API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jan 17th, 2019
72
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 17.90 KB | None | 0 0
raw download clone embed print report
  1. const express = require('express');
  2. const router = express.Router();
  3. const mysqlConnection = require('../database');
  4. var md5 = require('md5');
  5. var http = require("http");
  6. const nodemailer = require("nodemailer");
  7.  
  8. const accountSid = 'ACd78bf191838dec795b139d5a736ed5c0';
  9. const authToken = 'dcef18b7b7b9898277187a62d4fc3102';
  10. const client = require('twilio')(accountSid, authToken);
  11.  
  12.  
  13. //FCM END
  14.  
  15. //Offnet OTP
  16.  
  17. //Offnet OTP end
  18.  
  19. console.log('server online');
  20.  
  21. router.all('/', function(req, res, next) {
  22. res.header("Access-Control-Allow-Origin", "*");
  23. res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
  24. res.header('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE');
  25. next();
  26. });
  27.  
  28. //viewing all users data
  29. router.get('/',(req,res)=>{
  30. mysqlConnection.query('SELECT * FROM users',(err, rows, fields)=>{
  31. if(!err){
  32. res.json(rows);
  33. } else {
  34. console.log(err);
  35. //mysqlConnection.end();
  36. }
  37. });
  38. });
  39.  
  40.  
  41. router.get('/transinfo',(req, res)=>{
  42. const userid_fk = req.query.userid_fk;
  43. var query = 'SELECT * FROM cimbbankdb.transactions WHERE transactionid = (SELECT MAX(transactionid) FROM cimbbankdb.transactions WHERE userid_fk = "'+userid_fk+'")';
  44. mysqlConnection.query(query, (err, rows, fields)=>{
  45. if(!err){
  46. res.json(rows);
  47. }else{
  48. console.log(err);
  49. }
  50. })
  51. })
  52.  
  53.  
  54. //username check if exist
  55. router.get('/userinfo',(req,res)=>{
  56. const username = req.query.username;
  57. const password = req.query.password;
  58. var query = 'SELECT * FROM cimbbankdb.users WHERE username = "'+username+'"';
  59. mysqlConnection.query(query, (err, rows, fields)=>{
  60. if(!err){
  61. res.json(rows);
  62. } else {
  63. console.log(err);
  64. }
  65. });
  66. });
  67.  
  68.  
  69. //select userinfo with UUID
  70. router.get('/uuidinfo',(req,res)=>{
  71. const uuid = req.query.uuid;
  72. var query = 'SELECT * FROM cimbbankdb.users WHERE uuid = "'+uuid+'"';
  73. mysqlConnection.query(query, (err, rows, fields)=>{
  74. if(!err){
  75. res.json(rows);
  76. } else {
  77. console.log(err);
  78. }
  79. });
  80. });
  81. //
  82. //viewing a specific user's data via ID & password
  83. router.get('/userlogin',(req,res)=>{
  84. const username = req.query.username, password = req.query.password;
  85. var query = 'SELECT * FROM cimbbankdb.users WHERE username = "'+username+'" AND password ="'+password+'"';
  86. mysqlConnection.query(query, (err, rows, fields)=>{
  87. if(!err){
  88. res.json(rows);
  89. } else {
  90. console.log(err);
  91. }
  92. });
  93. });
  94.  
  95. //loginattempt
  96. var timestamp;
  97. var timestamparray = [];
  98. var hasharray = [];
  99. var clienthash;
  100. router.get('/loginattempt', (req,res) => {
  101.  
  102. const genesisblock = req.query.genesisblock;
  103. const clienttimestamp = req.query.clienttimestamp;
  104.  
  105. var query = 'SELECT * FROM cimbbankdb.users WHERE genesisblock = "'+genesisblock+'"';
  106. mysqlConnection.query(query, (err, rows, fields)=>{
  107.  
  108.  
