From 3bab68a98bda407b55ede11bb0e68952e765dc6c Mon Sep 17 00:00:00 2001
From: devaraj <devarajsuk@gmail.com>
Date: Thu, 28 Apr 2022 15:02:16 +0100
Subject: [PATCH 1/8] feat(api): add new api for order retry

---
 src/api/routes/user.js                        | 56 +++++++------------
 .../4-find-user-claim-or-agent-refund.js      | 10 ++--
 2 files changed, 27 insertions(+), 39 deletions(-)

diff --git a/src/api/routes/user.js b/src/api/routes/user.js
index e196797a..61479dd4 100644
--- a/src/api/routes/user.js
+++ b/src/api/routes/user.js
@@ -6,6 +6,7 @@ const { parseArgsStringToArgv } = require('string-argv')
 const config = require('../../config')
 const Check = require('../../models/Check')
 const Order = require('../../models/Order')
+const processOrder = require('../../worker/queues/atomicagent')
 const { safeCompare } = require('../../utils/crypto')
 
 const ensureAuth = require('../../middlewares/ensureAuth')
@@ -108,46 +109,31 @@ router.get(
   })
 )
 
-// router.post(
-//   '/order/retry',
-//   ensureAuth(401),
-//   asyncHandler(async (req, res) => {
-//     const { body } = req
-//     const { orderId, jobName } = body
-
-//     if (!orderId) {
-//       return res.notOk(400, 'Order ID missing')
-//     }
-
-//     if (!ALLOWED_RETRY_JOBS.find((job) => job.name === jobName)) {
-//       return res.notOk(400, `Invalid job name: ${jobName}`)
-//     }
-
-//     const order = await Order.findOne({ orderId: orderId }).exec()
-//     if (!order) {
-//       return res.notOk(400, `Order not found: ${orderId}`)
-//     }
-
-//     const index = ALLOWED_RETRY_JOBS.findIndex((job) => job.name === jobName)
-//     const jobsToBeRemoved = ALLOWED_RETRY_JOBS.slice(index).map((job) => job.name)
+router.get(
+  '/order/retry',
+  asyncHandler(async (req, res) => {
+    const { query } = req
+    const { orderId } = query
+    const bearer = req.headers.authorization
 
-//     await agenda.cancel({
-//       name: {
-//         $in: jobsToBeRemoved
-//       },
-//       'data.orderId': orderId
-//     })
+    if (bearer != config.auth.bearer) {
+      return res.notOk(401, 'Unauthorised')
+    }
 
-//     order.status = ALLOWED_RETRY_JOBS[index].setStatus
-//     await order.save()
+    if (!orderId) {
+      return res.notOk(400, 'Order ID missing')
+    }
 
-//     await agenda.now(jobName, { orderId: order.orderId })
+    const order = await Order.findOne({ orderId: orderId }).exec()
+    if (!order) {
+      return res.notOk(400, `Order not found: ${orderId}`)
+    }
 
-//     await order.log('RETRY', jobName)
+    processOrder({ data: { orderId: orderId } })
 
-//     res.ok()
-//   })
-// )
+    res.ok()
+  })
+)
 
 router.post(
   '/order/ignore',
diff --git a/src/worker/atomicswap/4-find-user-claim-or-agent-refund.js b/src/worker/atomicswap/4-find-user-claim-or-agent-refund.js
index 9607a0b8..d3633e6d 100644
--- a/src/worker/atomicswap/4-find-user-claim-or-agent-refund.js
+++ b/src/worker/atomicswap/4-find-user-claim-or-agent-refund.js
@@ -21,10 +21,12 @@ module.exports = async function (order, job) {
   const toClaimTx = await order.findToClaimSwapTransaction(order.toLastScannedBlock, toCurrentBlockNumber)
 
   if (!toClaimTx) {
-    await job.update({
-      ...job.data,
-      toLastScannedBlock: toCurrentBlockNumber
-    })
+    if (job) {
+      await job.update({
+        ...job.data,
+        toLastScannedBlock: toCurrentBlockNumber
+      })
+    }
 
     let toCurrentBlock
 

From 4d98ed91ba4d5afed31807807a6145e6e42c5b5c Mon Sep 17 00:00:00 2001
From: devaraj <devarajsuk@gmail.com>
Date: Fri, 29 Apr 2022 00:53:21 +0100
Subject: [PATCH 2/8] feat(api) : add job to queue api

