janishutz/libreevent
1
0
Fork 0
mirror of https://github.com/janishutz/libreevent.git synced 2025-11-25 13:24:24 +00:00
Code Issues Packages Projects Releases Wiki Activity

app endpoints, enforce email verification

Browse Source
This commit is contained in:
Janis Hutz
2023-08-19 14:10:40 +02:00
parent 71a2927372
commit 5505313e3e
6 changed files with 169 additions and 77 deletions
Download Patch File Download Diff File Expand all files Collapse all files

63
src/server/admin/appApiRoutes.js Normal file
View File

@@ -0,0 +1,63 @@
/*
* libreevent - appApiRoutes.js
*
* Created by Janis Hutz 08/19/2023, Licensed under the GPL V3 License
* https://janishutz.com, development@janishutz.com
*
*
*/
const bodyParser = require( 'body-parser' );
const db = require( '../backend/db/db.js' );
const pwHandler = require( './pwdmanager.js' );
module.exports = ( app ) => {
app.post( '/app/authenticate', bodyParser.json(), ( req, res ) => {
pwHandler.checkpassword( req.body.email, req.body.password ).then( status => {
if ( status ) {
if ( status.status ) {
res.send( 'authOk' );
} else {
res.send( 'wrong' );
}
} else {
res.send( 'wrong' );
}
} );
} );
app.post( '/app/ticketLookup', bodyParser.json(), ( req, res ) => {
pwHandler.checkpassword( req.body.email, req.body.password ).then( status => {
if ( status ) {
if ( status.status ) {
db.getDataSimple( 'orders', 'order_name', req.body.ticketID.slice( 0, req.body.ticketID.indexOf( '_' ) ) ).then( dat => {
if ( dat[ 0 ] ) {
const tickets = JSON.parse( dat[ 0 ][ 'tickets' ] );
const event = req.body.ticketID.slice( req.body.ticketID.indexOf( '_' ) + 1, req.body.ticketID.indexOf( '-' ) );
const ticket = req.body.ticketID.slice( req.body.ticketID.indexOf( '-' ) + 1, req.body.ticketID.length );
if ( tickets[ event ] ) {
if ( tickets[ event ][ ticket ] ) {
if ( !tickets[ event ][ ticket ][ 'invalidated' ] ) {
res.send( 'ticketValid' );
} else {
res.send( 'ticketInvalid' );
}
} else {
res.send( 'ticketInvalid' );
}
} else {
res.send( 'ticketInvalid' );
}
} else {
res.send( 'ticketInvalid' );
}
} );
} else {
res.send( 'wrong' );
}
} else {
res.send( 'wrong' );
}
} );
} );
};

