diff --git a/components/admin/proposal-active.js b/components/admin/proposal-active.js index 4f09b4b..00c026d 100644 --- a/components/admin/proposal-active.js +++ b/components/admin/proposal-active.js @@ -5,7 +5,7 @@ import styles from '../../styles/admin.module.scss' * @returns list of all active proposals */ -const ActiveProposals = ({ proposals, setProposals, setSelectedProposal }) => { +const ActiveProposals = ({ proposals, setProposals, setSelectedProposal, session }) => { return (
{proposals && @@ -21,6 +21,7 @@ const ActiveProposals = ({ proposals, setProposals, setSelectedProposal }) => { setSelectedProposal={setSelectedProposal} proposal={proposal} setProposals={setProposals} + session={session} /> ); })} diff --git a/components/admin/proposal-form.js b/components/admin/proposal-form.js index c37928f..0dd1dab 100644 --- a/components/admin/proposal-form.js +++ b/components/admin/proposal-form.js @@ -12,6 +12,7 @@ const CreateProposalForm = ({ selectedProposal, setSelectedProposal, setProposals, + session }) => { const [proposal, setProposal] = useState(selectedProposal); const [active, setActive] = useState(false); @@ -33,6 +34,8 @@ const CreateProposalForm = ({ title: proposal && proposal.title, detail: proposal && proposal.detail, active: active, + signature: session && session.signature, + typedData: session && session.typedData }, }); setProposals(null); @@ -54,6 +57,8 @@ const CreateProposalForm = ({ updatedTitle: proposal && proposal.title, detail: proposal && proposal.detail, active: active ? active : false, + signature: session && session.signature, + typedData: session && session.typedData }, }); setProposals(null); diff --git a/components/admin/proposalItem/proposalItem.js b/components/admin/proposalItem/proposalItem.js index d61bf42..aa4546b 100644 --- a/components/admin/proposalItem/proposalItem.js +++ b/components/admin/proposalItem/proposalItem.js @@ -11,7 +11,9 @@ const ProposalItem = ({ setSelectedProposal, proposal, setProposals, + session }) => { + const handleDeleteProposal = async () => { console.log('Deleting...'); try { @@ -20,6 +22,8 @@ const ProposalItem = ({ url: '/api/proposal-delete', data: { title: proposal.title, + signature: session && session.signature, + typedData: session && session.typedData }, }); setProposals(null); diff --git a/components/admin/reward-form.js b/components/admin/reward-form.js index 40422a2..91480e2 100644 --- a/components/admin/reward-form.js +++ b/components/admin/reward-form.js @@ -9,6 +9,7 @@ const CreateRewardForm = ({ selectedReward, setSelectedReward, setRewards, + session }) => { const [reward, setReward] = useState(selectedReward); const [file, setFile] = useState(null); @@ -49,7 +50,7 @@ const CreateRewardForm = ({ const { name, value } = event.target; const newReward = { ...reward }; newReward[name] = value; - setReward(newReward); + setReward({ ...reward, [name]: value }) console.log('Reward form data', reward); }; @@ -65,6 +66,8 @@ const CreateRewardForm = ({ detail: reward && reward.detail, imageStr: imageUrl && imageUrl, eligibilityCount: reward && reward.eligibilityCount, + signature: session && session.signature, + typedData: session && session.typedData }, }); setRewards(null); @@ -87,6 +90,8 @@ const CreateRewardForm = ({ detail: reward && reward.detail, imageStr: imageUrl && imageUrl, eligibilityCount: reward && reward.eligibilityCount, + signature: session && session.signature, + typedData: session && session.typedData }, }); setRewards(null); diff --git a/components/admin/rewardItem/rewardItem.js b/components/admin/rewardItem/rewardItem.js index 57f5951..d89f8af 100644 --- a/components/admin/rewardItem/rewardItem.js +++ b/components/admin/rewardItem/rewardItem.js @@ -11,6 +11,7 @@ const RewardItem = ({ setSelectedReward, reward, setRewards, + session }) => { const handleDeleteReward = async () => { try { @@ -19,6 +20,8 @@ const RewardItem = ({ url: '/api/rewards-delete', data: { title: reward.title, + signature: session && session.signature, + typedData: session && session.typedData }, }); setRewards(null); diff --git a/components/admin/rewards-active.js b/components/admin/rewards-active.js index a97b33d..e676309 100644 --- a/components/admin/rewards-active.js +++ b/components/admin/rewards-active.js @@ -5,7 +5,7 @@ import styles from '../../styles/admin.module.scss' * @returns list of all active rewards */ -const ActiveRewards = ({ rewards, setRewards, setSelectedReward }) => { +const ActiveRewards = ({ rewards, setRewards, setSelectedReward, session}) => { return (
