Update
This commit is contained in:
Max Hunt
parent
eab73be3e5
commit
6326454f10
@ -250,7 +250,7 @@ app.post('/register-new-user-api', async function(request, responce){
|
|||||||
let usersRef = database.ref('/users')
|
let usersRef = database.ref('/users')
|
||||||
let result = await usersRef.push(uData)
|
let result = await usersRef.push(uData)
|
||||||
let key = result.key
|
let key = result.key
|
||||||
let imgPath = key + '/' + pPic
|
let imgPath = key + '/' + pPic ///this is problematic
|
||||||
let imgRootPath = "/user-img/" + imgPath
|
let imgRootPath = "/user-img/" + imgPath
|
||||||
let userRef = database.ref('/users/' + key)
|
let userRef = database.ref('/users/' + key)
|
||||||
userRef.update({pPic:imgPath})
|
userRef.update({pPic:imgPath})
|
||||||
@ -301,7 +301,7 @@ app.post('/request-api', async function(request, responce){
|
|||||||
console.log(rsp)
|
console.log(rsp)
|
||||||
responce.send({success:true, error:null})
|
responce.send({success:true, error:null})
|
||||||
} else {
|
} else {
|
||||||
responce.send({success:false, error:'Something very bad has happened..... Item buyer apparantly doesn\'t exist in the database'})
|
responce.send({success:false, error:'Unregistered user!'})
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
responce.send({success:false, error:'Something very bad has happened..... Item owner apparantly doesn\'t exist in the database'})
|
responce.send({success:false, error:'Something very bad has happened..... Item owner apparantly doesn\'t exist in the database'})
|
||||||
@ -378,24 +378,16 @@ app.post('/sold-api', async function(request, responce){
|
|||||||
})
|
})
|
||||||
|
|
||||||
app.post('/login-user-api', function(request, responce){
|
app.post('/login-user-api', function(request, responce){
|
||||||
if (request.body.uToken && request.body.user) {
|
if (request.body.uToken) {
|
||||||
admin.auth().verifyIdToken(request.body.uToken)
|
admin.auth().verifyIdToken(request.body.uToken)
|
||||||
.then(async function(decodedToken) {
|
.then(async function(decodedToken) {
|
||||||
let user = request.body.user
|
|
||||||
let uid = decodedToken.uid
|
let uid = decodedToken.uid
|
||||||
|
let rsp = await processUserStatus(uid)
|
||||||
if (uid != user.uid){
|
responce.send(rsp)
|
||||||
responce.send({success:false, error:'Stop hacking'})
|
})
|
||||||
}
|
.catch(e=>{
|
||||||
else {
|
responce.send({success:false, error:'invalid auth token, ' + e})
|
||||||
let rsp = await checkNewUser(user)
|
|
||||||
responce.send(rsp)
|
|
||||||
}
|
|
||||||
})
|
})
|
||||||
.catch(function(error) {
|
|
||||||
responce.send({success:false, error:'invalid auth token'})
|
|
||||||
console.log(error)
|
|
||||||
});
|
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
responce.send({success:false, error: 'invalid data'})
|
responce.send({success:false, error: 'invalid data'})
|
||||||
@ -436,18 +428,16 @@ app.post('/shipping-adress-edit-api', function(request, responce){
|
|||||||
|
|
||||||
app.post('/new-product-api', function(request, responce){
|
app.post('/new-product-api', function(request, responce){
|
||||||
if (request.body.uToken && request.body.product && request.body.image) {
|
if (request.body.uToken && request.body.product && request.body.image) {
|
||||||
admin.auth().verifyIdToken(request.body.uToken)
|
let uid = await authCheck(request.body.authToken)
|
||||||
.then(async function(decodedToken) {
|
if (uid) {
|
||||||
let uid = decodedToken.uid
|
if (await checkUserExists(uid)) {
|
||||||
let image = request.body.image
|
let image = request.body.image
|
||||||
let product = request.body.product
|
let product = request.body.product
|
||||||
|
|
||||||
let imageName = image.name
|
let imageName = image.name
|
||||||
|
|
||||||
let newProductRef = database.ref('/products')
|
let newProductRef = database.ref('/products')
|
||||||
newProductRef.push(product).then(key => {
|
newProductRef.push(product).then(key => {
|
||||||
let productKey = key.key
|
let productKey = key.key
|
||||||
let imgPath = productKey + '/' + imageName
|
let imgPath = productKey + '/' + imageName ///this is problematic
|
||||||
let productRef = database.ref('/products/' + productKey)
|
let productRef = database.ref('/products/' + productKey)
|
||||||
productRef.update({img: imgPath}).then(function(){
|
productRef.update({img: imgPath}).then(function(){
|
||||||
responce.send({success:true, imgRef:'/product-img/'+imgPath, error:null})
|
responce.send({success:true, imgRef:'/product-img/'+imgPath, error:null})
|
||||||
@ -461,12 +451,12 @@ app.post('/new-product-api', function(request, responce){
|
|||||||
responce.send({success:false, error:e})
|
responce.send({success:false, error:e})
|
||||||
console.log(error)
|
console.log(error)
|
||||||
})
|
})
|
||||||
|
} else {
|
||||||
})
|
responce.send({success:false, error:'Unregistered!'})
|
||||||
.catch(function(error) {
|
}
|
||||||
responce.send({success:false, error:'invalid auth token'})
|
} else {
|
||||||
console.log(error)
|
responce.send({success:false, error:'invalid auth token'})
|
||||||
});
|
}
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
responce.send({error: 'invalid data'})
|
responce.send({error: 'invalid data'})
|
||||||
@ -522,8 +512,8 @@ async function authCheck(token) {
