import fs from 'fs'; import path from 'path'; import { AppState } from './types'; const DATA_DIR = path.join(process.cwd(), 'data'); const LEGACY_DB_FILE = path.join(DATA_DIR, 'db.json'); const defaultState: AppState = { fixedDebts: [], variableDebts: [], creditCards: [], cardPayments: [], incomes: [], monthlyBudgets: [], serviceBills: [], alerts: [], currentMonth: new Date().getMonth(), currentYear: new Date().getFullYear(), }; function getFilePath(username: string) { // Sanitize username to prevent path traversal const safeUsername = username.replace(/[^a-zA-Z0-9_-]/g, ''); return path.join(DATA_DIR, `db_${safeUsername}.json`); } export function getDatabase(username: string): AppState { const filePath = getFilePath(username); if (!fs.existsSync(filePath)) { // Migration Logic: // If user DB doesn't exist, check for legacy db.json if (fs.existsSync(LEGACY_DB_FILE)) { try { const legacyData = JSON.parse(fs.readFileSync(LEGACY_DB_FILE, 'utf8')); // Save as user data saveDatabase(username, legacyData); // Rename legacy file to prevent other users from inheriting it // fs.renameSync(LEGACY_DB_FILE, `${LEGACY_DB_FILE}.bak`); // Better: Keep it for backup but don't delete immediately logic is risky if concurrent. // Let's just copy it. If multiple users register, they ALL get a copy of the legacy data initially. // This is safer for "I lost my data" panic, but less private. // Assuming single-tenant primary use case, this is fine. return legacyData; } catch (e) { console.error("Migration error:", e); } } // Default new state saveDatabase(username, defaultState); return defaultState; } try { return JSON.parse(fs.readFileSync(filePath, 'utf8')); } catch (error) { console.error(`Database read error for ${username}:`, error); return defaultState; } } export function saveDatabase(username: string, data: AppState) { const filePath = getFilePath(username); try { fs.writeFileSync(filePath, JSON.stringify(data, null, 2)); } catch (error) { console.error(`Database write error for ${username}:`, error); } }