import express, { Express, Request, Response, NextFunction } from 'express';
import cors from 'cors';
import { commandQueue } from '../queue/command-queue.js';
const API_KEY = process.env.FIGMA_BRIDGE_SECRET || 'dev-secret-key';
// Auth middleware
function authMiddleware(req: Request, res: Response, next: NextFunction): void {
const apiKey = req.headers['x-api-key'];
if (apiKey !== API_KEY) {
res.status(401).json({ error: 'Invalid API key' });
return;
}
next();
}
export function createHttpServer(): Express {
const app = express();
// CRITICAL: Figma plugin iframe has null origin
// Must use origin: '*' to support null origin
app.use(cors({
origin: '*',
methods: ['GET', 'POST', 'OPTIONS'],
allowedHeaders: ['Content-Type', 'X-API-Key']
}));
app.use(express.json());
// Health check (no auth required)
app.get('/health', (_req: Request, res: Response) => {
res.json({
status: 'ok',
queueSize: commandQueue.getQueueSize(),
pendingCount: commandQueue.getPendingCount()
});
});
// Get pending commands (requires auth)
app.get('/commands', authMiddleware, (_req: Request, res: Response) => {
const commands = commandQueue.dequeue();
res.json(commands);
});
// Add new command (for testing)
app.post('/commands', authMiddleware, (req: Request, res: Response) => {
const { type, params } = req.body;
const id = commandQueue.enqueue(type, params);
res.json({ success: true, id });
});
// Post command result (requires auth)
app.post('/commands/:id/result', authMiddleware, (req: Request, res: Response) => {
const { id } = req.params;
const { nodeId, error } = req.body;
commandQueue.setResult(id, {
nodeId,
error,
success: !error
});
res.json({ success: true });
});
return app;
}
export function startHttpServer(port: number = 3001): void {
const app = createHttpServer();
app.listen(port, () => {
console.log(`[HTTP] Server listening on port ${port}`);
console.log(`[HTTP] Health check: http://localhost:${port}/health`);
});
}
