shop and admin panel

src/api/website/index.ts

@@ -15,6 +15,9 @@ import cookieParser from 'cookie-parser'
 import Shop from './routes/Shop'
 import Passport from './passport'
 import Riniya from '@riniya.ts'
+import Admin from './routes/Admin'
+import Profile from './routes/Profile'
+import Server from './routes/Server'
 
 const app = express();
 
@@ -72,13 +75,16 @@ export default class WebsiteServer {
 
     this.routes.add(new Index())
     this.routes.add(new Auth())
+    this.routes.add(new Profile())
+    this.routes.add(new Server())
 
     Riniya.instance.logger.info('The website is operational.')
   }
 
   public initServer() {
     app.use('/dashboard/', new CAuthMiddleware().handle, new Dashboard().routing())
     app.use('/shop/', new CAuthMiddleware().handle, new Shop().routing())
+    app.use('/admin/', new Admin().routing())
 
     this.routes.getAll().forEach((route) => {
       app.use('/', route.routing())

src/api/website/middleware/CAdminAuthentication.ts

@@ -0,0 +1,23 @@
+import BaseMiddleware from "../../Server/BaseMiddleware";
+import { Request } from "express"
+import Admin from '@riniya.ts/database/Security/Admin'
+import { isNull } from '@riniya.ts/types'
+
+export default class CAdminAuthentication extends BaseMiddleware {
+  public constructor() {
+    super("ClientAdminAuthentication", "Authentication middleware for administrator")
+  }
+  public async handle(request, response, next) {
+    if (request.isAuthenticated()) {
+
+      const account = await Admin.findOne({ userId: request.user.admin.id })
+      if (isNull(account)) {
+        return response.render('dashboard/views/errors/403')
+      }
+
+      next()
+    } else {
+      return response.redirect("https://www.riniya.uk/admin/login")
+    }
+  }
+}

src/api/website/public/javascripts/login-validation.js

@@ -0,0 +1,37 @@
+var valid = 'form-control is-valid mb-2'
+var invalid = 'form-control is-invalid'
+
+$(document).ready(function() {
+
+    var email = $('#login-email')
+
+    if (isEmail(email.value())) {
+       if (email.hasClass(invalid)) {
+         email.removeClass(invalid)
+         email.addClass(valid)
+       }
+    } else {
+      if (email.hasClass(valid)) {
+        email.removeClass(valid)
+        email.addClass(invalid)
+      }
+    }
+
+    var password = $('#login-password')
+    if (password.value().length() <= 8) {
+       if (password.hasClass(valid)) {
+         password.removeClass(valid)
+         password.addClass(invalid)
+       }
+    } else {
+      if (password.hasClass(invalid)) {
+        password.removeClass(invalid)
+        password.addClass(valid)
+      }
+    }
+})
+
+function isEmail(email) {
+  var regex = /^([a-zA-Z0-9_.+-])+\@(([a-zA-Z0-9-])+\.)+([a-zA-Z0-9]{2,4})+$/;
+  return regex.test(email);
+}

src/api/website/routes/Admin.ts

@@ -0,0 +1,80 @@
+import AbstractRoutes from '../../Server/AbstractRoutes'
+import { Request } from "express"
+import { IUser } from '../passport'
+import CAdminAuthentication from '../middleware/CAdminAuthentication'
+
+export default class Admin extends AbstractRoutes {
+  async register () {
+    this.router.get('/', new CAdminAuthentication().handle, function (req: Request, res) {
+
+    })
+
+    // Guilds
+
+    this.router.get('/servers', new CAdminAuthentication().handle, function (req: Request, res) {
+
+    })
+
+    this.router.get('/servers/:guild/edit', new CAdminAuthentication().handle, function (req: Request, res) {
+
+    })
+
+    this.router.post('/servers/:guild/edit/callback', new CAdminAuthentication().handle, function (req: Request, res) {
+
+    })
+
+    // Users
+
+    this.router.get('/users', new CAdminAuthentication().handle, function (req: Request, res) {
+
+    })
+
+    this.router.get('/users/:user/edit', new CAdminAuthentication().handle, function (req: Request, res) {
+
+    })
+
+    this.router.post('/users/:user/edit/callback', new CAdminAuthentication().handle,  function (req: Request, res) {
+
+    })
+
+    // Messages
+
+    this.router.get('/messages', new CAdminAuthentication().handle, function (req: Request, res) {
+
+    })
+
+    this.router.get('/messages/:message/edit', new CAdminAuthentication().handle, function (req: Request, res) {
+
+    })
+
+    this.router.post('/messages/:message/edit/callback', new CAdminAuthentication().handle, function (req: Request, res) {
+
+    })
+
+    // LOGIN
+
+    this.router.get('/login', function (req: Request, res) {
+       return res.render('admin/views/auth/login')
+    })
+
+    this.router.post('/login/callback', function (req: Request, res) {
+
+    })
+
+    this.router.get('/logout', function (req: Request, res) {
+
+    })
+
+    this.router.post('/login/mfa', function (req: Request, res) {
+
+    })
+
+    this.router.get('/login/password-recovery', function (req: Request, res) {
+        return res.render('admin/views/auth/password-recovery')
+    })
+
+    this.router.post('/login/recovery', function (req: Request, res) {
+
+    })
+  }
+}

