Add API authentication
This commit is contained in:
parent
dacb8dbafb
commit
d05292b365
5 changed files with 45 additions and 21 deletions
|
|
@ -1,6 +1,7 @@
|
||||||
const express = require('express');
|
const express = require('express');
|
||||||
const app = express();
|
const app = express();
|
||||||
const bodyparser = require('body-parser');
|
const bodyparser = require('body-parser');
|
||||||
|
const cors = require('cors');
|
||||||
const postmodel = require('./models/post');
|
const postmodel = require('./models/post');
|
||||||
const usermodel = require('./models/user');
|
const usermodel = require('./models/user');
|
||||||
const ownermodel = require('./models/owner');
|
const ownermodel = require('./models/owner');
|
||||||
|
|
@ -147,16 +148,26 @@ var blockInterval = setInterval( function() {
|
||||||
});
|
});
|
||||||
}, 90000);
|
}, 90000);
|
||||||
|
|
||||||
|
app.use(cors());
|
||||||
|
app.options('*', cors());
|
||||||
|
|
||||||
app.use(bodyparser.json());
|
app.use(bodyparser.json());
|
||||||
|
|
||||||
app.use((req, res, next) => {
|
app.use((req, res, next) => {
|
||||||
res.setHeader("Access-Control-Allow-Origin", "*");
|
res.setHeader("Access-Control-Allow-Origin", "*");
|
||||||
res.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
|
res.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
|
||||||
res.setHeader("Access-Control-Allow-Methods", "GET, POST, PATCH, DELETE, OPTIONS");
|
res.setHeader("Access-Control-Allow-Methods", "GET, POST, PATCH, DELETE, OPTIONS");
|
||||||
//req.ip = RequestIP.getClientIp(req);
|
|
||||||
next();
|
next();
|
||||||
});
|
});
|
||||||
|
|
||||||
|
app.use((req, res, next) => {
|
||||||
|
if (req.headers.authorization !== 'Le2adeic8Thah4Aeng4daem6i' ) {
|
||||||
|
return res.status(401).send('Authorization required.');
|
||||||
|
} else {
|
||||||
|
next();
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
app.get('/api/users', (req, res, next) => {
|
app.get('/api/users', (req, res, next) => {
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
import {Injectable} from '@angular/core';
|
import {Injectable} from '@angular/core';
|
||||||
import {Subject, Subscription, BehaviorSubject, Observable} from 'rxjs';
|
import {Subject, Subscription, BehaviorSubject, Observable} from 'rxjs';
|
||||||
import {HttpClient, HttpParams} from '@angular/common/http';
|
import {HttpClient, HttpParams, HttpHeaders} from '@angular/common/http';
|
||||||
import {UserService} from './user.service';
|
import {UserService} from './user.service';
|
||||||
|
|
||||||
//import {User} from './user.model';
|
//import {User} from './user.model';
|
||||||
|
|
@ -18,15 +18,18 @@ export class FullnodeService{
|
||||||
public readonly memoUpdate: Observable<string[]> = this._memoUpdated.asObservable();
|
public readonly memoUpdate: Observable<string[]> = this._memoUpdated.asObservable();
|
||||||
public readonly priceUpdate: Observable<number> = this._priceUpdated.asObservable();
|
public readonly priceUpdate: Observable<number> = this._priceUpdated.asObservable();
|
||||||
private UserSub: Subscription = new Subscription();
|
private UserSub: Subscription = new Subscription();
|
||||||
|
private apiKey = 'Le2adeic8Thah4Aeng4daem6i';
|
||||||
|
private reqHeaders: HttpHeaders;
|
||||||
|
|
||||||
constructor(private http: HttpClient, public userService: UserService){
