Actualizar server.js

server.js

@@ -384,6 +384,7 @@ async function requirePlan(req, res, next, feature) {
 app.get("/public/portal/:token", async (req, res) => {
     try {
         const { token } = req.params;
+        const serviceId = req.query.service; // Recogemos el ID del enlace
 
         // 1. Buscamos al cliente por su token
         const qClient = await pool.query("SELECT * FROM clients WHERE portal_token = $1 LIMIT 1", [token]);
@@ -399,12 +400,26 @@ app.get("/public/portal/:token", async (req, res) => {
             logo: qConfig.rows[0]?.company_logo || null 
         };
 
-        // 3. TELÉFONO SEGURO: Extraemos SOLO los últimos 9 números, ignorando prefijos o símbolos
+        let qServices;
-        let phoneMatch = String(client.phone || "").replace(/\D/g, "");
+
-        if (phoneMatch.length > 9) phoneMatch = phoneMatch.slice(-9); 
+        // 3. LA SOLUCIÓN DEFINITIVA: Si el enlace trae ID, buscamos ESE expediente exacto y nada más
-        if (phoneMatch.length < 8) phoneMatch = "NO_VALIDO_123"; 
+        if (serviceId && !isNaN(parseInt(serviceId))) {
+            qServices = await pool.query(`
+                SELECT s.id, s.service_ref, s.is_urgent, s.raw_data, s.created_at,
+                       st.name as real_status_name, st.is_final as is_status_final,
+                       u.full_name as worker_name, u.phone as worker_phone
+                FROM scraped_services s
+                LEFT JOIN users u ON u.id = s.assigned_to
+                LEFT JOIN service_statuses st ON st.id::text = (s.raw_data->>'status_operativo')::text
+                WHERE s.id = $1 AND s.owner_id = $2 AND s.provider != 'SYSTEM_BLOCK'
+            `, [parseInt(serviceId), ownerId]);
+        } 
+        // 4. Si alguien abre el portal sin ID, buscamos por teléfono usando un filtro general seguro
+        else {
+            let phoneMatch = String(client.phone || "").replace(/[^0-9]/g, "");
+            if (phoneMatch.length > 9) phoneMatch = phoneMatch.slice(-9);
+            if (phoneMatch.length < 6) phoneMatch = "TELEFONO_FALSO_123"; 
 
-        // 4. BÚSQUEDA FUERZA BRUTA: Limpiamos los espacios de la BD antes de buscar
             qServices = await pool.query(`
                 SELECT s.id, s.service_ref, s.is_urgent, s.raw_data, s.created_at,
                        st.name as real_status_name, st.is_final as is_status_final,
@@ -413,14 +428,12 @@ app.get("/public/portal/:token", async (req, res) => {
                 LEFT JOIN users u ON u.id = s.assigned_to
                 LEFT JOIN service_statuses st ON st.id::text = (s.raw_data->>'status_operativo')::text
                 WHERE s.owner_id = $1 AND s.provider != 'SYSTEM_BLOCK'
-            AND (
+                AND s.raw_data::text ILIKE $2
-                COALESCE(REPLACE(s.raw_data->>'Teléfono', ' ', ''), '') LIKE $2
-                OR COALESCE(REPLACE(s.raw_data->>'TELEFONO', ' ', ''), '') LIKE $2
-                OR COALESCE(REPLACE(s.raw_data->>'TELEFONOS', ' ', ''), '') LIKE $2
-            )
                 ORDER BY s.created_at DESC
             `, [ownerId, `%${phoneMatch}%`]);
+        }
 
+        // 5. Formatear datos para el panel del cliente
         const formattedServices = qServices.rows.map(s => {
             return {
                 id: s.id,
@@ -439,8 +452,8 @@ app.get("/public/portal/:token", async (req, res) => {
         res.json({ ok: true, client: { name: client.full_name }, company, services: formattedServices });
 
     } catch (e) {
-        console.error("🔥 ERROR EN PORTAL:", e.message);
+        console.error("🔥 ERROR CRÍTICO EN PORTAL:", e.message);
-        res.status(500).json({ ok: false, error: "Error interno" });
+        res.status(500).json({ ok: false, error: e.message || "Error del servidor" });
     }
 });