  109. if(!err){
  110. if(!(rows.length > 0)){
  111. console.log(genesisblock);
  112. console.log(clienttimestamp);
  113. console.log(rows);
  114. res.json({status: "tampered"});
  115. } else {
  116. console.log('hey');
  117. clienthash = md5(rows[0].uuid + clienttimestamp + rows[0].username);
  118. timestamp = Math.floor((new Date).getTime()/1000);
  119. console.log(timestamp);
  120.  
  121.  
  122. for(i=1; i<6; i++){
  123.  
  124. timestamparray[i] = timestamp + i;
  125. timestamparray[i+5] = timestamp - i;
  126. }
  127.  
  128.  
  129.  
  130. for(i=0; i<11; i++){
  131. hasharray[i]= md5(rows[0].uuid + timestamparray[i] + rows[0].username);
  132.  
  133. if(i == 10){
  134. hasharray[i]= md5(rows[0].uuid + timestamp + rows[0].username);
  135. }
  136. console.log(hasharray[i]);
  137.  
  138. if(clienthash == hasharray[i]){
  139. var newgenquery = 'UPDATE cimbbankdb.users SET genesisblock = "'+hasharray[i]+'" WHERE genesisblock = "'+genesisblock+'"';
  140.  
  141. mysqlConnection.query(newgenquery, (err, rows, fields)=>{
  142. if(!err){
  143. console.log('successful');
  144. } else {
  145. console.log(err);
  146. }
  147. });
  148.  
  149.  
  150. res.json({status: "1", newgen: hasharray[i]});
  151. return;
  152. }
  153.  
  154. }
  155.  
  156. res.json({status:"0"});
  157. }
  158. } else {
  159. Console.log(err);
  160. }
  161. });
  162. });
  163.  
  164. //getFunction
  165. router.get('/getdetails', (req,res) => {
  166. const genesisblock = req.query.genesisblock;
  167. var query = 'SELECT username, account_balance, qrlogin FROM cimbbankdb.users WHERE genesisblock ="'+genesisblock+'"';
  168. mysqlConnection.query(query, (err, rows, fields)=>{
  169. if(!err){
  170. res.json(rows);
  171. } else {
  172. console.log(err);
  173. }
  174. });
  175. });
  176.  
  177. //qrLoginSwitch
  178. router.get('/qrswitch', (req,res) => {
  179. const genesisblock = req.query.genesisblock;
  180. var query = 'SELECT qrlogin FROM cimbbankdb.users WHERE genesisblock ="'+genesisblock+'"';
  181. var updatequery;
  182. mysqlConnection.query(query, (err, rows, fields)=>{
  183. if(!err){
  184.  
  185. if (rows[0].qrlogin == '1'){
  186. updatequery = 'UPDATE cimbbankdb.users SET qrlogin = "0" WHERE genesisblock = "'+genesisblock+'"';
  187. } else {
  188. updatequery = 'UPDATE cimbbankdb.users SET qrlogin = "1" WHERE genesisblock = "'+genesisblock+'"';
  189. }
  190.  
  191. mysqlConnection.query(updatequery, (err, rows, fields)=>res.json({status:'1'}));
  192. console.log('success');
  193. } else {
  194. console.log(err);
  195. }
  196. });
  197. });
  198.  
  199.  
  200. //transactionhistory
  201. router.get('/transactionhistory', (req,res) => {
  202. const genesisblock = req.query.genesisblock;
  203. var relateduser;
  204. var query = 'SELECT * FROM cimbbankdb.users WHERE genesisblock = "'+genesisblock+'"';
  205.  
  206. mysqlConnection.query(query, (err, rows, fields)=>{
  207. if(!err){
  208. relateduser = rows[0].username;
  209. var selecttransaction= 'SELECT * FROM cimbbankdb.transaction WHERE relateduser = "'+relateduser+'"';
  210. mysqlConnection.query(selecttransaction, (err, rows, fields)=>{
  211. res.json(rows);
  212. })
  213. console.log('success');
  214. } else {
  215. console.log(err);
  216. }
  217. });
  218. });
  219.  
