max/gg
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update

Browse Source
This commit is contained in:
Max Hunt 2020-05-09 00:35:47 +01:00
parent 15f7792c69
commit 933ecb832f
2 changed files with 305 additions and 104 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

176
functions/index.js
View File

@ -98,13 +98,24 @@ app.get('/my-products', function(request, responce){
app.get('/my-product', function(request, responce){ app.get('/my-product', function(request, responce){
if (request.query.uToken && request.query.productid) { if (request.query.uToken && request.query.productid) {
admin.auth().verifyIdToken(request.query.uToken) admin.auth().verifyIdToken(request.query.uToken)
.then(function(decodedToken) { .then(async function(decodedToken) {
let uid = decodedToken.uid; let uid = decodedToken.uid;
var dbRef = database.ref("/products/"+request.query.productid) let pid = request.query.productid
dbRef.once('value', function(snapshot){ if (await verifyExists(pid)){
data = snapshot.val() if (await verifyOwner(uid, pid)) {
responce.render('my-product.ejs', {item:data, key:request.query.productid}) var dbRef = database.ref("/products/"+pid)
}) dbRef.once('value', function(snapshot){
data = snapshot.val()
responce.render('my-product.ejs', {item:data, key:pid})
})
}
else {
responce.render('404.ejs')
}
}
else {
responce.render('404.ejs')
}
}) })
.catch(function(error) { .catch(function(error) {
console.log(error) console.log(error)
@ -119,18 +130,25 @@ app.get('/my-product', function(request, responce){
app.get('/edit-item', function(request, responce){ app.get('/edit-item', function(request, responce){
if (request.query.uToken && request.query.productid) { if (request.query.uToken && request.query.productid) {
admin.auth().verifyIdToken(request.query.uToken) admin.auth().verifyIdToken(request.query.uToken)
.then(function(decodedToken) { .then(async function(decodedToken) {
let uid = decodedToken.uid; let uid = decodedToken.uid
var dbRef = database.ref("/products/"+request.query.productid) let pid = request.query.productid
dbRef.once('value', function(snapshot){
data = snapshot.val() if (await verifyExists(pid)){
if (data.owner == uid) { if (await verifyOwner(uid, pid)) {
responce.render('edit-item.ejs', {item:data, key:request.query.productid}) let dbRef = database.ref("/products/"+pid)
dbRef.once('value', function(snapshot){
data = snapshot.val()
responce.render('edit-item.ejs', {item:data, key:request.query.productid})
})
}
else {
responce.render('404.ejs')
}
} }
else { else {
responce.send('<h1 style="color:red;" >Unauthorized user</h1><a href="home">Home</a>') responce.render('404.ejs')
} }
})
}) })
.catch(function(error) { .catch(function(error) {
console.log(error) console.log(error)
@ -177,18 +195,28 @@ app.post('/purchase-api', function(request, responce){
let uid = decodedToken.uid; let uid = decodedToken.uid;
let product = request.body.item let product = request.body.item
var productRef = database.ref("/products/"+product) var productRef = database.ref("/products/"+product)
productRef.update({owner:uid, status:"sold"}) productRef.once('value', function(snapshot) {
.then(function(){ var exists = (snapshot.val() !== null)
responce.send({success:true, error:null}) if (exists){
var productRef = database.ref("/products/"+product)
productRef.update({owner:uid, status:"sold"})
.then(function(){
responce.send({success:true, error:null})
})
.catch(e => {console.log(e)})
}
else {
responce.send({success:false, error:'Item does not exist'})
}
}) })
.catch(e => {console.log(e)}) .catch(e => {console.log(e)})
}) })
.catch(function(error) { .catch(function(err) {
responce.send({ error: 'invalid auth token' }) responce.send({success:false, error:'invalid auth token'})
}); });
} }
else { else {
responce.send({ error: 'invalid data' }) responce.send({success:false, error:'invalid data'})
} }
}) })
@ -197,46 +225,104 @@ app.post('/place-on-sale-api', function(request, responce){
admin.auth().verifyIdToken(request.body.user) admin.auth().verifyIdToken(request.body.user)
