github.com/muhammedhassanm/blockchain@v0.0.0-20200120143007-697261defd4d/build-blockchain-insurance-app-master/web/src/shop/api.js

github.com/muhammedhassanm/blockchain@v0.0.0-20200120143007-697261defd4d/build-blockchain-insurance-app-master/web/src/shop/api.js (about)

     1  'use strict';
     2  
     3  import fetch from 'isomorphic-fetch';
     4  
     5  export function getContractTypes(shopType) {
     6    return fetch('/shop/api/contract-types', {
     7      method: 'POST',
     8      headers: new Headers({
     9        'Content-Type': 'application/json'
    10      }),
    11      body: JSON.stringify({ shopType })
    12    }).then(async res => {
    13      let contractTypes = (await res.json())
    14        .map(c => Object.assign({}, c, {
    15          formulaPerDay: new Function('price', 'return ' + preventXssForFormula(c.formulaPerDay))
    16        }));
    17      return contractTypes;
    18    });
    19  }
    20  
    21  export function requestNewUser(user) {
    22    return fetch('/shop/api/request-user', {
    23      method: 'POST',
    24      headers: new Headers({
    25        'Content-Type': 'application/json'
    26      }),
    27      body: JSON.stringify({ user })
    28    }).then(async res => {
    29      return await res.json();
    30    });
    31  }
    32  
    33  export function enterContract(user, contractTypeUuid, additionalInfo) {
    34    return fetch('/shop/api/enter-contract', {
    35      method: 'POST',
    36      headers: new Headers({
    37        'Content-Type': 'application/json'
    38      }),
    39      body: JSON.stringify({ user, contractTypeUuid, additionalInfo })
    40    }).then(async res => {
    41      const response = await res.json();
    42      if (response.success) {
    43        return response.loginInfo;
    44      } else {
    45        throw new Error(response.error);
    46      }
    47    });
    48  }
    49  
    50  /**
    51   * Function parses formula, to prevent cross site scripting attacks.
    52   *
    53   * @param {string} formula The formula as a string.
    54   * @returns {string} A parsed and filtered fomula as a string.
    55   */
    56  function preventXssForFormula(formula) {
    57    if (typeof formula !== 'string') {
    58      return null;
    59    }
    60    let lexemes = formulaLexer(formula).filter(l =>
    61      (l === '(' ||
    62        l === ')' ||
    63        l === '+' ||
    64        l === '-' ||
    65        l === '*' ||
    66        l === '/' ||
    67        l === 'price' ||
    68        Number(l)));
    69    return lexemes.join(' ');
    70  }
    71  
    72  function formulaLexer(formula) {
    73    let lexemes = formula;
    74    lexemes = splitFormulaPart(lexemes, /( )/);
    75    lexemes = splitFormulaPart(lexemes, /(\()/);
    76    lexemes = splitFormulaPart(lexemes, /(\))/);
    77    lexemes = splitFormulaPart(lexemes, /(\+)/);
    78    lexemes = splitFormulaPart(lexemes, /(\-)/);
    79    lexemes = splitFormulaPart(lexemes, /(\*)/);
    80    lexemes = splitFormulaPart(lexemes, /(\/)/);
    81    lexemes = splitFormulaPart(lexemes, /([0-9]+\.[0-9]+|[0-9]+)/);
    82    lexemes = splitFormulaPart(lexemes, /([A-Za-z]+)/);
    83    return lexemes;
    84  }
    85  
    86  function splitFormulaPart(part, splitQualifier) {
    87    if (Array.isArray(part)) {
    88      let results = [];
    89      part.forEach(e => results.push(...splitFormulaPart(e, splitQualifier)));
    90      return results;
    91    } else if (typeof part === 'string') {
    92      return part.split(splitQualifier).filter(p => !!p.trim());
    93    } else {
    94      return null;
    95    }
    96  }