|
constructor(private http: HttpClient, public userService: UserService){
|
||||||
|
this.reqHeaders = new HttpHeaders().set('Authorization', this.apiKey);
|
||||||
this.getAddr();
|
this.getAddr();
|
||||||
this.getHeight();
|
this.getHeight();
|
||||||
this.getPrice();
|
this.getPrice();
|
||||||
}
|
}
|
||||||
|
|
||||||
getHeight(){
|
getHeight(){
|
||||||
let obs = this.http.get<{message: string, height: number}>(this.beUrl+'api/blockheight');
|
let obs = this.http.get<{message: string, height: number}>(this.beUrl+'api/blockheight', { headers: this.reqHeaders });
|
||||||
obs.subscribe((BlockData) => {
|
obs.subscribe((BlockData) => {
|
||||||
this.dataStore.height = BlockData.height;
|
this.dataStore.height = BlockData.height;
|
||||||
this._heightUpdated.next(Object.assign({}, this.dataStore).height);
|
this._heightUpdated.next(Object.assign({}, this.dataStore).height);
|
||||||
|
|
@ -38,7 +41,7 @@ export class FullnodeService{
|
||||||
getPrice(){
|
getPrice(){
|
||||||
var currency = 'usd';
|
var currency = 'usd';
|
||||||
const params = new HttpParams().append('currency', currency);
|
const params = new HttpParams().append('currency', currency);
|
||||||
let obs = this.http.get<{message: string, price: any}>(this.beUrl+'api/price', { headers:{}, params: params, observe: 'response'});
|
let obs = this.http.get<{message: string, price: any}>(this.beUrl+'api/price', { headers:this.reqHeaders, params: params, observe: 'response'});
|
||||||
obs.subscribe((PriceData) => {
|
obs.subscribe((PriceData) => {
|
||||||
if (PriceData.status == 200) {
|
if (PriceData.status == 200) {
|
||||||
this.dataStore.price = PriceData.body!.price.price;
|
this.dataStore.price = PriceData.body!.price.price;
|
||||||
|
|
@ -63,7 +66,7 @@ export class FullnodeService{
|
||||||
|
|
||||||
|
|
||||||
getAddr() {
|
getAddr() {
|
||||||
let obs = this.http.get<{message: string, addr: string}>(this.beUrl+'api/getaddr');
|
let obs = this.http.get<{message: string, addr: string}>(this.beUrl+'api/getaddr', { headers: this.reqHeaders });
|
||||||
|
|
||||||
obs.subscribe((AddrData) => {
|
obs.subscribe((AddrData) => {
|
||||||
this.dataStore.addr = AddrData.addr;
|
this.dataStore.addr = AddrData.addr;
|
||||||
|
|
|
||||||
|
|
@ -1,7 +1,7 @@
|
||||||
import { Item } from './item.model';
|
import { Item } from './item.model';
|
||||||
import { Injectable } from '@angular/core';
|
import { Injectable } from '@angular/core';
|
||||||
import { Subject, BehaviorSubject, Observable } from 'rxjs';
|
import { Subject, BehaviorSubject, Observable } from 'rxjs';
|
||||||
import { HttpClient, HttpParams } from '@angular/common/http';
|
import { HttpClient, HttpParams, HttpHeaders } from '@angular/common/http';
|
||||||
|
|
||||||
@Injectable({providedIn: 'root'})
|
@Injectable({providedIn: 'root'})
|
||||||
|
|
||||||
|
|
@ -11,14 +11,17 @@ export class ItemService{
|
||||||
private _itemsUpdated: BehaviorSubject<Item[]> = new BehaviorSubject(this.dataStore.items);
|
private _itemsUpdated: BehaviorSubject<Item[]> = new BehaviorSubject(this.dataStore.items);
|
||||||
public readonly itemsUpdated: Observable<Item[]> = this._itemsUpdated.asObservable();
|
public readonly itemsUpdated: Observable<Item[]> = this._itemsUpdated.asObservable();
|
||||||
private address:string = '';
|
private address:string = '';
