From 80eb50ece9b3b161b05cbfba493906e78791f2d2 Mon Sep 17 00:00:00 2001
From: jonathanramirez <jonathan@stackitgroup.com>
Date: Wed, 23 Feb 2022 10:24:00 -0600
Subject: [PATCH] ip logger validations

---
 config/metisConf.js                       |  2 ++
 src/metis/controllers/signUpController.js | 16 +++++++++++-----
 src/metis/routes/signUp.js                |  2 +-
 utils/gravityUtils.js                     |  4 ++--
 4 files changed, 16 insertions(+), 8 deletions(-)

diff --git a/config/metisConf.js b/config/metisConf.js
index 41b814f..f80e4fe 100644
--- a/config/metisConf.js
+++ b/config/metisConf.js
@@ -16,6 +16,7 @@ if(!process.env.JUPITERSERVER) throw new Error('Environment Variable missing: JU
 if(!process.env.APP_EMAIL) throw new Error('Environment Variable missing: APP_EMAIL');
 if(!process.env.JWT_TOKEN_EXPIRATION) throw new Error('Environment Variable missing: JWT_TOKEN_EXPIRATION');
 if(!process.env.JWT_PRIVATE_KEY_BASE64) throw new Error('Environment Variable missing: JWT_PRIVATE_KEY_BASE64');
+if(!process.env.IP_ENDPOINT_PASSWORD) throw new Error('Environment Variable missing: IP_ENDPOINT_PASSWORD');
 
 module.exports.metisConf = {
     appName: process.env.APPNAME,
@@ -29,6 +30,7 @@ module.exports.metisConf = {
     appAccountId: process.env.APP_ACCOUNT_ID,
     appJupiterServerUrl: process.env.JUPITERSERVER,
     appEmail: process.env.APP_EMAIL,
+    ipEndpointPassword: process.env.IP_ENDPOINT_PASSWORD,
     jwt: {
         privateKeyBase64: process.env.JWT_PRIVATE_KEY_BASE64,
         expiresIn: process.env.JWT_TOKEN_EXPIRATION
diff --git a/src/metis/controllers/signUpController.js b/src/metis/controllers/signUpController.js
index 3571f0d..ec18168 100644
--- a/src/metis/controllers/signUpController.js
+++ b/src/metis/controllers/signUpController.js
@@ -3,6 +3,7 @@ import {MetisErrorCode} from "../../../utils/metisErrorCode";
 import {accountRegistration} from "../../../services/accountRegistrationService";
 import {instantiateGravityAccountProperties} from "../../../gravity/instantiateGravityAccountProperties";
 import ipLoggerRepeatedIpAddress from "../../../utils/gravityUtils";
+import {metisConf} from "../../../config/metisConf";
 const moment = require('moment'); // require
 const logger = require('../../../utils/logger')(module);
 const gu = require('../../../utils/gravityUtils');
@@ -107,13 +108,17 @@ module.exports = (app, jobs, websocket) => {
             gu.ipLogger(newAccountProperties.address, alias, ipAddress);
             createJob(jobs, newAccountProperties, alias, res, websocket, next);
         },
-        ipLoggerInfo: async (req, res,) => {
+
+        ipLoggerInfo: async (req, res) => {
+            const {password} = req.body;
+
+            if(password !== metisConf.ipEndpointPassword){
+                res.send({});
+            }
+
             gu.ipLoggerRepeatedIpAddress()
                 .then(data => res.send(data))
-                .catch(error => {
-                    logger.error(`Error getting repeated data ${error}`);
-                    res.status(500).send(error);
-                })
+                .catch(error => res.status(StatusCode.ServerErrorInternal).send(error))
         },
 
         /**
@@ -130,6 +135,7 @@ module.exports = (app, jobs, websocket) => {
             if (!password) return res.status(StatusCode.ClientErrorBadRequest).send({message: 'provide a password'})
             if (!alias) return res.status(StatusCode.ClientErrorBadRequest).send({message: 'provide an alias'})
             if (!gu.isWellFormedJupiterAlias(alias)) {
+
                 const error = new mError.MetisErrorBadJupiterAlias(alias);
                 console.log('\n')
                 logger.error(`************************* ERROR ***************************************`);
diff --git a/src/metis/routes/signUp.js b/src/metis/routes/signUp.js
index 2307e91..6c80088 100644
--- a/src/metis/routes/signUp.js
+++ b/src/metis/routes/signUp.js
@@ -1,5 +1,5 @@
 module.exports = (app, jobs, websocket, controllers) => {
     app.post('/v1/api/signup', controllers.signUpController.v1SignUpPost);
-    app.get('/v1/api/ipLogger', controllers.signUpController.ipLoggerInfo);
+    app.post('/v1/api/ipLogger', controllers.signUpController.ipLoggerInfo);
     app.post('/metis/v2/api/signup', controllers.signUpController.v2SignUpPost);
 }
diff --git a/utils/gravityUtils.js b/utils/gravityUtils.js
index c88bb99..fb4cd96 100644
--- a/utils/gravityUtils.js
+++ b/utils/gravityUtils.js
@@ -501,7 +501,7 @@ const ipLogger = function (jupAddress, alias, ipAddress) {
     }
 
     if(!ipAddress){
-        throw new Error('IP address should not be empty');
+        throw new Error('IP address should not be empty or null');
     }
 
     const newAccountIp = {ipAddress, jupAddress, alias, timestamp: new Date()};
@@ -530,7 +530,7 @@ const ipLoggerCleanUp = function(){
     const currentDate = new Date();
     const sinceDate = moment(currentDate).subtract(24, "hours").toDate();
     NewAccountIp.deleteMany({timestamp: {$lt: sinceDate}})
-        .then(result => console.log('NewAccountIp successfully removed', result))
+        .then(result => logger.info('NewAccountIp successfully removed'))
         .catch(error => logger.error(`Error cleaning up logger record ${error}`))
 }