From 7757b464b3d721669e2a5e2176c4474d812d17bd Mon Sep 17 00:00:00 2001 From: asif Date: Tue, 28 Oct 2025 15:44:43 +0530 Subject: [PATCH 1/6] feat: added daily limit feature --- src/app.js | 3 ++- src/controllers/imps.controller.js | 6 +++-- src/controllers/neft.controller.js | 10 +++---- src/controllers/rtgs.controller.js | 9 ++++--- src/controllers/transfer.controller.js | 6 +++-- src/middlewares/clientVerifier.middleware.js | 20 ++++++++++++++ src/middlewares/limitCheck.middleware.js | 28 ++++++++++++++++++++ src/routes/imps.route.js | 7 +++-- src/routes/index.js | 5 ++-- src/routes/neft.route.js | 9 ++++--- src/routes/rtgs.route.js | 9 ++++--- src/routes/transfer.route.js | 7 +++-- src/services/paymentLimit.service.js | 28 ++++++++++++++++++++ src/services/recordkeeping.service.js | 12 ++++++--- 14 files changed, 129 insertions(+), 30 deletions(-) create mode 100644 src/middlewares/clientVerifier.middleware.js create mode 100644 src/middlewares/limitCheck.middleware.js create mode 100644 src/services/paymentLimit.service.js diff --git a/src/app.js b/src/app.js index d2a7472..f593fc3 100644 --- a/src/app.js +++ b/src/app.js @@ -3,6 +3,7 @@ const cors = require('cors'); const { logger } = require('./util/logger'); const routes = require('./routes'); const helmet = require('helmet'); +const { verifyClient } = require('./middlewares/clientVerifier.middleware'); const app = express(); @@ -11,7 +12,7 @@ app.use(helmet()); app.use(express.json()); app.use(express.urlencoded({ extended: true })); -app.use('/api', routes); +app.use('/api', verifyClient, routes); app.get('/health', (_, res) => res.send('server is healthy')); app.use((err, _req, res, _next) => { logger.error(err, 'uncaught error'); diff --git a/src/controllers/imps.controller.js b/src/controllers/imps.controller.js index 20129e6..845d2aa 100644 --- a/src/controllers/imps.controller.js +++ b/src/controllers/imps.controller.js @@ -12,7 +12,8 @@ async function send( ifscCode, beneficiaryName, beneficiaryAcctType = 'SAVINGS', - remarks = '' + remarks = '', + client ) { try { const reqData = { @@ -42,7 +43,8 @@ async function send( amount, '', '', - response.data + response.data, + client ); return response.data; } catch (error) { diff --git a/src/controllers/neft.controller.js b/src/controllers/neft.controller.js index a5c9a6e..b6d4488 100644 --- a/src/controllers/neft.controller.js +++ b/src/controllers/neft.controller.js @@ -11,7 +11,8 @@ async function send( ifscCode, beneficiaryName, remitterName, - remarks + remarks, + client ) { const commission = 0; try { @@ -28,7 +29,7 @@ async function send( stAddress1: '', stAddress2: '', stAddress3: '', - narration: remarks + narration: remarks, } ); await recordInterBankTransaction( @@ -41,7 +42,8 @@ async function send( commission, beneficiaryName, remitterName, - response.data.status + response.data.status, + client ); return response.data; } catch (error) { @@ -49,8 +51,6 @@ async function send( 'API call failed: ' + (error.response?.data?.message || error.message) ); } - - } module.exports = { send }; diff --git a/src/controllers/rtgs.controller.js b/src/controllers/rtgs.controller.js index 1e04e2d..0305673 100644 --- a/src/controllers/rtgs.controller.js +++ b/src/controllers/rtgs.controller.js @@ -11,7 +11,8 @@ async function send( ifscCode, beneficiaryName, remitterName, - remarks + remarks, + client ) { const commission = 0; try { @@ -28,7 +29,8 @@ async function send( stAddress1: '', stAddress2: '', stAddress3: '', - narration: remarks + narration: remarks, + client, } ); await recordInterBankTransaction( @@ -41,7 +43,8 @@ async function send( commission, beneficiaryName, remitterName, - response.data.status + response.data.status, + client ); return response.data; } catch (error) { diff --git a/src/controllers/transfer.controller.js b/src/controllers/transfer.controller.js index 028c49d..db6156d 100644 --- a/src/controllers/transfer.controller.js +++ b/src/controllers/transfer.controller.js @@ -9,7 +9,8 @@ async function transfer( toAccountType, amount, customerNo, - narration = '' + narration = '', + client ) { try { const response = await axios.post( @@ -28,7 +29,8 @@ async function transfer( toAccountNo, toAccountType, amount, - response.data.status + response.data.status, + client ); return response.data; } catch (error) { diff --git a/src/middlewares/clientVerifier.middleware.js b/src/middlewares/clientVerifier.middleware.js new file mode 100644 index 0000000..25a68c3 --- /dev/null +++ b/src/middlewares/clientVerifier.middleware.js @@ -0,0 +1,20 @@ +const { logger } = require('../util/logger'); + +function verifyClient(req, res, next) { + const clientHeader = req.headers['x-login-type']; + + if (!clientHeader || (clientHeader !