Add API authentication
This commit is contained in:
parent
dacb8dbafb
commit
d05292b365
5 changed files with 45 additions and 21 deletions
|
|
@ -1,6 +1,7 @@
|
|||
const express = require('express');
|
||||
const app = express();
|
||||
const bodyparser = require('body-parser');
|
||||
const cors = require('cors');
|
||||
const postmodel = require('./models/post');
|
||||
const usermodel = require('./models/user');
|
||||
const ownermodel = require('./models/owner');
|
||||
|
|
@ -147,16 +148,26 @@ var blockInterval = setInterval( function() {
|
|||
});
|
||||
}, 90000);
|
||||
|
||||
app.use(cors());
|
||||
app.options('*', cors());
|
||||
|
||||
app.use(bodyparser.json());
|
||||
|
||||
app.use((req, res, next) => {
|
||||
res.setHeader("Access-Control-Allow-Origin", "*");
|
||||
res.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
|
||||
res.setHeader("Access-Control-Allow-Methods", "GET, POST, PATCH, DELETE, OPTIONS");
|
||||
//req.ip = RequestIP.getClientIp(req);
|
||||
next();
|
||||
});
|
||||
|
||||
app.use((req, res, next) => {
|
||||
if (req.headers.authorization !== 'Le2adeic8Thah4Aeng4daem6i' ) {
|
||||
return res.status(401).send('Authorization required.');
|
||||
} else {
|
||||
next();
|
||||
}
|
||||
});
|
||||
|
||||
|
||||
|
||||
app.get('/api/users', (req, res, next) => {
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
import {Injectable} from '@angular/core';
|
||||
import {Subject, Subscription, BehaviorSubject, Observable} from 'rxjs';
|
||||
import {HttpClient, HttpParams} from '@angular/common/http';
|
||||
import {HttpClient, HttpParams, HttpHeaders} from '@angular/common/http';
|
||||
import {UserService} from './user.service';
|
||||
|
||||
//import {User} from './user.model';
|
||||
|
|
@ -18,15 +18,18 @@ export class FullnodeService{
|
|||
public readonly memoUpdate: Observable<string[]> = this._memoUpdated.asObservable();
|
||||
public readonly priceUpdate: Observable<number> = this._priceUpdated.asObservable();
|
||||
private UserSub: Subscription = new Subscription();
|
||||
private apiKey = 'Le2adeic8Thah4Aeng4daem6i';
|
||||
private reqHeaders: HttpHeaders;
|
||||
|
||||
constructor(private http: HttpClient, public userService: UserService){
|
||||
this.reqHeaders = new HttpHeaders().set('Authorization', this.apiKey);
|
||||
this.getAddr();
|
||||
this.getHeight();
|
||||
this.getPrice();
|
||||
}
|
||||
|
||||
getHeight(){
|
||||
let obs = this.http.get<{message: string, height: number}>(this.beUrl+'api/blockheight');
|
||||
let obs = this.http.get<{message: string, height: number}>(this.beUrl+'api/blockheight', { headers: this.reqHeaders });
|
||||
obs.subscribe((BlockData) => {
|
||||
this.dataStore.height = BlockData.height;
|
||||
this._heightUpdated.next(Object.assign({}, this.dataStore).height);
|
||||
|
|
@ -38,7 +41,7 @@ export class FullnodeService{
|
|||
getPrice(){
|
||||
var currency = 'usd';
|
||||
const params = new HttpParams().append('currency', currency);
|
||||
let obs = this.http.get<{message: string, price: any}>(this.beUrl+'api/price', { headers:{}, params: params, observe: 'response'});
|
||||
let obs = this.http.get<{message: string, price: any}>(this.beUrl+'api/price', { headers:this.reqHeaders, params: params, observe: 'response'});
|
||||
obs.subscribe((PriceData) => {
|
||||
if (PriceData.status == 200) {
|
||||
this.dataStore.price = PriceData.body!.price.price;
|
||||
|
|
@ -63,7 +66,7 @@ export class FullnodeService{
|
|||
|
||||
|
||||