|
|||||||
return uid
|
return uid
|
||||||
}
|
}
|
||||||
|
|
||||||
async function checkNewUser(user){
|
async function processUserStatus(uid){
|
||||||
let snapshot = await checkUserExists(user.uid)
|
let snapshot = await checkUserExists(uid)
|
||||||
if (snapshot){
|
if (snapshot){
|
||||||
let users = snapshot.val()
|
let users = snapshot.val()
|
||||||
let keys = Object.keys(users)
|
let keys = Object.keys(users)
|
||||||
|
|||||||
30
server.js
30
server.js
@ -248,7 +248,7 @@ app.post('/register-new-user-api', async function(request, responce){
|
|||||||
let usersRef = database.ref('/users')
|
let usersRef = database.ref('/users')
|
||||||
let result = await usersRef.push(uData)
|
let result = await usersRef.push(uData)
|
||||||
let key = result.key
|
let key = result.key
|
||||||
let imgPath = key + '/' + pPic
|
let imgPath = key + '/' + pPic ///this is problematic
|
||||||
let imgRootPath = "/user-img/" + imgPath
|
let imgRootPath = "/user-img/" + imgPath
|
||||||
let userRef = database.ref('/users/' + key)
|
let userRef = database.ref('/users/' + key)
|
||||||
userRef.update({pPic:imgPath})
|
userRef.update({pPic:imgPath})
|
||||||
@ -299,7 +299,7 @@ app.post('/request-api', async function(request, responce){
|
|||||||
console.log(rsp)
|
console.log(rsp)
|
||||||
responce.send({success:true, error:null})
|
responce.send({success:true, error:null})
|
||||||
} else {
|
} else {
|
||||||
responce.send({success:false, error:'Something very bad has happened..... Item buyer apparantly doesn\'t exist in the database'})
|
responce.send({success:false, error:'Unregistered user!'})
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
responce.send({success:false, error:'Something very bad has happened..... Item owner apparantly doesn\'t exist in the database'})
|
responce.send({success:false, error:'Something very bad has happened..... Item owner apparantly doesn\'t exist in the database'})
|
||||||
@ -380,7 +380,7 @@ app.post('/login-user-api', function(request, responce){
|
|||||||
admin.auth().verifyIdToken(request.body.uToken)
|
admin.auth().verifyIdToken(request.body.uToken)
|
||||||
.then(async function(decodedToken) {
|
.then(async function(decodedToken) {
|
||||||
let uid = decodedToken.uid
|
let uid = decodedToken.uid
|
||||||
let rsp = await checkNewUser(uid)
|
let rsp = await processUserStatus(uid)
|
||||||
responce.send(rsp)
|
responce.send(rsp)
|
||||||
})
|
})
|
||||||
.catch(e=>{
|
.catch(e=>{
|
||||||
@ -426,18 +426,16 @@ app.post('/shipping-adress-edit-api', function(request, responce){
|
|||||||
|
|
||||||
app.post('/new-product-api', function(request, responce){
|
app.post('/new-product-api', function(request, responce){
|
||||||
if (request.body.uToken && request.body.product && request.body.image) {
|
if (request.body.uToken && request.body.product && request.body.image) {
|
||||||
admin.auth().verifyIdToken(request.body.uToken)
|
let uid = await authCheck(request.body.authToken)
|
||||||
.then(async function(decodedToken) {
|
if (uid) {
|
||||||
let uid = decodedToken.uid
|
if (await checkUserExists(uid)) {
|
||||||
let image = request.body.image
|
let image = request.body.image
|
||||||
let product = request.body.product
|
let product = request.body.product
|
||||||
|
|
||||||
let imageName = image.name
|
let imageName = image.name
|
||||||
|
|
||||||
let newProductRef = database.ref('/products')
|
let newProductRef = database.ref('/products')
|
||||||
newProductRef.push(product).then(key => {
|
newProductRef.push(product).then(key => {
|
||||||
let productKey = key.key
|
let productKey = key.key
|
||||||
let imgPath = productKey + '/' + imageName
|
let imgPath = productKey + '/' + imageName ///this is problematic
|
||||||
let productRef = database.ref('/products/' + productKey)
|
let productRef = database.ref('/products/' + productKey)
|
||||||
productRef.update({img: imgPath}).then(function(){
|
productRef.update({img: imgPath}).then(function(){
|
||||||
responce.send({success:true, imgRef:'/product-img/'+imgPath, error:null})
|
responce.send({success:true, imgRef:'/product-img/'+imgPath, error:null})
|
||||||
@ -451,12 +449,12 @@ app.post('/new-product-api', function(request, responce){
|
|||||||
responce.send({success:false, error:e})
|
responce.send({success:false, error:e})
|
||||||
console.log(error)
|
console.log(error)
|
||||||
})
|
})
|
||||||
|
} else {
|
||||||
})
|
responce.send({success:false, error:'Unregistered!'})
|
||||||
.catch(function(error) {
|
}
|
||||||
responce.send({success:false, error:'invalid auth token'})
|
} else {
|
||||||
console.log(error)
|
responce.send({success:false, error:'invalid auth token'})
|
||||||
});
|
}
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
responce.send({error: 'invalid data'})
|
responce.send({error: 'invalid data'})
|
||||||
@ -512,7 +510,7 @@ async function authCheck(token) {
|
|||||||
return uid
|
return uid
|
||||||
}
|
}
|
||||||
|
|
||||||
async function checkNewUser(uid){
|
async function processUserStatus(uid){
|
||||||
let snapshot = await checkUserExists(uid)
|
let snapshot = await checkUserExists(uid)
|
||||||
if (snapshot){
|
if (snapshot){
|
||||||
let users = snapshot.val()
|
let users = snapshot.val()
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user