dist

Author: fox3000foxy

dist/app.d.ts

@@ -0,0 +1,19 @@
+import express from 'express';
+import 'reflect-metadata';
+import './controllers/AuthenticatorController';
+import './controllers/BuyOrderController';
+import './controllers/DescribeController';
+import './controllers/GameController';
+import './controllers/GameGiftController';
+import './controllers/InventoryController';
+import './controllers/ItemController';
+import './controllers/LobbyController';
+import './controllers/MarketListingController';
+import './controllers/OAuth2Controller';
+import './controllers/SearchController';
+import './controllers/StripeController';
+import './controllers/StudioController';
+import './controllers/TradeController';
+import './controllers/UserController';
+import './controllers/WebAuthnController';
+export declare const app: express.Application;

dist/app.js

@@ -0,0 +1,46 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.app = void 0;
+const compression_1 = __importDefault(require("compression"));
+const cors_1 = __importDefault(require("cors"));
+const dotenv_1 = require("dotenv");
+const express_1 = __importDefault(require("express"));
+const inversify_express_utils_1 = require("inversify-express-utils");
+require("reflect-metadata");
+const container_1 = __importDefault(require("./container"));
+(0, dotenv_1.config)();
+require("./controllers/AuthenticatorController");
+require("./controllers/BuyOrderController");
+require("./controllers/DescribeController");
+require("./controllers/GameController");
+require("./controllers/GameGiftController");
+require("./controllers/InventoryController");
+require("./controllers/ItemController");
+require("./controllers/LobbyController");
+require("./controllers/MarketListingController");
+require("./controllers/OAuth2Controller");
+require("./controllers/SearchController");
+require("./controllers/StripeController");
+require("./controllers/StudioController");
+require("./controllers/TradeController");
+require("./controllers/UserController");
+require("./controllers/WebAuthnController");
+const server = new inversify_express_utils_1.InversifyExpressServer(container_1.default);
+server.setConfig(app => {
+    app.use('/stripe/webhook', express_1.default.raw({ type: 'application/json' }));
+    app.use(express_1.default.json({ limit: '50mb' }));
+    app.use(express_1.default.urlencoded({ limit: '50mb', extended: true }));
+    app.use((0, cors_1.default)());
+    app.use((0, compression_1.default)({
+        threshold: 1024, // Compress responses larger than 1KB
+    }));
+});
+server.setErrorConfig(app => {
+    app.use((req, res) => {
+        res.status(404).json({ message: 'Not Found' });
+    });
+});
+exports.app = server.build();

dist/container.d.ts

@@ -0,0 +1,3 @@
+import { Container } from 'inversify';
+declare const container: Container;
+export default container;

dist/container.js

@@ -0,0 +1,39 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const inversify_1 = require("inversify");
+const BadgeService_1 = require("./services/BadgeService");
+const BuyOrderService_1 = require("./services/BuyOrderService");
+const DatabaseService_1 = require("./services/DatabaseService");
+const GameGiftService_1 = require("./services/GameGiftService");
+const GameService_1 = require("./services/GameService");
+const GameViewService_1 = require("./services/GameViewService");
+const InventoryService_1 = require("./services/InventoryService");
+const ItemService_1 = require("./services/ItemService");
+const LobbyService_1 = require("./services/LobbyService");
+const LogService_1 = require("./services/LogService");
+const MailService_1 = require("./services/MailService");
+const MarketListingService_1 = require("./services/MarketListingService");
+const OAuth2Service_1 = require("./services/OAuth2Service");
+const SteamOAuthService_1 = require("./services/SteamOAuthService");
+const StudioService_1 = require("./services/StudioService");
+const TradeService_1 = require("./services/TradeService");
+const UserService_1 = require("./services/UserService");
+const container = new inversify_1.Container();
+container.bind('DatabaseService').to(DatabaseService_1.DatabaseService).inSingletonScope();
+container.bind('InventoryService').to(InventoryService_1.InventoryService).inSingletonScope();
+container.bind('ItemService').to(ItemService_1.ItemService).inSingletonScope();
+container.bind('UserService').to(UserService_1.UserService).inSingletonScope();
+container.bind('LobbyService').to(LobbyService_1.LobbyService).inSingletonScope();
+container.bind('TradeService').to(TradeService_1.TradeService).inSingletonScope();
+container.bind('GameService').to(GameService_1.GameService).inSingletonScope();
+container.bind('OAuth2Service').to(OAuth2Service_1.OAuth2Service).inSingletonScope();
+container.bind('SteamOAuthService').to(SteamOAuthService_1.SteamOAuthService).inSingletonScope();
+container.bind('MailService').to(MailService_1.MailService).inSingletonScope();
+container.bind('StudioService').to(StudioService_1.StudioService).inSingletonScope();
+container.bind('LogService').to(LogService_1.LogService).inSingletonScope();
+container.bind('GameGiftService').to(GameGiftService_1.GameGiftService).inSingletonScope();
+container.bind('MarketListingService').to(MarketListingService_1.MarketListingService).inSingletonScope();
+container.bind('BuyOrderService').to(BuyOrderService_1.BuyOrderService).inSingletonScope();
+container.bind('BadgeService').to(BadgeService_1.BadgeService).inSingletonScope();
+container.bind('GameViewService').to(GameViewService_1.GameViewService).inSingletonScope();
+exports.default = container;