  220. //nfcTransaction
  221. router.get('/nfctransaction', (req,res) => {
  222. const genesisblock = req.query.genesisblock;
  223. const receipienthash = req.query.recipienthash;
  224. const amount = req.query.amount;
  225.  
  226. var email;
  227. var senderaccbal;
  228. var receipientaccbal;
  229. var newsend, newrec, usdconamt, usdamt;
  230.  
  231. var query = 'SELECT username, account_balance, email FROM cimbbankdb.users WHERE genesisblock = "'+genesisblock+'"';
  232. var senderquery = 'SELECT username, account_balance FROM cimbbankdb.users WHERE genesisblock = "'+receipienthash+'"';
  233.  
  234.  
  235. mysqlConnection.query(query, (err, rows, fields)=>{
  236. if(!err){
  237. console.log(rows);
  238. username = rows[0].username;
  239. senderaccbal = rows[0].account_balance;
  240. email = rows[0].email;
  241. var request = http.get('http://www.apilayer.net/api/live?access_key=fd6e268488adf2c8da2ef53fd57af530&currencies=MYR', function (response) {
  242. // data is streamed in chunks from the server
  243. // so we have to handle the "data" event
  244. var buffer = "",
  245. data,
  246. route;
  247.  
  248. response.on("data", function (chunk) {
  249. buffer += chunk;
  250. });
  251.  
  252. response.on("end", function (err) {
  253. // finished transferring data
  254. // dump the raw data
  255. data = JSON.parse(buffer);
  256. usdconamt = data.quotes.USDMYR;
  257. usdamt = amount / usdconamt;
  258. if (usdamt >= 1000) {
  259. //EMAIL START
  260. var transporter = nodemailer.createTransport({
  261. service: 'gmail',
  262. auth: {
  263. user: 'noreplyuniqon@gmail.com',
  264. pass: 'krazykodingklub123'
  265. }
  266. });
  267. const mailOptions = {
  268. from: 'noreplyuniqon@gmail.com', // sender address
  269. to: 'asleywhtan99@gmail.com', // list of receivers
  270. subject: 'Transaction Notification', // Subject line
  271. html: '<p>A transaction was made with the amount of USD'+usdamt+'</p>'// plain text body
  272. };
  273. transporter.sendMail(mailOptions, function (err, info) {
  274. if(err)
  275. console.log(err)
  276. else
  277. console.log(info);
  278. });
  279.  
  280. client.api.accounts.create().then(account => console.log(account.sid)).done();
  281.  
  282. client.messages
  283. .create({
  284. body: 'A recent transaction was made with the amount of USD'+usdamt+'',
  285. from: '+601117223186',
  286. to: '+60164420075'
  287. })
  288. .then(message => console.log(message.sid))
  289. .done();
  290.  
  291. //EMAIL END
  292. //SMS START
  293.  
  294. //SMS END
  295. }
  296. });
  297. });
  298.  
  299. mysqlConnection.query(senderquery, (err, rows, fields)=>{
  300. var receiverusername = rows[0].username;
  301. receipientaccbal = rows[0].account_balance;
  302. newrec = parseInt(receipientaccbal)+parseInt(amount);
  303. newsend = senderaccbal-amount;
  304. console.log(newrec);
  305. console.log(newsend);
  306. console.log(amount);
  307.  
  308. var insertquery = 'INSERT INTO cimbbankdb.transaction(amount,recipient, relateduser) VALUES("'+amount+'","'+receiverusername+'","'+username+'")';
  309. var updatequery1 = 'UPDATE cimbbankdb.users SET account_balance = "'+newsend+'" WHERE genesisblock = "'+genesisblock+'"';
  310. var updatequery2 = 'UPDATE cimbbankdb.users SET account_balance = "'+newrec+'" WHERE genesisblock = "'+receipienthash+'"';
  311.  
