airship-server/build/hhEvents/infrastructure/endpoints/adminRequests/AdminRequestsValidator.js

Airship is a framework for Node.JS & TypeScript that helps you to write big, scalable and maintainable API servers.

"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
const ErrorResponse_1 = require("../../../../modules/httpApiServer/domain/entity/ErrorResponse");
const Config_1 = require("../../Config");
const querystring = require('querystring');
const crypto = require('crypto');
const env = process.env['NODE_ENV'] || 'development';
class AdminRequestsValidator {
    validate(request) {
        const parsedParams = querystring.parse(request.appParams);
        if (parsedParams.api_result)
            parsedParams.api_result = encodeURIComponent(parsedParams.api_result);
        if (parsedParams.ad_info)
            parsedParams.ad_info = parsedParams.ad_info.replace(new RegExp(' ', 'g'), '+');
        let sign = '';
        for (const key in parsedParams) {
            if (key == 'hash' || key == 'sign')
                continue;
            sign += parsedParams[key];
        }
        if (request.groupId && request.groupId != parsedParams.group_id)
            return new ErrorResponse_1.default('Wrong group');
        const hmac = crypto.createHmac('sha256', Config_1.default.VK[env].ApiSecret);
        hmac.write(sign);
        hmac.end();
        const hash = hmac.read().toString('hex');
        const isAdmin = hash === parsedParams.sign && parsedParams['viewer_type'] == 4;
        if (isAdmin == true) {
            return true;
        }
        else {
            return new ErrorResponse_1.default('Wrong sign');
        }
    }
}
exports.default = AdminRequestsValidator;
//# sourceMappingURL=AdminRequestsValidator.js.map