janishutz/libreevent
1
0
Fork 0
mirror of https://github.com/janishutz/libreevent.git synced 2025-11-25 13:24:24 +00:00
Code Issues Packages Projects Releases Wiki Activity

app endpoints, enforce email verification

Browse Source
This commit is contained in:
Janis Hutz
2023-08-19 14:10:40 +02:00
parent 71a2927372
commit 5505313e3e
6 changed files with 169 additions and 77 deletions
Download Patch File Download Diff File Expand all files Collapse all files

63
src/server/admin/appApiRoutes.js Normal file
View File

@@ -0,0 +1,63 @@
/*
* libreevent - appApiRoutes.js
*
* Created by Janis Hutz 08/19/2023, Licensed under the GPL V3 License
* https://janishutz.com, development@janishutz.com
*
*
*/
const bodyParser = require( 'body-parser' );
const db = require( '../backend/db/db.js' );
const pwHandler = require( './pwdmanager.js' );
module.exports = ( app ) => {
app.post( '/app/authenticate', bodyParser.json(), ( req, res ) => {
pwHandler.checkpassword( req.body.email, req.body.password ).then( status => {
if ( status ) {
if ( status.status ) {
res.send( 'authOk' );
} else {
res.send( 'wrong' );
}
} else {
res.send( 'wrong' );
}
} );
} );
app.post( '/app/ticketLookup', bodyParser.json(), ( req, res ) => {
pwHandler.checkpassword( req.body.email, req.body.password ).then( status => {
if ( status ) {
if ( status.status ) {
db.getDataSimple( 'orders', 'order_name', req.body.ticketID.slice( 0, req.body.ticketID.indexOf( '_' ) ) ).then( dat => {
if ( dat[ 0 ] ) {
const tickets = JSON.parse( dat[ 0 ][ 'tickets' ] );
const event = req.body.ticketID.slice( req.body.ticketID.indexOf( '_' ) + 1, req.body.ticketID.indexOf( '-' ) );
const ticket = req.body.ticketID.slice( req.body.ticketID.indexOf( '-' ) + 1, req.body.ticketID.length );
if ( tickets[ event ] ) {
if ( tickets[ event ][ ticket ] ) {
if ( !tickets[ event ][ ticket ][ 'invalidated' ] ) {
res.send( 'ticketValid' );
} else {
res.send( 'ticketInvalid' );
}
} else {
res.send( 'ticketInvalid' );
}
} else {
res.send( 'ticketInvalid' );
}
} else {
res.send( 'ticketInvalid' );
}
} );
} else {
res.send( 'wrong' );
}
} else {
res.send( 'wrong' );
}
} );
} );
};