  312. mysqlConnection.query(updatequery1, (err, rows, fields)=>console.log('success1'));
  313. mysqlConnection.query(updatequery2, (err, rows, fields)=>{
  314. mysqlConnection.query(insertquery, (err, rows, fields)=>{
  315. console.log(insertquery);
  316. console.log('success2');
  317. res.json({status: "1"});
  318. })
  319. });
  320.  
  321.  
  322.  
  323. });
  324.  
  325. } else {
  326. console.log(err);
  327. }
  328. });
  329. });
  330.  
  331. //famtagcreate
  332. router.get('/famtagcreate', (req,res) => {
  333. const genesisblock = req.query.genesisblock;
  334. const amount = req.query.amount;
  335. const name = req.query.name;
  336. const recipientgenblock = req.query.recipientgenblock;
  337. var relatedusername, relatedamount, newamount;
  338.  
  339. var query = 'SELECT username, account_balance FROM cimbbankdb.users WHERE genesisblock = "'+genesisblock+'"';
  340. mysqlConnection.query(query, (err, rows, fields)=>{
  341. if(!err){
  342. if (rows.username !== ''){
  343. relatedusername = rows[0].username;
  344. relatedamount = rows[0].account_balance;
  345. newamount = relatedamount - amount;
  346. var insertquery = 'INSERT INTO cimbbankdb.familytag(famgenesisblock, amount, name, relatedusername) VALUES("'+recipientgenblock+'", "'+amount+'","'+name+'","'+relatedusername+'")';
  347. var deductquery = 'UPDATE cimbbankdb.users SET account_balance = "'+newamount+'" WHERE genesisblock = "'+genesisblock+'"';
  348. mysqlConnection.query(insertquery, (err, rows, fields)=>{
  349. if(!err){
  350. mysqlConnection.query(deductquery, (err, rows, fields)=>{
  351. res.json({status: "1"});
  352. });
  353. } else {
  354. console.log(err);
  355. }
  356. });
  357. }
  358. } else {
  359. Console.log(err);
  360. }
  361. });
  362. });
  363.  
  364. //famtagget
  365. router.get('/famtagget', (req,res) => {
  366. const genesisblock = req.query.genesisblock;
  367.  
  368. var query = 'SELECT * FROM cimbbankdb.familytag WHERE famgenesisblock = "'+genesisblock+'"';
  369. mysqlConnection.query(query, (err, rows, fields)=>{
  370. if(!err){
  371. res.json(rows);
  372. } else {
  373. Console.log(err);
  374. }
  375. });
  376. });
  377.  
  378. //famtagget
  379. router.get('/famtaggetrelated', (req,res) => {
  380. const genesisblock = req.query.genesisblock;
  381. var relatedusername;
  382. var query = 'SELECT username FROM cimbbankdb.users WHERE genesisblock = "'+genesisblock+'"';
  383. mysqlConnection.query(query, (err, rows, fields)=>{
  384. if(!err){
  385. relatedusername = rows[0].username;
  386. var selectrelatedquery = 'SELECT * FROM cimbbankdb.familytag WHERE relatedusername = "'+relatedusername+'"';
  387. mysqlConnection.query(selectrelatedquery, (err, rows, fields)=>{
  388. res.json({response: 'John+Adam+Lucas'});
  389. })
  390. } else {
  391. Console.log(err);
  392. }
  393. });
  394. });
  395.  
  396.  
  397.  
  398.  
  399.  
  400. //gethash
  401.  
  402. router.get('/gethash', (req,res) => {
  403. const genesisblock = req.query.genesisblock;
  404.  
  405. var query = 'SELECT genesisblock FROM cimbbankdb.users';
  406. mysqlConnection.query(query, (err, rows, fields)=>{
  407. if(!err){
  408. res.json(rows);
  409. } else {
  410. Console.log(err);
  411. }
  412. });
  413. });
  414.  
  415.  
  416.  
  417. //chow new addition
  418.  
