RTECH/NotParcel
2
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity
NotParcel/routes/payments.js
Christopher Cookman 9d9f0e2e91 Add things
2024-12-30 11:37:46 -07:00

79 lines
4.1 KiB
JavaScript
Raw Blame History

const express = require('express');
const router = express.Router();
const pool = global.db_pool;
// Main payment processor
router.post("/external/hub/order/complete", async (req, res) => {
// Get hub and validate secret
const [hub] = await pool.query('SELECT * FROM hubs WHERE secretKey = ?', [req.headers["hub-secret-key"]]);
if (!hub) return res.status(404).json({ status: "404", message: 'Invalid Authorization Header' });
// Get Roblox ID and Product ID
const { robloxID, productID } = req.body;
if (!robloxID || !productID) return res.status(400).json({ status: "400", message: 'Missing Roblox ID or Product ID' });
const [user] = await pool.query('SELECT * FROM users WHERE robloxId = ?', [robloxID]);
const [product] = await pool.query('SELECT * FROM products WHERE id = ?', [productID]);
// Check if user and product exists
if (!user || !product) return res.status(404).json({ status: "404", message: 'User or Product not found' });
const [purchase] = await pool.query('SELECT * FROM purchases WHERE robloxId = ? AND productId = ?', [robloxID, product.id]);
// Check if purchase already exists
if (purchase) return res.status(200).json({ status: "200", message: 'Purchase already exists' });
// Insert purchase into database
await pool.query('INSERT INTO purchases (robloxId, productId, hubId) VALUES (?, ?, ?)', [robloxID, product.id, hub.id]);
});
// Gift validator
router.post("/external/hub/gift/validate", async (req, res) => {
// Get hub and validate secret
const [hub] = await pool.query('SELECT * FROM hubs WHERE secretKey = ?', [req.headers["hub-secret-key"]]);
if (!hub) return res.status(404).json({ status: "404", message: 'Invalid Authorization Header' });
// Get Roblox ID and Product ID
const { recipientID, productID } = req.body;
if (!recipientID || !productID) return res.status(400).json({ status: "400", message: 'Missing Roblox ID or Product ID' });
const [user] = await pool.query('SELECT * FROM users WHERE robloxId = ?', [recipientID]);
const [product] = await pool.query('SELECT * FROM products WHERE id = ?', [productID]);
// Check that the product exists
if (!product) return res.status(404).json({ status: "404", message: 'Product not found', data: {} });
// Check if user exists, if not create a new user
if (!user) return res.status(404).json({ status: "404", message: 'User not found', data: {userExists: false} });
const [purchase] = await pool.query('SELECT * FROM purchases WHERE robloxId = ? AND productId = ?', [recipientID, product.id]);
// Check if purchase already exists
if (purchase) return res.status(409).json({ status: "409", message: 'User already owns product', data: {userExists: true, ownsProduct: true} });
// All good!
return res.status(200).json({ status: "200", message: 'User does not own product', data: {userExists: true, ownsProduct: false} });
});
// Gift processor
router.post("/external/hub/gift/complete", async (req, res) => {
// Get hub and validate secret
const [hub] = await pool.query('SELECT * FROM hubs WHERE secretKey = ?', [req.headers["hub-secret-key"]]);
if (!hub) return res.status(404).json({ status: "404", message: 'Invalid Authorization Header' });
// Get Roblox ID and Product ID
const { recipientID, productID } = req.body;
if (!recipientID || !productID) return res.status(400).json({ status: "400", message: 'Missing Roblox ID or Product ID' });
const [user] = await pool.query('SELECT * FROM users WHERE robloxId = ?', [recipientID]);
const [product] = await pool.query('SELECT * FROM products WHERE id = ?', [productID]);
// Check if user and product exists
if (!user || !product) return res.status(404).json({ status: "404", message: 'User or Product not found' });
const [purchase] = await pool.query('SELECT * FROM purchases WHERE robloxId = ? AND productId = ?', [recipientID, product.id]);
// Check if purchase already exists
if (purchase) return res.status(200).json({ status: "200", message: 'Purchase already exists' });
// Insert purchase into database
await pool.query('INSERT INTO purchases (robloxId, productId, hubId) VALUES (?, ?, ?)', [recipientID, product.id, hub.id]);
});
module.exports = router;
Reference in a new issue View git blame Copy permalink