82
src/server/backend/plugins/payments/payrexx/payrexxRoutes.js
View File

@@ -27,47 +27,57 @@ let paymentOk = {};
module.exports = ( app, settings ) => {
app.post( '/payments/prepare', bodyParser.json(), ( req, res ) => {
if ( req.session.loggedInUser ) {
let purchase = {
'successRedirectUrl': settings.yourDomain + '/payments/success',
'cancelRedirectUrl': settings.yourDomain + '/payments/canceled',
'failedRedirectUrl': settings.yourDomain + '/payments/failed',
'currency': settings.currency,
'basket': [],
'amount': 0,
};
db.getDataSimple( 'users', 'email', req.session.username ).then( user => {
if ( user[ 0 ] ) {
if ( user[ 0 ][ 'mail_confirmed' ] ) {
let purchase = {
'successRedirectUrl': settings.yourDomain + '/payments/success',
'cancelRedirectUrl': settings.yourDomain + '/payments/canceled',
'failedRedirectUrl': settings.yourDomain + '/payments/failed',
'currency': settings.currency,
'basket': [],
'amount': 0,
};
db.getDataSimple( 'temp', 'user_id', req.session.id ).then( dat => {
if ( dat[ 0 ] ) {
db.getJSONData( 'events' ).then( events => {
let data = JSON.parse( dat[ 0 ].data );
( async () => {
for ( let event in data ) {
for ( let item in data[ event ] ) {
purchase[ 'basket' ].push( {
'name': data[ event ][ item ].name,
'quantity': data[ event ][ item ].count ?? 1,
'amount': Math.round( parseFloat( events[ event ][ 'categories' ][ data[ event ][ item ].category ].price[ data[ event ][ item ][ 'ticketOption' ] ] ) * 100 ),
} );
purchase[ 'amount' ] += Math.round( parseFloat( events[ event ][ 'categories' ][ data[ event ][ item ].category ].price[ data[ event ][ item ][ 'ticketOption' ] ] ) * 100 ) * ( data[ event ][ item ].count ?? 1 );
}
}
const response = await payrexx.createGateway( purchase );
if ( response.status === 200 ) {
const session = response.data.data[ 0 ];
sessionReference[ session.id ] = { 'tok': req.session.id, 'email': req.session.username };
pendingPayments[ req.session.id ] = true;
res.send( session.link );
db.getDataSimple( 'temp', 'user_id', req.session.id ).then( dat => {
if ( dat[ 0 ] ) {
db.getJSONData( 'events' ).then( events => {
let data = JSON.parse( dat[ 0 ].data );
( async () => {
for ( let event in data ) {
for ( let item in data[ event ] ) {
purchase[ 'basket' ].push( {
'name': data[ event ][ item ].name,
'quantity': data[ event ][ item ].count ?? 1,
'amount': Math.round( parseFloat( events[ event ][ 'categories' ][ data[ event ][ item ].category ].price[ data[ event ][ item ][ 'ticketOption' ] ] ) * 100 ),
} );
purchase[ 'amount' ] += Math.round( parseFloat( events[ event ][ 'categories' ][ data[ event ][ item ].category ].price[ data[ event ][ item ][ 'ticketOption' ] ] ) * 100 ) * ( data[ event ][ item ].count ?? 1 );
}
}
const response = await payrexx.createGateway( purchase );
if ( response.status === 200 ) {
const session = response.data.data[ 0 ];
sessionReference[ session.id ] = { 'tok': req.session.id, 'email': req.session.username };
pendingPayments[ req.session.id ] = true;
res.send( session.link );
} else {
res.status( 500 ).send( 'ERR_PAYMENT' );
}
} )();
} );
} else {
res.status( 500 ).send( 'ERR_PAYMENT' );
res.status( 400 ).send( 'ERR_UID_NOT_FOUND' );
}
} )();
} );
} ).catch( error => {
console.error( '[ STRIPE ] DB ERROR: ' + error );
res.status( 500 ).send( 'ERR_DB' );
} );
} else {
res.status( 428 ).send( 'ERR_MAIL_UNCONFIRMED' );
}
} else {
res.status( 400 ).send( 'ERR_UID_NOT_FOUND' );
res.status( 428 ).send( 'ERR_MAIL_UNCONFIRMED' );
}
} ).catch( error => {
console.error( '[ STRIPE ] DB ERROR: ' + error );
res.status( 500 ).send( 'ERR_DB' );
} );
} else {
res.status( 403 ).send( 'ERR_UNAUTHORIZED' );

