Skip to content

Commit

Permalink
Merge pull request #31 from cis3296s24/validateJoin
Browse files Browse the repository at this point in the history 
code prevents invalid session id
  • Loading branch information
@nina-perone
nina-perone authored Apr 17, 2024
2 parents 389a014 + c9541d3 commit 7952a7e
Show file tree
Hide file tree
Showing 2 changed files with 35 additions and 22 deletions.
51 changes: 32 additions & 19 deletions receiptifyv1/app.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,8 +27,8 @@ const cors = require('cors');
require('dotenv').config();


const client_id = '035844db2ccb4d0698ab8e14bb12f27a';
const client_secret = '8bfd5a9fa7a44aedbf8bf8f513236b4f';
const client_id = '792207d6524f4255a1730e478d8b66f6';
const client_secret = 'fd5c90696d984ca7a65a54853f340c70';
//const privateKey = fs.readFileSync('AuthKey_A8FKGGUQP3.p8').toString();
const teamId = process.env.teamId;
const keyId = process.env.keyId;
Expand Down Expand Up @@ -146,28 +146,40 @@ app.get('/join', function (req, res){
res.sendFile(__dirname + '/public/join.html')
});

app.get('/submit', function (req, res){
app.get('/submit', async function (req, res){
console.log('/submit');
let sessionUsers;
var state = generateRandomString(16);
res.cookie(stateKey, state);
sessionIDString = 'sessionID'
res.cookie(sessionIDString, req.query.sessionID);
// your application requests authorization
// user-read-private & user-read-email used to get current user info
// user-top-read used to get top track info
var scope =
'user-read-private user-read-email user-top-read playlist-modify-public';
res.set('sessionID', req.query.sessionID);
res.redirect(
'https://accounts.spotify.com/authorize?' +
querystring.stringify({
response_type: 'code',
client_id: client_id,
scope: scope,
redirect_uri: redirect_uri,
state: state,
})
);
sessionUsers = await processFile('users.csv', req.query.sessionID, 1);
console.log(`Session users length: ${sessionUsers.length}`);

if (sessionUsers.length === 0)
{
// TODO: add message or pop up asking user to resubmit (right now code just stops)
}
else
{
// your application requests authorization
// user-read-private & user-read-email used to get current user info
// user-top-read used to get top track info
var scope =
'user-read-private user-read-email user-top-read playlist-modify-public';
res.set('sessionID', req.query.sessionID);
res.redirect(
'https://accounts.spotify.com/authorize?' +
querystring.stringify({
response_type: 'code',
client_id: client_id,
scope: scope,
redirect_uri: redirect_uri,
state: state,
})
);
}


})
/*app.get('/applemusic', function (req, res) {
Expand Down Expand Up @@ -215,6 +227,7 @@ async function fetchProfile(token) {
return await result.json();
}


app.get('/getUsers', async (req, res) =>{
console.log('/getUsers');
const sessionID = req.query.sessionID;
Expand Down
6 changes: 3 additions & 3 deletions receiptifyv1/users.csv
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
display_name, access_token, sessionID
✧ jizzica ✧,BQChAka6mlOzw7MQ9TRXVMCt-TMXc9ygokAOtVMJcLA_Wf7VEX_9NXEJajpVc_Eji3CefksLbHDAnX9fvpLtx7NgcFt7DbS_WwffqnUBOR539JxEVgsqMkmfg97UL_y4zLW4u7GEoHtDymtBxMxnvD7LaaoXL9P63M2UxLRwyxyLH0hI2QIOwyvLEQ0yW53UnQk9XEhdLuyK-tMJtfp3HCldxjtKCSGYFC0PoLY,219722,2024-4-16 17:40:40,
Martin Duong,BQCRfDHLTb6f6sX806cJalJSajBhq6-TB3veC6GRXb3AZ8uHMO6HEOvloqLeLc7xlTx-ZhgOfs22ONj2VWQz5n__xdk7C546UUy7In5MHgg7gYGix7457c0r7gXakCZcaee-brL3qqE3WC1N0U_5KEomJSOBKp39Lr389po2OMTGsnJ8uyOUmnWt2H5EbtvBH9xm1F9T9yOv6n0e9aAfKGfY_-K05xQ4j0-Hvyk,219722,2024-4-16 17:40:56,

Ari,BQA8fwaaWA87EUZvia5emYjOq0IyC0_9rePt7Dsnvs6shbeWFRssWwAfsHYvJAbtnYxDO9vi1YRYs7WUXsd6yzX1UgQE9wMgAJ_VksmJThckhV5qVbQG-Z4zG64YVEHNodfeQoTPWvgCEgC4Rjnb5aWphBYHKcBpseuMAERYqeWxxvWerddgmS22u4D0lpiyqTpKaKzbeiRaY-IuhhzrZfFv8hCSJM1dfPVpUXmTIJ2GkC2_GphugfE6,763656,1713334863450,
Ari,BQBP9W-1YdtEPiN84p4PnEXDc658wfuhYs2LsCMNm9mR3c2HGjVGTMmQHG5fSxYJVRhPE995RPlGXrx8tZlbux2YDC1LvBCmoh3ntfgiqKkkOmGoIPAUoV8V0ygebaQDRKD3V_uDuCuhbpSb8NIqwV4KbP8ezBQ3zGmU_vtAtULeNjPTbc-QGXK38tOj9M8bBUPQOBqGJkG_HbQqOcd0POBQmNk3OeDdhDOzYcqnZtF5b6y-LMjFJXOm,763656,1713334879131,

0 comments on commit 7952a7e

Please sign in to comment.