.then(function(decodedToken) { .then(function(decodedToken) {
let uid = decodedToken.uid; let uid = decodedToken.uid;
let product = request.body.item let productID = request.body.item
var productRef = database.ref("/products/"+product) var productRef = database.ref("/products/"+productID)
productRef.update({status:"on-sale"})
.then(function(){ productRef.once('value',function(snapshot){
responce.send({success:true, error:null}) let item = snapshot.val()
if (item){
let itemOwner = item.owner
if (uid == itemOwner){
productRef.update({status:"on-sale"})
.then(function(){
responce.send({success:true, error:null})
})
.catch(e => {console.log(e)})
}
else {
responce.send({success:false, error:'You do not own this item'})
}
}
else {
responce.send({success:false, error:'Item does not exist'})
}
})
.catch(e=>{
console.log(e)
responce.send({success:false, error:'other, ' + e})
}) })
.catch(e => {console.log(e)})
}) })
.catch(function(error) { .catch(function(error) {
responce.send({ error: 'invalid auth token' }) responce.send({success:false, error:'invalid auth token'})
}); })
} }
else { else {
responce.send({ error: 'invalid data' }) responce.send({success:false, error:'invalid data'})
} }
}) })
app.post('/ship-api', function(request, responce){ app.post('/ship-api', function(request, responce){
if (request.body.item && request.body.user) { if (request.body.item && request.body.user) {
admin.auth().verifyIdToken(request.body.user) admin.auth().verifyIdToken(request.body.user)
.then(function(decodedToken) { .then(async function(decodedToken) {
let uid = decodedToken.uid; let uid = decodedToken.uid;
let product = request.body.item let pid = request.body.item
var productRef = database.ref("/products/"+product)
productRef.update({status:"shipped"}) if (await verifyExists(pid)){
.then(function(){ if (await verifyOwner(uid, pid)) {
processItemShipEmail(product, uid) let productRef = database.ref("/products/"+pid)
responce.send({success:true, error:null}) productRef.update({status:"shipped"})
}) .then(function(){
.catch(e => {console.log(e)}) processItemShipEmail(pid, uid)
responce.send({success:true, error:null})
})
.catch(e => {console.log(e)})
}
else {
responce.send({success:false, error:'You do not own this item'})
}
}
else {
responce.send({success:false, error:'Item does not exist'})
}
}) })
.catch(function(error) { .catch(function(error) {
responce.send({ error: 'invalid auth token' }) responce.send({success:false, error:'invalid auth token'})
}); })
} }
else { else {
responce.send({ error: 'invalid data' }) responce.send({success:false, error:'invalid data'})
} }
}) })
async function authorisedToPurchase(uid, pid){
return true
}
async function verifyExists(pid) {
let productRef = database.ref("/products/"+pid)
let snapshot = await productRef.once('value')
if (snapshot.exists()) {
return true
}
else{
return false
}
}
async function verifyOwner(uid, pid) {
let productRef = database.ref("/products/"+pid)
let snapshot = await productRef.once('value')
let item = snapshot.val()
if (item.owner == uid){
return true
}
else {
return false
}
}
function processItemShipEmail(itemID, buyerID){ function processItemShipEmail(itemID, buyerID){
let productRef = database.ref("/products/"+itemID) let productRef = database.ref("/products/"+itemID)
productRef.once('value',function(snapshot){ productRef.once('value',function(snapshot){

233
server.js
View File

@ -104,13 +104,24 @@ app.get('/my-products', function(request, responce){
app.get('/my-product', function(request, responce){ app.get('/my-product', function(request, responce){
if (request.query.uToken && request.query.productid) { if (request.query.uToken && request.query.productid) {
admin.auth().verifyIdToken(request.query.uToken) admin.auth().verifyIdToken(request.query.uToken)
.then(function(decodedToken) { .then(async function(decodedToken) {
let uid = decodedToken.uid; let uid = decodedToken.uid;
var dbRef = database.ref("/products/"+request.query.productid) let pid = request.query.productid
