md.asif5/yume_js
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: added daily limit feature

Browse Source
This commit is contained in:
Md Asif
2025-10-28 15:44:43 +05:30
parent 9f2f557b03
commit 7757b464b3
14 changed files with 129 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/app.js
View File

@@ -3,6 +3,7 @@ const cors = require('cors');
const { logger } = require('./util/logger');
const routes = require('./routes');
const helmet = require('helmet');
const { verifyClient } = require('./middlewares/clientVerifier.middleware');
const app = express();
@@ -11,7 +12,7 @@ app.use(helmet());
app.use(express.json());
app.use(express.urlencoded({ extended: true }));
app.use('/api', routes);
app.use('/api', verifyClient, routes);
app.get('/health', (_, res) => res.send('server is healthy'));
app.use((err, _req, res, _next) => {
logger.error(err, 'uncaught error');

6
src/controllers/imps.controller.js
View File

@@ -12,7 +12,8 @@ async function send(
ifscCode,
beneficiaryName,
beneficiaryAcctType = 'SAVINGS',
remarks = ''
remarks = '',
client
) {
try {
const reqData = {
@@ -42,7 +43,8 @@ async function send(
amount,
'',
'',
response.data
response.data,
client
);
return response.data;
} catch (error) {

10
src/controllers/neft.controller.js
View File

@@ -11,7 +11,8 @@ async function send(
ifscCode,
beneficiaryName,
remitterName,
remarks
remarks,
client
) {
const commission = 0;
try {
@@ -28,7 +29,7 @@ async function send(
stAddress1: '',
stAddress2: '',
stAddress3: '',
narration: remarks
narration: remarks,
}
);
await recordInterBankTransaction(
@@ -41,7 +42,8 @@ async function send(
commission,
beneficiaryName,
remitterName,
response.data.status
response.data.status,
client
);
return response.data;
} catch (error) {
@@ -49,8 +51,6 @@ async function send(
'API call failed: ' + (error.response?.data?.message || error.message)
);
}
}
module.exports = { send };

9
src/controllers/rtgs.controller.js
View File

@@ -11,7 +11,8 @@ async function send(
ifscCode,
beneficiaryName,
remitterName,
remarks
remarks,
client
) {
const commission = 0;
try {
@@ -28,7 +29,8 @@ async function send(
stAddress1: '',
stAddress2: '',
stAddress3: '',
narration: remarks
narration: remarks,
client,
}
);
await recordInterBankTransaction(
@@ -41,7 +43,8 @@ async function send(
commission,
beneficiaryName,
remitterName,
response.data.status
response.data.status,
client
);
return response.data;
} catch (error) {

6
src/controllers/transfer.controller.js
View File

@@ -9,7 +9,8 @@ async function transfer(
toAccountType,
amount,
customerNo,
narration = ''
narration = '',
client
) {
try {
const response = await axios.post(
@@ -28,7 +29,8 @@ async function transfer(
toAccountNo,
toAccountType,
amount,
response.data.status
response.data.status,
client
);
return response.data;
} catch (error) {

20
src/middlewares/clientVerifier.middleware.js Normal file
View File

@@ -0,0 +1,20 @@
const { logger } = require('../util/logger');
function verifyClient(req, res, next) {
const clientHeader = req.headers['x-login-type'];
if (!clientHeader || (clientHeader !== 'MB' && clientHeader !== 'IB')) {
logger.error(
`Invalid or missing client header. Expected 'MB' or 'IB'. Found ${clientHeader}`
);
return res
.status(401)
.json({ error: 'missing or invalid client type header' });
}
req.client = clientHeader;
next();
}
module.exports = { verifyClient };