|
||||||
|
private apiKey = 'Le2adeic8Thah4Aeng4daem6i';
|
||||||
|
private reqHeaders: HttpHeaders;
|
||||||
|
|
||||||
constructor(private http: HttpClient){
|
constructor(private http: HttpClient){
|
||||||
|
this.reqHeaders = new HttpHeaders().set('Authorization', this.apiKey);
|
||||||
}
|
}
|
||||||
|
|
||||||
getItems(addr: string){
|
getItems(addr: string){
|
||||||
this.address = addr;
|
this.address = addr;
|
||||||
const params = new HttpParams().append('address', addr);
|
const params = new HttpParams().append('address', addr);
|
||||||
let obs = this.http.get<{message: string, items: any}>(this.beUrl+'api/getitems', { headers:{}, params: params, observe: 'response'});
|
let obs = this.http.get<{message: string, items: any}>(this.beUrl+'api/getitems', { headers:this.reqHeaders, params: params, observe: 'response'});
|
||||||
|
|
||||||
obs.subscribe((ItemDataResponse) => {
|
obs.subscribe((ItemDataResponse) => {
|
||||||
if (ItemDataResponse.status == 200 ) {
|
if (ItemDataResponse.status == 200 ) {
|
||||||
|
|
@ -34,7 +37,7 @@ export class ItemService{
|
||||||
|
|
||||||
addItem(item: Item) {
|
addItem(item: Item) {
|
||||||
//const params = new HttpParams().append('item', JSON.stringify(item));
|
//const params = new HttpParams().append('item', JSON.stringify(item));
|
||||||
let obs = this.http.post<{message: string}>(this.beUrl+'api/item', { item: item });
|
let obs = this.http.post<{message: string}>(this.beUrl+'api/item', { item: item }, { headers: this.reqHeaders });
|
||||||
|
|
||||||
obs.subscribe((ItemResponse) => {
|
obs.subscribe((ItemResponse) => {
|
||||||
console.log('Item added');
|
console.log('Item added');
|
||||||
|
|
@ -45,7 +48,7 @@ export class ItemService{
|
||||||
}
|
}
|
||||||
|
|
||||||
deleteItem(id: string) {
|
deleteItem(id: string) {
|
||||||
let obs = this.http.delete<{message: string}>(this.beUrl+'api/item/'+id);
|
let obs = this.http.delete<{message: string}>(this.beUrl+'api/item/'+id, { headers: this.reqHeaders });
|
||||||
|
|
||||||
obs.subscribe((ItemResponse) => {
|
obs.subscribe((ItemResponse) => {
|
||||||
console.log('Item deleted');
|
console.log('Item deleted');
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
import { Injectable } from '@angular/core';
|
import { Injectable } from '@angular/core';
|
||||||
import { Subject, BehaviorSubject, Observable } from 'rxjs';
|
import { Subject, BehaviorSubject, Observable } from 'rxjs';
|
||||||
import { HttpClient, HttpParams } from '@angular/common/http';
|
import { HttpClient, HttpParams, HttpHeaders } from '@angular/common/http';
|
||||||
import { Order } from './order.model';
|
import { Order } from './order.model';
|
||||||
import { UserService } from '../user.service';
|
import { UserService } from '../user.service';
|
||||||
import { FullnodeService } from '../fullnode.service';
|
import { FullnodeService } from '../fullnode.service';
|
||||||
|
|
@ -42,12 +42,15 @@ export class OrderService {
|
||||||
private _allOrdersUpdated: BehaviorSubject<Order[]> = new BehaviorSubject(this.dataStore.allOrders);
|
private _allOrdersUpdated: BehaviorSubject<Order[]> = new BehaviorSubject(this.dataStore.allOrders);
|
||||||
public readonly allOrdersUpdate: Observable<Order[]> = this._allOrdersUpdated.asObservable();
|
public readonly allOrdersUpdate: Observable<Order[]> = this._allOrdersUpdated.asObservable();