dbRef.once('value', function(snapshot){ if (await verifyExists(pid)){
data = snapshot.val() if (await verifyOwner(uid, pid)) {
responce.render('my-product.ejs', {item:data, key:request.query.productid}) var dbRef = database.ref("/products/"+pid)
}) dbRef.once('value', function(snapshot){
data = snapshot.val()
responce.render('my-product.ejs', {item:data, key:pid})
})
}
else {
responce.render('404.ejs')
}
}
else {
responce.render('404.ejs')
}
}) })
.catch(function(error) { .catch(function(error) {
console.log(error) console.log(error)
@ -125,18 +136,25 @@ app.get('/my-product', function(request, responce){
app.get('/edit-item', function(request, responce){ app.get('/edit-item', function(request, responce){
if (request.query.uToken && request.query.productid) { if (request.query.uToken && request.query.productid) {
admin.auth().verifyIdToken(request.query.uToken) admin.auth().verifyIdToken(request.query.uToken)
.then(function(decodedToken) { .then(async function(decodedToken) {
let uid = decodedToken.uid; let uid = decodedToken.uid
var dbRef = database.ref("/products/"+request.query.productid) let pid = request.query.productid
dbRef.once('value', function(snapshot){
data = snapshot.val() if (await verifyExists(pid)){
if (data.owner == uid) { if (await verifyOwner(uid, pid)) {
responce.render('edit-item.ejs', {item:data, key:request.query.productid}) let dbRef = database.ref("/products/"+pid)
dbRef.once('value', function(snapshot){
data = snapshot.val()
responce.render('edit-item.ejs', {item:data, key:request.query.productid})
})
}
else {
responce.render('404.ejs')
}
} }
else { else {
responce.send('<h1 style="color:red;" >Unauthorized user</h1><a href="home">Home</a>') responce.render('404.ejs')
} }
})
}) })
.catch(function(error) { .catch(function(error) {
console.log(error) console.log(error)
@ -183,18 +201,28 @@ app.post('/purchase-api', function(request, responce){
let uid = decodedToken.uid; let uid = decodedToken.uid;
let product = request.body.item let product = request.body.item
var productRef = database.ref("/products/"+product) var productRef = database.ref("/products/"+product)
productRef.update({owner:uid, status:"sold"}) productRef.once('value', function(snapshot) {
.then(function(){ var exists = (snapshot.val() !== null)
responce.send({success:true, error:null}) if (exists){
var productRef = database.ref("/products/"+product)
productRef.update({owner:uid, status:"sold"})
.then(function(){
responce.send({success:true, error:null})
})
.catch(e => {console.log(e)})
}
else {
responce.send({success:false, error:'Item does not exist'})
}
}) })
.catch(e => {console.log(e)}) .catch(e => {console.log(e)})
}) })
.catch(function(error) { .catch(function(err) {
responce.send({ error: 'invalid auth token' }) responce.send({success:false, error:'invalid auth token'})
}); });
} }
else { else {
responce.send({ error: 'invalid data' }) responce.send({success:false, error:'invalid data'})
} }
}) })
@ -203,46 +231,149 @@ app.post('/place-on-sale-api', function(request, responce){
admin.auth().verifyIdToken(request.body.user) admin.auth().verifyIdToken(request.body.user)
.then(function(decodedToken) { .then(function(decodedToken) {
let uid = decodedToken.uid; let uid = decodedToken.uid;
let product = request.body.item let productID = request.body.item
var productRef = database.ref("/products/"+product) var productRef = database.ref("/products/"+productID)
productRef.update({status:"on-sale"})
.then(function(){ productRef.once('value',function(snapshot){
responce.send({success:true, error:null}) let item = snapshot.val()
if (item){
let itemOwner = item.owner
if (uid == itemOwner){
productRef.update({status:"on-sale"})
.then(function(){
responce.send({success:true, error:null})
})
.catch(e => {console.log(e)})
}
else {
responce.send({success:false, error:'You do not own this item'})
}
}
else {
responce.send({success:false, error:'Item does not exist'})
}
})
.catch(e=>{
console.log(e)
responce.send({success:false, error:'other, ' + e})
