juice-shop

1
/*
2
 * Copyright (c) 2014-2024 Bjoern Kimminich & the OWASP Juice Shop contributors.
3
 * SPDX-License-Identifier: MIT
4
 */
5

6
import { type Request, type Response, type NextFunction } from 'express'
7
import { WalletModel } from '../models/wallet'
8
import { CardModel } from '../models/card'
9

10
module.exports.getWalletBalance = function getWalletBalance () {
11
  return async (req: Request, res: Response, next: NextFunction) => {
12
    const wallet = await WalletModel.findOne({ where: { UserId: req.body.UserId } })
13
    if (wallet != null) {
14
      res.status(200).json({ status: 'success', data: wallet.balance })
15
    } else {
16
      res.status(404).json({ status: 'error' })
17
    }
18
  }
19
}
20

21
module.exports.addWalletBalance = function addWalletBalance () {
22
  return async (req: Request, res: Response, next: NextFunction) => {
23
    const cardId = req.body.paymentId
24
    const card = cardId ? await CardModel.findOne({ where: { id: cardId, UserId: req.body.UserId } }) : null
25
    if (card != null) {
26
      WalletModel.increment({ balance: req.body.balance }, { where: { UserId: req.body.UserId } }).then(() => {
27
        res.status(200).json({ status: 'success', data: req.body.balance })
28
      }).catch(() => {
29
        res.status(404).json({ status: 'error' })
30
      })
31
    } else {
32
      res.status(402).json({ status: 'error', message: 'Payment not accepted.' })
33
    }
34
  }
35
}
36