Skip to content

Commit

Permalink
validate links for external users (#383)
Browse files Browse the repository at this point in the history
  • Loading branch information
@hichri-louay
hichri-louay authored Dec 28, 2023
2 parents 4373ab0 + b18d62c commit c080db3
Show file tree
Hide file tree
Showing 3 changed files with 71 additions and 36 deletions.
94 changes: 60 additions & 34 deletions controllers/campaign.controller.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,9 @@ var requirement = require('../helpers/utils')
var { readHTMLFileCampaign } = requirement
var sanitize = require('mongo-sanitize')
const multer = require('multer')
const { utils } = require('ethers');
const Big = require('big.js')
const web3 = require('web3')
const etherInWei = new Big(1000000000000000000)
const Grid = require('gridfs-stream')
const GridFsStorage = require('multer-gridfs-storage')
Expand All @@ -23,6 +25,7 @@ const {
Request,
User,
FbPage,
UserExternalWallet
} = require('../model/index')

const { responseHandler } = require('../helpers/response-handler')
Expand Down Expand Up @@ -167,7 +170,8 @@ const { BigNumber } = require('ethers')
const { token } = require('morgan')
const { request } = require('http')
const { URL } = require('url')
const { http, https } = require('follow-redirects')
const { http, https } = require('follow-redirects');
const verifySignature = require('../web3/verifySignature');

//const conn = mongoose.createConnection(mongoConnection().mongoURI)
let gfsKit
Expand Down Expand Up @@ -1157,26 +1161,38 @@ exports.validateCampaign = async (req, res) => {
} else {
req.body.network = campaign.token.type
cred = await unlockV2(req, res)

let recoveredSigner = await cred.WEB3.eth.accounts.recover(
campaignLink.applyerSignature
)

if (recoveredSigner.toLowerCase() !== campaignLink.id_wallet) {
return responseHandler.makeResponseError(
res,
401,
'the signature is not matched to the link or signature'
if(typeof campaignLink.userExternal !== 'undefined' && campaignLink.userExternal === true) {
const recoveredSigner = verifySignature(campaignLink.applyerSignature.messageHash, campaignLink.applyerSignature.signature, campaignLink.id_wallet)
if(!recoveredSigner) {
return responseHandler.makeResponseError(
res,
401,
'the signature is not matched to the link or signature'
)
}

} else {
const recoveredSigner = await cred.WEB3.eth.accounts.recover(
campaignLink.applyerSignature
)
if(recoveredSigner.toLowerCase() !== campaignLink.id_wallet) {
return responseHandler.makeResponseError(
res,
401,
'the signature is not matched to the link or signature'
)
}
}
let messageHashSignature;
if(typeof campaignLink.userExternal !== 'undefined' && campaignLink.userExternal === true) messageHashSignature = utils.hashMessage(signature.messageHash);
var ret = await validateProm(
campaignLink.id_campaign,
campaignLink.typeSN,
campaignLink.idPost,
campaignLink.idUser,
campaignLink.abosNumber,
ownerLink,
signature.messageHash,
(typeof campaignLink.userExternal !== 'undefined' && campaignLink.userExternal === true) ? messageHashSignature : signature.messageHash ,
signature.v,
signature.r,
signature.s,
Expand All @@ -1190,7 +1206,13 @@ exports.validateCampaign = async (req, res) => {
}
if (ret && ret.transactionHash) {
let link = await CampaignLink.findOne({ _id: idLink }).lean()
let userWallet =
let userWallet;
if(typeof campaignLink.userExternal !== 'undefined' && campaignLink.userExternal === true) {
userWallet = await UserExternalWallet.findOne({
walletId: link.id_wallet,
})
} else {
userWallet =
(!!tronWeb &&
(await Wallet.findOne(
{
Expand Down Expand Up @@ -1218,10 +1240,12 @@ exports.validateCampaign = async (req, res) => {
},
{ UserId: 1, _id: 0 }
))

let user = await User.findOne({ _id: userWallet.UserId }).lean()
const id = user._id
const email = user.email
}


let user = (typeof campaignLink.userExternal !== 'undefined' && campaignLink.userExternal === true) ? userWallet : await User.findOne({ _id: userWallet.UserId }).lean()
const id = (typeof campaignLink.userExternal !== 'undefined' && campaignLink.userExternal === true) ? user.UserId : user._id
const email = (typeof campaignLink.userExternal !== 'undefined' && campaignLink.userExternal === true) ? '' : user.email
let linkedinProfile =
link.oracle == 'linkedin' &&
(await LinkedinProfile.findOne({ userId: id }))
Expand Down Expand Up @@ -1255,23 +1279,25 @@ exports.validateCampaign = async (req, res) => {
{ _id: idLink },
{ $set: socialOracle }
)

await notificationManager(id, 'cmp_candidate_accept_link', {
cmp_name: campaign.title,
action: 'link_accepted',
cmp_link: linkProm,
cmp_hash: _id,
hash: ret.transactionHash,
promHash: idLink,
})
readHTMLFileCampaign(
__dirname +
'/../public/emailtemplate/email_validated_link.html',
'campaignValidation',
campaign.title,
email,
_id
)
if(!(typeof campaignLink.userExternal !== 'undefined' && campaignLink.userExternal === true)) {
await notificationManager(id, 'cmp_candidate_accept_link', {
cmp_name: campaign.title,
action: 'link_accepted',
cmp_link: linkProm,
cmp_hash: _id,
hash: ret.transactionHash,
promHash: idLink,
})
readHTMLFileCampaign(
__dirname +
'/../public/emailtemplate/email_validated_link.html',
'campaignValidation',
campaign.title,
email,
_id
)
}

}

return responseHandler.makeResponseData(res, 200, 'success', ret)
Expand Down
12 changes: 10 additions & 2 deletions controllers/external.controller.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -979,10 +979,18 @@ module.exports.externalApply = async (req, res) => {
id,
prom.instagramUserName
)

prom.applyerSignature = req.body.signature
const r = req.body.signature.slice(0, 66);
const s = '0x' + req.body.signature.slice(66, 130);
const v = '0x' + req.body.signature.slice(130, 132);
prom.applyerSignature = {}
prom.applyerSignature.signature = req.body.signature
prom.applyerSignature.messageHash = req.body.message
prom.applyerSignature.r = r
prom.applyerSignature.v = v
prom.applyerSignature.s = s
prom.typeSN = typeSN.toString()
prom.idUser = idUser
prom.userExternal = true;
if (media_url) prom.media_url = media_url
if (prom.typeSN == 5) {
prom.typeURL = linkedinInfo.idPost.split(':')[2]
Expand Down
1 change: 1 addition & 0 deletions model/campaignLink.model.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@ const campaignLinkSchema = mongoose.Schema(
reason: { type: [] },
deleted: { type: Boolean },
linkedinId: { type: String },
userExternal: {type: Boolean , default: false},
applyerSignature: {
messageHash: { type: String },
v: { type: String },
Expand Down

0 comments on commit c080db3

Please sign in to comment.