Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Updating Fiver v2 to solve Critical Vulnerability #7

Merged
merged 6 commits into from
Feb 27, 2024
Merged
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Optimization and Cleaning (#3)
* Improvements to Data Response

* Updated Github Actions

* Update main.go

* Update app/api/main.go

* Update main.go

* Update main.go
charafzellou authored Jul 7, 2023
commit 4a6cd3ce2572d9ab6a64a0bf346e2433193367d0
20 changes: 10 additions & 10 deletions .env.dist
Original file line number Diff line number Diff line change
@@ -10,17 +10,17 @@ API_PORT="3000"
POSTGRES_DROP=true

# Postgres connection info
POSTGRES_HOST="postgres"
POSTGRES_PORT="5432"
POSTGRES_USERNAME="appuser"
POSTGRES_PASSWORD="SecretsOfPg!5432"
POSTGRES_DB="tzktdelegations"
POSTGRES_HOST=""
POSTGRES_PORT=""
POSTGRES_USERNAME=""
POSTGRES_PASSWORD=""
POSTGRES_DB=""

# PGAdmin connection info
PGA_PORT="8080"
PGA_USERNAME="admin@postgres.com"
PGA_PASSWORD="Password123!"
PGA_PORT=""
PGA_USERNAME=""
PGA_PASSWORD="!"

# Hasura connection info
HSR_PORT="8081"
HSR_GRAPHQL_ADMIN_SECRET="SuperSecretPassword123"
HSR_PORT=""
HSR_GRAPHQL_ADMIN_SECRET=""
6 changes: 4 additions & 2 deletions .github/workflows/actions.yml
Original file line number Diff line number Diff line change
@@ -12,5 +12,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Build the Docker Compose
run: docker-compose build
- name: Build the Indexer Docker Image
run: docker build . -f Dockerfile.indexer -t indexer
- name: Build the Api Docker Image
run: docker build . -f Dockerfile.api -t api
2 changes: 1 addition & 1 deletion README.md
Original file line number Diff line number Diff line change
@@ -33,7 +33,7 @@ go build . -o app
- [X] The service will poll the new delegations from this Tzkt API endpoint: https://api.tzkt.io/#operation/Operations_GetDelegations
- [X] For each delegation, save the following information: sender's address, timestamp, amount, and block.
- [X] Expose the collected data through a public API at the endpoint `/xtz/delegations`.
- [ ] The expected response format is:
- [X] The expected response format is:

```json
{
14 changes: 10 additions & 4 deletions app/api/main.go
Original file line number Diff line number Diff line change
@@ -46,7 +46,13 @@ func startApiServer(db *sql.DB) {
params := c.Queries()
log.Printf("Params: %v\n", params)
log.Printf("params[\"year\"]: %v\n", params["year"])
return c.JSON(streamDelegations(db, params["year"]))
error := c.JSON(streamDelegations(db, params["year"]))
if error != nil {
log.Fatalf("Error: %v\n", error)
}
var result Response
result.Data = streamDelegations(db, params["year"])
return c.JSON(result)
})

// Setup static files
@@ -71,9 +77,9 @@ func streamDelegations(db *sql.DB, requested_year string) []DelegationApi {
var err error
// Query the database
if requested_year == "" {
rows, err = db.Query("SELECT * FROM delegations")
rows, err = db.Query("SELECT timestamp, amount, sender, level FROM delegations")
} else {
rows, err = db.Query("SELECT * FROM delegations WHERE EXTRACT(YEAR FROM timestamp) = $1", requested_year)
rows, err = db.Query("SELECT timestamp, amount, sender, level FROM delegations WHERE EXTRACT(YEAR FROM timestamp) = $1", requested_year)
}
if err != nil {
log.Fatal(err)
@@ -83,7 +89,7 @@ func streamDelegations(db *sql.DB, requested_year string) []DelegationApi {
// Iterate over the rows
for rows.Next() {
var delegation DelegationApi
err := rows.Scan(&delegation.Hash, &delegation.Level, &delegation.Timestamp, &delegation.SenderAddress, &delegation.NewDelegateAddress, &delegation.Amount, &delegation.Status)
err := rows.Scan(&delegation.Timestamp, &delegation.Amount, &delegation.Delegator, &delegation.Block)
if err != nil {
log.Fatal(err)
}
20 changes: 13 additions & 7 deletions app/api/types.go
Original file line number Diff line number Diff line change
@@ -6,15 +6,21 @@ type Request struct {
Year int `json:"year,omitempty"`
}

type Response struct {
Data []DelegationApi `json:"data,omitempty"`
}

// Define a DelegationsApi struct
//
// "timestamp": "2022-05-05T06:29:14Z",
// "amount": "125896",
// "delegator": "tz1a1SAaXRt9yoGMx29rh9FsBF4UzmvojdTL",
// "block": "2338084"
type DelegationApi struct {
Hash string `json:"hash"`
Level int `json:"level"`
Timestamp time.Time `json:"timestamp"`
SenderAddress string `json:"sender"`
NewDelegateAddress string `json:"newDelegate"`
Amount float64 `json:"amount"`
Status string `json:"status"`
Timestamp time.Time `json:"timestamp"`
Amount float64 `json:"amount"`
Delegator string `json:"delegator"`
Block int `json:"block"`
}

// Define a Delegation struct
2 changes: 2 additions & 0 deletions app/indexer/main.go
Original file line number Diff line number Diff line change
@@ -81,7 +81,9 @@ func getDelegations() []Delegation {
var delegations []Delegation
// Request delegations from https://api.tzkt.io/v1/operations/delegations
for i := 0; i < getDelegationsCount(); i += 10000 {
// for i := 0; i < 1; i += 10000 {
url := fmt.Sprintf("https://api.tzkt.io/v1/operations/delegations?limit=10000&offset=%d", i)
// url := fmt.Sprintf("https://api.tzkt.io/v1/operations/delegations?limit=100&offset=%d", i)
log.Printf("[getDelegations] URL: %s\n", url)
response, err := http.Get(url)
if err != nil {