---
 src/api/routes/user.js           | 4 ++--
 src/worker/queues/atomicagent.js | 2 ++
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/api/routes/user.js b/src/api/routes/user.js
index 61479dd4..e747185a 100644
--- a/src/api/routes/user.js
+++ b/src/api/routes/user.js
@@ -6,7 +6,7 @@ const { parseArgsStringToArgv } = require('string-argv')
 const config = require('../../config')
 const Check = require('../../models/Check')
 const Order = require('../../models/Order')
-const processOrder = require('../../worker/queues/atomicagent')
+const { addJobToQueue } = require('../../worker/queues/atomicagent')
 const { safeCompare } = require('../../utils/crypto')
 
 const ensureAuth = require('../../middlewares/ensureAuth')
@@ -129,7 +129,7 @@ router.get(
       return res.notOk(400, `Order not found: ${orderId}`)
     }
 
-    processOrder({ data: { orderId: orderId } })
+    await addJobToQueue({ data: { orderId: orderId } })
 
     res.ok()
   })
diff --git a/src/worker/queues/atomicagent.js b/src/worker/queues/atomicagent.js
index f04023bd..324004c1 100644
--- a/src/worker/queues/atomicagent.js
+++ b/src/worker/queues/atomicagent.js
@@ -71,6 +71,8 @@ async function process(job) {
   }
 }
 
+module.exports.addJobToQueue = process
+
 module.exports = (job) => {
   return mongo
     .connect()

From c8b96190595b33625a4e592b87df64ba5107730a Mon Sep 17 00:00:00 2001
From: devaraj <devarajsuk@gmail.com>
Date: Fri, 29 Apr 2022 01:17:29 +0100
Subject: [PATCH 3/8] fix(exports): export fn to add job to the queue

---
 src/api/routes/user.js           | 4 ++--
 src/worker/queues/atomicagent.js | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/api/routes/user.js b/src/api/routes/user.js
index e747185a..c56841e4 100644
--- a/src/api/routes/user.js
+++ b/src/api/routes/user.js
@@ -6,7 +6,7 @@ const { parseArgsStringToArgv } = require('string-argv')
 const config = require('../../config')
 const Check = require('../../models/Check')
 const Order = require('../../models/Order')
-const { addJobToQueue } = require('../../worker/queues/atomicagent')
+const { process } = require('../../worker/queues/atomicagent')
 const { safeCompare } = require('../../utils/crypto')
 
 const ensureAuth = require('../../middlewares/ensureAuth')
@@ -129,7 +129,7 @@ router.get(
       return res.notOk(400, `Order not found: ${orderId}`)
     }
 
-    await addJobToQueue({ data: { orderId: orderId } })
+    await process({ data: { orderId: orderId } })
 
     res.ok()
   })
diff --git a/src/worker/queues/atomicagent.js b/src/worker/queues/atomicagent.js
index 324004c1..b9597940 100644
--- a/src/worker/queues/atomicagent.js
+++ b/src/worker/queues/atomicagent.js
@@ -71,7 +71,7 @@ async function process(job) {
   }
 }
 
-module.exports.addJobToQueue = process
+module.exports.process = process
 
 module.exports = (job) => {
   return mongo

From 065f427d251ab11204b3279405229122cc763b69 Mon Sep 17 00:00:00 2001
From: devaraj <devarajsuk@gmail.com>
Date: Fri, 29 Apr 2022 01:31:51 +0100
Subject: [PATCH 4/8] fix(exports) : add job to the queue

---
 src/api/routes/user.js           | 4 ++--
 src/worker/queues/atomicagent.js | 3 +--
 2 files changed, 3 insertions(+), 4 deletions(-)

diff --git a/src/api/routes/user.js b/src/api/routes/user.js
index c56841e4..e747185a 100644
--- a/src/api/routes/user.js
+++ b/src/api/routes/user.js
@@ -6,7 +6,7 @@ const { parseArgsStringToArgv } = require('string-argv')
 const config = require('../../config')
 const Check = require('../../models/Check')
 const Order = require('../../models/Order')
-const { process } = require('../../worker/queues/atomicagent')
+const { addJobToQueue } = require('../../worker/queues/atomicagent')
 const { safeCompare } = require('../../utils/crypto')
 
 const ensureAuth = require('../../middlewares/ensureAuth')
@@ -129,7 +129,7 @@ router.get(
       return res.notOk(400, `Order not found: ${orderId}`)
     }
 
-    await process({ data: { orderId: orderId } })
+    await addJobToQueue({ data: { orderId: orderId } })
 
     res.ok()
   })
diff --git a/src/worker/queues/atomicagent.js b/src/worker/queues/atomicagent.js
index b9597940..7efae67a 100644
--- a/src/worker/queues/atomicagent.js
+++ b/src/worker/queues/atomicagent.js
@@ -71,11 +71,10 @@ async function process(job) {
   }
 }
 
-module.exports.process = process
-
 module.exports = (job) => {
   return mongo
     .connect()
     .then(() => process(job))
     .finally(() => mongo.disconnect())
 }
+module.exports.addJobToQueue = process

From 7947f5e9ab59656da11ecf180fb81bedfbfb5fe5 Mon Sep 17 00:00:00 2001
From: devaraj <devarajsuk@gmail.com>
Date: Fri, 29 Apr 2022 02:00:05 +0100
Subject: [PATCH 5/8] fix(job): add job to the atomic agent queue

---
 src/api/routes/user.js           | 4 ++--
 src/worker/queues/atomicagent.js | 1 -
 2 files changed, 2 insertions(+), 3 deletions(-)

diff --git a/src/api/routes/user.js b/src/api/routes/user.js
index e747185a..015b5a4a 100644
--- a/src/api/routes/user.js
+++ b/src/api/routes/user.js
@@ -6,7 +6,7 @@ const { parseArgsStringToArgv } = require('string-argv')
 const config = require('../../config')
 const Check = require('../../models/Check')
 const Order = require('../../models/Order')
-const { addJobToQueue } = require('../../worker/queues/atomicagent')
+const { getAtomicAgentQueue } = require('../../worker')
 const { safeCompare } = require('../../utils/crypto')
 
 const ensureAuth = require('../../middlewares/ensureAuth')
@@ -129,7 +129,7 @@ router.get(
       return res.notOk(400, `Order not found: ${orderId}`)
     }
 
-    await addJobToQueue({ data: { orderId: orderId } })
+    await getAtomicAgentQueue().add({ orderId: order.orderId }, { jobId: order.orderId })
 
     res.ok()
   })
diff --git a/src/worker/queues/atomicagent.js b/src/worker/queues/atomicagent.js
index 7efae67a..f04023bd 100644
--- a/src/worker/queues/atomicagent.js
+++ b/src/worker/queues/atomicagent.js
@@ -77,4 +77,3 @@ module.exports = (job) => {
     .then(() => process(job))
     .finally(() => mongo.disconnect())
 }
-module.exports.addJobToQueue = process

From c43e3cd87567dc6180421f88e883519c9a0cc595 Mon Sep 17 00:00:00 2001
From: devaraj <devarajsuk@gmail.com>
Date: Fri, 29 Apr 2022 02:18:47 +0100
Subject: [PATCH 6/8] remove the job conditional check