|
||||||
public userUpdate: Observable<User>;
|
public userUpdate: Observable<User>;
|
||||||
|
private apiKey = 'Le2adeic8Thah4Aeng4daem6i';
|
||||||
|
private reqHeaders: HttpHeaders;
|
||||||
|
|
||||||
constructor(
|
constructor(
|
||||||
private http: HttpClient,
|
private http: HttpClient,
|
||||||
public fullnodeService: FullnodeService,
|
public fullnodeService: FullnodeService,
|
||||||
public userService: UserService
|
public userService: UserService
|
||||||
) {
|
) {
|
||||||
|
this.reqHeaders = new HttpHeaders().set('Authorization', this.apiKey);
|
||||||
this.userUpdate = userService.userUpdate;
|
this.userUpdate = userService.userUpdate;
|
||||||
this.userUpdate.subscribe((user) => {
|
this.userUpdate.subscribe((user) => {
|
||||||
this.dataStore.user = user;
|
this.dataStore.user = user;
|
||||||
|
|
@ -59,7 +62,7 @@ export class OrderService {
|
||||||
getOrder() {
|
getOrder() {
|
||||||
var session = this.dataStore.user.session;
|
var session = this.dataStore.user.session;
|
||||||
const params = new HttpParams().append('session', session);
|
const params = new HttpParams().append('session', session);
|
||||||
let obs = this.http.get<{message: string, order: any}>(this.beUrl+'api/order', { headers:{}, params:params, observe: 'response'});
|
let obs = this.http.get<{message: string, order: any}>(this.beUrl+'api/order', { headers:this.reqHeaders, params:params, observe: 'response'});
|
||||||
|
|
||||||
obs.subscribe((OrderDataResponse) => {
|
obs.subscribe((OrderDataResponse) => {
|
||||||
if (OrderDataResponse.status == 200) {
|
if (OrderDataResponse.status == 200) {
|
||||||
|
|
@ -81,7 +84,7 @@ export class OrderService {
|
||||||
getAllOrders(){
|
getAllOrders(){
|
||||||
var address = this.dataStore.user.address;
|
var address = this.dataStore.user.address;
|
||||||
const params = new HttpParams().append('address', address);
|
const params = new HttpParams().append('address', address);
|
||||||
let obs = this.http.get<{message: string, orders: any}>(this.beUrl+'api/allorders', { headers:{}, params:params, observe: 'response'});
|
let obs = this.http.get<{message: string, orders: any}>(this.beUrl+'api/allorders', { headers:this.reqHeaders, params:params, observe: 'response'});
|
||||||
obs.subscribe((OrdersData) => {
|
obs.subscribe((OrdersData) => {
|
||||||
if (OrdersData.status == 200 ){
|
if (OrdersData.status == 200 ){
|
||||||
console.log('getAllOrder:', OrdersData.body);
|
console.log('getAllOrder:', OrdersData.body);
|
||||||
|
|
@ -97,7 +100,7 @@ export class OrderService {
|
||||||
|
|
||||||
addToOrder(lineItem: LineItem) {
|
addToOrder(lineItem: LineItem) {
|
||||||
if(this.dataStore.order._id != null) {
|
if(this.dataStore.order._id != null) {
|
||||||
let obs = this.http.post<{message: string}>(this.beUrl+'api/lineitem', { order_id: this.dataStore.order._id, line: lineItem });
|
let obs = this.http.post<{message: string}>(this.beUrl+'api/lineitem', { order_id: this.dataStore.order._id, line: lineItem }, { headers: this.reqHeaders });
|
||||||
obs.subscribe((orderData) => {
|
obs.subscribe((orderData) => {
|
||||||
this.getOrder();
|
this.getOrder();
|
||||||
});
|
});
|
||||||
|
|
@ -116,7 +119,7 @@ export class OrderService {
|
||||||
total: 0,
|
total: 0,
|
||||||
lines: []
|
lines: []
|
||||||
};
|
};