{rewards && @@ -20,6 +20,7 @@ const ActiveRewards = ({ rewards, setRewards, setSelectedReward }) => { setSelectedReward={setSelectedReward && setSelectedReward} reward={reward} setRewards={setRewards} + session={session} /> ); diff --git a/pages/admin/admin.js b/pages/admin/admin.js index 9b0777c..72a69cb 100644 --- a/pages/admin/admin.js +++ b/pages/admin/admin.js @@ -68,18 +68,10 @@ const Admin = () => { }, []); + const fetchActiveRewards = async () => { try { - const init = { - method: "post", - headers: { - // TODO: check this - "Content-Type": "application/json" - }, - body: JSON.stringify(session.sessionState) - }; - - await fetch("/api/rewards-getAll", init) + await fetch("/api/rewards-getAll") .then((res) => res.json()) .then((data) => { console.log("Rewards data", data); @@ -153,6 +145,7 @@ const Admin = () => { selectedReward={selectedReward} setSelectedReward={setSelectedReward} setRewards={setRewards} + session={session && session.sessionState} /> )} @@ -161,6 +154,7 @@ const Admin = () => { selectedProposal={selectedProposal} setSelectedProposal={setSelectedProposal} setProposals={setProposals} + session={session && session.sessionState} /> )} @@ -307,6 +301,7 @@ const Admin = () => { proposals={proposals} setProposals={setProposals} setSelectedProposal={setSelectedProposal} + session={session && session.sessionState} />
@@ -329,6 +324,7 @@ const Admin = () => { rewards={rewards} setRewards={setRewards} setSelectedReward={setSelectedReward} + session={session && session.sessionState} /> @@ -378,7 +374,8 @@ const Admin = () => { Staking Count Status - {console.log("===Admin Auth Check===", session.authStatus)} + + {console.log("===Admin Auth Check===", session.sessionState)}
diff --git a/pages/api/proposal-create.js b/pages/api/proposal-create.js index 9cc1619..02ba3a4 100644 --- a/pages/api/proposal-create.js +++ b/pages/api/proposal-create.js @@ -6,38 +6,40 @@ const { SignTypedDataVersion, } = require("@metamask/eth-sig-util"); -const adminAddress = ["0xa33a70FABFeb361Fe891C208B1c27ec0b64baBEB", "0x5013983D5691886140f24Abd66d2D7072f62991b"]; +const adminAddress = [ + "0xa33a70FABFeb361Fe891C208B1c27ec0b64baBEB", + "0x5013983D5691886140f24Abd66d2D7072f62991b", + "0x575dC6dd8c838F8E015349BbF55b90E718efF537", + "0xb265d9496Ae60CABe0ea1D3eab059B8Bb1911428", + "0x282D35Ee1b589F003db896b988fc59e2665Fa6a1", +]; const createProposal = async (req, res, next) => { + const { typedData, signature } = req.body; - // const { - // typedData, - // signature, - // } = req.body; + const signer = recoverTypedSignature({ + data: typedData, + signature: signature, + version: SignTypedDataVersion.V4, + }); - // const signer = recoverTypedSignature({ - // data: typedData, - // signature: signature, - // version: SignTypedDataVersion.V4, - // }); - - -// if (!(adminAddress.map((address) => address.toLowerCase()).includes(signer.toLowerCase()))) { -// res.status(405).send({ message: "Only Admin" }); -// } + if ( + !adminAddress + .map((address) => address.toLowerCase()) + .includes(signer.toLowerCase()) + ) { + res.status(405).send({ message: "Only Admin" }); + } if (req.method !