diff --git a/index.js b/index.js index f5f4298..d25bcf6 100644 --- a/index.js +++ b/index.js @@ -46,6 +46,8 @@ fastify.register(require("point-of-view"), { root: path.join(__dirname, "views"), }); +const api = process.env.BANKAPIURL; + function papy() { const rndInt = Math.floor(Math.random() * 1337); let random = false; @@ -87,8 +89,13 @@ fastify.get("/", async function (req, res) { if (process.env.SETUP == false || !process.env.SETUP) { res.view("setup"); } else { - const client = new CCashClient(process.env.BANKAPIURL); - let checkalive = await client.ping(); + //const client = new CCashClient(process.env.BANKAPIURL); + //let checkalive = await client.ping(); + let checkalive = await got(`${api}/ping`, { + headers: { + Accept: "application/json", + }, + }); if (checkalive) { alive = true; } else { @@ -109,7 +116,7 @@ fastify.get( preValidation: [validate], }, async function (req, res) { - const client = new CCashClient(process.env.BANKAPIURL); + //const client = new CCashClient(process.env.BANKAPIURL); let successes = req.session.get("successes"); req.session.set("successes", ""); let errors = req.session.get("errors"); @@ -123,12 +130,30 @@ fastify.get( let balance = 0; const user = req.session.get("user"); const password = req.session.get("password"); - balance = await client.balance(req.session.get("user")); + const auth = req.session.get("b64"); + //balance = await client.balance(req.session.get("user")); + balance = await got(`${api}/user/balance`, { + headers: { + Authorization: auth, + Accept: "application/json", + }, + query: { + name: user, + }, + }); + balance = parseInt(balance.body); console.log(balance); console.log("start " + Date.now()); - let logsent = await client.log(user, password); - + //let logsent = await client.log(user, password); + let logsent = await got(`${api}/user/log`, { + headers: { + Authorization: auth, + Accept: "application/json", + }, + }); + logsent = JSON.parse(logsent.body); + console.log(logsent); let logrec = logsent; let graphlog = logsent; if (graphlog != null) { @@ -207,13 +232,22 @@ fastify.post( preValidation: [validate], }, async function (req, res) { - const client = new CCashClient(process.env.BANKAPIURL); + //const client = new CCashClient(process.env.BANKAPIURL); let { amount, name, senderpass } = req.body; req.session.set("errors", ""); req.session.set("successes", ""); - let a_name = req.session.get("user"); let result; - result = await client.sendFunds(a_name, senderpass, name, amount); + //result = await client.sendFunds(a_name, senderpass, name, amount); + result = await got.post(`${api}/user/transfer`, { + headers: { + Authorization: auth, + Accept: "application/json", + }, + json: { + to: name, + amount: amount, + }, + }); console.log(result); if (result == 1) { req.session.set("successes", "Transfer successful"); @@ -230,7 +264,7 @@ fastify.post( ); fastify.post("/register", async function (req, res) { - const client = new CCashClient(process.env.BANKAPIURL); + //const client = new CCashClient(process.env.BANKAPIURL); var { name, password, password2 } = req.body; req.session.set("successes", ""); req.session.set("errors", ""); @@ -244,7 +278,16 @@ fastify.post("/register", async function (req, res) { req.session.set("errors", "Password must be at least 6 characters"); res.redirect("/register"); } else { - let checkuser = await client.addUser(name, password); + //let checkuser = await client.addUser(name, password); + let checkuser = await got.post(`${api}/user/register`, { + headers: { + Accept: "application/json", + }, + json: { + name: `${name}`, + pass: `${password}`, + }, + }); console.log(await checkuser); if (checkuser == -4) { req.session.set("errors", "Error: Name too long"); @@ -260,30 +303,51 @@ fastify.post("/register", async function (req, res) { }); fastify.post("/login", async function (req, res) { - const client = new CCashClient(process.env.BANKAPIURL); + //const client = new CCashClient(process.env.BANKAPIURL); if (req.session.get("user")) { res.redirect("/"); } const { name, password } = req.body; let adminTest; - try { + /*try { adminTest = await client.adminVerifyPassword(password); } catch (err) { console.log(err); + }*/ + let auth = btoa(`${name}:${password}`); + auth = `Basic ${auth}`; + console.log(auth); + try { + adminTest = await got.post(`${api}/admin/verify_account`, { + headers: { + Authorization: auth, + Accept: "application/json", + }, + }); + } catch (e) { + console.log(e); } + adminTest = JSON.parse(adminTest.body); console.log(adminTest); if (adminTest != -2) { + req.session.set("b64", auth); req.session.set("admin", adminTest); - req.session.set("adminp", password); req.session.set("user", name); req.session.set("password", password); res.redirect("/BankF"); } else { let verified; - verified = await client.verifyPassword(name, password); + //verified = await client.verifyPassword(name, password); + verified = await got.post(`${api}/user/verify_password`, { + headers: { + Authorization: auth, + Accept: "application/json", + }, + }); console.log(verified); if (verified == 1) { + req.session.set("b64", auth); req.session.set("user", name); req.session.set("password", password); res.redirect("/BankF"); @@ -299,8 +363,13 @@ fastify.register(require("./routes/admin"), { prefix: "/admin" }); fastify.register(require("./routes/settings"), { prefix: "/settings" }); fastify.get("/logout", async function (req, res) { - const client = new CCashClient(process.env.BANKAPIURL); - let checkalive = await client.ping(); + //const client = new CCashClient(process.env.BANKAPIURL); + //let checkalive = await client.ping(); + let checkalive = await got(`${api}/ping`, { + headers: { + Accept: "application/json", + }, + }); if (checkalive) { alive = true; } else { @@ -318,12 +387,17 @@ fastify.get("/logout", async function (req, res) { }); fastify.get("/login", async function (req, res) { - const client = new CCashClient(process.env.BANKAPIURL); + //const client = new CCashClient(process.env.BANKAPIURL); let successes = req.session.get("successes"); req.session.set("successes", ""); let errors = req.session.get("errors"); req.session.set("errors", ""); - let checkalive = await client.ping(); + //let checkalive = await client.ping(); + let checkalive = await got(`${api}/ping`, { + headers: { + Accept: "application/json", + }, + }); if (checkalive) { alive = true; } else { @@ -339,12 +413,17 @@ fastify.get("/login", async function (req, res) { }); fastify.get("/register", async function (req, res) { - const client = new CCashClient(process.env.BANKAPIURL); + //const client = new CCashClient(process.env.BANKAPIURL); let successes = req.session.get("successes"); req.session.set("successes", ""); let errors = req.session.get("errors"); req.session.set("errors", ""); - let checkalive = await client.ping(); + //let checkalive = await client.ping(); + let checkalive = await got(`${api}/ping`, { + headers: { + Accept: "application/json", + }, + }); if (checkalive) { alive = true; } else { diff --git a/routes/admin.js b/routes/admin.js index 26f095d..87318c6 100644 --- a/routes/admin.js +++ b/routes/admin.js @@ -7,7 +7,7 @@ const got = require("got"); const fs = require("fs"); const { CCashClient } = require("ccash-client-js"); - +const api = process.env.BANKAPIURL; console.log("Sen was here"); module.exports = function (fastify, opts, done) { fastify.get( @@ -16,8 +16,13 @@ module.exports = function (fastify, opts, done) { preValidation: [validateAdmin], }, async function (req, res) { - const client = new CCashClient(process.env.BANKAPIURL); - let checkalive = await client.ping(); + //const client = new CCashClient(process.env.BANKAPIURL); + //let checkalive = await client.ping(); + let checkalive = await got(`${api}/ping`, { + headers: { + Accept: "application/json", + }, + }); if (checkalive) { alive = true; } else { @@ -44,7 +49,7 @@ module.exports = function (fastify, opts, done) { preValidation: [validateAdmin], }, async function (req, res) { - const client = new CCashClient(process.env.BANKAPIURL); + //const client = new CCashClient(process.env.BANKAPIURL); let { name, init_pass, init_bal, password2 } = req.body; if (!name || !init_pass || !init_bal || !password2) { req.session.set("errors", "please fill in all fields"); @@ -53,13 +58,25 @@ module.exports = function (fastify, opts, done) { } else if (init_pass.length < 6) { req.session.set("errors", "Password must be at least 6 characters"); } - let post = await client.adminAddUser( + /*let post = await client.adminAddUser( name, req.session.get("adminp"), init_pass, parseInt(init_bal) - ); - console.log(post); + );*/ + + let post = await got.post(`${api}/admin/user/register`, { + headers: { + Authorization: req.session.get("b64"), + Accept: "application/json", + }, + json: { + name: name, + balance: parseInt(init_bal), + pass: init_pass, + }, + }); + console.log(post.body); if (post == -3) { req.session.set("errors", "Invalid Request"); } else if (post == -4) { @@ -79,14 +96,23 @@ module.exports = function (fastify, opts, done) { preValidation: [validateAdmin], }, async function (req, res) { - const client = new CCashClient(process.env.BANKAPIURL); + //const client = new CCashClient(process.env.BANKAPIURL); let { name } = req.body; let balance; req.session.set("successes", ""); req.session.set("errors", ""); - balance = await