  419. router.post('/userregister', (req,res)=>{
  420. const username = req.body.username;
  421. const genesisblock = req.body.genesisblock;
  422. const uuid = req.body.uuid;
  423. const query = 'INSERT INTO cimbbankdb.users ( username, genesisblock, uuid ) VALUES ( ?,?,?)';
  424. mysqlConnection.query(query,[username, genesisblock, uuid ],(err, rows, fields) => {
  425. if(!err) {
  426. res.json({ Status: 'loolololl'});
  427. console.log('this is fine');
  428. } else {
  429. console.log(err);
  430. }
  431. });
  432. });
  433.  
  434.  
  435. //test manipulation
  436. var reply = md5('abcdef');
  437. router.post('/datamanipulation', (req,res)=>{
  438. const username = req.body.username;
  439. const password = req.body.password;
  440. const uuid = req.body.uuid;
  441. const query = 'INSERT INTO cimbbankdb.users ( username, password, uuid ) VALUES ( ?,?,?)';
  442. mysqlConnection.query(query,[username, password, uuid ],(err, rows, fields) => {
  443.  
  444.  
  445. if(!err) {
  446. reply = md5('yes');
  447. console.log(reply);
  448. res.json({ Status: 'lol', Reply: reply});
  449. } else {
  450. console.log(reply);
  451. console.log(err);
  452. }
  453. });
  454. });
  455.  
  456.  
  457.  
  458.  
  459.  
  460.  
  461. //Adding a new user
  462. //router.post('/userregister', (req,res)=>{
  463. //const username = req.body.username;
  464. //const password = req.body.password;
  465. //const account_balance = req.body.account_balance;
  466. //const email = req.body.email;
  467. //const uuid = req.body.uuid;
  468. ///const securityquestion = req.body.securityquestion;
  469. //const securityanswer = req.body.securityanswer;
  470. //const fcmtoken = req.body.fcmtoken;
  471. //const { username, password, email, uuid, securityquestion, securityanswer } = req.body;
  472. //const query = 'INSERT INTO cimbbankdb.users ( username, password, account_balance, email, securityquestion, securityanswer, uuid, fcmtoken ) VALUES ( ?,?,?,?,?,?,?,?)';
  473. //mysqlConnection.query(query,[username, password, account_balance, email, securityquestion, securityanswer, uuid, fcmtoken],(err, rows, fields) => {
  474. // if(!err) {
  475. // res.json({ Status: 'lol'});
  476. // } else {
  477. // console.log(err);
  478. // }
  479. // });
  480. //});
  481.  
  482. //update
  483. router.put('/tapproval/:userid_fk',(req,res)=>{
  484. const approval = req.body.approval;
  485. const userid_fk = req.params.userid_fk;
  486. const query ='UPDATE transactions SET approval = ? WHERE transactionid = (SELECT MAX(transactionid) FROM (SELECT transactionid FROM transactions WHERE userid_fk =?) as transtable)';
  487. mysqlConnection.query(query, [approval , userid_fk],(err, rows, fields)=>{
  488. if(!err){
  489. res.json({Status:'succeeded'});
  490. }else{
  491. console.log(err);
  492. } })
  493. })
  494.  
  495. //update qrverification
  496. router.put('/qrverification/:genesisblock',(req,res)=>{
  497. const verification = req.body.verification;
  498. const genesisblock = req.params.genesisblock;
  499. const query ='UPDATE qrrequest SET verification = ? WHERE id = (SELECT MAX(id) FROM (SELECT id FROM qrrequest WHERE genesisblock =?) as qrtable);';
  500. mysqlConnection.query(query, [verification, genesisblock],(err, rows, fields)=>{
  501. if(!err){
  502. res.json({Status:'succeeded'});
  503. }else{
  504. console.log(err);
  505. }
  506. })
  507. })
  508.  
  509.  
  510. //update sercure
  511. router.put('/usecure/:id',(req,res)=>{
  512.  