== "POST") { res.status(405).send({ message: "Only POST requests allowed" }); return; } connectMongo(); - - const { title, detail, active, voters} = - req.body; - - try { + const { title, detail, active, voters } = req.body; + try { const newProposal = await ProposalModel.create({ title: title, detail: detail, @@ -64,4 +66,4 @@ const createProposal = async (req, res, next) => { } }; -export default createProposal; \ No newline at end of file +export default createProposal; diff --git a/pages/api/proposal-delete.js b/pages/api/proposal-delete.js index 0f156ce..beafe03 100644 --- a/pages/api/proposal-delete.js +++ b/pages/api/proposal-delete.js @@ -1,14 +1,41 @@ import connectMongo from "../../config/connectMongo"; import ProposalModel from "../../models/proposal-schema"; +const { + recoverTypedSignature, + SignTypedDataVersion, +} = require("@metamask/eth-sig-util"); + +const adminAddress = [ + "0xa33a70FABFeb361Fe891C208B1c27ec0b64baBEB", + "0x5013983D5691886140f24Abd66d2D7072f62991b", + "0x575dC6dd8c838F8E015349BbF55b90E718efF537", + "0xb265d9496Ae60CABe0ea1D3eab059B8Bb1911428", + "0x282D35Ee1b589F003db896b988fc59e2665Fa6a1", +]; const deleteProposal = async (req, res) => { + if (req.method !== "POST") { + res.status(405).send({ message: "Only POST requests allowed" }); + return; + } + const { title, typedData, signature } = req.body; + const signer = recoverTypedSignature({ + data: typedData, + signature: signature, + version: SignTypedDataVersion.V4, + }); + if ( + !adminAddress + .map((address) => address.toLowerCase()) + .includes(signer.toLowerCase()) + ) { + res.status(405).send({ message: "Only Admin" }); + } try { connectMongo(); - - const newProposal = await ProposalModel.findOneAndDelete({ title: title, }).then((data) => { diff --git a/pages/api/proposal-update.js b/pages/api/proposal-update.js index 8324da7..d740a11 100644 --- a/pages/api/proposal-update.js +++ b/pages/api/proposal-update.js @@ -1,6 +1,17 @@ import ProposalModel from "../../models/proposal-schema"; import connectMongo from "../../config/connectMongo"; +const { + recoverTypedSignature, + SignTypedDataVersion, +} = require("@metamask/eth-sig-util"); +const adminAddress = [ + "0xa33a70FABFeb361Fe891C208B1c27ec0b64baBEB", + "0x5013983D5691886140f24Abd66d2D7072f62991b", + "0x575dC6dd8c838F8E015349BbF55b90E718efF537", + "0xb265d9496Ae60CABe0ea1D3eab059B8Bb1911428", + "0x282D35Ee1b589F003db896b988fc59e2665Fa6a1", +]; const updateProposal = async (req, res) => { @@ -12,6 +23,21 @@ const updateProposal = async (req, res) => { const { title, detail, updatedTitle, active, typedData, signature } = req.body; + const signer = recoverTypedSignature({ + data: typedData, + signature: signature, + version: SignTypedDataVersion.V4, + }); + + if ( + !adminAddress + .map((address) => address.toLowerCase()) + .includes(signer.toLowerCase()) + ) { + res.status(405).send({ message: "Only Admin" }); + } + + let updatedProposal; console.log("Request Body", req.body); diff --git a/pages/api/rewards-create.js b/pages/api/rewards-create.js index 0ead05a..6612731 100644 --- a/pages/api/rewards-create.js +++ b/pages/api/rewards-create.js @@ -1,8 +1,17 @@ import connectMongo from "../../config/connectMongo"; import RewardsModel from "../../models/rewards-schema"; +const { + recoverTypedSignature, + SignTypedDataVersion, +} = require("@metamask/eth-sig-util"); - -// const adminAddress = ["0xa33a70FABFeb361Fe891C208B1c27ec0b64baBEB"]; +const adminAddress = [ + "0xa33a70FABFeb361Fe891C208B1c27ec0b64baBEB", + "0x5013983D5691886140f24Abd66d2D7072f62991b", + "0x575dC6dd8c838F8E015349BbF55b90E718efF537", + "0xb265d9496Ae60CABe0ea1D3eab059B8Bb1911428", + "0x282D35Ee1b589F003db896b988fc59e2665Fa6a1", +]; const createReward = async (req, res) => { if (req.method !== "POST") { @@ -13,19 +22,24 @@ const createReward = async (req, res) => { const { title, detail, imageStr, eligibilityCount, typedData, signature } = req.body; + + const signer = recoverTypedSignature({ + data: typedData, + signature: signature, + version: SignTypedDataVersion.V4, + }); + + if ( + !adminAddress + .map((address) => address.toLowerCase()) + .includes(signer.toLowerCase()) + ) { + res.status(405).send({ message: "Only Admin" }); + } try { - console.log("Server Data", req.body) - - - // if (signer.toLowerCase() === adminAddress.map((el) => el.toLowerCase())) { - // console.log("Creating Proposal...") - // } else { - // res - // .status(405) - // .send({ message: "This account is not allowed to initiate proposals" }); - // } + const newReward = await RewardsModel.create({ title: title, detail: detail, diff --git a/pages/api/rewards-delete.js b/pages/api/rewards-delete.js index 3994254..b723dc8 100644 --- a/pages/api/rewards-delete.js +++ b/pages/api/rewards-delete.js @@ -1,24 +1,41 @@ import connectMongo from "../../config/connectMongo"; import RewardsModel from "../../models/rewards-schema"; +const { + recoverTypedSignature, + SignTypedDataVersion, +} = require("@metamask/eth-sig-util"); + +const adminAddress = [ + "0xa33a70FABFeb361Fe891C208B1c27ec0b64baBEB", + "0x5013983D5691886140f24Abd66d2D7072f62991b", + "0x575dC6dd8c838F8E015349BbF55b90E718efF537", + "0xb265d9496Ae60CABe0ea1D3eab059B8Bb1911428", + "0x282D35Ee1b589F003db896b988fc59e2665Fa6a1", +]; const deleteReward = async (req, res) => { + if (req.method !== "POST") { + res.status(405).send({ message: "Only POST requests allowed" }); + return; + } const { title, typedData, signature } = req.body; + const signer = recoverTypedSignature({ + data: typedData, + signature: signature, + version: SignTypedDataVersion.V4, + }); + + if ( + !adminAddress + .map((address) => address.toLowerCase()) + .includes(signer.toLowerCase()) + ) { + res.status(405).send({ message: "Only Admin" }); + } + try { connectMongo(); - // const signer = recoverTypedSignature({ - // data: typedData, - // signature: signature, - // version: SignTypedDataVersion.V4, - // }); - - // if (signer.toLowerCase() === adminAddress.map((el) => el.toLowerCase())) { - // console.log("Creating Proposal...") - // } else { - // res - // .status(405) - // .send({ message: "This account is not allowed to initiate proposals" }); - // } const newReward = await RewardsModel.findOneAndDelete({ title: title, diff --git a/pages/api/rewards-getAll.js b/pages/api/rewards-getAll.js index 2c46b87..689679e 100644 --- a/pages/api/rewards-getAll.js +++ b/pages/api/rewards-getAll.js @@ -3,33 +3,12 @@ import RewardModel from "../../models/rewards-schema"; const getAllRewards = async (req, res) => { - if (req.method !== "POST") { - res.status(405).send({ message: "Only POST requests allowed" }); + + if (req.method !== "GET") { + res.status(405).send({ message: "Only GET requests allowed" }); return; } - - // const { typedData, signature } = req.body; - - // const signer = recoverTypedSignature({ - // data: typedData, - // signature: signature, - // version: SignTypedDataVersion.V4, - // }); - - // let authStatus; - // if ( - // adminAddress - // .map((address) => address.toLowerCase()) - // .includes(signer.toLowerCase()) - // ) { - // authStatus = "Admin"; - // } else { - // authStatus = "User"; - // console.log("Valid Signer", signer.toLowerCase()); - // } - - try { connectMongo(); const data = await RewardModel.find().then((data) => { @@ -50,4 +29,4 @@ const getAllRewards = async (req, res) => { } }; -export default getAllRewards; \ No newline at end of file +export default getAllRewards; diff --git a/pages/api/rewards-update.js b/pages/api/rewards-update.js index 40d4a64..14fd59b 100644 --- a/pages/api/rewards-update.js +++ b/pages/api/rewards-update.js @@ -1,5 +1,17 @@ import RewardModel from "../../models/rewards-schema"; import connectMongo from "../../config/connectMongo"; +const { + recoverTypedSignature, + SignTypedDataVersion, +} = require("@metamask/eth-sig-util"); + +const adminAddress = [ + "0xa33a70FABFeb361Fe891C208B1c27ec0b64baBEB", + "0x5013983D5691886140f24Abd66d2D7072f62991b", + "0x575dC6dd8c838F8E015349BbF55b90E718efF537", + "0xb265d9496Ae60CABe0ea1D3eab059B8Bb1911428", + "0x282D35Ee1b589F003db896b988fc59e2665Fa6a1", +]; const updateReward = async (req, res) => { if (req.method !