const express = require('express'); const router = express.Router(); const pool = global.db_pool; const client = global.discord_client; // Main payment processor router.post("/external/hub/order/complete", async (req, res) => { // Get hub and validate secret const [hub] = await pool.query('SELECT * FROM hubs WHERE secretKey = ?', [req.headers["hub-secret-key"]]); if (!hub) return res.status(404).json({ status: "404", message: 'Invalid Authorization Header' }); // Get Roblox ID and Product ID const { robloxID, productID } = req.body; if (!robloxID || !productID) return res.status(400).json({ status: "400", message: 'Missing Roblox ID or Product ID' }); const [user] = await pool.query('SELECT * FROM users WHERE robloxId = ?', [robloxID]); const [product] = await pool.query('SELECT * FROM products WHERE id = ? AND hubId = ?', [productID, hub.id]); // Check if user and product exists if (!user || !product) return res.status(404).json({ status: "404", message: 'User or Product not found' }); const [purchase] = await pool.query('SELECT * FROM purchases WHERE robloxId = ? AND productId = ?', [robloxID, product.id]); // Check if purchase already exists if (purchase) return res.status(200).json({ status: "200", message: 'Purchase already exists' }); // Insert purchase into database await pool.query('INSERT INTO purchases (robloxId, productId, hubId) VALUES (?, ?, ?)', [robloxID, product.id, hub.id]); if (product.stock != -1 && product.stock != 0) { await pool.query('UPDATE products SET stock = stock - 1 WHERE id = ?', [product.id]); } res.status(200).json({ status: "200", message: 'Purchased product' }); // Handle logging try { // Assuming you have a function to send a message to the user dscUser = await client.users.fetch(user.discordId); dscUser.send(`You have successfully purchased ${product.name}!\nUse \`/retrive ${product.name}\` in the Discord server to download it!`); } catch (error) { // Do nothing, user has privacy settings enabled } if (hub.logChannel != null) { try { chan = await client.channels.fetch(hub.logChannel); chan.send({ embeds: [ { title: `New Purchase`, color: 0x00ff00, description: `**Roblox ID:** ${user.robloxId}\n**Discord User:** <@${user.discordId}>\n**Product:** ${product.name}\n**Type:** Normal` } ] }) } catch (error) { // Do nothing, channel was deleted } } }); // Gift validator router.post("/external/hub/gift/validate", async (req, res) => { // Get hub and validate secret const [hub] = await pool.query('SELECT * FROM hubs WHERE secretKey = ?', [req.headers["hub-secret-key"]]); if (!hub) return res.status(404).json({ status: "404", message: 'Invalid Authorization Header' }); // Get Roblox ID and Product ID const { recipientID, productID } = req.body; if (!recipientID || !productID) return res.status(400).json({ status: "400", message: 'Missing Roblox ID or Product ID' }); const [user] = await pool.query('SELECT * FROM users WHERE robloxId = ?', [recipientID]); const [product] = await pool.query('SELECT * FROM products WHERE id = ?', [productID]); // Check that the product exists if (!product) return res.status(404).json({ status: "404", message: 'Product not found', data: {} }); // Check if user exists, if not create a new user if (!user) return res.status(404).json({ status: "404", message: 'User not found', data: {userExists: false} }); const [purchase] = await pool.query('SELECT * FROM purchases WHERE robloxId = ? AND productId = ?', [recipientID, product.id]); // Check if purchase already exists if (purchase) return res.status(409).json({ status: "409", message: 'User already owns product', data: {userExists: true, ownsProduct: true} }); // All good! return res.status(200).json({ status: "200", message: 'User does not own product', data: {userExists: true, ownsProduct: false} }); }); // Gift processor router.post("/external/hub/gift/complete", async (req, res) => { // Get hub and validate secret const [hub] = await pool.query('SELECT * FROM hubs WHERE secretKey = ?', [req.headers["hub-secret-key"]]); if (!hub) return res.status(404).json({ status: "404", message: 'Invalid Authorization Header' }); // Get Roblox ID and Product ID const { recipientID, productID } = req.body; if (!recipientID || !productID) return res.status(400).json({ status: "400", message: 'Missing Roblox ID or Product ID' }); const [user] = await pool.query('SELECT * FROM users WHERE robloxId = ?', [recipientID]); const [product] = await pool.query('SELECT * FROM products WHERE id = ?', [productID]); // Check if user and product exists if (!user || !product) return res.status(404).json({ status: "404", message: 'User or Product not found' }); const [purchase] = await pool.query('SELECT * FROM purchases WHERE robloxId = ? AND productId = ?', [recipientID, product.id]); // Check if purchase already exists if (purchase) return res.status(200).json({ status: "200", message: 'Purchase already exists' }); // Insert purchase into database await pool.query('INSERT INTO purchases (robloxId, productId, hubId) VALUES (?, ?, ?)', [recipientID, product.id, hub.id]); if (product.stock != -1 && product.stock != 0) { await pool.query('UPDATE products SET stock = stock - 1 WHERE id = ?', [product.id]); } res.status(200).json({ status: "200", message: 'Gifted product to user' }); // Handle logging try { // Assuming you have a function to send a message to the user dscUser = await client.users.fetch(user.discordId); dscUser.send(`You have successfully purchased ${product.name}!\nUse \`/retrive ${product.name}\` in the Discord server to download it!`); } catch (error) { // Do nothing, user has privacy settings enabled } if (hub.logChannel != null) { try { chan = await client.channels.fetch(hub.logChannel); chan.send({ embeds: [ { title: `New Purchase`, color: 0x00ff00, description: `**Roblox ID:** ${user.robloxId}\n**Discord User:** <@${user.discordId}>\n**Product:** ${product.name}\n**Type:** Gift` } ] }) } catch (error) { // Do nothing, channel was deleted } } }); module.exports = router;