  513. const secure = req.body.secure;
  514. const id = req.params.id;
  515. const query = 'UPDATE cimbbankdb.users SET users.secure = ? WHERE users.id = ?';
  516. mysqlConnection.query(query, [secure , id], (err, rows, fields)=>{
  517. if(!err){
  518. res.json({Status:'succeeded'});
  519. console.log(fields);
  520. }else{
  521. console.log(err);
  522. }
  523. })
  524. })
  525.  
  526. //Change QRLogin Status
  527. router.put('/uqrlogin/:id', (req,res) => {
  528.  
  529. // const { qrlogin, username } = req.body;
  530. const qrlogin = req.body.qrlogin;
  531. const id = req.params.id;
  532. const query = 'UPDATE cimbbankdb.users SET users.qrlogin = ? WHERE users.id = ?';
  533. mysqlConnection.query(query, [ qrlogin, id], (err, rows, fields) =>{
  534. if(!err){
  535. res.json({Status: 'succeeded'});
  536. console.log(fields);
  537. } else {
  538. console.log(err);
  539. }
  540. });
  541. });
  542.  
  543. router.put('/urelease/:id',(req,res)=>{
  544. const id = req.params.id;
  545. const uuid = req.body.uuid;
  546. const fcmtoken = req.body.uuid;
  547.  
  548. const query = 'UPDATE users SET uuid = ? , fcmtoken = ? WHERE id = ?';
  549. mysqlConnection.query(query,[uuid, fcmtoken, id ], (err, rows, fields) =>{
  550. if(!err){
  551. res.json({Status: 'succeeded'});
  552. } else {
  553. console.log(err);
  554. }
  555. });
  556. });
  557.  
  558. //updatefcmtoken when needed
  559. router.put('/ufcmtoken/:id', (req,res) => {
  560. // const { qrlogin, username } = req.body;
  561. const fcmtoken = req.body.fcmtoken;
  562. const id = req.params.id;
  563.  
  564. const query = 'UPDATE cimbbankdb.users SET fcmtoken = ? WHERE id = ?';
  565. mysqlConnection.query(query, [ fcmtoken, id ], (err, rows, fields) =>{
  566. if(!err){
  567. res.json({Status: 'succeeded'});
  568. } else {
  569. console.log(err);
  570. }
  571. });
  572. });
  573.  
  574. router.put('/uuuid/:id',(req,res)=>{
  575. const uuid = req.body.uuid;
  576. const id = req.params.id;
  577. const query = 'UPDATE cimbbankdb.users SET uuid = ? WHERE id = ?';
  578. mysqlConnection.query(query,[uuid, id],(err, rows, fields)=>{
  579. if(!err){
  580. res.json({Status:'uuid Updated'});
  581. } else {
  582. console.log(err);
  583. }
  584. });
  585. });
  586.  
  587. //Updating user data
  588. router.put('/:id', (req,res) => {
  589. // const { username, password, account_balance } = req.body;
  590. const username = req.body.username;
  591. const password = req.body.password;
  592. const account_balance = req.body.account_balance;
  593. const id = req.params.id;
  594. const query = 'UPDATE cimbbankdb.users SET username = ?, password = ?, account_balance = ? WHERE id = ?';
  595. mysqlConnection.query(query, [ username, password, account_balance, id ], (err, rows, fields) =>{
  596. if(!err){
  597. res.json({Status: 'User Successfully Updated'});
  598. } else {
  599. console.log(err);
  600. }
  601. });
  602. });
  603.  
  604. //deleting user database
  605. router.delete('/:id', (req,res) =>{
  606. const id = req.params.id;
  607. //const id = req.body.id;
  608. const query = 'DELETE FROM cimbbankdb.users WHERE id = ?';
  609. // const query = 'DELETE FROM cimbbankdb.users WHERE id = "'+id+'"';
  610. mysqlConnection.query(query, [ id ], (err, rows, fields) => {
  611. if (!err) {
  612. res.json({status:'Data Successfully Deleted'})
  613. } else {
  614. console.log(err);
  615. }
  616. });
  617. });
  618.  
  619.  
  620.  
  621. module.exports = router;
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!