lucien/bank-app
1
0
Fork 0
generated from lucien/api-template
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
bank-app/back/api/@me.js
Lukian f0881f2025 add: added receivers
2025-04-28 09:09:26 +02:00

121 lines
No EOL
3.9 KiB
JavaScript
Raw Blame History

const express = require('express');
const router = express.Router();
const { getConnection, getUserAccounts, getUserCards, getUserTransfers, setAccountBalance, getAccount, addTransfer, getUserReceivers, addReceiver, removeReceiver } = require('../libs/mysql');
const { checkAuth } = require('../libs/middlewares');
router.post('/', checkAuth, async (req, res) => {
const user = req.user;
res.send(user);
});
router.post('/accounts', checkAuth, async (req, res) => {
const user = req.user;
const connection = await getConnection();
const accounts = await getUserAccounts(connection, user.id);
connection.end();
res.send(accounts);
});
router.post('/cards', checkAuth, async (req, res) => {
const user = req.user;
const connection = await getConnection();
const cards = await getUserCards(connection, user.id);
connection.end();
res.send(cards);
});
router.post('/transfers', checkAuth, async (req, res) => {
const user = req.user;
const connection = await getConnection();
const transfers = await getUserTransfers(connection, user.id);
connection.end();
res.send(transfers);
});
router.post('/receivers', checkAuth, async (req, res) => {
const user = req.user;
const connection = await getConnection();
const receivers = await getUserReceivers(connection, user.id);
connection.end();
res.send(receivers);
});
router.post('/add-receiver', checkAuth, async (req, res) => {
const user = req.user;
const { account_id, name } = req.body;
if (!account_id || !name) {
return res.status(400).send({ error: 'Missing required fields' });
}
const connection = await getConnection();
const account = await getAccount(connection, account_id);
if (!account[0]) {
return res.status(400).send({ error: 'Invalid account ID' });
}
await addReceiver(connection, user.id, account_id, name);
connection.end();
res.send({ message: 'Receiver added successfully' });
});
router.post('/remove-receiver', checkAuth, async (req, res) => {
const user = req.user;
const { id } = req.body;
if (!id) {
return res.status(400).send({ error: 'Missing required fields' });
}
const connection = await getConnection();
const receiver = await getUserReceivers(connection, user.id);
if (!receiver[0]) {
return res.status(400).send({ error: 'Invalid receiver ID' });
}
if (receiver[0].user_id !== user.id) {
return res.status(403).send({ error: 'You are not authorized to remove this receiver' });
}
await removeReceiver(connection, id);
connection.end();
res.send({ message: 'Receiver removed successfully' });
});
router.post('/send-money', checkAuth, async (req, res) => {
const user = req.user;
const { account_from_id, account_to_id, amount, name } = req.body;
if (!account_from_id || !account_to_id || !amount || !name) {
return res.status(400).send({ error: 'Missing required fields' });
}
const connection = await getConnection();
const accountFrom = await getAccount(connection, account_from_id);
const accountTo = await getAccount(connection, account_to_id);
if (!accountFrom[0] || !accountTo[0]) {
return res.status(400).send({ error: 'Invalid account ID' });
}
if (accountFrom[0].client_id !== user.id) {
return res.status(403).send({ error: 'You are not authorized to send money from this account' });
}
if (accountFrom[0].balance < amount) {
return res.status(400).send({ error: 'Insufficient funds' });
}
await setAccountBalance(connection, account_from_id, accountFrom[0].balance - amount);
await setAccountBalance(connection, account_to_id, accountTo[0].balance + amount);
await addTransfer(connection, account_from_id, account_to_id, name, amount);
connection.end();
res.send({ message: 'Money sent successfully' });
});
module.exports = router;
Reference in a new issue View git blame Copy permalink