Notes
Notes - notes.io |
Here is my full code:
const cashout = async function (req, res) {
var fullUrl = req.protocol + "://" + req.hostname + req.originalUrl;
const { URLSearchParams } = require("url");
const url = new URL(fullUrl);
const urlParams = new URLSearchParams(url.search);
const gamertag = urlParams.get("gamertag");
const satoshis = urlParams.get("sats");
const sessionId = urlParams.get("session");
let tampered;
if (!gamertag) {
return res.status(401).send({ msg: "No gamertag supplied, cashout denied." });
}
if (!sessionId) {
return res.status(401).send({ msg: "Unauthorized, session ID not found." });
}
if (!satoshis || isNaN(satoshis) || satoshis < 1) {
return res.status(400).send({ msg: "Invalid amount of satoshis, cashout denied." });
}
req.sessionStore.get(sessionId, (err, session) => {
if (err) {
console.log("Error getting session: " + err);
res.status(500).send(err);
} else {
if (session) {
console.log("The amount of satoshis in the session is: " + session.satoshis)
if (!session.satoshis) {
const dataToSend = {
msg: "Session used has no value, cashout denied.",
};
res.send(JSON.stringify(dataToSend));
return console.warn(
`HACKING ATTEMPT: ${gamertag.toLowerCase()} is attempting to cash out with a session that has no satoshi value!`
);
}
if (session.satoshis <= (satoshis / 1000)) {
tampered = true;
} else {
tampered = false;
}
} else {
res.status(404).send({
success: false
});
}
}
});
if (tampered) {
const dataToSend = {
msg: "Your request has been blocked due to security measures.",
};
console.warn(
`HACKING ATTEMPT: ${gamertag.toLowerCase()} is attempting to steal ${satoshis / 1000} satoshis from the game!`
);
return res.send(JSON.stringify(dataToSend));
} else {
console.log("The request has not been tampered with.");
if (usedSessions[sessionId]) {
return res.status(400).send({ msg: "Session ID has already been used, cashout denied."});
}
usedSessions[sessionId] = true;
}
const gamertagLowercase = gamertag.toLowerCase();
Sentry.setUser({
username: gamertagLowercase,
});
const lnaddress = gamertagLowercase + "@zbd.gg";
const lnverify = await fetch(
`https://api.zebedee.io/v0/ln-address/validate/${lnaddress}`,
{
method: "GET",
headers: {
"Content-Type": "application/json",
apikey: "BEq0lls1fZIafsaLVY07HU1JOnPIbOZo",
},
}
);
const lnverify1 = await lnverify.json();
if (lnverify1 && lnverify1.data && lnverify1.data.valid === false) {
const dataToSend = {
msg: "You have entered an invalid ZBD Gamertag.",
};
return res.send(JSON.stringify(dataToSend));
}
const gmtverify = await fetch(
`https://api.zebedee.io/v0/user-id/gamertag/${gamertagLowercase}`,
{
method: "GET",
headers: {
"Content-Type": "application/json",
apikey: "BEq0lls1fZIafsaLVY07HU1JOnPIbOZo",
},
}
);
const gmtverify1 = await gmtverify.json();
const newsats = satoshis / 1000;
if (satoshis > 51000) {
console.warn(
`HACKING ATTEMPT: ${gamertagLowercase} is attempting to steal ${newsats} satoshis from the game! Gamertag ID is unknown.`
);
const dataToSend = {
msg: "You have triggered our anti-hack defense system. Contact 'Coffee L. Burger#0001' on Discord to claim your sats!",
};
return res.send(JSON.stringify(dataToSend));
}
if (satoshis < 0.99)
return res.send("You have less than 1 satoshi, exiting process.");
if (
gmtverify1 &&
gmtverify1.data &&
(gmtverify1.data.id === "34f43956-8f61-47bb-a6a4-83f717948bc9" ||