getAddr() {
|
||||
let obs = this.http.get<{message: string, addr: string}>(this.beUrl+'api/getaddr');
|
||||
let obs = this.http.get<{message: string, addr: string}>(this.beUrl+'api/getaddr', { headers: this.reqHeaders });
|
||||
|
||||
obs.subscribe((AddrData) => {
|
||||
this.dataStore.addr = AddrData.addr;
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
import { Item } from './item.model';
|
||||
import { Injectable } from '@angular/core';
|
||||
import { Subject, BehaviorSubject, Observable } from 'rxjs';
|
||||
import { HttpClient, HttpParams } from '@angular/common/http';
|
||||
import { HttpClient, HttpParams, HttpHeaders } from '@angular/common/http';
|
||||
|
||||
@Injectable({providedIn: 'root'})
|
||||
|
||||
|
|
@ -11,14 +11,17 @@ export class ItemService{
|
|||
private _itemsUpdated: BehaviorSubject<Item[]> = new BehaviorSubject(this.dataStore.items);
|
||||
public readonly itemsUpdated: Observable<Item[]> = this._itemsUpdated.asObservable();
|
||||
private address:string = '';
|
||||
private apiKey = 'Le2adeic8Thah4Aeng4daem6i';
|
||||
private reqHeaders: HttpHeaders;
|
||||
|
||||
constructor(private http: HttpClient){
|
||||
this.reqHeaders = new HttpHeaders().set('Authorization', this.apiKey);
|
||||
}
|
||||
|
||||
getItems(addr: string){
|
||||
this.address = addr;
|
||||
const params = new HttpParams().append('address', addr);
|
||||
let obs = this.http.get<{message: string, items: any}>(this.beUrl+'api/getitems', { headers:{}, params: params, observe: 'response'});
|
||||
let obs = this.http.get<{message: string, items: any}>(this.beUrl+'api/getitems', { headers:this.reqHeaders, params: params, observe: 'response'});
|
||||
|
||||
obs.subscribe((ItemDataResponse) => {
|
||||
if (ItemDataResponse.status == 200 ) {
|
||||
|
|
@ -34,7 +37,7 @@ export class ItemService{
|
|||
|
||||
addItem(item: Item) {
|
||||
//const params = new HttpParams().append('item', JSON.stringify(item));
|
||||
let obs = this.http.post<{message: string}>(this.beUrl+'api/item', { item: item });
|
||||
let obs = this.http.post<{message: string}>(this.beUrl+'api/item', { item: item }, { headers: this.reqHeaders });
|
||||
|
||||
obs.subscribe((ItemResponse) => {
|
||||
console.log('Item added');
|
||||
|
|
@ -45,7 +48,7 @@ export class ItemService{
|
|||
}
|
||||
|
||||
deleteItem(id: string) {
|
||||
let obs = this.http.delete<{message: string}>(this.beUrl+'api/item/'+id);
|
||||
let obs = this.http.delete<{message: string}>(this.beUrl+'api/item/'+id, { headers: this.reqHeaders });
|
||||
|
||||
obs.subscribe((ItemResponse) => {
|
||||
console.log('Item deleted');
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
import { Injectable } from '@angular/core';
|
||||
import { Subject, BehaviorSubject, Observable } from 'rxjs';
|
||||
import { HttpClient, HttpParams } from '@angular/common/http';
|
||||
import { HttpClient, HttpParams, HttpHeaders } from '@angular/common/http';
|
||||
import { Order } from './order.model';
|
||||
import { UserService } from '../user.service';
|
||||
import { FullnodeService } from '../fullnode.service';
|
||||
|
|
@ -42,12 +42,15 @@ export class OrderService {
|
|||
private _allOrdersUpdated: BehaviorSubject<Order[]> = new BehaviorSubject(this.dataStore.allOrders);
|
||||
public readonly allOrdersUpdate: Observable<Order[]> = this._allOrdersUpdated.asObservable();
|
||||
public userUpdate: Observable<User>;
|
||||
private apiKey = 'Le2adeic8Thah4Aeng4daem6i';
|
||||
