nekoya/web
nekoya/web
1
0
Fork 0
mirror of https://gitlab.com/nekoya/web.git synced 2025-03-20 05:58:48 +01:00
Code Issues Projects Releases Packages 1 Wiki Activity

Add API authentication

Browse source
This commit is contained in:
Moe Poi ~ 2021-11-21 08:16:15 +07:00
parent 267f1d051a
commit 77372b2a2c
3 changed files with 121 additions and 90 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
controllers/controllers.js
View file

@ -92,7 +92,8 @@ function checkout(
subDistrict, subDistrict,
postalCode, postalCode,
logistic, logistic,
data data,
key
) { ) {
let params = new URLSearchParams({ let params = new URLSearchParams({
firstName: firstName, firstName: firstName,
@ -113,6 +114,9 @@ function checkout(
headers: { headers: {
"Content-Type": "application/x-www-form-urlencoded", "Content-Type": "application/x-www-form-urlencoded",
}, },
params: {
key: key,
}
}; };
return axios return axios
.post(HOST + "/checkout", params, conf) .post(HOST + "/checkout", params, conf)

19
routes/api.js
View file

@ -1,9 +1,12 @@
const express = require("express"); const express = require("express");
const bcrypt = require("bcrypt"); const bcrypt = require("bcrypt");
const randtoken = require("rand-token"); const randtoken = require("rand-token");
const router = express.Router(); const router = express.Router();
const db = require("../modules/db"); const db = require("../modules/db");
const mail = require("../modules/mail"); const mail = require("../modules/mail");
const auth = require("../auth/auth");
const saltRounds = 10; const saltRounds = 10;
@ -295,6 +298,14 @@ router.get("/verify-mail", async (req, res) => {
}); });
router.post("/checkout", async (req, res) => { router.post("/checkout", async (req, res) => {
if (!req.query.key) {
res.status(401);
res.json({
message: "Unauthorized",
});
} else {
auth.auth_checker(req.query.key).then((status) => {
if (status) {
if ( if (
!req.body.firstName || !req.body.firstName ||
!req.body.lastName || !req.body.lastName ||
@ -365,6 +376,14 @@ router.post("/checkout", async (req, res) => {
} }
); );
} }
} else {
res.status(401);
res.json({
message: "Unauthorized",
});
}
});
}
}); });
module.exports = router; module.exports = router;

14
routes/index.js
View file

@ -19,7 +19,7 @@ router.get("/", (req, res) => {
}); });
router.route("/register") router.route("/register")
.get((_req, res) => { .get((req, res) => {
auth.session_converter(req.cookies.session_token).then((key) => { auth.session_converter(req.cookies.session_token).then((key) => {
if (key != null) { if (key != null) {
res.redirect("/"); res.redirect("/");
@ -45,7 +45,7 @@ router.route("/register")
}); });
router.route("/login") router.route("/login")
.get((_req, res) => { .get((req, res) => {
auth.session_converter(req.cookies.session_token).then((key) => { auth.session_converter(req.cookies.session_token).then((key) => {
if (key != null) { if (key != null) {
res.redirect("/"); res.redirect("/");
@ -107,6 +107,9 @@ router.route("/checkout")
}); });
}) })
.post((req, res) => { .post((req, res) => {
auth.session_converter(req.cookies.session_token).then((key) => {
console.log(key);
if (key != null) {
controller.checkout( controller.checkout(
req.body.firstName, req.body.firstName,
req.body.lastName, req.body.lastName,
@ -120,7 +123,8 @@ router.route("/checkout")
req.body.subDistrict, req.body.subDistrict,
req.body.postalCode, req.body.postalCode,
req.body.logistic, req.body.logistic,
req.body.data req.body.data,
key
) )
.then((data) => { .then((data) => {
if (data[0] == 201) { if (data[0] == 201) {
@ -141,6 +145,10 @@ router.route("/checkout")
} }
} }
}); });
} else {
res.redirect("/login");
}
});
}); });
router.get("/forgot-password", (_req, res) => { router.get("/forgot-password", (_req, res) => {