Add API authentication

This commit is contained in:
Rene Vergara 2021-11-09 12:39:16 -06:00
parent dacb8dbafb
commit d05292b365
5 changed files with 45 additions and 21 deletions

View file

@ -1,6 +1,7 @@
const express = require('express');
const app = express();
const bodyparser = require('body-parser');
const cors = require('cors');
const postmodel = require('./models/post');
const usermodel = require('./models/user');
const ownermodel = require('./models/owner');
@ -147,16 +148,26 @@ var blockInterval = setInterval( function() {
});
}, 90000);
app.use(cors());
app.options('*', cors());
app.use(bodyparser.json());
app.use((req, res, next) => {
res.setHeader("Access-Control-Allow-Origin", "*");
res.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
res.setHeader("Access-Control-Allow-Methods", "GET, POST, PATCH, DELETE, OPTIONS");
//req.ip = RequestIP.getClientIp(req);
next();
});
app.use((req, res, next) => {
if (req.headers.authorization !== 'Le2adeic8Thah4Aeng4daem6i' ) {
return res.status(401).send('Authorization required.');
} else {
next();
}
});
app.get('/api/users', (req, res, next) => {

View file

@ -1,6 +1,6 @@
import {Injectable} from '@angular/core';
import {Subject, Subscription, BehaviorSubject, Observable} from 'rxjs';
import {HttpClient, HttpParams} from '@angular/common/http';
import {HttpClient, HttpParams, HttpHeaders} from '@angular/common/http';
import {UserService} from './user.service';
//import {User} from './user.model';
@ -18,15 +18,18 @@ export class FullnodeService{
public readonly memoUpdate: Observable<string[]> = this._memoUpdated.asObservable();
public readonly priceUpdate: Observable<number> = this._priceUpdated.asObservable();
private UserSub: Subscription = new Subscription();
private apiKey = 'Le2adeic8Thah4Aeng4daem6i';
private reqHeaders: HttpHeaders;
constructor(private http: HttpClient, public userService: UserService){
this.reqHeaders = new HttpHeaders().set('Authorization', this.apiKey);
this.getAddr();
this.getHeight();
this.getPrice();
}
getHeight(){
let obs = this.http.get<{message: string, height: number}>(this.beUrl+'api/blockheight');
let obs = this.http.get<{message: string, height: number}>(this.beUrl+'api/blockheight', { headers: this.reqHeaders });
obs.subscribe((BlockData) => {
this.dataStore.height = BlockData.height;
this._heightUpdated.next(Object.assign({}, this.dataStore).height);
@ -38,7 +41,7 @@ export class FullnodeService{
getPrice(){
var currency = 'usd';
const params = new HttpParams().append('currency', currency);
let obs = this.http.get<{message: string, price: any}>(this.beUrl+'api/price', { headers:{}, params: params, observe: 'response'});
let obs = this.http.get<{message: string, price: any}>(this.beUrl+'api/price', { headers:this.reqHeaders, params: params, observe: 'response'});
obs.subscribe((PriceData) => {
if (PriceData.status == 200) {
this.dataStore.price = PriceData.body!.price.price;
@ -63,7 +66,7 @@ export class FullnodeService{
getAddr() {
let obs = this.http.get<{message: string, addr: string}>(this.beUrl+'api/getaddr');
let obs = this.http.get<{message: string, addr: string}>(this.beUrl+'api/getaddr', { headers: this.reqHeaders });
obs.subscribe((AddrData) => {
this.dataStore.addr = AddrData.addr;

