Backend Seminar Homework UrWrstNightmare#2

BallisticTurtles · Jul 28, 2024 · e87fad6 · e87fad6
1 parent 7e518c2
commit e87fad6
Show file tree

Hide file tree

Showing 3 changed files with 12 additions and 8 deletions.
diff --git a/client/src/pages/account.tsx b/client/src/pages/account.tsx
@@ -5,14 +5,15 @@ import {SAPIBase} from "../tools/api";
 import "./css/account.css";
 
 const AccountPage = () => {
-  const [ SAPIKEY, setSAPIKEY ] = React.useState<string>("");
+  const [ SUSERID, setSUSERID ] = React.useState<string>("");
+  const [ SUSERPW, setSUSERPW ] = React.useState<string>("");
   const [ NBalance, setNBalance ] = React.useState<number | "Not Authorized">("Not Authorized");
   const [ NTransaction, setNTransaction ] = React.useState<number | ''>(0);
 
   const getAccountInformation = () => {
     const asyncFun = async() => {
       interface IAPIResponse { balance: number };
-      const { data } = await axios.post<IAPIResponse>(SAPIBase + '/account/getInfo', { credential: SAPIKEY });
+      const { data } = await axios.post<IAPIResponse>(SAPIBase + '/account/getInfo', { credential: {SUSERID, SUSERPW}})
       setNBalance(data.balance);
     }
     asyncFun().catch((e) => window.alert(`AN ERROR OCCURED: ${e}`));
@@ -22,7 +23,7 @@ const AccountPage = () => {
     const asyncFun = async() => {
       if (amount === '') return;
       interface IAPIResponse { success: boolean, balance: number, msg: string };
-      const { data } = await axios.post<IAPIResponse>(SAPIBase + '/account/transaction', { credential: SAPIKEY, amount: amount });
+      const { data } = await axios.post<IAPIResponse>(SAPIBase + '/account/transaction', { credential: {SUSERID, SUSERPW}, amount: amount });
       setNTransaction(0);
       if (!data.success) {
         window.alert('Transaction Failed:' + data.msg);
@@ -40,7 +41,10 @@ const AccountPage = () => {
       <Header/>
       <h2>Account</h2>
       <div className={"account-token-input"}>
-        Enter API Key: <input type={"text"} value={SAPIKEY} onChange={e => setSAPIKEY(e.target.value)}/>
+        Enter User ID: <input type={"text"} value={SUSERID} onChange={e => setSUSERID(e.target.value)}/>
+        <br/>
+        Enter User Password: <input type={"text"} value={SUSERPW} onChange={e => setSUSERPW(e.target.value)}/>
+        <br/>
         <button onClick={e => getAccountInformation()}>GET</button>
       </div>
       <div className={"account-bank"}>

diff --git a/seminar/.env.example b/seminar/.env.example
@@ -1,4 +1,5 @@
 PORT=8080
 NODE_ENV=DEVELOPMENT
-API_KEY=
+USER_ID=mightyian03
+USER_PW=password
 MONGO_URI="mongodb://localhost:27017/todos"
diff --git a/seminar/src/middleware/auth.js b/seminar/src/middleware/auth.js
@@ -1,9 +1,8 @@
 const authMiddleware = (req, res, next) => {
-    if (req.body.credential === process.env.API_KEY) {
+    if (req.body.credential.SUSERID === process.env.USER_ID && req.body.credential.SUSERPW === process.env.USER_PW)  {
         console.log("[AUTH-MIDDLEWARE] Authorized User");
         next();
-    }
-    else {
+    } else {
         console.log("[AUTH-MIDDLEWARE] Not Authorized User");
         res.status(401).json({ error: "Not Authorized" });
     }