dist/controllers/AuthenticatorController.d.ts

@@ -0,0 +1,12 @@
+import { Request, Response } from 'express';
+import { AuthenticatedRequest } from '../middlewares/LoggedCheck';
+import { ILogService } from '../services/LogService';
+import { IUserService } from '../services/UserService';
+export declare class Authenticator {
+    private userService;
+    private logService;
+    constructor(userService: IUserService, logService: ILogService);
+    private logAction;
+    verifyKey(req: Request, res: Response): Promise<Response<any, Record<string, any>> | undefined>;
+    handleAuthenticatorActions(req: AuthenticatedRequest, res: Response): Promise<Response<any, Record<string, any>> | undefined>;
+}

dist/controllers/AuthenticatorController.js

@@ -0,0 +1,177 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
+    __setModuleDefault(result, mod);
+    return result;
+};
+var __param = (this && this.__param) || function (paramIndex, decorator) {
+    return function (target, key) { decorator(target, key, paramIndex); }
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.Authenticator = void 0;
+const inversify_1 = require("inversify");
+const inversify_express_utils_1 = require("inversify-express-utils");
+const qrcode = __importStar(require("qrcode"));
+const time2fa_1 = require("time2fa");
+const LoggedCheck_1 = require("../middlewares/LoggedCheck");
+const GenKey_1 = require("../utils/GenKey");
+const Jwt_1 = require("../utils/Jwt");
+function handleError(res, error, message, status = 500) {
+    const msg = error instanceof Error ? error.message : String(error);
+    res.status(status).send({ message, error: msg });
+}
+let Authenticator = class Authenticator {
+    constructor(userService, logService) {
+        this.userService = userService;
+        this.logService = logService;
+    }
+    async logAction(req, action, statusCode, metadata) {
+        try {
+            const requestBody = { ...req.body };
+            if (metadata)
+                requestBody.metadata = metadata;
+            await this.logService.createLog({
+                ip_address: req.headers['x-real-ip'] || req.socket.remoteAddress,
+                table_name: 'authenticator',
+                controller: `AuthenticatorController.${action}`,
+                original_path: req.originalUrl,
+                http_method: req.method,
+                request_body: requestBody,
+                user_id: req.user?.user_id,
+                status_code: statusCode,
+            });
+        }
+        catch (error) {
+            console.error('Error creating log:', error);
+        }
+    }
+    async verifyKey(req, res) {
+        const { code, userId } = req.body;
+        if (!userId) {
+            await this.logAction(req, 'verifyKey', 400);
+            return res.status(400).send({ message: 'User ID is required' });
+        }
+        try {
+            const user = await this.userService.getUser(userId);
+            if (!user) {
+                await this.logAction(req, 'verifyKey', 404);
+                return res.status(404).send({ message: 'User not found' });
+            }
+            const key = user.authenticator_secret;
+            if (!key || !code) {
+                await this.logAction(req, 'verifyKey', 400);
+                return res.status(400).send({ message: 'Key and code are required' });
+            }
+            const isValid = time2fa_1.Totp.validate({ secret: key, passcode: code });
+            if (isValid) {
+                await this.logAction(req, 'verifyKey', 200);
+                const apiKey = (0, GenKey_1.genKey)(user.user_id);
+                const jwtToken = (0, Jwt_1.generateUserJwt)(user, apiKey);
+                return res.status(200).send({ message: 'Key verified successfully', token: jwtToken });
+            }
+            else {
+                await this.logAction(req, 'verifyKey', 400);
+                return res.status(400).send({ message: 'Invalid key or code' });
+            }
+        }
+        catch (error) {
+            await this.logAction(req, 'verifyKey', 500, { error });
+            handleError(res, error, 'Error verifying key');
+        }
+    }
+    async handleAuthenticatorActions(req, res) {
+        const action = req.params.action;
+        const user = req.user;
+        try {
+            switch (action) {
+                case 'generateKey': {
+                    if (!user || !user.email) {