View file

@ -1,7 +1,7 @@
import { Item } from './item.model';
import { Injectable } from '@angular/core';
import { Subject, BehaviorSubject, Observable } from 'rxjs';
import { HttpClient, HttpParams } from '@angular/common/http';
import { HttpClient, HttpParams, HttpHeaders } from '@angular/common/http';
@Injectable({providedIn: 'root'})
@ -11,14 +11,17 @@ export class ItemService{
private _itemsUpdated: BehaviorSubject<Item[]> = new BehaviorSubject(this.dataStore.items);
public readonly itemsUpdated: Observable<Item[]> = this._itemsUpdated.asObservable();
private address:string = '';
private apiKey = 'Le2adeic8Thah4Aeng4daem6i';
private reqHeaders: HttpHeaders;
constructor(private http: HttpClient){
this.reqHeaders = new HttpHeaders().set('Authorization', this.apiKey);
}
getItems(addr: string){
this.address = addr;
const params = new HttpParams().append('address', addr);
let obs = this.http.get<{message: string, items: any}>(this.beUrl+'api/getitems', { headers:{}, params: params, observe: 'response'});
let obs = this.http.get<{message: string, items: any}>(this.beUrl+'api/getitems', { headers:this.reqHeaders, params: params, observe: 'response'});
obs.subscribe((ItemDataResponse) => {
if (ItemDataResponse.status == 200 ) {
@ -34,7 +37,7 @@ export class ItemService{
addItem(item: Item) {
//const params = new HttpParams().append('item', JSON.stringify(item));
let obs = this.http.post<{message: string}>(this.beUrl+'api/item', { item: item });
let obs = this.http.post<{message: string}>(this.beUrl+'api/item', { item: item }, { headers: this.reqHeaders });
obs.subscribe((ItemResponse) => {
console.log('Item added');
@ -45,7 +48,7 @@ export class ItemService{
}
deleteItem(id: string) {
let obs = this.http.delete<{message: string}>(this.beUrl+'api/item/'+id);
let obs = this.http.delete<{message: string}>(this.beUrl+'api/item/'+id, { headers: this.reqHeaders });
obs.subscribe((ItemResponse) => {
console.log('Item deleted');

View file

@ -1,6 +1,6 @@
import { Injectable } from '@angular/core';
import { Subject, BehaviorSubject, Observable } from 'rxjs';
import { HttpClient, HttpParams } from '@angular/common/http';
import { HttpClient, HttpParams, HttpHeaders } from '@angular/common/http';
import { Order } from './order.model';
import { UserService } from '../user.service';
import { FullnodeService } from '../fullnode.service';
@ -42,12 +42,15 @@ export class OrderService {
private _allOrdersUpdated: BehaviorSubject<Order[]> = new BehaviorSubject(this.dataStore.allOrders);
public readonly allOrdersUpdate: Observable<Order[]> = this._allOrdersUpdated.asObservable();
public userUpdate: Observable<User>;
private apiKey = 'Le2adeic8Thah4Aeng4daem6i';
private reqHeaders: HttpHeaders;
constructor(
private http: HttpClient,
public fullnodeService: FullnodeService,
public userService: UserService
) {
this.reqHeaders = new HttpHeaders().set('Authorization', this.apiKey);
this.userUpdate = userService.userUpdate;
this.userUpdate.subscribe((user) => {
this.dataStore.user = user;
@ -59,7 +62,7 @@ export class OrderService {
getOrder() {
var session = this.dataStore.user.session;
const params = new HttpParams().append('session', session);
let obs = this.http.get<{message: string, order: any}>(this.beUrl+'api/order', { headers:{}, params:params, observe: 'response'});
let obs = this.http.get<{message: string, order: any}>(this.beUrl+'api/order', { headers:this.reqHeaders, params:params, observe: 'response'});
obs.subscribe((OrderDataResponse) => {
if (OrderDataResponse.status == 200) {
@ -81,7 +84,7 @@ export class OrderService {
getAllOrders(){
var address = this.dataStore.user.address;
const params = new HttpParams().append('address', address);
let obs = this.http.get<{message: string, orders: any}>(this.beUrl+'api/allorders', { headers:{}, params:params, observe: 'response'});
let obs = this.http.get<{message: string, orders: any}>(this.beUrl+'api/allorders', { headers:this.reqHeaders, params:params, observe: 'response'});
obs.subscribe((OrdersData) => {
if (OrdersData.status == 200 ){
console.log('getAllOrder:', OrdersData.body);
@ -97,7 +100,7 @@ export class OrderService {
addToOrder(lineItem: LineItem) {
if(this.dataStore.order._id != null) {
let obs = this.http.post<{message: string}>(this.beUrl+'api/lineitem', { order_id: this.dataStore.order._id, line: lineItem });
let obs = this.http.post<{message: string}>(this.beUrl+'api/lineitem', { order_id: this.dataStore.order._id, line: lineItem }, { headers: this.reqHeaders });
obs.subscribe((orderData) => {
this.getOrder();
});
@ -116,7 +119,7 @@ export class OrderService {
total: 0,
lines: []
};
let obs = this.http.post<{message: string, order: Order}>(this.beUrl+'api/order', {order: order});
let obs = this.http.post<{message: string, order: Order}>(this.beUrl+'api/order', {order: order}, { headers: this.reqHeaders });
obs.subscribe((orderData) => {
console.log('Create order', orderData);
this.dataStore.order = orderData.order;
@ -128,7 +131,7 @@ export class OrderService {
}
cancelOrder(id: string) {
let obs = this.http.delete<{message: string}>(this.beUrl+'api/order/'+id);
let obs = this.http.delete<{message: string}>(this.beUrl+'api/order/'+id, { headers: this.reqHeaders });
obs.subscribe((OrderResponse) => {
console.log('Order deleted');
@ -160,7 +163,7 @@ export class OrderService {
console.log('Price:', price);
this.dataStore.order.closed = true;
this.dataStore.order.price = price;
let obs = this.http.post<{message: string, order: Order}>(this.beUrl+'api/order', {order: this.dataStore.order});
let obs = this.http.post<{message: string, order: Order}>(this.beUrl+'api/order', {order: this.dataStore.order}, { headers: this.reqHeaders });
obs.subscribe((orderData) => {
console.log('Closed order', orderData);
this.dataStore.order = {