gmtverify1.data.id === "b30d2075-e1db-4f68-b5ef-55bb2cc8776d" ||
gmtverify1.data.id === "8c9cbb46-9508-4dbe-ae99-a2edccfe6aa1" ||
gmtverify1.data.id === "5b84599f-f797-4844-8a33-69a4dc746747" ||
gmtverify1.data.id === "b37c90b8-dc2a-43eb-b856-df8b9a9acd91" ||
gmtverify1.data.id === "373e5835-a9f5-4a9d-9b79-2543ff04f5e1" ||
gmtverify1.data.id === "0d386007-3494-46f4-9b73-0b0cae860439")
) {
const dataToSend = {
msg: "You have been banned from withdrawing on 2048 Bitcoin.",
};
return res.send(JSON.stringify(dataToSend));
}
const daily = db.table("daily");
const dailygt = `${gamertag}.amount`;
const balance = await daily.get(dailygt);
if (balance === null || balance === undefined) {
await daily.set(dailygt, newsats);
const body = JSON.stringify({
gamertag: gamertagLowercase,
amount: satoshis,
description:
"Thank you for playing 2048 Bitcoin! Please share this game to your friends and continue playing!",
});
const res2 = await fetch(
"https://api.zebedee.io/v0/gamertag/send-payment",
{
method: "POST",
headers: {
"Content-Type": "application/json",
apikey: "BEq0lls1fZIafsaLVY07HU1JOnPIbOZo",
},
body: body,
}
);
const bodylead = JSON.stringify({
gamertag: gamertagLowercase,
sats: newsats,
session: sessionId,
});
const reslead = await fetch("https://eoemu4t13tcaup0.m.pipedream.net", {
method: "POST",
headers: {
"Content-Type": "application/json",
},
body: bodylead,
});
const res2json = await res2.json();
console.log(res2json);
let typeOfSats;
if (newsats === 1) {
typeOfSats = "sat";
} else {
typeOfSats = "sats";
}
const dataToWrite = {
msg: `Your ${newsats} ${typeOfSats} has been sent to your ZEBEDEE wallet successfully!`,
};
res.send(JSON.stringify(dataToWrite));
req.sessionStore.get(sessionId, (err, session) => {
if (err) {
res.status(500).send(err);
} else {
if (session) {
req.session.destroy((err) => {
if (err) {
console.log(err);
} else {
console.log("Session destroyed.");
}
});
} else {
res.status(404).send({
success: false,
});
}
}
});
} else {
if (balance > 200)
return res.send({
msg: "You have surpassed the daily limit.",
});
const body = JSON.stringify({
gamertag: gamertagLowercase,
amount: satoshis,
description:
"Thank you for playing 2048 Bitcoin! Please share this game to your friends and continue playing!",
});
const res2 = await fetch(
"https://api.zebedee.io/v0/gamertag/send-payment",
{
method: "POST",
headers: {
"Content-Type": "application/json",
apikey: "BEq0lls1fZIafsaLVY07HU1JOnPIbOZo",
},
body: body,
}
);
const bodylead = JSON.stringify({
gamertag: gamertagLowercase,
sats: newsats,
session: sessionId,
});
const reslead = await fetch("https://eoemu4t13tcaup0.m.pipedream.net", {
method: "POST",
headers: {
"Content-Type": "application/json",
},
body: bodylead,
});
const res2json = await res2.json();
console.log(res2json);
let typeOfSats;
if (newsats === 1) {
typeOfSats = "sat";
} else {
typeOfSats = "sats";
}
const dataToWrite = {
msg: `Your ${newsats} ${typeOfSats} has been sent to your ZEBEDEE wallet successfully!`,
};
res.send(JSON.stringify(dataToWrite));
req.sessionStore.get(sessionId, (err, session) => {
if (err) {
res.status(500).send(err);
} else {
if (session) {
req.session.destroy((err) => {
if (err) {
console.log(err);
} else {
console.log("Session destroyed.");
}
});
} else {
res.status(404).send({
success: false,
});
}
}
});
}
};
But why isn't it returning when cashout denied?
