diff --git a/index.js b/index.js index 0a3270e..bc67ef0 100644 --- a/index.js +++ b/index.js @@ -12,8 +12,6 @@ app.use(bodyParser.json(),function (req, res, next) { next() }) - - app.get('/status/:status', function (req, res) { list.getStatus(req.params.status).then(r => { res.send(JSON.stringify(r)) @@ -32,4 +30,12 @@ app.post('/submit', function (req, res) { res.send(JSON.stringify(r)) }) }) + +app.post('/approve', function (req, res) { + console.log(req.body) + list.approveUser(req.body).then(r => { + res.send(JSON.stringify(r)) + }) +}) + app.listen(3000) diff --git a/listManager.js b/listManager.js index 43728d4..a926f87 100644 --- a/listManager.js +++ b/listManager.js @@ -1,14 +1,15 @@ const fetch = require('node-fetch') const secp256k1 = require('secp256k1') const bs58 = require('base-x')("123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz") -const allowedUsers = require("./users.js") var mongo = require("./mongoHelp.js") -async function verifyMsg (obj, username) { - if (!allowedUsers.includes(obj.sender)) { +async function verifyMsg (obj) { + userLookup = await mongo.get("list","allowedUsers",{user:obj.sender}) + senderProtectionCheck = await mongo.get("list","allowedUsers",{user:obj.user}) + if (userLookup.length == 0 ) { return {"Message": "User Not Allowed"} - } else if (allowedUsers.includes(username)) { + } else if (senderProtectionCheck.length != 0) { return {"Message": "Can't modify trusted users"} } else { result = await fetch("https://avalon.d.tube/account/"+obj.sender) @@ -32,17 +33,6 @@ async function verifyMsg (obj, username) { } } -// { -// "user": "bigbootybitch", -// "status": "black", -// "reason": "1", -// "sender": "nannal", -// "ts": 1602024774158, -// "hash": "e5eb92c035c2528af5311998d14bf0be3ced0e87505c8f6481ce7ca63148b974", -// "signature": "bjNjRSnuJokydPzGCKZy7kExDeAT8mUS3iCzRzQR3y5owaBh1Mhh2UyPLHqR3bzxsK6fw13JtvCz65exPr2JsGB" -// } - - list = { getStatus: async (status) => { return await mongo.get("list","list",{"status": status}) @@ -55,19 +45,68 @@ list = { ver = await verifyMsg(obj) if (ver == true) { console.log(obj) - res = await mongo.get("list","list",{"user": obj.user}) - if (res.length > 0 ){ - mongo.update("list","list",{"user": obj.user}, obj) - } else { - mongo.put("list","list", obj) + limitedObj={ + user: obj.user, + status: obj.status, + reason: obj.reason, + sender: obj.sender, + ts: obj.ts, + hash: obj.hash, + signature: obj.signature, } - mongo.update("list","list",{"user": obj.user}, obj) + res = await mongo.get("list","list",{"user": limitedObj.user}) + if (res.length > 0 ){ + if (limitedObj.sender == res.sender){ + mongo.update("list","list",{"user": limitedObj.user}, limitedObj) + } else { + return {"Message": "This user is controlled by "+res.sender+" contact them to modify this entry, in an emergency contant nannal"} + } + + } else { + mongo.put("list","list", limitedObj) + } + mongo.update("list","list",{"user": limitedObj.user}, limitedObj) return {"Message":"Success"} } else { return ver } }, + approveUser: async (obj) => { + ver = await verifyMsg(obj) + if (ver == true) { + console.log(obj) + limitedObj={ + user: obj.user, + sender: obj.sender, + ts: obj.ts, + hash: obj.hash, + signature: obj.signature, + } + res = await mongo.get("list","allowedUsers",{"user": limitedObj.user}) + if (res.length > 0 ){ + return {"message":"User already approved by "+res.sender} + } else { + mongo.put("list","allowedUsers", limitedObj) + return {"Message":"Success"} + } + + + } else { + return ver + } + + }, + verifyUser: async (obj) => { + ver = await verifyMsg(obj) + if (ver == true) { + limitedObj ={ + + } + } else { + return ver + } + } } module.exports = list diff --git a/users.js b/users.js index 86cbc4b..3c7ce8e 100644 --- a/users.js +++ b/users.js @@ -1,3 +1,3 @@ -users = ["nannal", "hightouch", "heimindanger"] +users = ["nannal", "hightouch", "tibfox"] module.exports = users \ No newline at end of file