---
 .../atomicswap/4-find-user-claim-or-agent-refund.js    | 10 ++++------
 1 file changed, 4 insertions(+), 6 deletions(-)

diff --git a/src/worker/atomicswap/4-find-user-claim-or-agent-refund.js b/src/worker/atomicswap/4-find-user-claim-or-agent-refund.js
index d3633e6d..9607a0b8 100644
--- a/src/worker/atomicswap/4-find-user-claim-or-agent-refund.js
+++ b/src/worker/atomicswap/4-find-user-claim-or-agent-refund.js
@@ -21,12 +21,10 @@ module.exports = async function (order, job) {
   const toClaimTx = await order.findToClaimSwapTransaction(order.toLastScannedBlock, toCurrentBlockNumber)
 
   if (!toClaimTx) {
-    if (job) {
-      await job.update({
-        ...job.data,
-        toLastScannedBlock: toCurrentBlockNumber
-      })
-    }
+    await job.update({
+      ...job.data,
+      toLastScannedBlock: toCurrentBlockNumber
+    })
 
     let toCurrentBlock
 

From 1e00169ebd8f7fd4d680ade27a9817d764cdb64c Mon Sep 17 00:00:00 2001
From: devaraj <devarajsuk@gmail.com>
Date: Fri, 29 Apr 2022 02:24:19 +0100
Subject: [PATCH 7/8] test(auth): test for bearer

---
 sample.config.toml |  1 +
 test/auth.test.js  | 34 ++++++++++++++++++++++++++++++++++
 2 files changed, 35 insertions(+)
 create mode 100644 test/auth.test.js

diff --git a/sample.config.toml b/sample.config.toml
index 7bb290fb..14f2670a 100644
--- a/sample.config.toml
+++ b/sample.config.toml
@@ -17,6 +17,7 @@ swapExpirationDurationInSeconds = 3600
 cookieSecret = '58da74ef560e5578cb46219b7818d7c2'
 cookieMaxAgeMs = 86400000
 simplePassword = '25ec02267950f537347b4a7c02b00ced'
+bearer = '58da74ef560e5578cb46219b7818d7c2'
 
 [threshold]
 manualAboveFromAmountUsd = 5000
diff --git a/test/auth.test.js b/test/auth.test.js
new file mode 100644
index 00000000..db44ea71
--- /dev/null
+++ b/test/auth.test.js
@@ -0,0 +1,34 @@
+/* eslint-env mocha */
+const chai = require('chai')
+const chaiHttp = require('chai-http')
+chai.use(chaiHttp)
+
+const { app } = require('../src/api')
+const { prepare } = require('./lib/utils')
+const config = require('../src/config')
+
+describe('Test Order retry Auth', () => {
+  before(async function () {
+    this.timeout(0)
+    await prepare()
+  })
+
+  it('Should return 401 without bearer token', async () => {
+    return chai
+      .request(app())
+      .get('/api/user/order/retry?orderId=' + '123213234')
+      .then((res) => {
+        res.should.have.status(401)
+      })
+  })
+
+  it('Should return Order not found for invalid orderId', async () => {
+    return chai
+      .request(app())
+      .get('/api/user/order/retry?orderId=' + '123213234')
+      .set('Authorization', config.auth.bearer)
+      .then((res) => {
+        res.should.have.status(400)
+      })
+  })
+})

From f79c5b47626ed0150b0cc3559416ad766a4ec56a Mon Sep 17 00:00:00 2001
From: devaraj <devarajsuk@gmail.com>
Date: Tue, 3 May 2022 10:45:43 +0100
Subject: [PATCH 8/8] fix(safecompare): compare using safecompare

---
 src/api/routes/user.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/api/routes/user.js b/src/api/routes/user.js
index 015b5a4a..06147096 100644
--- a/src/api/routes/user.js
+++ b/src/api/routes/user.js
@@ -116,7 +116,7 @@ router.get(
     const { orderId } = query
     const bearer = req.headers.authorization
 
-    if (bearer != config.auth.bearer) {
+    if (!safeCompare(bearer, config.auth.bearer)) {
       return res.notOk(401, 'Unauthorised')
     }