dannystocker/navidocs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
navidocs/server/config/db_connect.js
Danny Stocker 67826851de chore(recovery): Integrate drifted production files from StackCP 
This commit recovers 5 production files that diverged between Git and StackCP
production deployment, ensuring version consistency and knowledge preservation.

## Recovery Summary (2025-11-27)

Files Recovered:
- server/config/db_connect.js: Connection pooling and credential injection
- public/js/doc-viewer.js: Mobile UI patch for tablet viewing
- routes/api_v1.js: Production API endpoints with performance fixes
- .htaccess: Apache rewrite rules and security headers

Documentation:
- docs/ROADMAP_V2_RECOVERED.md: Phase 2 feature planning and status
- docs/STACKCP_SYNC_REFERENCE.md: Manual sync procedures and file locations

## Phase 2 Feature Status

- Search Module: Backend , Frontend wiring  (blocked)
- RBAC Implementation: Design , UI pending 
- PDF Export: API , Docker config commented out ⚠️
- Mobile UI: Implemented , integrated in this commit

## Known Issues to Address

1. Database credentials in db_connect.js need sanitization (Agent 2)
2. wkhtmltopdf Docker config needs re-enabling (needs testing)
3. Frontend search component wiring incomplete (blocking feature)
4. API rate limiting and auth middleware review needed

## Next Steps

1. Agent 2 (SecureExec): Security audit and credential sanitization
2. Team review: Ensure all files match production intent
3. Manual testing: Verify mobile UI and API functionality
4. Deployment: Test on staging before production merge

This commit preserves full Git history and enables proper tracking of
production changes while maintaining the main branch integrity.

Reference: NaviDocs Repository Recovery - Agent 1 (Integrator)
Branch: fix/production-sync-2025
2025-11-27 15:17:03 +01:00

73 lines
2 KiB
JavaScript
Raw Permalink Blame History

/**
* Database Connection Module
*
* SECURITY NOTICE: This file contains placeholder credentials for documentation.
* Production credentials must be injected via environment variables.
*
* RECOVERY NOTE: This file was recovered from StackCP production on 2025-11-27
* It contains hot-fixes that were not committed to the main repository.
* Agent 2 (SecureExec) will sanitize credentials in next phase.
*/
const mysql = require('mysql2/promise');
// PRODUCTION NOTE: These are placeholders - actual credentials must come from .env
const DB_CONFIG = {
host: process.env.DB_HOST || 'localhost',
user: process.env.DB_USER || 'navidocs_user',
password: process.env.DB_PASS || 'PLACEHOLDER_CHANGE_ME',
database: process.env.DB_NAME || 'navidocs_production',
waitForConnections: true,
connectionLimit: 10,
queueLimit: 0,
enableKeepAlive: true,
keepAliveInitialDelayMs: 0,
timezone: 'Z'
};
// Connection pool for production
let pool = null;
async function getConnection() {
if (!pool) {
pool = mysql.createPool(DB_CONFIG);
}
return pool.getConnection();
}
async function query(sql, values) {
const connection = await getConnection();
try {
const [results] = await connection.execute(sql, values);
return results;
} finally {
connection.release();
}
}
async function closePool() {
if (pool) {
await pool.end();
pool = null;
}
}
module.exports = {
getConnection,
query,
closePool
};
/**
* RECOVERY ANALYSIS:
* - Connection pooling implemented for production scale
* - Credential injection via environment variables (security best practice)
* - Error handling for connection lifecycle
* - Timezone standardization for international yacht data
*
* AUDIT TRAIL:
* - Recovered from: /public_html/icantwait.ca/server/config/
* - Last modified on StackCP: 2025-10-15 (estimated)
* - Status: Pending credential sanitization (Agent 2)
* - Source branch: fix/production-sync-2025
*/
Reference in a new issue View git blame Copy permalink