|
||||||
let obs = this.http.post<{message: string, order: Order}>(this.beUrl+'api/order', {order: order});
|
let obs = this.http.post<{message: string, order: Order}>(this.beUrl+'api/order', {order: order}, { headers: this.reqHeaders });
|
||||||
obs.subscribe((orderData) => {
|
obs.subscribe((orderData) => {
|
||||||
console.log('Create order', orderData);
|
console.log('Create order', orderData);
|
||||||
this.dataStore.order = orderData.order;
|
this.dataStore.order = orderData.order;
|
||||||
|
|
@ -128,7 +131,7 @@ export class OrderService {
|
||||||
}
|
}
|
||||||
|
|
||||||
cancelOrder(id: string) {
|
cancelOrder(id: string) {
|
||||||
let obs = this.http.delete<{message: string}>(this.beUrl+'api/order/'+id);
|
let obs = this.http.delete<{message: string}>(this.beUrl+'api/order/'+id, { headers: this.reqHeaders });
|
||||||
|
|
||||||
obs.subscribe((OrderResponse) => {
|
obs.subscribe((OrderResponse) => {
|
||||||
console.log('Order deleted');
|
console.log('Order deleted');
|
||||||
|
|
@ -160,7 +163,7 @@ export class OrderService {
|
||||||
console.log('Price:', price);
|
console.log('Price:', price);
|
||||||
this.dataStore.order.closed = true;
|
this.dataStore.order.closed = true;
|
||||||
this.dataStore.order.price = price;
|
this.dataStore.order.price = price;
|
||||||
let obs = this.http.post<{message: string, order: Order}>(this.beUrl+'api/order', {order: this.dataStore.order});
|
let obs = this.http.post<{message: string, order: Order}>(this.beUrl+'api/order', {order: this.dataStore.order}, { headers: this.reqHeaders });
|
||||||
obs.subscribe((orderData) => {
|
obs.subscribe((orderData) => {
|
||||||
console.log('Closed order', orderData);
|
console.log('Closed order', orderData);
|
||||||
this.dataStore.order = {
|
this.dataStore.order = {
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
import {Injectable} from '@angular/core';
|
import {Injectable} from '@angular/core';
|
||||||
import {Subject, BehaviorSubject, Observable} from 'rxjs';
|
import {Subject, BehaviorSubject, Observable} from 'rxjs';
|
||||||
import {HttpClient, HttpParams} from '@angular/common/http';
|
import {HttpClient, HttpParams, HttpHeaders} from '@angular/common/http';
|
||||||
import {User} from './user.model';
|
import {User} from './user.model';
|
||||||
import {Owner} from './owner.model';
|
import {Owner} from './owner.model';
|
||||||
|
|
||||||
|
|
@ -30,8 +30,12 @@ export class UserService{
|
||||||
public readonly uZaddrUpdate: Observable<string> = this._uZaddrUpdated.asObservable();
|
public readonly uZaddrUpdate: Observable<string> = this._uZaddrUpdated.asObservable();
|
||||||
public readonly ownerUpdate: Observable<Owner> = this._ownerUpdated.asObservable();
|
public readonly ownerUpdate: Observable<Owner> = this._ownerUpdated.asObservable();
|
||||||
public readonly userUpdate: Observable<User> = this._userUpdated.asObservable();
|
public readonly userUpdate: Observable<User> = this._userUpdated.asObservable();
|
||||||
|
private reqHeaders: HttpHeaders;
|
||||||
|
private apiKey = 'Le2adeic8Thah4Aeng4daem6i';
|
||||||
|
|
||||||
constructor(private http: HttpClient){
|
constructor(private http: HttpClient){
|
||||||
|
this.reqHeaders = new HttpHeaders().set('Authorization', this.apiKey);
|
||||||
|
console.log('US:', this.reqHeaders);
|
||||||
this.session = localStorage.getItem('s4z_token');