const cashout = async function (req, res) {
var fullUrl = req.protocol + "://" + req.hostname + req.originalUrl;
const { URLSearchParams } = require("url");
const url = new URL(fullUrl);
const urlParams = new URLSearchParams(url.search);
const gamertag = urlParams.get("gamertag");
const satoshis = urlParams.get("sats");
const sessionId = urlParams.get("session");
let tampered;
if (!gamertag) {
return res.status(401).send({ msg: "No gamertag supplied, cashout denied." });
}
if (!sessionId) {
return res.status(401).send({ msg: "Unauthorized, session ID not found." });
}
if (!satoshis || isNaN(satoshis) || satoshis < 1) {
return res.status(400).send({ msg: "Invalid amount of satoshis, cashout denied." });
}
req.sessionStore.get(sessionId, (err, session) => {
if (err) {
console.log("Error getting session: " + err);
res.status(500).send(err);
} else {
if (session) {
console.log("The amount of satoshis in the session is: " + session.satoshis)
if (!session.satoshis) {
const dataToSend = {
msg: "Session used has no value, cashout denied.",
};
res.send(JSON.stringify(dataToSend));
return console.warn(
`HACKING ATTEMPT: ${gamertag.toLowerCase()} is attempting to cash out with a session that has no satoshi value!`
);
}
if (session.satoshis <= (satoshis / 1000)) {
tampered = true;
} else {
tampered = false;
}
} else {
res.status(404).send({
success: false
});
}
}
});
if (tampered) {
const dataToSend = {
msg: "Your request has been blocked due to security measures.",
};
console.warn(
`HACKING ATTEMPT: ${gamertag.toLowerCase()} is attempting to steal ${satoshis / 1000} satoshis from the game!`
);
return res.send(JSON.stringify(dataToSend));
} else {
console.log("The request has not been tampered with.");
if (usedSessions[sessionId]) {
return res.status(400).send({ msg: "Session ID has already been used, cashout denied."});
}
usedSessions[sessionId] = true;
}
const gamertagLowercase = gamertag.toLowerCase();
Sentry.setUser({
username: gamertagLowercase,
});
const lnaddress = gamertagLowercase + "@zbd.gg";
const lnverify = await fetch(
`https://api.zebedee.io/v0/ln-address/validate/${lnaddress}`,
{
method: "GET",
headers: {
"Content-Type": "application/json",
apikey: "BEq0lls1fZIafsaLVY07HU1JOnPIbOZo",
},
}
);
const lnverify1 = await lnverify.json();
if (lnverify1 && lnverify1.data && lnverify1.data.valid === false) {
const dataToSend = {
msg: "You have entered an invalid ZBD Gamertag.",
};
return res.send(JSON.stringify(dataToSend));
}
const gmtverify = await fetch(
`https://api.zebedee.io/v0/user-id/gamertag/${gamertagLowercase}`,
{
method: "GET",
headers: {
"Content-Type": "application/json",
apikey: "BEq0lls1fZIafsaLVY07HU1JOnPIbOZo",
},
}
);
const gmtverify1 = await gmtverify.json();
const newsats = satoshis / 1000;
if (satoshis > 51000) {
console.warn(
`HACKING ATTEMPT: ${gamertagLowercase} is attempting to steal ${newsats} satoshis from the game! Gamertag ID is unknown.`
);
const dataToSend = {
msg: "You have triggered our anti-hack defense system. Contact 'Coffee L. Burger#0001' on Discord to claim your sats!",
};
return res.send(JSON.stringify(dataToSend));
}
if (satoshis < 0.99)
return res.send("You have less than 1 satoshi, exiting process.");
if (
gmtverify1 &&
gmtverify1.data &&
(gmtverify1.data.id === "34f43956-8f61-47bb-a6a4-83f717948bc9" ||
gmtverify1.data.id === "b30d2075-e1db-4f68-b5ef-55bb2cc8776d" ||
gmtverify1.data.id === "8c9cbb46-9508-4dbe-ae99-a2edccfe6aa1" ||
gmtverify1.data.id === "5b84599f-f797-4844-8a33-69a4dc746747" ||
gmtverify1.data.id === "b37c90b8-dc2a-43eb-b856-df8b9a9acd91" ||
gmtverify1.data.id === "373e5835-a9f5-4a9d-9b79-2543ff04f5e1" ||
gmtverify1.data.id === "0d386007-3494-46f4-9b73-0b0cae860439")
) {
const dataToSend = {
msg: "You have been banned from withdrawing on 2048 Bitcoin.",
};
return res.send(JSON.stringify(dataToSend));
}
const daily = db.table("daily");
const dailygt = `${gamertag}.amount`;
const balance = await daily.get(dailygt);
if (balance === null || balance === undefined) {
await daily.set(dailygt, newsats);
const body = JSON.stringify({
gamertag: gamertagLowercase,
amount: satoshis,
