RanchiMall/flosight-api
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #1 from unusualbob/feature/txEndpointValidation

Browse Source 
transaction.js validation
This commit is contained in:
Alex 2017-08-17 15:20:09 -04:00 committed by GitHub
commit 3f7ad54b2e
2 changed files with 29 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
server/lib/api/transaction.js
View File

@ -2,6 +2,7 @@ const logger = require('../logger');
const request = require('request'); const request = require('request');
const config = require('../../config'); const config = require('../../config');
const db = require('../db'); const db = require('../db');
const util = require('../util');
const API_URL = `http://${config.bcoin_http}:${config.bcoin['http-port']}`; const API_URL = `http://${config.bcoin_http}:${config.bcoin['http-port']}`;
const MAX_TXS = config.api.max_txs; const MAX_TXS = config.api.max_txs;
@ -10,6 +11,12 @@ const TTL = config.api.request_ttl;
module.exports = function transactionAPI(router) { module.exports = function transactionAPI(router) {
// Txs by txid // Txs by txid
router.get('/tx/:txid', (req, res) => { router.get('/tx/:txid', (req, res) => {
if (!util.isTxid(req.params.txid)) {
return res.status(400).send({
error: 'Invalid transaction id',
});
}
// Get max block height for calculating confirmations // Get max block height for calculating confirmations
const height = db.blocks.bestHeight(); const height = db.blocks.bestHeight();
// Bcoin transaction data // Bcoin transaction data
@ -75,6 +82,11 @@ module.exports = function transactionAPI(router) {
const rangeEnd = rangeStart + MAX_TXS; const rangeEnd = rangeStart + MAX_TXS;
// get txs for blockhash, start with best height to calc confirmations // get txs for blockhash, start with best height to calc confirmations
if (req.query.block) { if (req.query.block) {
if (!util.isBlockHash(req.query.block)) {
return res.status(400).send({
error: 'Invalid block hash',
});
}
const height = db.blocks.bestHeight(); const height = db.blocks.bestHeight();
// Get Bcoin data // Get Bcoin data
return request(`${API_URL}/block/${req.query.block}`, return request(`${API_URL}/block/${req.query.block}`,
@ -129,6 +141,12 @@ module.exports = function transactionAPI(router) {
}); });
}); });
} else if (req.query.address) { } else if (req.query.address) {
if (!util.isBitcoinAddress(req.query.address)) {
return res.status(400).send({
error: 'Invalid bitcoin address',
});
}
// Get txs by address, start with best height to calc confirmations // Get txs by address, start with best height to calc confirmations
const height = db.blocks.bestHeight(); const height = db.blocks.bestHeight();
const addr = req.query.address || ''; const addr = req.query.address || '';

11
server/lib/util/index.js
View File

@ -21,8 +21,19 @@ function calcBlockReward(height) {
return reward; return reward;
} }
function is64HexString(value) {
return /^[0-9a-f]{64}$/i.test(value);
}
function isBitcoinAddress(value) {
return /^[13][a-km-zA-HJ-NP-Z1-9]{25,34}$/.test(value);
}
module.exports = { module.exports = {
revHex, revHex,
calcBlockReward, calcBlockReward,
isBlockHash: is64HexString,
isTxid: is64HexString,
isBitcoinAddress,
}; };