); + } +}); + +module.exports = router; Index: kupi-mk/backend/server.js =================================================================== --- kupi-mk/backend/server.js (revision 65be0725ca7d5c8f5e0679e3088e41ea41abfcec) +++ kupi-mk/backend/server.js (revision a50634e742db5be5422ca0b5c8ddead0ccf398f8) @@ -8,4 +8,7 @@ const productRoutes = require('./routes/products'); const userRoutes = require('./routes/users'); +const cartRoutes = require('./routes/cart'); +const orderRoutes = require('./routes/orders'); +const reviewRoutes = require('./routes/reviews'); const { connectDB } = require('./config/database'); @@ -51,4 +54,7 @@ app.use('/api/products', productRoutes); app.use('/api/users', userRoutes); +app.use('/api/cart', cartRoutes); +app.use('/api/orders', orderRoutes); +app.use('/api/reviews', reviewRoutes); // Health check Index: kupi-mk/database_updates_cart_reviews.sql =================================================================== --- kupi-mk/database_updates_cart_reviews.sql (revision a50634e742db5be5422ca0b5c8ddead0ccf398f8) +++ kupi-mk/database_updates_cart_reviews.sql (revision a50634e742db5be5422ca0b5c8ddead0ccf398f8) @@ -0,0 +1,123 @@ +-- Cart and Reviews Database Schema Updates +-- Run this after the main database_setup.sql + +-- Cart Items Table +CREATE TABLE IF NOT EXISTS cart_items ( + id SERIAL PRIMARY KEY, + user_id INTEGER NOT NULL REFERENCES users(id) ON DELETE CASCADE, + product_id INTEGER NOT NULL REFERENCES products(id) ON DELETE CASCADE, + quantity INTEGER NOT NULL DEFAULT 1 CHECK (quantity > 0), + added_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + UNIQUE(user_id, product_id) -- Prevent duplicate items for same user +); + +-- Orders Table +CREATE TABLE IF NOT EXISTS orders ( + id SERIAL PRIMARY KEY, + user_id INTEGER NOT NULL REFERENCES users(id) ON DELETE CASCADE, + total_amount DECIMAL(10,2) NOT NULL CHECK (total_amount >= 0), + status VARCHAR(50) NOT NULL DEFAULT 'pending' CHECK (status IN ('pending', 'confirmed', 'processing', 'shipped', 'delivered', 'cancelled')), + payment_method VARCHAR(50), + shipping_address TEXT NOT NULL, + billing_address TEXT, + phone VARCHAR(20), + notes TEXT, + created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP +); + +-- Order Items Table +CREATE TABLE IF NOT EXISTS order_items ( + id SERIAL PRIMARY KEY, + order_id INTEGER NOT NULL REFERENCES orders(id) ON DELETE CASCADE, + product_id INTEGER NOT NULL REFERENCES products(id) ON DELETE CASCADE, + quantity INTEGER NOT NULL CHECK (quantity > 0), + price_at_time DECIMAL(10,2) NOT NULL CHECK (price_at_time >= 0), -- Price when ordered + created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP +); + +-- Product Reviews Table +CREATE TABLE IF NOT EXISTS product_reviews ( + id SERIAL PRIMARY KEY, + product_id INTEGER NOT NULL REFERENCES products(id) ON DELETE CASCADE, + user_id INTEGER NOT NULL REFERENCES users(id) ON DELETE CASCADE, + rating INTEGER NOT NULL CHECK (rating >= 1 AND rating <= 5), + title VARCHAR(255), + comment TEXT, + verified_purchase BOOLEAN DEFAULT FALSE, -- True if user actually bought this product + helpful_votes INTEGER DEFAULT 0, + created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + UNIQUE(product_id, user_id) -- One review per product per user +); + +-- Review Helpfulness Table (for "Was this review helpful?" feature) +CREATE TABLE IF NOT EXISTS review_helpfulness ( + id SERIAL PRIMARY KEY, + review_id INTEGER NOT NULL REFERENCES product_reviews(id) ON DELETE CASCADE, + user_id INTEGER NOT NULL REFERENCES users(id) ON DELETE CASCADE, + is_helpful BOOLEAN NOT NULL, + created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + UNIQUE(review_id, user_id) -- One vote per review per user +); + +-- Create indexes for better performance +CREATE INDEX IF NOT EXISTS idx_cart_items_user_id ON cart_items(user_id); +CREATE INDEX IF NOT EXISTS idx_cart_items_product_id ON cart_items(product_id); +CREATE INDEX IF NOT EXISTS idx_orders_user_id ON orders(user_id); +CREATE INDEX IF NOT EXISTS idx_orders_status ON orders(status); +CREATE INDEX IF NOT EXISTS idx_order_items_order_id ON order_items(order_id); +CREATE INDEX IF NOT EXISTS idx_order_items_product_id ON order_items(product_id); +CREATE INDEX IF NOT EXISTS idx_reviews_product_id ON