src/api/website/routes/Profile.ts

@@ -0,0 +1,5 @@
+import AbstractRoutes from '../../Server/AbstractRoutes'
+
+export default class Profile extends AbstractRoutes {
+  async register () {}
+}

src/api/website/routes/Server.ts

@@ -0,0 +1,5 @@
+import AbstractRoutes from '../../Server/AbstractRoutes'
+
+export default class Server extends AbstractRoutes {
+  async register () {}
+}

src/api/website/views/admin/index.pug

@@ -0,0 +1,8 @@
+extends ../dashboard/views/base/head
+
+head
+  title Administration
+
+body
+
+

src/api/website/views/admin/views/auth/login.pug

@@ -0,0 +1,13 @@
+fieldset.form-fieldset
+  form#login-form(method='POST', action='https://www.riniya.uk/admin/login/callback')
+    .mb-3
+      label.form-label Email
+      input.form-control.is-invalid.is-invalid-lite(type='email' name='login-email' placeholder='Email')
+    .mb-3
+      label.form-label Password
+      input.form-control.is-invalid.is-invalid-lite(type='password' name='login-password' placeholder='**********')
+
+  div.hr-text OR
+    a.btn.btn-square(href='https://www.riniya.uk/admin/password-recovery') Reset your password
+
+script(src='../../../../javascripts/login-validation.js')

src/api/website/views/admin/views/auth/mfa-challenge.pug

@@ -0,0 +1,18 @@
+fieldset.form-fieldset
+  form#login-form(method='POST', action='https://www.riniya.uk/admin/login/mfa')
+    .mb-3
+      label.form-label MFA Code
+      input.form-control.is-invalid.is-invalid-lite(type='number' name='mfa-code' id='mfa-code', data-mask="000-000" data-mask-visible="true" placeholder="000-000" autocomplete="off")
+
+  div.hr-text OR SEE
+    a.btn.btn-square(href='https://www.riniya.uk/admin/login') GO BACK TO LOGIN
+  div.hr-text TIP
+    p
+      | To keep your account safe please enter your MFA code.
+      | You can find it on your phone via Authy or Google Authenticator.
+    svg.icon.icon-tabler.icon-tabler-alert-triangle-filled(xmlns='http://www.w3.org/2000/svg' width='24' height='24' viewbox='0 0 24 24' stroke-width='2' stroke='currentColor' fill='none' stroke-linecap='round' stroke-linejoin='round')
+      path(stroke='none' d='M0 0h24v24H0z' fill='none')
+      path(d='M12 1.67c.955 0 1.845 .467 2.39 1.247l.105 .16l8.114 13.548a2.914 2.914 0 0 1 -2.307 4.363l-.195 .008h-16.225a2.914 2.914 0 0 1 -2.582 -4.2l.099 -.185l8.11 -13.538a2.914 2.914 0 0 1 2.491 -1.403zm.01 13.33l-.127 .007a1 1 0 0 0 0 1.986l.117 .007l.127 -.007a1 1 0 0 0 0 -1.986l-.117 -.007zm-.01 -7a1 1 0 0 0 -.993 .883l-.007 .117v4l.007 .117a1 1 0 0 0 1.986 0l.007 -.117v-4l-.007 -.117a1 1 0 0 0 -.993 -.883z' stroke-width='0' fill='currentColor')
+    p
+      | Please keep in ming that you cannot disable the MFA
+      | Until you login, NEVER delete your authentication code!