}) })
.catch(e => {console.log(e)})
}) })
.catch(function(error) { .catch(function(error) {
responce.send({ error: 'invalid auth token' }) responce.send({success:false, error:'invalid auth token'})
}); })
} }
else { else {
responce.send({ error: 'invalid data' }) responce.send({success:false, error:'invalid data'})
} }
}) })
app.post('/ship-api', function(request, responce){ app.post('/ship-api', function(request, responce){
if (request.body.item && request.body.user) { if (request.body.item && request.body.user) {
admin.auth().verifyIdToken(request.body.user) admin.auth().verifyIdToken(request.body.user)
.then(function(decodedToken) { .then(async function(decodedToken) {
let uid = decodedToken.uid; let uid = decodedToken.uid;
let product = request.body.item let pid = request.body.item
var productRef = database.ref("/products/"+product)
productRef.update({status:"shipped"}) if (await verifyExists(pid)){
.then(function(){ if (await verifyOwner(uid, pid)) {
processItemShipEmail(product, uid) let productRef = database.ref("/products/"+pid)
responce.send({success:true, error:null}) productRef.update({status:"shipped"})
}) .then(function(){
.catch(e => {console.log(e)}) processItemShipEmail(pid, uid)
responce.send({success:true, error:null})
})
.catch(e => {console.log(e)})
}
else {
responce.send({success:false, error:'You do not own this item'})
}
}
else {
responce.send({success:false, error:'Item does not exist'})
}
}) })
.catch(function(error) { .catch(function(error) {
responce.send({ error: 'invalid auth token' }) responce.send({success:false, error:'invalid auth token'})
})
}
else {
responce.send({success:false, error:'invalid data'})
}
})
app.post('/demo-api', function(request, responce){
if (request.body.item && request.body.user) {
admin.auth().verifyIdToken(request.body.user)
.then(async function(decodedToken) {
if (await verifyExists(request.body.item)){
if (await verifyOwner(decodedToken.uid, request.body.item)) {
responce.send({success:true, error:null, data:"x"})
}
else {
responce.send({success:false, error:'You do not own this item'})
}
}
else {
responce.send({success:false, error:'Item does not exist'})
}
})
.catch(function(error) {
responce.send({success:false, error:'invalid auth token'})
console.log(error)
}); });
} }
else { else {
responce.send({ error: 'invalid data' }) responce.send({error: 'invalid data'})
} }
}) })
async function authorisedToPurchase(uid, pid){
return true
}
async function verifyExists(pid) {
let productRef = database.ref("/products/"+pid)
let snapshot = await productRef.once('value')
if (snapshot.exists()) {
return true
}
else{
return false
}
}
async function verifyOwner(uid, pid) {
let productRef = database.ref("/products/"+pid)
let snapshot = await productRef.once('value')
let item = snapshot.val()
if (item.owner == uid){
return true
}
else {
return false
}
}
function sendEmail(address, content){
var mailOptions = {
from: 'noreply.projectgg@gmail.com',
to: address,
subject: 'Your Item has been requested',
text: content
}
transporter.sendMail(mailOptions, function(error, info){
if (error) {
console.log(error);
} else {
console.log('Email sent: ' + info.response);
}
})
}
function processItemShipEmail(itemID, buyerID){ function processItemShipEmail(itemID, buyerID){
let productRef = database.ref("/products/"+itemID) let productRef = database.ref("/products/"+itemID)
productRef.once('value',function(snapshot){ productRef.once('value',function(snapshot){
@ -268,22 +399,6 @@ function processItemShipEmail(itemID, buyerID){
}) })
} }
function sendEmail(address, content){
var mailOptions = {
from: 'noreply.projectgg@gmail.com',
to: address,
subject: 'Your Item has been requested',
text: content
}
transporter.sendMail(mailOptions, function(error, info){
if (error) {
console.log(error);
} else {
console.log('Email sent: ' + info.response);
}
})
}
app.get('*', function(request, responce){ app.get('*', function(request, responce){
responce.render('404.ejs') responce.render('404.ejs')
}) })