product_reviews(product_id); +CREATE INDEX IF NOT EXISTS idx_reviews_user_id ON product_reviews(user_id); +CREATE INDEX IF NOT EXISTS idx_reviews_rating ON product_reviews(rating); +CREATE INDEX IF NOT EXISTS idx_review_helpfulness_review_id ON review_helpfulness(review_id); + +-- Create triggers to update timestamps +CREATE OR REPLACE FUNCTION update_updated_at_column() +RETURNS TRIGGER AS $$ +BEGIN + NEW.updated_at = CURRENT_TIMESTAMP; + RETURN NEW; +END; +$$ language 'plpgsql'; + +-- Add update triggers +DROP TRIGGER IF EXISTS update_cart_items_updated_at ON cart_items; +CREATE TRIGGER update_cart_items_updated_at + BEFORE UPDATE ON cart_items + FOR EACH ROW EXECUTE FUNCTION update_updated_at_column(); + +DROP TRIGGER IF EXISTS update_orders_updated_at ON orders; +CREATE TRIGGER update_orders_updated_at + BEFORE UPDATE ON orders + FOR EACH ROW EXECUTE FUNCTION update_updated_at_column(); + +DROP TRIGGER IF EXISTS update_reviews_updated_at ON product_reviews; +CREATE TRIGGER update_reviews_updated_at + BEFORE UPDATE ON product_reviews + FOR EACH ROW EXECUTE FUNCTION update_updated_at_column(); + +-- Add some sample data for testing +-- Note: This assumes you have existing users and products + +-- Sample cart items (adjust user_id and product_id based on your data) +-- INSERT INTO cart_items (user_id, product_id, quantity) VALUES +-- (1, 1, 2), +-- (1, 2, 1), +-- (2, 1, 3) +-- ON CONFLICT (user_id, product_id) DO NOTHING; + +-- Sample reviews (adjust based on your data) +-- INSERT INTO product_reviews (product_id, user_id, rating, title, comment, verified_purchase) VALUES +-- (1, 2, 5, 'Excellent product!', 'Really happy with this purchase. Great quality and fast delivery.', true), +-- (1, 3, 4, 'Good value', 'Nice product for the price. Recommended.', true), +-- (2, 1, 3, 'Average', 'It''s okay, nothing special but does the job.', false) +-- ON CONFLICT (product_id, user_id) DO NOTHING; + +COMMENT ON TABLE cart_items IS 'Stores items in user shopping carts'; +COMMENT ON TABLE orders IS 'Stores completed customer orders'; +COMMENT ON TABLE order_items IS 'Stores individual items within each order'; +COMMENT ON TABLE product_reviews IS 'Stores customer reviews and ratings for products'; +COMMENT ON TABLE review_helpfulness IS 'Tracks helpfulness votes on reviews'; Index: kupi-mk/frontend/src/components/ProductCard-fixed.js =================================================================== --- kupi-mk/frontend/src/components/ProductCard-fixed.js (revision 65be0725ca7d5c8f5e0679e3088e41ea41abfcec) +++ kupi-mk/frontend/src/components/ProductCard-fixed.js (revision a50634e742db5be5422ca0b5c8ddead0ccf398f8) @@ -11,9 +11,9 @@ // If it starts with /, add the backend URL if (imagePath.startsWith('/')) { - return `http://localhost:5000${imagePath}`; + return `http://localhost:5001${imagePath}`; } // Otherwise assume it's a relative path - return `http://localhost:5000/uploads/products/${imagePath}`; + return `http://localhost:5001/uploads/products/${imagePath}`; }; Index: kupi-mk/frontend/src/components/ProductCard.js =================================================================== --- kupi-mk/frontend/src/components/ProductCard.js (revision 65be0725ca7d5c8f5e0679e3088e41ea41abfcec) +++ kupi-mk/frontend/src/components/ProductCard.js (revision a50634e742db5be5422ca0b5c8ddead0ccf398f8) @@ -11,9 +11,9 @@ // If it starts with /, add the backend URL if (imagePath.startsWith('/')) { - return `http://localhost:5000${imagePath}`; + return `http://localhost:5001${imagePath}`; } // Otherwise assume it's a relative path - return `http://localhost:5000/uploads/products/${imagePath}`; + return `http://localhost:5001/uploads/products/${imagePath}`; }; Index: kupi-mk/frontend/src/config/api.js =================================================================== --- kupi-mk/frontend/src/config/api.js (revision 65be0725ca7d5c8f5e0679e3088e41ea41abfcec) +++ kupi-mk/frontend/src/config/api.js (revision a50634e742db5be5422ca0b5c8ddead0ccf398f8) @@ -3,5 +3,5 @@ // In production, use environment variable or default if (process.env.NODE_ENV === 'production') { - return process.env.REACT_APP_API_URL?.replace('/api', '') || 'http://localhost:5000'; + return process.env.REACT_APP_API_URL?.replace('/api', '') || 'http://localhost:5001'; } @@ -11,8 +11,8 @@ if (hostname === 'localhost' || hostname === '127.0.0.1') { // If accessing via localhost, use localhost for API too - return 'http://localhost:5000'; + return 'http://localhost:5001'; } else { // If accessing via network IP, use the same IP for API - return `http://${hostname}:5000`; + return `http://${hostname}:5001`; } }; Index: kupi-mk/frontend/src/context/CartContext.js =================================================================== --- kupi-mk/frontend/src/context/CartContext.js (revision a50634e742db5be5422ca0b5c8ddead0ccf398f8) +++ kupi-mk/frontend/src/context/CartContext.js (revision a50634e742db5be5422ca0b5c8ddead0ccf398f8) @@ -0,0 +1,243 @@ +import React, { createContext, useContext, useReducer, useEffect } from 'react'; +import { useAuth } from './AuthContext'; +import api from '../services/api'; + +const CartContext = createContext(); + +const cartReducer = (state, action) => { + switch (action.type) { + case 'SET_CART': + return { + ...state, + items: action.payload.cartItems || [], + totalItems: action.payload.totalItems || 0, + totalPrice: action.payload.totalPrice || 0, + loading: false + }; + + case 'SET_LOADING': + return { + ...state, + loading: action.payload + }; + + case 'ADD_TO_CART': + const existingItemIndex = state.items.findIndex( + item => item.product_id === action.payload.product_id + ); + + if (existingItemIndex >= 0) { + const updatedItems = [...state.items]; + updatedItems[existingItemIndex].quantity += action.payload.quantity; + return { + ...state, + items: updatedItems, + totalItems: state.totalItems + action.payload.quantity, + totalPrice: state.totalPrice + (action.payload.price * action.payload.quantity) + }; + } else { + return { + ...state, + items: [...state.items, action.payload], + totalItems: state.totalItems + action.payload.quantity, + totalPrice: state.totalPrice + (action.payload.price * action.payload.quantity) + }; + } + + case 'UPDATE_CART_ITEM': + const updatedItems = state.items.map(item => + item.id === action.payload.id + ? { ...item, quantity: action.payload.quantity } + : item + ); + + const newTotalItems = updatedItems.reduce((sum, item) => sum + item.quantity, 0); + const newTotalPrice = updatedItems.reduce((sum, item) => sum + (parseFloat(item.price) * item.quantity), 0); + + return { + ...state, + items: updatedItems, + totalItems: newTotalItems, + totalPrice: newTotalPrice + }; + + case 'REMOVE_FROM_CART': + const filteredItems = state.items.filter(item => item.id !== action.payload.id); + const removedItem = state.items.find(item => item.id === action.payload.id); + + return { + ...state, + items: filteredItems, + totalItems: state.totalItems - (removedItem?.quantity || 0), + totalPrice: state.totalPrice - (parseFloat(removedItem?.price || 0) * (removedItem?.quantity || 0)) + }; + + case 'CLEAR_CART': + return { + ...state, + items: [], + totalItems: 0, + totalPrice: 0 + }; + + case 'SET_ERROR': + return { + ...state, + error: action.payload, + loading: false + }; + + case 'CLEAR_ERROR': + return { + ...state, + error: null + }; + + default: + return state; + } +}; + +const initialState = { + items: [], + totalItems: 0, + totalPrice: 0, + loading: false, + error: null +}; + +export const CartProvider = ({ children }) => { + const [state, dispatch] = useReducer(cartReducer, initialState); + const { user, token } = useAuth(); + + // Load cart when user logs in + useEffect(() => { + if (user && token) { + loadCart(); + } else { + // Clear cart when user logs out + dispatch({ type: 'CLEAR_CART' }); + } + }, [user, token]); + + const loadCart = async () => { + try { + dispatch({ type: 'SET_LOADING', payload: true }); + const response = await api.get('/cart'); + dispatch({ type: 'SET_CART', payload: response.data }); + } catch (error) { + console.error('Error loading cart:', error); + dispatch({ type: 'SET_ERROR', payload: 'Failed to load cart' }); + } + }; + + const addToCart = async (productId, quantity = 1) => { + try { + dispatch({ type: 'CLEAR_ERROR' }); + const response = await api.post('/cart/add', { productId, quantity }); + + if (response.data.success) { + // Reload cart to get updated data + await loadCart(); + return { success: true, message: response.data.message }; + } + } catch (error) { + const errorMessage = error.response?.data?.message || 'Failed to add to cart'; + dispatch({ type: 'SET_ERROR', payload: errorMessage }); + return { success: false, message: errorMessage }; + } + }; + + const updateCartItem = async (cartItemId, quantity) => { + try { + dispatch({ type: 'CLEAR_ERROR' }); + const response = await api.put(`/cart/update/${cartItemId}`, { quantity }); + + if (response.data.success) { + dispatch({ + type: 'UPDATE_CART_ITEM', + payload: { id: cartItemId, quantity } + }); + return { success: true, message: response.data.message }; + } + } catch (error) { + const errorMessage = error.response?.data?.message || 'Failed to update cart'; + dispatch({ type: 'SET_ERROR', payload: errorMessage }); + return { success: false, message: errorMessage }; + } + }; + + const removeFromCart = async (cartItemId) => { + try { + dispatch({ type: 'CLEAR_ERROR' }); + const response = await api.delete(`/cart/remove/${cartItemId}`); + + if (response.data.success) { + dispatch({ type: 'REMOVE_FROM_CART', payload: { id: cartItemId } }); + return { success: true, message: response.data.message }; + } + } catch (error) { + const errorMessage = error.response?.data?.message || 'Failed to remove from cart'; + dispatch({ type: 'SET_ERROR', payload: errorMessage }); + return { success: false, message: errorMessage }; + } + }; + + const clearCart = async () => { + try { + dispatch({ type: 'CLEAR_ERROR' }); + const response = await api.delete('/cart/clear'); + + if (response.data.success) { + dispatch({ type: 'CLEAR_CART' }); + return { success: true, message: response.data.message }; + } + } catch (error) { + const errorMessage = error.response?.data?.message || 'Failed to clear cart'; + dispatch({ type: 'SET_ERROR', payload: errorMessage }); + return { success: false, message: errorMessage }; + } + }; + + const getCartSummary = async () => { + try { + const response = await api.get('/cart/summary'); + return response.data.summary; + } catch (error) { + console.error('Error getting cart summary:', error); + return { totalItems: 0, totalQuantity: 0, totalPrice: 0 }; + } + }; + + const value = { + // State + cartItems: state.items, + totalItems: state.totalItems, + totalPrice: state.totalPrice, + loading: state.loading, + error: state.error, + + // Actions + loadCart, + addToCart, + updateCartItem, + removeFromCart, + clearCart, + getCartSummary, + clearError: () => dispatch({ type: 'CLEAR_ERROR' }) + }; + + return ( + + {children} + + ); +}; + +export const useCart = () => { + const context = useContext(CartContext); + if (!context) { + throw new Error('useCart must be used within a CartProvider'); + } + return context; +}; Index: kupi-mk/frontend/src/pages/EditProduct.js =================================================================== --- kupi-mk/frontend/src/pages/EditProduct.js (revision 65be0725ca7d5c8f5e0679e3088e41ea41abfcec) +++ kupi-mk/frontend/src/pages/EditProduct.js (revision a50634e742db5be5422ca0b5c8ddead0ccf398f8) @@ -256,5 +256,5 @@
{`Existing { if (img.startsWith('http')) return img; - return img.startsWith('/') ? `http://localhost:5000${img}` : `http://localhost:5000/uploads/products/${img}`; + return img.startsWith('/') ? `http://localhost:5001${img}` : `http://localhost:5001/uploads/products/${img}`; }) : ['/placeholder-image.svg']; Index: kupi-mk/frontend/src/pages/Profile.js =================================================================== --- kupi-mk/frontend/src/pages/Profile.js (revision 65be0725ca7d5c8f5e0679e3088e41ea41abfcec) +++ kupi-mk/frontend/src/pages/Profile.js (revision a50634e742db5be5422ca0b5c8ddead0ccf398f8) @@ -158,5 +158,5 @@ 0 - ? `http://localhost:5000${product.images[0]}` + ? `http://localhost:5001${product.images[0]}` : '/placeholder-image.jpg' } Index: kupi-mk/frontend/src/services/api.js =================================================================== --- kupi-mk/frontend/src/services/api.js (revision 65be0725ca7d5c8f5e0679e3088e41ea41abfcec) +++ kupi-mk/frontend/src/services/api.js (revision a50634e742db5be5422ca0b5c8ddead0ccf398f8) @@ -1,5 +1,5 @@ import axios from 'axios'; -const API_BASE_URL = process.env.REACT_APP_API_URL || 'http://localhost:5000/api'; +const API_BASE_URL = process.env.REACT_APP_API_URL || 'http://localhost:5001/api'; const api = axios.create({