+                        await this.logAction(req, 'generateKey', 400);
+                        return res.status(400).send({ message: 'User not authenticated or email missing' });
+                    }
+                    const key = time2fa_1.Totp.generateKey({ issuer: 'Croissant API', user: user.email });
+                    qrcode.toDataURL(key.url, async (err, url) => {
+                        if (err) {
+                            await this.logAction(req, 'generateKey', 500, { error: err });
+                            return res.status(500).send({ message: 'Error generating QR code' });
+                        }
+                        await this.logAction(req, 'generateKey', 200);
+                        res.status(200).send({ key, qrCode: url });
+                    });
+                    break;
+                }
+                case 'registerKey': {
+                    const { key: regKey, passcode } = req.body;
+                    if (!user || !user.email || !regKey) {
+                        await this.logAction(req, 'registerKey', 400);
+                        return res.status(400).send({ message: 'User not authenticated, email missing, or key missing' });
+                    }
+                    if (!passcode) {
+                        await this.logAction(req, 'registerKey', 400);
+                        return res.status(400).send({ message: 'Passcode is required' });
+                    }
+                    if (!time2fa_1.Totp.validate({ secret: regKey.secret, passcode })) {
+                        await this.logAction(req, 'registerKey', 400);
+                        return res.status(400).send({ message: 'Invalid passcode' });
+                    }
+                    await this.userService.setAuthenticatorSecret(user.user_id, regKey.secret);
+                    await this.logAction(req, 'registerKey', 200);
+                    res.status(200).send({ message: 'Key registered successfully' });
+                    break;
+                }
+                case 'delete': {
+                    if (!user || !user.email) {
+                        await this.logAction(req, 'deleteKey', 400);
+                        return res.status(400).send({ message: 'User not authenticated or email missing' });
+                    }
+                    await this.userService.setAuthenticatorSecret(user.user_id, null);
+                    await this.logAction(req, 'deleteKey', 200);
+                    res.status(200).send({ message: 'Google Authenticator deleted successfully' });
+                    break;
+                }
+                default:
+                    res.status(404).send({ message: 'Unknown action' });
+            }
+        }
+        catch (error) {
+            await this.logAction(req, action, 500, { error });
+            handleError(res, error, `Error in ${action}`);
+        }
+    }
+};
+exports.Authenticator = Authenticator;
+__decorate([
+    (0, inversify_express_utils_1.httpPost)('/verifyKey')
+], Authenticator.prototype, "verifyKey", null);
+__decorate([
+    (0, inversify_express_utils_1.httpPost)('/:action', LoggedCheck_1.LoggedCheck.middleware)
+], Authenticator.prototype, "handleAuthenticatorActions", null);
+exports.Authenticator = Authenticator = __decorate([
+    (0, inversify_express_utils_1.controller)('/authenticator'),
+    __param(0, (0, inversify_1.inject)('UserService')),
+    __param(1, (0, inversify_1.inject)('LogService'))
+], Authenticator);

dist/controllers/BuyOrderController.d.ts

@@ -0,0 +1,16 @@
+import { Response } from 'express';
+import { AuthenticatedRequest } from '../middlewares/LoggedCheck';
+import { IBuyOrderService } from '../services/BuyOrderService';
+import { IItemService } from '../services/ItemService';
+import { ILogService } from '../services/LogService';
+export declare class BuyOrderController {
+    private buyOrderService;
+    private itemService;
+    private logService;
+    constructor(buyOrderService: IBuyOrderService, itemService: IItemService, logService: ILogService);
+    private logAction;
+    createBuyOrder(req: AuthenticatedRequest, res: Response): Promise<Response<any, Record<string, any>> | undefined>;
+    cancelBuyOrder(req: AuthenticatedRequest, res: Response): Promise<void>;
+    getBuyOrdersByUser(req: AuthenticatedRequest, res: Response): Promise<Response<any, Record<string, any>> | undefined>;
+    getActiveBuyOrdersForItem(req: AuthenticatedRequest, res: Response): Promise<void>;
+}