82
src/server/backend/plugins/payments/payrexx/payrexxRoutes.js
View File

@@ -27,47 +27,57 @@ let paymentOk = {};
module.exports = ( app, settings ) => { module.exports = ( app, settings ) => {
app.post( '/payments/prepare', bodyParser.json(), ( req, res ) => { app.post( '/payments/prepare', bodyParser.json(), ( req, res ) => {
if ( req.session.loggedInUser ) { if ( req.session.loggedInUser ) {
let purchase = { db.getDataSimple( 'users', 'email', req.session.username ).then( user => {
'successRedirectUrl': settings.yourDomain + '/payments/success', if ( user[ 0 ] ) {
'cancelRedirectUrl': settings.yourDomain + '/payments/canceled', if ( user[ 0 ][ 'mail_confirmed' ] ) {
'failedRedirectUrl': settings.yourDomain + '/payments/failed', let purchase = {
'currency': settings.currency, 'successRedirectUrl': settings.yourDomain + '/payments/success',
'basket': [], 'cancelRedirectUrl': settings.yourDomain + '/payments/canceled',
'amount': 0, 'failedRedirectUrl': settings.yourDomain + '/payments/failed',
}; 'currency': settings.currency,
'basket': [],
'amount': 0,
};
db.getDataSimple( 'temp', 'user_id', req.session.id ).then( dat => { db.getDataSimple( 'temp', 'user_id', req.session.id ).then( dat => {
if ( dat[ 0 ] ) { if ( dat[ 0 ] ) {
db.getJSONData( 'events' ).then( events => { db.getJSONData( 'events' ).then( events => {
let data = JSON.parse( dat[ 0 ].data ); let data = JSON.parse( dat[ 0 ].data );
( async () => { ( async () => {
for ( let event in data ) { for ( let event in data ) {
for ( let item in data[ event ] ) { for ( let item in data[ event ] ) {
purchase[ 'basket' ].push( { purchase[ 'basket' ].push( {
'name': data[ event ][ item ].name, 'name': data[ event ][ item ].name,
'quantity': data[ event ][ item ].count ?? 1, 'quantity': data[ event ][ item ].count ?? 1,
'amount': Math.round( parseFloat( events[ event ][ 'categories' ][ data[ event ][ item ].category ].price[ data[ event ][ item ][ 'ticketOption' ] ] ) * 100 ), 'amount': Math.round( parseFloat( events[ event ][ 'categories' ][ data[ event ][ item ].category ].price[ data[ event ][ item ][ 'ticketOption' ] ] ) * 100 ),
} ); } );
purchase[ 'amount' ] += Math.round( parseFloat( events[ event ][ 'categories' ][ data[ event ][ item ].category ].price[ data[ event ][ item ][ 'ticketOption' ] ] ) * 100 ) * ( data[ event ][ item ].count ?? 1 ); purchase[ 'amount' ] += Math.round( parseFloat( events[ event ][ 'categories' ][ data[ event ][ item ].category ].price[ data[ event ][ item ][ 'ticketOption' ] ] ) * 100 ) * ( data[ event ][ item ].count ?? 1 );
} }
} }
const response = await payrexx.createGateway( purchase ); const response = await payrexx.createGateway( purchase );
if ( response.status === 200 ) { if ( response.status === 200 ) {
const session = response.data.data[ 0 ]; const session = response.data.data[ 0 ];
sessionReference[ session.id ] = { 'tok': req.session.id, 'email': req.session.username }; sessionReference[ session.id ] = { 'tok': req.session.id, 'email': req.session.username };
pendingPayments[ req.session.id ] = true; pendingPayments[ req.session.id ] = true;
res.send( session.link ); res.send( session.link );
} else {
res.status( 500 ).send( 'ERR_PAYMENT' );
}
} )();
} );
} else { } else {
res.status( 500 ).send( 'ERR_PAYMENT' ); res.status( 400 ).send( 'ERR_UID_NOT_FOUND' );
} }
} )(); } ).catch( error => {
} ); console.error( '[ STRIPE ] DB ERROR: ' + error );
res.status( 500 ).send( 'ERR_DB' );
} );
} else {
res.status( 428 ).send( 'ERR_MAIL_UNCONFIRMED' );
}
} else { } else {
res.status( 400 ).send( 'ERR_UID_NOT_FOUND' ); res.status( 428 ).send( 'ERR_MAIL_UNCONFIRMED' );
} }
} ).catch( error => {
console.error( '[ STRIPE ] DB ERROR: ' + error );
res.status( 500 ).send( 'ERR_DB' );
} ); } );
} else { } else {
res.status( 403 ).send( 'ERR_UNAUTHORIZED' ); res.status( 403 ).send( 'ERR_UNAUTHORIZED' );

83
src/server/backend/plugins/payments/stripe/stripeRoutes.js
View File

@@ -27,46 +27,57 @@ let paymentOk = {};
module.exports = ( app, settings ) => { module.exports = ( app, settings ) => {
app.post( '/payments/prepare', bodyParser.json(), ( req, res ) => { app.post( '/payments/prepare', bodyParser.json(), ( req, res ) => {
if ( req.session.loggedInUser ) { if ( req.session.loggedInUser ) {
let purchase = { db.getDataSimple( 'users', 'email', req.session.username ).then( user => {
'line_items': [], if ( user[ 0 ] ) {
'mode': 'payment', if ( user[ 0 ][ 'mail_confirmed' ] ) {
'success_url': settings.yourDomain + '/payments/success', let purchase = {
'cancel_url': settings.yourDomain + '/payments/canceled', 'line_items': [],
'submit_type': 'book', 'mode': 'payment',
'customer_email': req.session.username 'success_url': settings.yourDomain + '/payments/success',
}; 'cancel_url': settings.yourDomain + '/payments/canceled',
'submit_type': 'book',
'customer_email': req.session.username
};
db.getDataSimple( 'temp', 'user_id', req.session.id ).then( dat => { // Get cart and prepare order
if ( dat[ 0 ] ) { db.getDataSimple( 'temp', 'user_id', req.session.id ).then( dat => {
db.getJSONData( 'events' ).then( events => { if ( dat[ 0 ] ) {
let data = JSON.parse( dat[ 0 ].data ); db.getJSONData( 'events' ).then( events => {
( async () => { let data = JSON.parse( dat[ 0 ].data );
for ( let event in data ) { ( async () => {
for ( let item in data[ event ] ) { for ( let event in data ) {
purchase[ 'line_items' ].push( { for ( let item in data[ event ] ) {
'price_data': { purchase[ 'line_items' ].push( {
'product_data': { 'price_data': {
'name': data[ event ][ item ].name, 'product_data': {
}, 'name': data[ event ][ item ].name,
'currency': settings.currency, },
'unit_amount': Math.round( parseFloat( events[ event ][ 'categories' ][ data[ event ][ item ].category ].price[ data[ event ][ item ][ 'ticketOption' ] ] ) * 100 ), 'currency': settings.currency,
}, 'unit_amount': Math.round( parseFloat( events[ event ][ 'categories' ][ data[ event ][ item ].category ].price[ data[ event ][ item ][ 'ticketOption' ] ] ) * 100 ),
'quantity': data[ event ][ item ].count ?? 1, },
} ); 'quantity': data[ event ][ item ].count ?? 1,
} } );
}
}
const session = await stripe.checkout.sessions.create( purchase );
sessionReference[ session.id ] = { 'tok': req.session.id, 'email': req.session.username };
pendingPayments[ req.session.id ] = true;
res.send( session.url );
} )();
} );
} else {
res.status( 400 ).send( 'ERR_UID_NOT_FOUND' );
} }
const session = await stripe.checkout.sessions.create( purchase ); } ).catch( error => {
sessionReference[ session.id ] = { 'tok': req.session.id, 'email': req.session.username }; console.error( '[ STRIPE ] DB ERROR: ' + error );
pendingPayments[ req.session.id ] = true; res.status( 500 ).send( 'ERR_DB' );
res.send( session.url ); } );
} )(); } else {
} ); res.status( 428 ).send( 'ERR_MAIL_UNCONFIRMED' );
}
} else { } else {
res.status( 400 ).send( 'ERR_UID_NOT_FOUND' ); res.status( 428 ).send( 'ERR_MAIL_UNCONFIRMED' );
} }
} ).catch( error => {
console.error( '[ STRIPE ] DB ERROR: ' + error );
res.status( 500 ).send( 'ERR_DB' );
} ); } );
} else { } else {
res.status( 403 ).send( 'ERR_UNAUTHORIZED' ); res.status( 403 ).send( 'ERR_UNAUTHORIZED' );

