Api-APP

1. /*var express=require("express")
2. var app=express()
3. var server=require("http").createServer(app)
4. var io=require("socket.io").listen(server)
5. var fs=require("fs")
6.  
7. io.sockets.on("connection",function(socket){
8. console.log("Co ket noi ... !")
9. })
10. console.log("running port :"+3000)
11.  
12.  
13. server.listen(process.env.PORT||3000)*/
14.  
15. var express=require("express")
16. var app=express();
17.  
18. var server=require("http").createServer(app)
19.  
20. var io=require("socket.io").listen(server)
21. var fs=require("fs")
22.  
23. var request = require("request")
24.  
25. var token="eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWUsImp0aSI6IjY1Mjg5Nzc5LTE0N2ItNDFkNy1iMzczLWEwMzE5YjIyN2ZlOSIsImlhdCI6MTUzMzY0ODk2NCwiZXhwIjoxNTMzNjUyNTY0fQ.hFx0vlM32X_F8zSkywRl7qTJGY8ZrTdrCmZlYK5usJw";
26.  
27. //init RSA
28.  
29. var chilkat = require('chilkat_node6_linux64');
30.  
31. var rsa = new chilkat.Rsa();
32.  
33. var success = rsa.UnlockComponent("Anything for 30-day trial");
34.  
35. if (success !== true) {
36. console.log("RSA component unlock failed");
37. return;
38. }
39.  
40. success = rsa.GenerateKey(512);
41. if (success !== true) {
42. console.log(rsa.LastErrorText);
43. return;
44. }
45.  
46. //var publicKey = rsa.ExportPublicKey();
47. //var privateKey = rsa.ExportPrivateKey();
48.  
49. var publicKey ="<RSAPublicKey><Modulus>uRnJbSeZ8A8XPxD1H9SwBynZukeK4LGWAo7Y1Rub1mK986aZxa29inEGo6Cs6uprpZjwczBjuP+4obJLuH3Ihw==</Modulus><Exponent>AQAB</Exponent></RSAPublicKey>"
50. var privateKey ="<RSAKeyValue><Modulus>uRnJbSeZ8A8XPxD1H9SwBynZukeK4LGWAo7Y1Rub1mK986aZxa29inEGo6Cs6uprpZjwczBjuP+4obJLuH3Ihw==</Modulus> <Exponent>AQAB</Exponent><D>ttXo6AApBz3wyWPXrQRqh/jnzx/h50ajFY3CUuZ9jUm3nVJywTkFgbYvSylUM/Jnw2yg9vFmiOG/FiWx67LP+Q==</D><P>1l/RD2EQsNMzJbAUkycWwD55AUiRlr9HYMim1nGdTjU=</P><Q>3QrUzwawZII0PMeFunZbqzi6Xv7zzXX0yP8vAnIwQ0s=</Q><DP>Gw4GpWk7oQVWjCgXwKaLQYHg5Z+R+DN1v6ozHBdEog0=</DP><DQ>HGiy9zSt4Q0W96TRHCjwGS5+TY1I+mQppNefTBou98c=</DQ><InverseQ>AJY7Fv5h1QOrZqg69tW/+iHPAWziTvtwlc5phkS3MbA=</InverseQ></RSAKeyValue>";
51.  
52.  
53.  
54.  
55. var crypto = require('crypto')
56.  
57. function checksum(str, algorithm, encoding) {
58. return crypto
59. .createHash(algorithm || 'md5')
60. .update(str, 'utf8')
61. .digest(encoding || 'hex')
62. }
63.  
64. // Data base thay the mongo ...
65. var user={name:"thanh",password:"thanh"}
66. var storeKey={moviestort:"ASDFGHJKLASDFGHJ"}
67. var idOrderMomo="123456789"
68. var order
69.  
70.  
71. var nameBankB="Ngân hàng B"
72. var tokenBankB="3a165f96e982913bfb4f247885a097ad"
73.  
74.  
75. // check vertify ...
76.  
77. /*var socket = new chilkat.Socket();
78.  
79. var success;
80. success = socket.UnlockComponent("Anything for 30-day trial");
81. if (success !== true) {
82. console.log(socket.LastErrorText);
83. return;
84. }
85.  
86.  
87. var ssl = true;
88. var maxWaitMillisec = 20000;
89. var sslServerHost;
90. sslServerHost = "www.paypal.com";
91.  
92. var sslServerPort = 443;
93. success = socket.Connect(sslServerHost,sslServerPort,ssl,maxWaitMillisec);
94. if (success !== true) {
95. console.log(socket.LastErrorText);
96. return;
97. }
98.  
99.  
100. var cert;
101. var bExpired;
102. var bRevoked;
103. var bSignatureVerified;
104. var bTrustedRoot;
105. cert = socket.GetSslServerCert();
106. console.log("+++ Check Vertify ... ")
107. if (!(cert == null )) {
108.  
109. console.log(" +Server Certificate:");
110. console.log(" +Distinguished Name: " + cert.SubjectDN);
111. console.log(" +Common Name: " + cert.SubjectCN);
112. console.log(" +Issuer Distinguished Name: " + cert.IssuerDN);
113. console.log(" +Issuer Common Name: " + cert.IssuerCN);
114.  
115. bExpired = cert.Expired;
116. bRevoked = cert.Revoked;
117. bSignatureVerified = cert.SignatureVerified;
118. bTrustedRoot = cert.TrustedRoot;
119.  
120. console.log(" +Expired: " + bExpired);
121. console.log(" +Revoked: " + bRevoked);
122. console.log(" +Signature Verified: " + bSignatureVerified);
123. console.log(" +Trusted Root: " + bTrustedRoot);
124.  
125. }
126. success = socket.Close(20000);*/
127.  
128.  
129. //end ...
130. io.sockets.on('connection',function(socket)
131. {
132. console.log("\nMobile Connection ...")
133. //đăng nhập...
134. socket.on('clientSendMessage',function(data){
135. var recoder=JSON.parse(data)
136. if(recoder.name==user.name&&recoder.password==user.password)
137. {
138. console.log("\nMobile login successful ...")
139. var result=true;
140. socket.emit("result-client",{noidung:result,token:token,key:storeKey.moviestort})
141. }
142. else
143. {
144. var result=false;
145. console.log(" +Mobile login fail ...")
146. }
147.  
148. })
149. })
150.  
151.  
152.  
153. // get ID webmovie ...
154. app.get("/getID",(req,res)=>{
155.  
156. //console.log(JSON.stringify(req)+"--"+JSON.stringify(res))
157.  
158. if(req.query.order&&req.query.name&&req.query.poster&&req.query.duration&&req.query.rating&&req.query.released&&req.query.genre&&req.query.price&&req.query.director&&req.query.token&&req.query.hash)
159. {
160.  
161. var socket = new chilkat.Socket();
162.  
163. var success;
164. success = socket.UnlockComponent("Anything for 30-day trial");
165. if (success !== true) {
166. console.log(socket.LastErrorText);
167. return;
168. }
169. //var ip = req.headers['x-forwarded-for'].split(',')[0];
170.  
171. //console.log("--- get host name :"+req.headers.host)
172.  
173. //console.log("---1234 :"+req.connection.remotePort)
174.  
175. var ssl = true;
176. var maxWaitMillisec = 20000;
177. var sslServerHost;
178. sslServerHost =req.headers.host;
179. var sslServerPort = 443;
180. success = socket.Connect(sslServerHost,sslServerPort,ssl,maxWaitMillisec);
181. if (success !== true) {
182. console.log(socket.LastErrorText);
183. return;
184. }
185.  
186.  
187. var cert;
188. var bExpired;
189. var bRevoked;
190. var bSignatureVerified;
191. var bTrustedRoot;
192. cert = socket.GetSslServerCert();
193. console.log("+++ Check Vertify ... ")
194. if (!(cert == null )) {
195.  
196. console.log(" +Server Certificate:");
197. console.log(" +Distinguished Name: " + cert.SubjectDN);
198. console.log(" +Common Name: " + cert.SubjectCN);
199. console.log(" +Issuer Distinguished Name: " + cert.IssuerDN);
200. console.log(" +Issuer Common Name: " + cert.IssuerCN);
201.  
202. bExpired = cert.Expired;
203. bRevoked = cert.Revoked;
204. bSignatureVerified = cert.SignatureVerified;
205. bTrustedRoot = cert.TrustedRoot;
206.  
207. console.log(" +Expired: " + bExpired);
208. console.log(" +Revoked: " + bRevoked);
209. console.log(" +Signature Verified: " + bSignatureVerified);
210. console.log(" +Trusted Root: " + bTrustedRoot);
211.  
212. }
213. success = socket.Close(20000);
214.  
215. if(bSignatureVerified)
216. {
217. //console.log("---123"+JSON.stringify(req.hostname))
218.  
219. //req.headers['x-forwarded-for'] || req.connection.remoteAddress
220.  
221.  
222.  
223. console.log("Cấp Id cho giao dich ... ")
224. //console.log("result : "+req.query.order+"--"+req.query.token+"--"+req.query.hash)
225.  
226. //console.log("hash : "+req.query.hash)
227. var hashWeb=req.query.hash
228. var hashQuery=checksum(checksum((req.query.name+"."+req.query.poster+"."+req.query.duration+"."+req.query.rating+"."+req.query.released+"."+req.query.genre+"."+req.query.price+"."+req.query.director), 'sha1')+"."+checksum(req.query.token, 'sha1'),'sha1')
229.  
230. //console.log("checksum : "+hashQuery)
231.  
232. //RSA decryptor ...
233. var rsaDecryptor = new chilkat.Rsa();
234. rsaDecryptor.EncodingMode = "hex";
235. success = rsaDecryptor.ImportPrivateKey(privateKey);
236. usePrivateKey = true;
237. var decryptedStr = rsaDecryptor.DecryptStringENC(hashWeb,usePrivateKey);
238.  
239. //console.log("--------------decryptedStr : "+decryptedStr);
240.  
241. order={
242. "name": req.query.name,
243. "poster": req.query.poster,
244. "duration":req.query.duration,
245. "rating": req.query.rating,
246. "released": req.query.released,
247. "genre": req.query.genre,
248. "price": req.query.price,
249. "director": req.query.director,
250. "token":req.query.token,
251. "nameBuy":req.query.order
252. }
253. //console.log("order :"+JSON.stringify(order))
254. if(decryptedStr==hashQuery)
255. {
256. var send={"result":"true","idOrderMomo":idOrderMomo}
257.  
258. //RSA encryptor...
259.  
260. var rsaEncryptor = new chilkat.Rsa();
261. rsaEncryptor.EncodingMode = "hex";
262. success = rsaEncryptor.ImportPublicKey(publicKey);
263. var usePrivateKey = false;
264. var check=checksum((checksum(send.result,'sha1')+"."+checksum(send.idOrderMomo,'sha1')),'sha1')
265. var encryptedStrCheckSum = rsaEncryptor.EncryptStringENC(check,usePrivateKey);
266.  
267. //console.log("check :"+check)
268. res.json({"result":send.result,"idOrderMomo":send.idOrderMomo,"check":encryptedStrCheckSum})
269.  
270.  
271. }
272. else
273. {
274. res.json({"result":"false","idOrderMomo":idOrderMomo})
275. }
276. //console.log("log :"+req.query.order+"--"+req.query.name+"--"+req.query.poster+"--"+req.query.duration+"--"+req.query.rating+"--"+req.query.released+"--"+req.query.genre+"--"+req.query.price+"--"+req.query.director)
277.  
278. }
279.  
280. }
281.  
282. })
283.  
284.  
285. // check qr code ...
286. app.get('/qrcode',function(req,res){
287.  
288. //console.log("----"+req.query.id+"--"+order.token+"--"+order.nameBuy)
289.  
290. if(req.query.id==idOrderMomo)
291. {
292. var socket = new chilkat.Socket();
293.  
294. var success;
295. success = socket.UnlockComponent("Anything for 30-day trial");
296. if (success !== true) {
297. console.log(socket.LastErrorText);
298. return;
299. }
300.  
301. //console.log("--- get host name :"+req.headers.host)
302.  
303. var ssl = true;
304. var maxWaitMillisec = 20000;
305. var sslServerHost;
306. sslServerHost = req.headers.host;
307. var sslServerPort = 443;
308. success = socket.Connect(sslServerHost,sslServerPort,ssl,maxWaitMillisec);
309. if (success !== true) {
310. console.log(socket.LastErrorText);
311. return;
312. }
313.  
314.  
315. var cert;
316. var bExpired;
317. var bRevoked;
318. var bSignatureVerified;
319. var bTrustedRoot;
320. cert = socket.GetSslServerCert();
321. console.log("+++ Check Vertify ... ")
322. if (!(cert == null )) {
323.  
324. console.log(" +Server Certificate:");
325. console.log(" +Distinguished Name: " + cert.SubjectDN);
326. console.log(" +Common Name: " + cert.SubjectCN);
327. console.log(" +Issuer Distinguished Name: " + cert.IssuerDN);
328. console.log(" +Issuer Common Name: " + cert.IssuerCN);
329.  
330. bExpired = cert.Expired;
331. bRevoked = cert.Revoked;
332. bSignatureVerified = cert.SignatureVerified;
333. bTrustedRoot = cert.TrustedRoot;
334.  
335. console.log(" +Expired: " + bExpired);
336. console.log(" +Revoked: " + bRevoked);
337. console.log(" +Signature Verified: " + bSignatureVerified);
338. console.log(" +Trusted Root: " + bTrustedRoot);
339.  
340. }
341. success = socket.Close(20000);
342.  
343. if(bSignatureVerified)
344. {
345.  
346. var hashQuery=checksum(checksum((order.name+"."+order.poster+"."+order.duration+"."+order.rating+"."+order.released+"."+order.genre+"."+order.price+"."+order.director), 'sha1')+"."+checksum("true", 'sha1'),'sha1')
347. console.log("Kết quả quét mã Qr ...");
348.  
349. res.json({
350. "name": order.name,
351. "poster": order.poster,
352. "duration": order.duration,
353. "rating": order.rating,
354. "released": order.released,
355. "genre": order.genre,
356. "price": order.price,
357. "director": order.director,
358. "check":hashQuery,
359. "result":"true"
360. });
361.  
362. }
363.  
364.  
365.  
366. }
367.  
368. });
369.  
370. app.get('/buy',function(req,res){
371.  
372. console.log("Buy movie ... ")
373.  
374. console.log("result :"+req.query.result+"--"+req.query.check)
375.  
376. if(req.query.result=="true")
377. {
378. //RSA decryptor ...
379. var rsaDecryptor = new chilkat.Rsa();
380. rsaDecryptor.EncodingMode = "hex";
381. success = rsaDecryptor.ImportPrivateKey(privateKey);
382. usePrivateKey = true;
383. var de= rsaDecryptor.DecryptStringENC(req.query.check,usePrivateKey);
384.  
385. //console.log("check sum : "+checksum(req.query.result,'sha1')+"--"+de)
386.  
387. if(checksum(req.query.result,'sha1')==de)
388. {
389.  
390. var socket = new chilkat.Socket();
391.  
392. var success;
393. success = socket.UnlockComponent("Anything for 30-day trial");
394. if (success !== true) {
395. console.log(socket.LastErrorText);
396. return;
397. }
398.  
399.  
400. var ssl = true;
401. var maxWaitMillisec = 20000;
402. var sslServerHost;
403. sslServerHost = req.headers.host;
404. var sslServerPort = 443;
405. success = socket.Connect(sslServerHost,sslServerPort,ssl,maxWaitMillisec);
406. if (success !== true) {
407. console.log(socket.LastErrorText);
408. return;
409. }
410.  
411.  
412. var cert;
413. var bExpired;
414. var bRevoked;
415. var bSignatureVerified;
416. var bTrustedRoot;
417. cert = socket.GetSslServerCert();
418. console.log("+++ Check Vertify ... ")
419. if (!(cert == null )) {
420.  
421. console.log(" +Server Certificate:");
422. console.log(" +Distinguished Name: " + cert.SubjectDN);
423. console.log(" +Common Name: " + cert.SubjectCN);
424. console.log(" +Issuer Distinguished Name: " + cert.IssuerDN);
425. console.log(" +Issuer Common Name: " + cert.IssuerCN);
426.  
427. bExpired = cert.Expired;
428. bRevoked = cert.Revoked;
429. bSignatureVerified = cert.SignatureVerified;
430. bTrustedRoot = cert.TrustedRoot;
431.  
432. console.log(" +Expired: " + bExpired);
433. console.log(" +Revoked: " + bRevoked);
434. console.log(" +Signature Verified: " + bSignatureVerified);
435. console.log(" +Trusted Root: " + bTrustedRoot);
436.  
437. }
438. success = socket.Close(20000);
439.  
440. if(bSignatureVerified)
441. {
442.  
443. //RSA encryptor...
444. var rsaEncryptor = new chilkat.Rsa();
445. rsaEncryptor.EncodingMode = "hex";
446. success = rsaEncryptor.ImportPublicKey(publicKey);
447. var usePrivateKey = false;
448. var hashbank=checksum(checksum((order.token), 'sha1')+"."+checksum((tokenBankB), 'sha1'),'sha1')
449. var encryptedStrCheckSum = rsaEncryptor.EncryptStringENC(hashbank,usePrivateKey);
450.  
451. var url = "https://project-api-bank-pham54833.c9users.io/bank?token="+order.token+"&&check="+encryptedStrCheckSum+"&&tokenbank="+tokenBankB
452. request({ url: url,json: true}, function (error, response, body) {
453. if (!error && response.statusCode === 200) {
454.  
455.  
456. //check vertify...
457. var socket = new chilkat.Socket();
458.  
459. var success;
460. success = socket.UnlockComponent("Anything for 30-day trial");
461. if (success !== true) {
462. console.log(socket.LastErrorText);
463. return;
464. }
465.  
466.  
467. var ssl = true;
468. var maxWaitMillisec = 20000;
469. var sslServerHost;
470. sslServerHost = response.request.host;
471. var sslServerPort = response.request.port;
472.  
473. success = socket.Connect(sslServerHost,sslServerPort,ssl,maxWaitMillisec);
474. if (success !== true) {
475. console.log(socket.LastErrorText);
476. return;
477. }
478.  
479. var cert;
480. var bExpired;
481. var bRevoked;
482. var bSignatureVerified;
483. var bTrustedRoot;
484. cert = socket.GetSslServerCert();
485. console.log("+++ Check Vertify ... ")
486.  
487. if (!(cert == null )) {
488.  
489. console.log(" +Server Certificate:");
490. console.log(" +Distinguished Name: " + cert.SubjectDN);
491. console.log(" +Common Name: " + cert.SubjectCN);
492. console.log(" +Issuer Distinguished Name: " + cert.IssuerDN);
493. console.log(" +Issuer Common Name: " + cert.IssuerCN);
494.  
495. bExpired = cert.Expired;
496. bRevoked = cert.Revoked;
497. bSignatureVerified = cert.SignatureVerified;
498. bTrustedRoot = cert.TrustedRoot;
499.  
500. console.log(" +Expired: " + bExpired);
501. console.log(" +Revoked: " + bRevoked);
502. console.log(" +Signature Verified: " + bSignatureVerified);
503. console.log(" +Trusted Root: " + bTrustedRoot);
504.  
505. }
506. success = socket.Close(20000);
507.  
508. if(bSignatureVerified)
509. {
510.  
511.  
512.  
513.  
514. var hash=checksum(checksum("true", 'sha1')+"."+checksum("true", 'sha1'),'sha1')
515. //RSA decryptor ...
516. var rsaDecryptor = new chilkat.Rsa();
517. rsaDecryptor.EncodingMode = "hex";
518. success = rsaDecryptor.ImportPrivateKey(privateKey);
519. usePrivateKey = true;
520. var decryptedStr = rsaDecryptor.DecryptStringENC(body.check,usePrivateKey);
521.  
522. //console.log('body :'+body.result+"--"+body.check+"--"+decryptedStr)
523. if(body.result&&hash==decryptedStr)
524. {
525. console.log("Kiêm tra thẻ thành công ... ")
526. res.json({"result":"true"})
527. console.log("\nThanh toán phim thanh công...")
528. var hashQuery=checksum(checksum((order.nameBuy), 'sha1')+"."+checksum((order.name), 'sha1'),'sha1')
529. //RSA encryptor...
530. var rsaEncryptor = new chilkat.Rsa();
531. rsaEncryptor.EncodingMode = "hex";
532. success = rsaEncryptor.ImportPublicKey(publicKey);
533. var usePrivateKey = false;
534. var encryptedStrCheckSum = rsaEncryptor.EncryptStringENC(hashQuery,usePrivateKey);
535. var url = "https://project-webmovie-pham54833.c9users.io/resultbuy?namebuy="+order.nameBuy+"&&resultbuy="+order.name+"&&check="+encryptedStrCheckSum
536. request({ url: url,json: true}, function (error, response, body) {
537. if (!error && response.statusCode === 200) {
538. console.log("Thanh toán phim không thanh công... ... ")
539. }})
540.  
541. }
542.  
543. else
544. {
545. console.log("The không tồn tại ...")
546.  
547. }
548.  
549.  
550.  
551.  
552.  
553.  
554. }
555.  
556.  
557.  
558.  
559.  
560.  
561.  
562.  
563. }})
564.  
565. }
566.  
567.  
568.  
569. }
570. }
571. else
572. {
573. res.json({"result":"false"})
574. console.log("\nThanh toán phim không thanh công...")
575. }
576.  
577.  
578.  
579. })
580.  
581.  
582.  
583. /*server.listen(3000,()=>{
584. console.log("Api ứng dụng quét mã Qrcode : "+3000)
585. })*/
586.  
587. /*server.listen(process.env.PORT || 3000, process.env.IP || "0.0.0.0", function(){
588. console.log("Api ứng dụng quét mã Qrcode : "+3000)
589. });*/
590.  
591. server.listen(process.env.PORT || 3000, process.env.IP || "0.0.0.0", function(){
592. console.log("Api ứng dụng quét mã Qrcode : "+3000)
593. });