83
src/server/backend/plugins/payments/stripe/stripeRoutes.js
View File

@@ -27,46 +27,57 @@ let paymentOk = {};
module.exports = ( app, settings ) => {
app.post( '/payments/prepare', bodyParser.json(), ( req, res ) => {
if ( req.session.loggedInUser ) {
let purchase = {
'line_items': [],
'mode': 'payment',
'success_url': settings.yourDomain + '/payments/success',
'cancel_url': settings.yourDomain + '/payments/canceled',
'submit_type': 'book',
'customer_email': req.session.username
};
db.getDataSimple( 'users', 'email', req.session.username ).then( user => {
if ( user[ 0 ] ) {
if ( user[ 0 ][ 'mail_confirmed' ] ) {
let purchase = {
'line_items': [],
'mode': 'payment',
'success_url': settings.yourDomain + '/payments/success',
'cancel_url': settings.yourDomain + '/payments/canceled',
'submit_type': 'book',
'customer_email': req.session.username
};
db.getDataSimple( 'temp', 'user_id', req.session.id ).then( dat => {
if ( dat[ 0 ] ) {
db.getJSONData( 'events' ).then( events => {
let data = JSON.parse( dat[ 0 ].data );
( async () => {
for ( let event in data ) {
for ( let item in data[ event ] ) {
purchase[ 'line_items' ].push( {
'price_data': {
'product_data': {
'name': data[ event ][ item ].name,
},
'currency': settings.currency,
'unit_amount': Math.round( parseFloat( events[ event ][ 'categories' ][ data[ event ][ item ].category ].price[ data[ event ][ item ][ 'ticketOption' ] ] ) * 100 ),
},
'quantity': data[ event ][ item ].count ?? 1,
} );
}
// Get cart and prepare order
db.getDataSimple( 'temp', 'user_id', req.session.id ).then( dat => {
if ( dat[ 0 ] ) {
db.getJSONData( 'events' ).then( events => {
let data = JSON.parse( dat[ 0 ].data );
( async () => {
for ( let event in data ) {
for ( let item in data[ event ] ) {
purchase[ 'line_items' ].push( {
'price_data': {
'product_data': {
'name': data[ event ][ item ].name,
},
'currency': settings.currency,
'unit_amount': Math.round( parseFloat( events[ event ][ 'categories' ][ data[ event ][ item ].category ].price[ data[ event ][ item ][ 'ticketOption' ] ] ) * 100 ),
},
'quantity': data[ event ][ item ].count ?? 1,
} );
}
}
const session = await stripe.checkout.sessions.create( purchase );
sessionReference[ session.id ] = { 'tok': req.session.id, 'email': req.session.username };
pendingPayments[ req.session.id ] = true;
res.send( session.url );
} )();
} );
} else {
res.status( 400 ).send( 'ERR_UID_NOT_FOUND' );
}
const session = await stripe.checkout.sessions.create( purchase );
sessionReference[ session.id ] = { 'tok': req.session.id, 'email': req.session.username };
pendingPayments[ req.session.id ] = true;
res.send( session.url );
} )();
} );
} ).catch( error => {
console.error( '[ STRIPE ] DB ERROR: ' + error );
res.status( 500 ).send( 'ERR_DB' );
} );
} else {
res.status( 428 ).send( 'ERR_MAIL_UNCONFIRMED' );
}
} else {
res.status( 400 ).send( 'ERR_UID_NOT_FOUND' );
res.status( 428 ).send( 'ERR_MAIL_UNCONFIRMED' );
}
} ).catch( error => {
console.error( '[ STRIPE ] DB ERROR: ' + error );
res.status( 500 ).send( 'ERR_DB' );
} );
} else {
res.status( 403 ).send( 'ERR_UNAUTHORIZED' );

2
src/server/backend/tickets/ticketGenerator.js
View File

@@ -176,7 +176,7 @@ class TicketGenerator {
'eventName': this.events[ event ][ 'name' ],
'locationAndTime': new Date( this.events[ event ][ 'date' ] ).toLocaleString(),
'ticketName': order[ event ][ ticket ][ 'name' ],
'ticketQRCode': ord[ 0 ].order_name + '_' + order[ event ][ ticket ][ 'id' ],
'ticketQRCode': ord[ 0 ].order_name + '_' + event + '-' + order[ event ][ ticket ][ 'id' ],
} ];
const page = await pdfLib.PDFDocument.load( await pdfme.generate( { 'template': template, 'inputs': data } ) );
const p = await doc.copyPages( page, page.getPageIndices() );

1
src/server/backend/userAPIRoutes.js
View File

@@ -14,7 +14,6 @@ const getHandler = new geth();
const path = require( 'path' );
const bodyParser = require( 'body-parser' );
// settings is missing in arguments which shouldn't pose any problem
module.exports = ( app, settings ) => {
// Add specific routes here to have them be checked first to not get general handling