28
src/middlewares/limitCheck.middleware.js Normal file
View File

@@ -0,0 +1,28 @@
const { logger } = require('../util/logger');
const {
getDailyLimit,
getUsedLimit,
} = require('../services/paymentLimit.service');
async function checkLimit(req, res, next) {
const { amount } = req.body;
const { user, client } = req;
const dailyLimit = await getDailyLimit(user, client);
const usedLimit = await getUsedLimit(user, client);
const remainingLimit = dailyLimit - usedLimit;
logger.info(
`dailyLimit = ${dailyLimit} | usedLimit = ${usedLimit} | remainingLimit = ${remainingLimit}`
);
if (amount > remainingLimit) {
const midnight = new Date();
midnight.setHours(24, 0, 0, 0);
res.set('Retry-After', midnight.toUTCString());
return res.status(403).json({ error: 'Daily limit exhausted' });
}
next();
}
module.exports = { checkLimit };

7
src/routes/imps.route.js
View File

@@ -3,13 +3,15 @@ const impsController = require('../controllers/imps.controller');
const { logger } = require('../util/logger');
const impsValidator = require('../validators/imps.validator');
const paymentSecretValidator = require('../validators/payment.secret.validator');
const { checkLimit } = require('../middlewares/limitCheck.middleware');
const router = express.Router();
router.use(impsValidator, paymentSecretValidator);
router.use(impsValidator, paymentSecretValidator, checkLimit);
const impsRoute = async (req, res) => {
const { fromAccount, toAccount, ifscCode, amount, beneficiaryName, remarks } =
req.body;
const client = req.client;
try {
const result = await impsController.send(
@@ -20,7 +22,8 @@ const impsRoute = async (req, res) => {
ifscCode,
beneficiaryName,
'SAVINGS',
remarks
remarks,
client
);
if (result.startsWith('Message produced successfully')) {

5
src/routes/index.js
View File

@@ -1,6 +1,6 @@
const express = require('express');
const authRoute = require('./auth.route');
const adminAuthRoute =require('./admin_auth.route');
const adminAuthRoute = require('./admin_auth.route');
const detailsRoute = require('./customer_details.route');
const transactionRoute = require('./transactions.route');
const authenticate = require('../middlewares/auth.middleware');
@@ -15,7 +15,7 @@ const otp = require('./otp.route');
const router = express.Router();
router.use('/auth', authRoute);
router.use('/auth/admin',adminAuthRoute);
router.use('/auth/admin', adminAuthRoute);
router.use('/customer', authenticate, detailsRoute);
router.use('/transactions/account/:accountNo', authenticate, transactionRoute);
router.use('/payment/transfer', authenticate, transferRoute);
@@ -26,5 +26,4 @@ router.use('/beneficiary', authenticate, beneficiaryRoute);
router.use('/npci/beneficiary-response', npciResponse);
router.use('/otp', otp);
module.exports = router;

9
src/routes/neft.route.js
View File

@@ -3,9 +3,10 @@ const neftController = require('../controllers/neft.controller');
const { logger } = require('../util/logger');
const neftValidator = require('../validators/neft.validator.js');
const paymentSecretValidator = require('../validators/payment.secret.validator');
const { checkLimit } = require('../middlewares/limitCheck.middleware');
const router = express.Router();
router.use(neftValidator, paymentSecretValidator);
router.use(neftValidator, paymentSecretValidator, checkLimit);
const neftRoute = async (req, res) => {
const {
@@ -15,8 +16,9 @@ const neftRoute = async (req, res) => {
amount,
beneficiaryName,
remitterName,
remarks
remarks,
} = req.body;
const client = req.client;
try {
const result = await neftController.send(
@@ -27,7 +29,8 @@ const neftRoute = async (req, res) => {
ifscCode,
beneficiaryName,
remitterName,
remarks
remarks,
client
);
logger.info(result);

9
src/routes/rtgs.route.js
View File

@@ -3,9 +3,10 @@ const rtgsController = require('../controllers/rtgs.controller');
const { logger } = require('../util/logger');
const rtgsValidator = require('../validators/rtgs.validator.js');
const paymentSecretValidator = require('../validators/payment.secret.validator');
const { checkLimit } = require('../middlewares/limitCheck.middleware');
const router = express.Router();
router.use(rtgsValidator, paymentSecretValidator);
router.use(rtgsValidator, paymentSecretValidator, checkLimit);
const rtgsRoute = async (req, res) => {
const {
@@ -15,8 +16,9 @@ const rtgsRoute = async (req, res) => {
amount,
beneficiaryName,
remitterName,
remarks
remarks,
} = req.body;
const client = req.client;
try {
const result = await rtgsController.send(
@@ -27,7 +29,8 @@ const rtgsRoute = async (req, res) => {
ifscCode,
beneficiaryName,
remitterName,
remarks
remarks,
client
);
if (result.status.startsWith('O.K.')) {

