librechat-analytics/server.js

require('dotenv').config();
const express = require('express');
const path = require('path');
const { MongoClient } = require('mongodb');
const apiRoutes = require('./routes/api');

const app = express();
const PORT = process.env.PORT || 3001;
const MONGO_URI = process.env.MONGO_URI || 'mongodb://localhost:27017/LibreChat';

let db;

async function connectDB() {
  const client = new MongoClient(MONGO_URI);
  await client.connect();
  db = client.db();
  console.log('Connected to MongoDB');
  return db;
}

// Health check (no auth)
app.get('/health', (req, res) => {
  res.json({ status: 'ok', uptime: process.uptime() });
});

// API key auth middleware — protects both API and dashboard
function authMiddleware(req, res, next) {
  const apiKey = req.headers['x-api-key'] || req.query.key;
  const expected = process.env.DASHBOARD_API_KEY;
  if (!expected || expected === 'changeme') {
    console.warn('WARNING: DASHBOARD_API_KEY not set — dashboard is unprotected!');
    return next();
  }
  if (apiKey !== expected) {
    return res.status(401).json({ error: 'Unauthorized' });
  }
  next();
}

// Static files
app.use(express.static(path.join(__dirname, 'public')));

// API routes
app.use('/api', authMiddleware, (req, res, next) => {
  req.db = db;
  next();
}, apiRoutes);

// SPA fallback
app.get('*', (req, res) => {
  res.sendFile(path.join(__dirname, 'public', 'index.html'));
});

connectDB().then(() => {
  app.listen(PORT, () => {
    console.log(`Analytics dashboard running on port ${PORT}`);
  });
}).catch(err => {
  console.error('Failed to connect to MongoDB:', err);
  process.exit(1);
});