description:
"Thank you for playing 2048 Bitcoin! Please share this game to your friends and continue playing!",
});
const res2 = await fetch(
"https://api.zebedee.io/v0/gamertag/send-payment",
{
method: "POST",
headers: {
"Content-Type": "application/json",
apikey: "BEq0lls1fZIafsaLVY07HU1JOnPIbOZo",
},
body: body,
}
);
const bodylead = JSON.stringify({
gamertag: gamertagLowercase,
sats: newsats,
session: sessionId,
});
const reslead = await fetch("https://eoemu4t13tcaup0.m.pipedream.net", {
method: "POST",
headers: {
"Content-Type": "application/json",
},
body: bodylead,
});
const res2json = await res2.json();
console.log(res2json);
let typeOfSats;
if (newsats === 1) {
typeOfSats = "sat";
} else {
typeOfSats = "sats";
}
const dataToWrite = {
msg: `Your ${newsats} ${typeOfSats} has been sent to your ZEBEDEE wallet successfully!`,
};
res.send(JSON.stringify(dataToWrite));
req.sessionStore.get(sessionId, (err, session) => {
if (err) {
res.status(500).send(err);
} else {
if (session) {
req.session.destroy((err) => {
if (err) {
console.log(err);
} else {
console.log("Session destroyed.");
}
});
} else {
res.status(404).send({
success: false,
});
}
}
});
} else {
if (balance > 200)
return res.send({
msg: "You have surpassed the daily limit.",
});
const body = JSON.stringify({
gamertag: gamertagLowercase,
amount: satoshis,
description:
"Thank you for playing 2048 Bitcoin! Please share this game to your friends and continue playing!",
});
const res2 = await fetch(
"https://api.zebedee.io/v0/gamertag/send-payment",
{
method: "POST",
headers: {
"Content-Type": "application/json",
apikey: "BEq0lls1fZIafsaLVY07HU1JOnPIbOZo",
},
body: body,
}
);
const bodylead = JSON.stringify({
gamertag: gamertagLowercase,
sats: newsats,
session: sessionId,
});
const reslead = await fetch("https://eoemu4t13tcaup0.m.pipedream.net", {
method: "POST",
headers: {
"Content-Type": "application/json",
},
body: bodylead,
});
const res2json = await res2.json();
console.log(res2json);
let typeOfSats;
if (newsats === 1) {
typeOfSats = "sat";
} else {
typeOfSats = "sats";
}
const dataToWrite = {
msg: `Your ${newsats} ${typeOfSats} has been sent to your ZEBEDEE wallet successfully!`,
};
res.send(JSON.stringify(dataToWrite));
req.sessionStore.get(sessionId, (err, session) => {
if (err) {
res.status(500).send(err);
} else {
if (session) {
req.session.destroy((err) => {
if (err) {
console.log(err);
} else {
console.log("Session destroyed.");
}
});
} else {
res.status(404).send({
success: false,
});
}
}
});
}
};
But why isn't it returning when cashout denied?
|
|
Notes is a web-based application for online taking notes. You can take your notes and share with others people. If you like taking long notes, notes.io is designed for you. To date, over 8,000,000,000+ notes created and continuing...
With notes.io;
- * You can take a note from anywhere and any device with internet connection.
- * You can share the notes in social platforms (YouTube, Facebook, Twitter, instagram etc.).
- * You can quickly share your contents without website, blog and e-mail.
- * You don't need to create any Account to share a note. As you wish you can use quick, easy and best shortened notes with sms, websites, e-mail, or messaging services (WhatsApp, iMessage, Telegram, Signal).
- * Notes.io has fabulous infrastructure design for a short link and allows you to share the note as an easy and understandable link.
Fast: Notes.io is built for speed and performance. You can take a notes quickly and browse your archive.
Easy: Notes.io doesn’t require installation. Just write and share note!
Short: Notes.io’s url just 8 character. You’ll get shorten link of your note when you want to share. (Ex: notes.io/q )
Free: Notes.io works for 14 years and has been free since the day it was started.
You immediately create your first note and start sharing with the ones you wish. If you want to contact us, you can use the following communication channels;
Email: [email protected]
Twitter: http://twitter.com/notesio
Instagram: http://instagram.com/notes.io
Facebook: http://facebook.com/notesio
Regards;
Notes.io Team