== "POST") { @@ -17,53 +29,38 @@ const updateReward = async (req, res) => { signature, } = req.body; + const signer = recoverTypedSignature({ + data: typedData, + signature: signature, + version: SignTypedDataVersion.V4, + }); + + if ( + !adminAddress + .map((address) => address.toLowerCase()) + .includes(signer.toLowerCase()) + ) { + res.status(405).send({ message: "Only Admin" }); + } + let updatedReward; - console.log("Request Body", req.body); + console.log("Request Body", { + title: title, + detail: detail, + imageStr: imageStr, + updatedTitle: updatedTitle, + eligibilityCount, + }); try { connectMongo(); - if (detail && !updatedTitle && !imageStr) { - updatedReward = await RewardModel.findOneAndUpdate( - { title: title }, - { - $set: { detail: detail }, - } - ).then((data) => { - console.log("Updated Reward", data); - return data; - }); - } else if (detail && imageStr && !updatedTitle) { - updatedReward = await RewardModel.findOneAndUpdate( - { title: title }, - { - $set: { detail: detail, image: imageStr }, - } - ).then((data) => { - console.log("Updated Reward", data); - return data; - }); - } else if (detail && updatedTitle && !imageStr) { - updatedReward = await RewardModel.findOneAndUpdate( - { title: title }, - { - $set: { detail: detail, title: updatedTitle }, - } - ).then((data) => { - console.log("Updated Reward", data); - return data; - }); - } else if (updatedTitle && imageStr && !detail) { - updatedReward = await RewardModel.findOneAndUpdate( - { title: title }, - { - $set: { title: updatedTitle, image: imageStr }, - } - ).then((data) => { - console.log("Updated Reward", data); - return data; - }); - } else if (updatedTitle && !imageStr && !detail) { + // Monitor Target Record and Update + let targetUpdate = await RewardModel.findOne({ title: title }).then( + (data) => data + ); + + if (targetUpdate.title !== updatedTitle) { updatedReward = await RewardModel.findOneAndUpdate( { title: title }, { @@ -73,27 +70,19 @@ const updateReward = async (req, res) => { console.log("Updated Reward", data); return data; }); - } else if (imageStr && !updatedTitle && !detail) { - updatedReward = await RewardModel.findOneAndUpdate( - { title: title }, - { - $set: { image: imageStr }, - } - ).then((data) => { - console.log("Updated Reward", data); - return data; - }); - } else if (updatedTitle && imageStr && detail) { + } + if (targetUpdate.detail !== detail) { updatedReward = await RewardModel.findOneAndUpdate( { title: title }, { - $set: { title: updatedTitle, detail: detail, image: imageStr }, + $set: { detail: detail }, } ).then((data) => { console.log("Updated Reward", data); return data; }); - } else if (eligibilityCount && !updatedTitle && !imageStr && !detail) { + } + if (targetUpdate.eligibilityCount !== eligibilityCount) { updatedReward = await RewardModel.findOneAndUpdate( { title: title }, { @@ -103,60 +92,12 @@ const updateReward = async (req, res) => { console.log("Updated Reward", data); return data; }); - } else if (eligibilityCount && updatedTitle && !imageStr && !detail) { - updatedReward = await RewardModel.findOneAndUpdate( - { title: title }, - { - $set: { title: updatedTitle, eligibilityCount: eligibilityCount }, - } - ).then((data) => { - console.log("Updated Reward", data); - return data; - }); - } else if (eligibilityCount && updatedTitle && imageStr && !detail) { - updatedReward = await RewardModel.findOneAndUpdate( - { title: title }, - { - $set: { - title: updatedTitle, - image: imageStr, - eligibilityCount: eligibilityCount, - }, - } - ).then((data) => { - console.log("Updated Reward", data); - return data; - }); - } else if (eligibilityCount && !updatedTitle && imageStr && !detail) { - updatedReward = await RewardModel.findOneAndUpdate( - { title: title }, - { - $set: { image: imageStr, eligibilityCount: eligibilityCount }, - } - ).then((data) => { - console.log("Updated Reward", data); - return data; - }); - } else if (eligibilityCount && !updatedTitle && !imageStr && detail) { - updatedReward = await RewardModel.findOneAndUpdate( - { title: title }, - { - $set: { detail: detail, eligibilityCount: eligibilityCount }, - } - ).then((data) => { - console.log("Updated Reward", data); - return data; - }); - } else if (eligibilityCount && updatedTitle && imageStr && detail) { + } + if (targetUpdate.image !== imageStr) { updatedReward = await RewardModel.findOneAndUpdate( { title: title }, { - $set: { - title: updatedTitle, - detail: detail, - image: imageStr, - eligibilityCount: eligibilityCount, - }, + $set: { image: imageStr }, } ).then((data) => { console.log("Updated Reward", data);