2
src/server/backend/tickets/ticketGenerator.js
View File

@@ -176,7 +176,7 @@ class TicketGenerator {
'eventName': this.events[ event ][ 'name' ], 'eventName': this.events[ event ][ 'name' ],
'locationAndTime': new Date( this.events[ event ][ 'date' ] ).toLocaleString(), 'locationAndTime': new Date( this.events[ event ][ 'date' ] ).toLocaleString(),
'ticketName': order[ event ][ ticket ][ 'name' ], 'ticketName': order[ event ][ ticket ][ 'name' ],
'ticketQRCode': ord[ 0 ].order_name + '_' + order[ event ][ ticket ][ 'id' ], 'ticketQRCode': ord[ 0 ].order_name + '_' + event + '-' + order[ event ][ ticket ][ 'id' ],
} ]; } ];
const page = await pdfLib.PDFDocument.load( await pdfme.generate( { 'template': template, 'inputs': data } ) ); const page = await pdfLib.PDFDocument.load( await pdfme.generate( { 'template': template, 'inputs': data } ) );
const p = await doc.copyPages( page, page.getPageIndices() ); const p = await doc.copyPages( page, page.getPageIndices() );

1
src/server/backend/userAPIRoutes.js
View File

@@ -14,7 +14,6 @@ const getHandler = new geth();
const path = require( 'path' ); const path = require( 'path' );
const bodyParser = require( 'body-parser' ); const bodyParser = require( 'body-parser' );
// settings is missing in arguments which shouldn't pose any problem
module.exports = ( app, settings ) => { module.exports = ( app, settings ) => {
// Add specific routes here to have them be checked first to not get general handling // Add specific routes here to have them be checked first to not get general handling

15
src/webapp/main/src/views/purchasing/PurchaseView.vue
View File

@@ -18,7 +18,9 @@
</div> </div>
<div v-else class="wrapper"> <div v-else class="wrapper">
<div class="data"> <div class="data">
<h2>Billing</h2> <h2>Purchase</h2>
<p>Ready to buy? Please once again check that all the right items are in your cart.</p>
<!--<h2>Billing</h2>
<table class="billing-info-table"> <table class="billing-info-table">
<tr v-if="settings.requiresAddress"> <tr v-if="settings.requiresAddress">
<td>Street and house number</td> <td>Street and house number</td>
@@ -39,8 +41,8 @@
</table> </table>
<div v-if="settings.requiresSpecialToken"> <div v-if="settings.requiresSpecialToken">
<!-- TODO: FUTURE: Implement --> TODO: FUTURE: Implement
</div> </div> -->
<button id="buy-button" @click="preparePayment();">Buy now</button> <button id="buy-button" @click="preparePayment();">Buy now</button>
</div> </div>
<div class="cart"> <div class="cart">
@@ -293,6 +295,13 @@ export default {
window.location.href = text; window.location.href = text;
}, 300 ); }, 300 );
} ); } );
} else if ( res.status === 428 ) {
res.text().then( text => {
if ( text === 'ERR_MAIL_UNCONFIRMED' ) {
this.$refs.notification.cancelNotification( prep );
this.$refs.notification.createNotification( 'Please confirm your email address to proceed', 10, 'error', 'high' );
}
} );
} }
} ).catch( err => { } ).catch( err => {
console.error( err ); console.error( err );