private reqHeaders: HttpHeaders;
|
||||
|
||||
constructor(
|
||||
private http: HttpClient,
|
||||
public fullnodeService: FullnodeService,
|
||||
public userService: UserService
|
||||
) {
|
||||
this.reqHeaders = new HttpHeaders().set('Authorization', this.apiKey);
|
||||
this.userUpdate = userService.userUpdate;
|
||||
this.userUpdate.subscribe((user) => {
|
||||
this.dataStore.user = user;
|
||||
|
|
@ -59,7 +62,7 @@ export class OrderService {
|
|||
getOrder() {
|
||||
var session = this.dataStore.user.session;
|
||||
const params = new HttpParams().append('session', session);
|
||||
let obs = this.http.get<{message: string, order: any}>(this.beUrl+'api/order', { headers:{}, params:params, observe: 'response'});
|
||||
let obs = this.http.get<{message: string, order: any}>(this.beUrl+'api/order', { headers:this.reqHeaders, params:params, observe: 'response'});
|
||||
|
||||
obs.subscribe((OrderDataResponse) => {
|
||||
if (OrderDataResponse.status == 200) {
|
||||
|
|
@ -81,7 +84,7 @@ export class OrderService {
|
|||
getAllOrders(){
|
||||
var address = this.dataStore.user.address;
|
||||
const params = new HttpParams().append('address', address);
|
||||
let obs = this.http.get<{message: string, orders: any}>(this.beUrl+'api/allorders', { headers:{}, params:params, observe: 'response'});
|
||||
let obs = this.http.get<{message: string, orders: any}>(this.beUrl+'api/allorders', { headers:this.reqHeaders, params:params, observe: 'response'});
|
||||
obs.subscribe((OrdersData) => {
|
||||
if (OrdersData.status == 200 ){
|
||||
console.log('getAllOrder:', OrdersData.body);
|
||||
|
|
@ -97,7 +100,7 @@ export class OrderService {
|
|||
|
||||
addToOrder(lineItem: LineItem) {
|
||||
if(this.dataStore.order._id != null) {
|
||||
let obs = this.http.post<{message: string}>(this.beUrl+'api/lineitem', { order_id: this.dataStore.order._id, line: lineItem });
|
||||
let obs = this.http.post<{message: string}>(this.beUrl+'api/lineitem', { order_id: this.dataStore.order._id, line: lineItem }, { headers: this.reqHeaders });
|
||||
obs.subscribe((orderData) => {
|
||||
this.getOrder();
|
||||
});
|
||||
|
|
@ -116,7 +119,7 @@ export class OrderService {
|
|||
total: 0,
|
||||
lines: []
|
||||
};
|
||||
let obs = this.http.post<{message: string, order: Order}>(this.beUrl+'api/order', {order: order});
|
||||
let obs = this.http.post<{message: string, order: Order}>(this.beUrl+'api/order', {order: order}, { headers: this.reqHeaders });
|
||||
obs.subscribe((orderData) => {
|
||||
console.log('Create order', orderData);
|
||||
this.dataStore.order = orderData.order;
|
||||
|
|
@ -128,7 +131,7 @@ export class OrderService {
|
|||
}
|
||||
|
||||
cancelOrder(id: string) {
|
||||
let obs = this.http.delete<{message: string}>(this.beUrl+'api/order/'+id);
|
||||
let obs = this.http.delete<{message: string}>(this.beUrl+'api/order/'+id, { headers: this.reqHeaders });
|
||||
|
||||
obs.subscribe((OrderResponse) => {
|
||||
console.log('Order deleted');
|
||||
|
|
@ -160,7 +163,7 @@ export class OrderService {
|
|||
console.log('Price:', price);
|
||||
this.dataStore.order.closed = true;
|
||||
this.dataStore.order.price = price;
|
||||
let obs = this.http.post<{message: string, order: Order}>(this.beUrl+'api/order', {order: this.dataStore.order});
|
||||
let obs = this.http.post<{message: string, order: Order}>(this.beUrl+'api/order', {order: this.dataStore.order}, { headers: this.reqHeaders });
|
||||
obs.subscribe((orderData) => {
|
||||