src/api/website/views/admin/views/auth/password-recovery.pug

@@ -0,0 +1,8 @@
+fieldset.form-fieldset
+  form#login-form(method='POST', action='https://www.riniya.uk/admin/login/recovery')
+    .mb-3
+      label.form-label Email
+      input.form-control.is-invalid.is-invalid-lite(type='email' name='recovery-email' id='recovery-email')
+
+  div.hr-text OR
+    a.btn.btn-square(href='https://www.riniya.uk/admin/login') Go back to login

src/api/website/views/layouts/footer.pug

@@ -15,4 +15,9 @@ footer.footer.bg-base
         p.is-uppercase(style='letter-spacing: 0.1em;')
             | Website Designed By
             a.blurple.has-text-weight-bold(href='https://nebraskythewolf.work' target='_blank')  NebraskyTheWolf
-            | .
+
+    .content.has-text-centered.has-text-white
+      span.payment.payment-provider-visa
+      span.payment.payment-provider-paypal
+      span.payment.payment-provider-stripe
+

src/api/website/views/shop/index.pug

@@ -1,4 +1,70 @@
 include ../dashboard/views/base/head
 
-section#shop
+div#steps
+  .steps
+    a.step-item(id='shop-offer' data-bs-toggle='tooltip' title='Step 1 Select your offer')
+      | Offer
+    a.step-item(id='shop-server' data-bs-toggle='tooltip' title='Step 2 Select your server')
+      | Server
+    a.step-item(id='shop-payment' data-bs-toggle='tooltip' title='Step 3 Set your payment information')
+      | Payment
+    span.step-item(id='shop-confirm' data-bs-toggle='tooltip' title='Step 4 Confirm your order')
+      | Confirm
 
+div#offers
+  .card.d-flex.flex-column
+    a(href='#')
+      img.card-img-top(src='../../public/images/premium.png' alt='Premium')
+    .card-body.d-flex.flex-column
+      h3.card-title
+        a(href='#') Premium
+      .text-secondary
+        | ✅ Premium support
+        | ✅ 10 Custom commands
+        | ✅ 3 Custom verification fields
+        | ✅ Special donator badge
+      div.hr-text-left Not included
+      .text-secondary
+        | ❌ Custom server link
+        | ❌ Advanced music player
+        | ❌ Direct invite
+        | ❌ Early-access feature
+      .d-flex.align-items-center.pt-4.mt-auto
+        .ms-3
+          a.text-body Price
+          .text-secondary#price 3.99€/Month
+        .ms-auto
+          a.btn.btn-pink#premium Select
+
+  .card.d-flex.flex-column
+    a(href='#')
+      img.card-img-top(src='../../public/images/premiumplus.png' alt='Premium+')
+    .card-body.d-flex.flex-column
+      h3.card-title
+        a(href='#') Premium+
+      .text-secondary
+        | ✅ Premium support
+        | ✅ 10 Custom commands
+        | ✅ 3 Custom verification fields
+        | ✅ Special donator badge
+      div.hr-text-left Extra
+      .text-secondary
+        | ✅ Custom server link
+        | ✅ Advanced music player
+        | ✅ Direct invite
+        | ✅ Early-access feature
+      .d-flex.align-items-center.pt-4.mt-auto
+        .ms-3
+          a.text-body Price
+          .text-secondary#price-plus 6.99€/Month
+        .ms-auto
+          a.btn.btn-pink#premiumplus Select
+
+
+div#servers(hidden="")
+
+
+div#payment(hidden="")
+
+
+div#confirm(hidden="")

src/database/Models/Security/Admin.ts

@@ -0,0 +1,17 @@
+import mongoose from "mongoose";
+
+export interface Admin {
+  userId: string;
+  email: string;
+  password: string;
+  requireMFA: boolean;
+  mfaChallenge?: string;
+}
+
+export default mongoose.model<Admin & mongoose.Document>("Admin", new mongoose.Schema<Admin & mongoose.Document>({
+  userId: { type: String },
+  email: { type: String },
+  password: { type: String },
+  requireMFA: { type: Boolean, default: false },
+  mfaChallenge: { type: String },
+}));