View file

@ -1,6 +1,6 @@
import {Injectable} from '@angular/core';
import {Subject, BehaviorSubject, Observable} from 'rxjs';
import {HttpClient, HttpParams} from '@angular/common/http';
import {HttpClient, HttpParams, HttpHeaders} from '@angular/common/http';
import {User} from './user.model';
import {Owner} from './owner.model';
@ -30,8 +30,12 @@ export class UserService{
public readonly uZaddrUpdate: Observable<string> = this._uZaddrUpdated.asObservable();
public readonly ownerUpdate: Observable<Owner> = this._ownerUpdated.asObservable();
public readonly userUpdate: Observable<User> = this._userUpdated.asObservable();
private reqHeaders: HttpHeaders;
private apiKey = 'Le2adeic8Thah4Aeng4daem6i';
constructor(private http: HttpClient){
this.reqHeaders = new HttpHeaders().set('Authorization', this.apiKey);
console.log('US:', this.reqHeaders);
this.session = localStorage.getItem('s4z_token');
if (this.session != null) {
this.findUser();
@ -42,7 +46,7 @@ export class UserService{
this.session = localStorage.getItem('s4z_token');
if (this.session != null) {
const params = new HttpParams().append('session', this.session!);
let obs = this.http.get<{message: string, user: any}>(this.beUrl+'api/getuser', { headers:{}, params: params, observe: 'response'});
let obs = this.http.get<{message: string, user: any}>(this.beUrl+'api/getuser', { headers: this.reqHeaders, params: params, observe: 'response'});
obs.subscribe((UserDataResponse) => {
console.log(UserDataResponse.status);
@ -67,7 +71,7 @@ export class UserService{
addOwner(address: string) {
const owner: Owner={_id: '', address: address, name: 'Zgo-'.concat(address.substring(0,5))};
let obs = this.http.post<{message: string}>(this.beUrl+'api/addowner', {address: owner.address, name: owner.name});
let obs = this.http.post<{message: string}>(this.beUrl+'api/addowner', {address: owner.address, name: owner.name}, {headers: this.reqHeaders});
obs.subscribe((responseData) => {
console.log(responseData.message);
@ -77,7 +81,7 @@ export class UserService{
}
updateOwner(owner: Owner) {
this.http.post<{message: string, owner: Owner}>(this.beUrl+'api/updateowner', {owner: owner}).
this.http.post<{message: string, owner: Owner}>(this.beUrl+'api/updateowner', {owner: owner}, {headers: this.reqHeaders}).
subscribe((responseData) => {
console.log(responseData.message);
//this.dataStore.owner = responseData.owner;
@ -89,7 +93,7 @@ export class UserService{
getOwner(address: string) {
console.log('getOwner', address);
const ownParams = new HttpParams().append('address', address);
let obs = this.http.get<{message:string, owner: any}>(this.beUrl+'api/getowner', {params: ownParams, observe: 'response'});
let obs = this.http.get<{message:string, owner: any}>(this.beUrl+'api/getowner', { headers: this.reqHeaders, params: ownParams, observe: 'response'});
obs.subscribe((OwnerDataResponse) => {
console.log('api/getowner', OwnerDataResponse.status);