|
this.session = localStorage.getItem('s4z_token');
|
||||||
if (this.session != null) {
|
if (this.session != null) {
|
||||||
this.findUser();
|
this.findUser();
|
||||||
|
|
@ -42,7 +46,7 @@ export class UserService{
|
||||||
this.session = localStorage.getItem('s4z_token');
|
this.session = localStorage.getItem('s4z_token');
|
||||||
if (this.session != null) {
|
if (this.session != null) {
|
||||||
const params = new HttpParams().append('session', this.session!);
|
const params = new HttpParams().append('session', this.session!);
|
||||||
let obs = this.http.get<{message: string, user: any}>(this.beUrl+'api/getuser', { headers:{}, params: params, observe: 'response'});
|
let obs = this.http.get<{message: string, user: any}>(this.beUrl+'api/getuser', { headers: this.reqHeaders, params: params, observe: 'response'});
|
||||||
|
|
||||||
obs.subscribe((UserDataResponse) => {
|
obs.subscribe((UserDataResponse) => {
|
||||||
console.log(UserDataResponse.status);
|
console.log(UserDataResponse.status);
|
||||||
|
|
@ -67,7 +71,7 @@ export class UserService{
|
||||||
|
|
||||||
addOwner(address: string) {
|
addOwner(address: string) {
|
||||||
const owner: Owner={_id: '', address: address, name: 'Zgo-'.concat(address.substring(0,5))};
|
const owner: Owner={_id: '', address: address, name: 'Zgo-'.concat(address.substring(0,5))};
|
||||||
let obs = this.http.post<{message: string}>(this.beUrl+'api/addowner', {address: owner.address, name: owner.name});
|
let obs = this.http.post<{message: string}>(this.beUrl+'api/addowner', {address: owner.address, name: owner.name}, {headers: this.reqHeaders});
|
||||||
|
|
||||||
obs.subscribe((responseData) => {
|
obs.subscribe((responseData) => {
|
||||||
console.log(responseData.message);
|
console.log(responseData.message);
|
||||||
|
|
@ -77,7 +81,7 @@ export class UserService{
|
||||||
}
|
}
|
||||||
|
|
||||||
updateOwner(owner: Owner) {
|
updateOwner(owner: Owner) {
|
||||||
this.http.post<{message: string, owner: Owner}>(this.beUrl+'api/updateowner', {owner: owner}).
|
this.http.post<{message: string, owner: Owner}>(this.beUrl+'api/updateowner', {owner: owner}, {headers: this.reqHeaders}).
|
||||||
subscribe((responseData) => {
|
subscribe((responseData) => {
|
||||||
console.log(responseData.message);
|
console.log(responseData.message);
|
||||||
//this.dataStore.owner = responseData.owner;
|
//this.dataStore.owner = responseData.owner;
|
||||||
|
|
@ -89,7 +93,7 @@ export class UserService{
|
||||||
getOwner(address: string) {
|
getOwner(address: string) {
|
||||||
console.log('getOwner', address);
|
console.log('getOwner', address);
|
||||||
const ownParams = new HttpParams().append('address', address);
|
const ownParams = new HttpParams().append('address', address);
|
||||||
let obs = this.http.get<{message:string, owner: any}>(this.beUrl+'api/getowner', {params: ownParams, observe: 'response'});
|
let obs = this.http.get<{message:string, owner: any}>(this.beUrl+'api/getowner', { headers: this.reqHeaders, params: ownParams, observe: 'response'});
|
||||||
|
|
||||||
obs.subscribe((OwnerDataResponse) => {
|
obs.subscribe((OwnerDataResponse) => {
|
||||||
console.log('api/getowner', OwnerDataResponse.status);
|
console.log('api/getowner', OwnerDataResponse.status);
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue