diff --git a/app/app.js b/app/app.js index 804ca4c..9733ccf 100644 --- a/app/app.js +++ b/app/app.js @@ -1,9 +1,11 @@ const util = require("util"); const express = require('express'); const app = express(); +const request = require('request') const config = require('../config/config.js'); const barongAuth = require('node-auth-barong') const barong_jwt_public_key = Buffer.from(global.gConfig.barong_jwt_public_key.trim(), 'base64').toString('utf-8') +const appPrivateKey = Buffer.from(global.gConfig.jwt.private_key.trim(), 'base64').toString('utf-8') app.use(require('body-parser').json()); @@ -16,7 +18,7 @@ app.listen(global.gConfig.node_port || process.env.PORT, () => { Valid JWT is decoded and session object is attached to the request object, which is passed to the next middleware. */ -app.use(barongAuth({barongJwtPublicKey: barong_jwt_public_key })) +app.use(barongAuth.sessionVerifier({barongJwtPublicKey: barong_jwt_public_key })) // When JWT is verified hello message is returned to the authorized user. app.get('/api/v2/jwt/verify', function(req, res) { @@ -24,3 +26,31 @@ app.get('/api/v2/jwt/verify', function(req, res) { res.send(`Hello, ${req.session.email}`) }) + +app.post('/api/v2/deposit', function( req, res, next) { + + if (req.session.role =! "admin") { + res.status(401); + res.send(`Deposit submittion is allowed only for admins`); + } + + req.management = { payload: { + uid: req.session.uid, + currency: req.body.currency_id, + amount: req.body.amount + } + } + next(); +}, barongAuth.managementSigner({privateKey: appPrivateKey}), function(req,res) { + request({ + method: "POST", + uri: `${global.gConfig.peatio_url}/api/v2/management/deposits/new`, + json: true, + body: req.body + }, (err, result, body) => { + res.json(body) + if (err) { + return console.error(err); + } + }); +}) diff --git a/config/config.js b/config/config.js index 93fdd85..5ac5862 100644 --- a/config/config.js +++ b/config/config.js @@ -13,6 +13,7 @@ const environmentConfig = config[environment]; environmentConfig.barong_jwt_public_key = process.env.BARONG_JWT_PUBLIC_KEY || defaultConfig.barong_jwt_public_key; environmentConfig.barong_url = process.env.BARONG_URL || defaultConfig.barong_url; +environmentConfig.peatio_url = process.env.HOSTNAME || defaultConfig.peatio_url; environmentConfig.jwt.expire_date = process.env.JWT_EXPIRE_DATE || 60; environmentConfig.jwt.algorithm = process.env.JWT_ALGORITHM || 'RS256'; environmentConfig.jwt.private_key = process.env.JWT_PRIVATE_KEY || defaultConfig.jwt.private_key; diff --git a/config/config.json b/config/config.json index b41e959..494fbf7 100644 --- a/config/config.json +++ b/config/config.json @@ -6,6 +6,7 @@ "node_port": 8081, "json_indentation": 4, "barong_url": "http://localhost:3000/api/v2/management/users/get", + "peatio_url": "http://localhost:8000", "jwt": { "expire_date": 60, "algorithm": "RS256", diff --git a/package.json b/package.json index fdeb532..97d56de 100644 --- a/package.json +++ b/package.json @@ -19,7 +19,7 @@ "express": "^4.16.3", "jsonwebtoken": "^8.2.2", "mongoose": "^5.6.6", - "node-auth-barong": "^1.0.0", + "@openware/node-auth-barong": "^1.1.0", "request": "^2.81.0" } }