7
src/routes/transfer.route.js
View File

@@ -3,12 +3,14 @@ const { logger } = require('../util/logger');
const express = require('express');
const transferValidator = require('../validators/transfer.validator');
const passwordValidator = require('../validators/payment.secret.validator.js');
const { checkLimit } = require('../middlewares/limitCheck.middleware');
const router = express.Router();
router.use(passwordValidator, transferValidator);
router.use(passwordValidator, transferValidator, checkLimit);
const transferRoute = async (req, res) => {
const { fromAccount, toAccount, toAccountType, amount, remarks } = req.body;
const client = req.client;
try {
const result = await transferController.transfer(
fromAccount,
@@ -16,7 +18,8 @@ const transferRoute = async (req, res) => {
toAccountType,
amount,
req.user,
remarks
remarks,
client
);
if (result.status === 'O.K.') {

28
src/services/paymentLimit.service.js Normal file
View File

@@ -0,0 +1,28 @@
const db = require('../config/db');
async function getDailyLimit(customerNo, clientType) {
if (clientType !== 'IB' && clientType !== 'MB') {
throw new Error('Invalid client type. IB and MB accepted');
}
let query = '';
if (clientType === 'IB') {
query = `SELECT inb_limit_amount AS daily_limit FROM users WHERE customer_no = $1`;
} else {
query = `SELECT mobile_limit_amount AS daily_limit FROM users WHERE customer_no = $1`;
}
const result = await db.query(query, [customerNo]);
return result.rows[0].daily_limit;
}
async function getUsedLimit(customerNo, clientType) {
if (clientType !== 'IB' && clientType !== 'MB') {
throw new Error('Invalid client type. IB and MB accepted');
}
let query = `SELECT SUM(amount) AS used_limit FROM transactions WHERE created_at BETWEEN CURRENT_DATE AND (CURRENT_DATE + INTERVAL '1 day') AND customer_no = $1 AND client = $2`;
const result = await db.query(query, [customerNo, clientType]);
return result.rows[0].used_limit;
}
module.exports = { getDailyLimit, getUsedLimit };

12
src/services/recordkeeping.service.js
View File

@@ -6,11 +6,12 @@ const recordIntraBankTransaction = async (
toAccount,
accountType,
amount,
status
status,
clientType
) => {
const trxType = 'TRF';
const query =
'INSERT INTO transactions (customer_no, trx_type, from_account, to_account, to_account_type, amount, status) VALUES ($1, $2, $3, $4, $5, $6, $7)';
'INSERT INTO transactions (customer_no, trx_type, from_account, to_account, to_account_type, amount, status, client) VALUES ($1, $2, $3, $4, $5, $6, $7, $8)';
await db.query(query, [
customerNo,
trxType,
@@ -19,6 +20,7 @@ const recordIntraBankTransaction = async (
accountType,
amount,
status,
clientType,
]);
};
const recordInterBankTransaction = async (
@@ -31,10 +33,11 @@ const recordInterBankTransaction = async (
commission,
beneficiaryName,
remitterName,
status
status,
clientType
) => {
const query =
'INSERT INTO transactions (customer_no, trx_type, from_account, to_account, ifsc_code, amount, commission, beneficiary_name, remitter_name, status) VALUES ($1, $2, $3, $4, $5, $6, $7, $8, $9, $10)';
'INSERT INTO transactions (customer_no, trx_type, from_account, to_account, ifsc_code, amount, commission, beneficiary_name, remitter_name, status, client) VALUES ($1, $2, $3, $4, $5, $6, $7, $8, $9, $10, $11)';
await db.query(query, [
customerNo,
trxType,
@@ -46,6 +49,7 @@ const recordInterBankTransaction = async (
beneficiaryName,
remitterName,
status,
clientType,
]);
};