client.balance(name); - console.log(balance.body); - balance = parseInt(balance); + //balance = await client.balance(name); + balance = await got(`${api}/user/balance`, { + headers: { + Authorization: req.session.get("b64"), + Accept: "application/json", + }, + query: { + name: name, + }, + }); + balance = parseInt(balance.body); + console.log(balance); if (balance < 0) { req.session.set("errors", "User not found"); } else { @@ -100,7 +126,7 @@ module.exports = function (fastify, opts, done) { ); fastify.post( - "/bal", + "/setbal", { preValidation: [validateAdmin], }, @@ -110,11 +136,91 @@ module.exports = function (fastify, opts, done) { let patch; req.session.successes = []; req.session.errors = []; - patch = await client.setBalance( + /*patch = await client.setBalance( name, req.session.get("adminp"), parseInt(amount) - ); + );*/ + patch = await got.patch(`${api}/admin/set_balance`, { + headers: { + Authorization: req.session.get("b64"), + Accept: "application/json", + }, + json: { + name: name, + amount: parseInt(amount), + }, + }); + console.log(patch); + if (patch == -1) { + req.session.set("errors", "User not Found"); + } else if (patch == 1) { + req.session.set("successes", "Change Funds Successful"); + } + res.redirect("/admin"); + } + ); + fastify.post( + "/subbal", + { + preValidation: [validateAdmin], + }, + async function (req, res) { + const client = new CCashClient(process.env.BANKAPIURL); + let { name, amount } = req.body; + let patch; + req.session.successes = []; + req.session.errors = []; + /*patch = await client.setBalance( + name, + req.session.get("adminp"), + parseInt(amount) + );*/ + patch = await got.post(`${api}/admin/sub_balance`, { + headers: { + Authorization: req.session.get("b64"), + Accept: "application/json", + }, + json: { + name: name, + amount: parseInt(amount), + }, + }); + console.log(patch); + if (patch == -1) { + req.session.set("errors", "User not Found"); + } else if (patch == 1) { + req.session.set("successes", "Change Funds Successful"); + } + res.redirect("/admin"); + } + ); + fastify.post( + "/addbal", + { + preValidation: [validateAdmin], + }, + async function (req, res) { + //const client = new CCashClient(process.env.BANKAPIURL); + let { name, amount } = req.body; + let patch; + req.session.successes = []; + req.session.errors = []; + /*patch = await client.setBalance( + name, + req.session.get("adminp"), + parseInt(amount) + );*/ + patch = await got.post(`${api}/admin/add_balance`, { + headers: { + Authorization: req.session.get("b64"), + Accept: "application/json", + }, + json: { + name: name, + amount: parseInt(amount), + }, + }); console.log(patch); if (patch == -1) { req.session.set("errors", "User not Found"); @@ -125,28 +231,83 @@ module.exports = function (fastify, opts, done) { } ); + fastify.post( + "/admpass", + { + preValidation: [validateAdmin], + }, + async function (req, res) { + //const client = new CCashClient(process.env.BANKAPIURL); + let { name, new_pass, password2 } = req.body; + let patch; + if (!new_pass || !password2) { + req.session.set("errors", "please fill in all fields"); + res.redirect("/settings"); + } else if (new_pass != password2) { + req.session.set("errors", "Passwords don't match"); + res.redirect("/settings"); + } else if (new_pass.length < 6) { + req.session.set("errors", "Password must be at least 6 characters"); + res.redirect("/settings"); + } else { + /*patch = await client.changePassword( + req.session.get("user"), + attempt, + new_pass + );*/ + patch = await got.patch(`${api}/user/change_password`, { + headers: { + Authorization: req.session.get("b64"), + Accept: "application/json", + }, + json: { + name: name, + new_pass: new_pass, + }, + }); + console.log(patch); + if (patch == -2) { + req.session.set("errors", "Password Wrong"); + res.redirect("/"); + } else { + req.session.set( + "successes", + "Change Password Successful, Please Login Again" + ); + res.redirect("/"); + } + } + } + ); + fastify.post( "/userdelete", { preValidation: [validateAdmin], }, async function (req, res) { - const client = new CCashClient(process.env.BANKAPIURL); + //const client = new CCashClient(process.env.BANKAPIURL); let { name, attempt } = req.body; - if (attempt != req.session.get("adminp")) { - req.session.set("errors", "Wrong Admin Password"); + + //let deleteUser = client.adminDeleteUser(name, attempt); + let deleteUser = await got.delete(`${api}/admin/delete`, { + headers: { + Authorization: req.session.get("b64"), + Accept: "application/json", + }, + json: { + name: name, + }, + }); + + if (deleteUser == -1) { + req.session.errors.push({ + msg: "User Deletion Failed, User Not Found", + }); res.redirect("/admin"); } else { - let deleteUser = client.adminDeleteUser(name, attempt); - if (deleteUser == -1) { - req.session.errors.push({ - msg: "User Deletion Failed, User Not Found", - }); - res.redirect("/admin"); - } else { - req.session.set("successes", "User Deletion Successful"); - res.redirect("/admin"); - } + req.session.set("successes", "User Deletion Successful"); + res.redirect("/admin"); } } ); diff --git a/routes/settings.js b/routes/settings.js index 04fb772..9b5865b 100644 --- a/routes/settings.js +++ b/routes/settings.js @@ -19,8 +19,13 @@ module.exports = function (fastify, opts, done) { preValidation: [validate], }, async function (req, res) { - const client = new CCashClient(process.env.BANKAPIURL); - let checkalive = await client.ping(); + //const client = new CCashClient(process.env.BANKAPIURL); + //let checkalive = await client.ping(); + let checkalive = await got(`${api}/ping`, { + headers: { + Accept: "application/json", + }, + }); if (checkalive) { alive = true; } else { @@ -46,7 +51,7 @@ module.exports = function (fastify, opts, done) { preValidation: [validate], }, async function (req, res) { - const client = new CCashClient(process.env.BANKAPIURL); + //const client = new CCashClient(process.env.BANKAPIURL); let { attempt, new_pass, password2 } = req.body; let patch; if (attempt == undefined) { @@ -61,11 +66,20 @@ module.exports = function (fastify, opts, done) { req.session.set("errors", "Password must be at least 6 characters"); res.redirect("/settings"); } else { - patch = await client.changePassword( + /*patch = await client.changePassword( req.session.get("user"), attempt, new_pass - ); + );*/ + patch = await got.patch(`${api}/user/change_password`, { + headers: { + Authorization: auth, + Accept: "application/json", + }, + json: { + new_pass: new_pass, + }, + }); console.log(patch); if (patch == -2) { req.session.set("errors", "Password Wrong"); @@ -88,17 +102,26 @@ module.exports = function (fastify, opts, done) { preValidation: [validate], }, async function (req, res) { - const client = new CCashClient(process.env.BANKAPIURL); + // const client = new CCashClient(process.env.BANKAPIURL); let { password, password2 } = req.body; let del; if (!password || !password2) { req.session.set("errors", "please fill in all fields"); res.redirect("/settings"); - } else if (password != password2) { + } else if ( + password != password2 && + password != req.session.get("password") + ) { req.session.set("errors", "Passwords don't match"); res.redirect("/settings"); } else { - del = await client.deleteUser(req.session.user, password); + //del = await client.deleteUser(req.session.user, password); + del = await got.delete(`${api}/delete`, { + headers: { + Authorization: auth, + Accept: "application/json", + }, + }); console.log(del); if (del == -2) { req.session.set("errors", "Password Wrong"); diff --git a/views/adminsettings.pug b/views/adminsettings.pug index af4e05e..91e5a75 100644 --- a/views/adminsettings.pug +++ b/views/adminsettings.pug @@ -25,6 +25,21 @@ block content br input.btn.btn-primary(type='submit',value='Submit') br + + .card.shadow + h4 Change password + form(method='POST', action='/admin/admpass') + #form-group + label Name: + input.form-control(name='name', type='name') + + label New Password: + input.form-control(name='new_pass',type='password') + label Confirm: + input.form-control(name='password2',type='password') + br + input.btn.btn-primary(type='submit',value='Submit') + br .card.shadow-lg h4 Check User Balance form(method='POST', action='/admin/baluser') @@ -35,8 +50,8 @@ block content input.btn.btn-primary(type='submit',value='Submit') br .card.shadow-lg - h4 Change Balance of User - form(method='POST', action='/admin/bal') + h4 Set Balance of User + form(method='POST', action='/admin/setbal') #form-group label Username: input.form-control(name='name', type='name') @@ -45,6 +60,28 @@ block content br input.btn.btn-primary(type='submit',value='Submit') br + .card.shadow-lg + h4 Add Balance to User + form(method='POST', action='/admin/addbal') + #form-group + label Username: + input.form-control(name='name', type='name') + label Add amount: + input.form-control(name='amount', type='number') + br + input.btn.btn-primary(type='submit',value='Submit') + br + .card.shadow-lg + h4 Subtract Balance from User + form(method='POST', action='/admin/subbal') + #form-group + label Username: + input.form-control(name='name', type='name') + label Subtract amount: + input.form-control(name='amount', type='number') + br + input.btn.btn-primary(type='submit',value='Submit') + br .card.shadow-lg h4 Delete user p This will permanently delete user make sure you get it right