fix(server): guard expired and used for gift code (#1412)

* feat(server): add giftcode expired time * chore * chore(server): refactor
labring · Jul 26, 2023 · b28c1a5 · b28c1a5
1 parent 930599d
commit b28c1a5
Show file tree

Hide file tree

Showing 3 changed files with 10 additions and 5 deletions.
diff --git a/server/src/account/account.controller.ts b/server/src/account/account.controller.ts
@@ -332,10 +332,16 @@ export class AccountController {
   @UseGuards(JwtAuthGuard)
   @Post('gift-code')
   async giftCode(@Req() req: IRequest, @Body() dto: UseGiftCodeDto) {
-    const found = await this.accountService.findOneGiftCode(dto.code)
-    if (!found) {
+    const giftCode = await this.accountService.findOneGiftCode(dto.code)
+    if (!giftCode) {
       return ResponseUtil.error("gift code doesn't exist")
     }
+    if (giftCode.expiredAt < new Date()) {
+      return ResponseUtil.error('gift code has expired')
+    }
+    if (giftCode.used === true) {
+      return ResponseUtil.error('gift code has been used')
+    }
     const res = await this.accountService.useGiftCode(req.user._id, dto.code)
     return ResponseUtil.ok(res)
   }

diff --git a/server/src/account/account.service.ts b/server/src/account/account.service.ts
@@ -384,12 +384,10 @@ export class AccountService {
     }
   }
 
-  async findOneGiftCode(code: string, used = false): Promise<GiftCode | null> {
+  async findOneGiftCode(code: string): Promise<GiftCode | null> {
     const giftCode = await this.db.collection<GiftCode>('GiftCode').findOne({
       code: code,
-      used: used,
     })
-
     return giftCode
   }
 

diff --git a/server/src/account/entities/account-gift-code.ts b/server/src/account/entities/account-gift-code.ts
@@ -8,5 +8,6 @@ export class GiftCode {
   usedBy?: ObjectId
   usedAt?: Date
   createdAt: Date
+  expiredAt?: Date
   transactionId?: ObjectId
 }