console.log('Closed order', orderData);
|
||||
this.dataStore.order = {
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
import {Injectable} from '@angular/core';
|
||||
import {Subject, BehaviorSubject, Observable} from 'rxjs';
|
||||
import {HttpClient, HttpParams} from '@angular/common/http';
|
||||
import {HttpClient, HttpParams, HttpHeaders} from '@angular/common/http';
|
||||
import {User} from './user.model';
|
||||
import {Owner} from './owner.model';
|
||||
|
||||
|
|
@ -30,8 +30,12 @@ export class UserService{
|
|||
public readonly uZaddrUpdate: Observable<string> = this._uZaddrUpdated.asObservable();
|
||||
public readonly ownerUpdate: Observable<Owner> = this._ownerUpdated.asObservable();
|
||||
public readonly userUpdate: Observable<User> = this._userUpdated.asObservable();
|
||||
private reqHeaders: HttpHeaders;
|
||||
private apiKey = 'Le2adeic8Thah4Aeng4daem6i';
|
||||
|
||||
constructor(private http: HttpClient){
|
||||
this.reqHeaders = new HttpHeaders().set('Authorization', this.apiKey);
|
||||
console.log('US:', this.reqHeaders);
|
||||
this.session = localStorage.getItem('s4z_token');
|
||||
if (this.session != null) {
|
||||
this.findUser();
|
||||
|
|
@ -42,7 +46,7 @@ export class UserService{
|
|||
this.session = localStorage.getItem('s4z_token');
|
||||
if (this.session != null) {
|
||||
const params = new HttpParams().append('session', this.session!);
|
||||
let obs = this.http.get<{message: string, user: any}>(this.beUrl+'api/getuser', { headers:{}, params: params, observe: 'response'});
|
||||
let obs = this.http.get<{message: string, user: any}>(this.beUrl+'api/getuser', { headers: this.reqHeaders, params: params, observe: 'response'});
|
||||
|
||||
obs.subscribe((UserDataResponse) => {
|
||||
console.log(UserDataResponse.status);
|
||||
|
|
@ -67,7 +71,7 @@ export class UserService{
|
|||
|
||||
addOwner(address: string) {
|
||||
const owner: Owner={_id: '', address: address, name: 'Zgo-'.concat(address.substring(0,5))};
|
||||
let obs = this.http.post<{message: string}>(this.beUrl+'api/addowner', {address: owner.address, name: owner.name});
|
||||
let obs = this.http.post<{message: string}>(this.beUrl+'api/addowner', {address: owner.address, name: owner.name}, {headers: this.reqHeaders});
|
||||
|
||||
obs.subscribe((responseData) => {
|
||||
console.log(responseData.message);
|
||||
|
|
@ -77,7 +81,7 @@ export class UserService{
|
|||
}
|
||||
|
||||
updateOwner(owner: Owner) {
|
||||
this.http.post<{message: string, owner: Owner}>(this.beUrl+'api/updateowner', {owner: owner}).
|
||||
this.http.post<{message: string, owner: Owner}>(this.beUrl+'api/updateowner', {owner: owner}, {headers: this.reqHeaders}).
|
||||
subscribe((responseData) => {
|
||||
console.log(responseData.message);
|
||||
//this.dataStore.owner = responseData.owner;
|
||||
|
|
@ -89,7 +93,7 @@ export class UserService{
|
|||
getOwner(address: string) {
|
||||
console.log('getOwner', address);
|
||||
const ownParams = new HttpParams().append('address', address);
|
||||
let obs = this.http.get<{message:string, owner: any}>(this.beUrl+'api/getowner', {params: ownParams, observe: 'response'});
|
||||
let obs = this.http.get<{message:string, owner: any}>(this.beUrl+'api/getowner', { headers: this.reqHeaders, params: ownParams, observe: 'response'});
|
||||
|
||||
obs.subscribe((OwnerDataResponse) => {
|
||||
console.log('api/getowner', OwnerDataResponse.status);
|
||||
|
|
|
|||
Loading…
Reference in a new issue