diff --git a/controllers/controllers.js b/controllers/controllers.js index cc39eae..e88e26f 100644 --- a/controllers/controllers.js +++ b/controllers/controllers.js @@ -65,14 +65,18 @@ function login(email, password, ua, ip) { } function verify_mail(token) { + let params = new URLSearchParams({ + token: token, + }); + const conf = { + headers: { + "Content-Type": "application/x-www-form-urlencoded", + }, + }; return axios - .get(HOST + "/verify-mail", { - params: { - token: token - } - }) - .then((response) => response.status) - .catch((error) => console.log(error)); + .post(HOST + "/verify-mail", params, conf) + .then((response) => [response.status, response.data]) + .catch((error) => [error.status, []]); } function checkout( diff --git a/routes/api.js b/routes/api.js index 1823351..3e4cfda 100644 --- a/routes/api.js +++ b/routes/api.js @@ -239,52 +239,59 @@ router.post("/login", async (req, res) => { }); router.get("/verify-mail", async (req, res) => { - const conn = db.connect(); - conn.query( - 'SELECT * FROM users WHERE token ="' + req.query.token + '"', - function (err, result) { - if (err) { - res.status(400); - res.json({ - message: "Bad Request", - }); - } - if (result.length > 0) { - if (result[0].verify == 0) { - var data = { - verify: 1, - }; - db_connect.query( - 'UPDATE users SET ? WHERE email ="' + result[0].email + '"', - data, - function (err, result) { - if (err) { - res.status(400); - res.json({ - message: "Bad Request", - }); - } else { - res.status(200); - res.json({ - message: "Verified ~", - }); - } - } - ); - } else { - res.status(403); + if (!req.body.token) { + res.status(400); + res.json({ + message: "Bad Request", + }); + } else { + const conn = db.connect(); + conn.query( + 'SELECT * FROM users WHERE token ="' + req.body.token + '"', + function (err, result) { + if (err) { + res.status(400); res.json({ - message: "Forbidden", + message: "Bad Request", + }); + } + if (result.length > 0) { + if (result[0].verify == 0) { + var data = { + verify: 1, + }; + db_connect.query( + 'UPDATE users SET ? WHERE email ="' + result[0].email + '"', + data, + function (err, result) { + if (err) { + res.status(400); + res.json({ + message: "Bad Request", + }); + } else { + res.status(200); + res.json({ + message: "Verified ~", + }); + } + } + ); + } else { + res.status(403); + res.json({ + message: "Forbidden", + }); + } + } else { + res.status(400); + res.json({ + message: "Bad Request", }); } - } else { - res.status(400); - res.json({ - message: "Bad Request", - }); } + ); } - ); }); router.post("/checkout", async (req, res) => { diff --git a/routes/index.js b/routes/index.js index 591b81f..2265e78 100644 --- a/routes/index.js +++ b/routes/index.js @@ -85,11 +85,11 @@ router.route("/login") }); router.get("/verify-mail", (req, res) => { - controller.verify_mail(req.params.token).then((data) => { + controller.verify_mail(req.query.token).then((data) => { if (data == 200) { res.render("pages/register-verification-success"); } else { - res.render("pages/index"); + res.redirect("/"); } }); });