== 'MB' && clientHeader !== 'IB')) { + logger.error( + `Invalid or missing client header. Expected 'MB' or 'IB'. Found ${clientHeader}` + ); + + return res + .status(401) + .json({ error: 'missing or invalid client type header' }); + } + + req.client = clientHeader; + next(); +} + +module.exports = { verifyClient }; diff --git a/src/middlewares/limitCheck.middleware.js b/src/middlewares/limitCheck.middleware.js new file mode 100644 index 0000000..f60d974 --- /dev/null +++ b/src/middlewares/limitCheck.middleware.js @@ -0,0 +1,28 @@ +const { logger } = require('../util/logger'); +const { + getDailyLimit, + getUsedLimit, +} = require('../services/paymentLimit.service'); + +async function checkLimit(req, res, next) { + const { amount } = req.body; + const { user, client } = req; + const dailyLimit = await getDailyLimit(user, client); + const usedLimit = await getUsedLimit(user, client); + + const remainingLimit = dailyLimit - usedLimit; + + logger.info( + `dailyLimit = ${dailyLimit} | usedLimit = ${usedLimit} | remainingLimit = ${remainingLimit}` + ); + + if (amount > remainingLimit) { + const midnight = new Date(); + midnight.setHours(24, 0, 0, 0); + res.set('Retry-After', midnight.toUTCString()); + return res.status(403).json({ error: 'Daily limit exhausted' }); + } + next(); +} + +module.exports = { checkLimit }; diff --git a/src/routes/imps.route.js b/src/routes/imps.route.js index 83f8f49..f663283 100644 --- a/src/routes/imps.route.js +++ b/src/routes/imps.route.js @@ -3,13 +3,15 @@ const impsController = require('../controllers/imps.controller'); const { logger } = require('../util/logger'); const impsValidator = require('../validators/imps.validator'); const paymentSecretValidator = require('../validators/payment.secret.validator'); +const { checkLimit } = require('../middlewares/limitCheck.middleware'); const router = express.Router(); -router.use(impsValidator, paymentSecretValidator); +router.use(impsValidator, paymentSecretValidator, checkLimit); const impsRoute = async (req, res) => { const { fromAccount, toAccount, ifscCode, amount, beneficiaryName, remarks } = req.body; + const client = req.client; try { const result = await impsController.send( @@ -20,7 +22,8 @@ const impsRoute = async (req, res) => { ifscCode, beneficiaryName, 'SAVINGS', - remarks + remarks, + client ); if (result.startsWith('Message produced successfully')) { diff --git a/src/routes/index.js b/src/routes/index.js index a779232..8dd7a6f 100644 --- a/src/routes/index.js +++ b/src/routes/index.js @@ -1,6 +1,6 @@ const express = require('express'); const authRoute = require('./auth.route'); -const adminAuthRoute =require('./admin_auth.route'); +const adminAuthRoute = require('./admin_auth.route'); const detailsRoute = require('./customer_details.route'); const transactionRoute = require('./transactions.route'); const authenticate = require('../middlewares/auth.middleware'); @@ -15,7 +15,7 @@ const otp = require('./otp.route'); const router = express.Router(); router.use('/auth', authRoute); -router.use('/auth/admin',adminAuthRoute); +router.use('/auth/admin', adminAuthRoute); router.use('/customer', authenticate, detailsRoute); router.use('/transactions/account/:accountNo', authenticate, transactionRoute); router.use('/payment/transfer', authenticate, transferRoute); @@ -26,5 +26,4 @@ router.use('/beneficiary', authenticate, beneficiaryRoute); router.use('/npci/beneficiary-response', npciResponse); router.use('/otp', otp); - module.exports = router; diff --git a/src/routes/neft.route.js b/src/routes/neft.route.js index 19e6a57..bccbed7 100644 --- a/src/routes/neft.route.js +++ b/src/routes/neft.route.js @@ -3,9 +3,10 @@ const neftController = require('../controllers/neft.controller'); const { logger } = require('../util/logger'); const neftValidator = require('../validators/neft.validator.js'); const paymentSecretValidator = require('../validators/payment.secret.validator'); +const { checkLimit } = require('../middlewares/limitCheck.middleware'); const router = express.Router(); -router.use(neftValidator, paymentSecretValidator); +router.use(neftValidator, paymentSecretValidator, checkLimit); const neftRoute = async (req, res) => { const { @@ -15,8 +16,9 @@ const neftRoute = async (req, res) => { amount, beneficiaryName, remitterName, - remarks + remarks, } = req.body; + const client = req.client; try { const result = await neftController.send( @@ -27,7 +29,8 @@ const neftRoute = async (req, res) => { ifscCode, beneficiaryName, remitterName, - remarks + remarks, + client ); logger.info(result); diff --git a/src/routes/rtgs.route.js b/src/routes/rtgs.route.js index 7c7348e..7534715 100644 --- a/src/routes/rtgs.route.js +++ b/src/routes/rtgs.route.js @@ -3,9 +3,10 @@ const rtgsController = require('../controllers/rtgs.controller'); const { logger } = require('../util/logger'); const rtgsValidator = require('../validators/rtgs.validator.js'); const paymentSecretValidator = require('../validators/payment.secret.validator'); +const { checkLimit } = require('../middlewares/limitCheck.middleware'); const router = express.Router(); -router.use(rtgsValidator, paymentSecretValidator); +router.use(rtgsValidator, paymentSecretValidator, checkLimit); const rtgsRoute = async (req, res) => { const { @@ -15,8 +16,9 @@ const rtgsRoute = async (req, res) => { amount, beneficiaryName, remitterName, - remarks + remarks, } = req.body; + const client = req.client; try { const result = await rtgsController.send( @@ -27,7 +29,8 @@ const rtgsRoute = async (req, res) => { ifscCode, beneficiaryName, remitterName, - remarks + remarks, + client ); if (result.status.startsWith('O.K.')) { diff --git a/src/routes/transfer.route.js b/src/routes/transfer.route.js index 0b94475..6602b4d 100644 --- a/src/routes/transfer.route.js +++ b/src/routes/transfer.route.js @@ -3,12 +3,14 @@ const { logger } = require('../util/logger'); const express = require('express'); const transferValidator = require('../validators/transfer.validator'); const passwordValidator = require('../validators/payment.secret.validator.js'); +const { checkLimit } = require('../middlewares/limitCheck.middleware'); const router = express.Router(); -router.use(passwordValidator, transferValidator); +router.use(passwordValidator, transferValidator, checkLimit); const transferRoute = async (req, res) => { const { fromAccount, toAccount, toAccountType, amount, remarks } = req.body; + const client = req.client; try { const result = await transferController.transfer( fromAccount, @@ -16,7 +18,8 @@ const transferRoute = async (req, res) => { toAccountType, amount, req.user, - remarks + remarks, + client ); if (result.status === 'O.K.') { diff --git a/src/services/paymentLimit.service.js b/src/services/paymentLimit.service.js new file mode 100644 index 0000000..ebf39ed --- /dev/null +++ b/src/services/paymentLimit.service.js @@ -0,0 +1,28 @@ +const db = require('../config/db'); + +async function getDailyLimit(customerNo, clientType) { + if (clientType !== 'IB' && clientType !== 'MB') { + throw new Error('Invalid client type. IB and MB accepted'); + } + + let query = ''; + if (clientType === 'IB') { + query = `SELECT inb_limit_amount AS daily_limit FROM users WHERE customer_no = $1`; + } else { + query = `SELECT mobile_limit_amount AS daily_limit FROM users WHERE customer_no = $1`; + } + + const result = await db.query(query, [customerNo]); + return result.rows[0].daily_limit; +} + +async function getUsedLimit(customerNo, clientType) { + if (clientType !== 'IB' && clientType !== 'MB') { + throw new Error('Invalid client type. IB and MB accepted'); + } + let query = `SELECT SUM(amount) AS used_limit FROM transactions WHERE created_at BETWEEN CURRENT_DATE AND (CURRENT_DATE + INTERVAL '1 day') AND customer_no = $1 AND client = $2`; + const result = await db.query(query, [customerNo, clientType]); + return result.rows[0].used_limit; +} + +module.exports = { getDailyLimit, getUsedLimit }; diff --git a/src/services/recordkeeping.service.js b/src/services/recordkeeping.service.js index 43fa20a..84ba0eb 100644 --- a/src/services/recordkeeping.service.js +++ b/src/services/recordkeeping.service.js @@ -6,11 +6,12 @@ const recordIntraBankTransaction = async ( toAccount, accountType, amount, - status + status, + clientType ) => { const trxType = 'TRF'; const query = - 'INSERT INTO transactions (customer_no, trx_type, from_account, to_account, to_account_type, amount, status) VALUES ($1, $2, $3, $4, $5, $6, $7)'; + 'INSERT INTO transactions (customer_no, trx_type, from_account, to_account, to_account_type, amount, status, client) VALUES ($1, $2, $3, $4, $5, $6, $7, $8)'; await db.query(query, [ customerNo, trxType, @@ -19,6 +20,7 @@ const recordIntraBankTransaction = async ( accountType, amount, status, + clientType, ]); }; const recordInterBankTransaction = async ( @@ -31,10 +33,11 @@ const recordInterBankTransaction = async ( commission, beneficiaryName, remitterName, - status + status, + clientType ) => { const query = - 'INSERT INTO transactions (customer_no, trx_type, from_account, to_account, ifsc_code, amount, commission, beneficiary_name, remitter_name, status) VALUES ($1, $2, $3, $4, $5, $6, $7, $8, $9, $10)'; + 'INSERT INTO transactions (customer_no, trx_type, from_account, to_account, ifsc_code, amount, commission, beneficiary_name, remitter_name, status, client) VALUES ($1, $2, $3, $4, $5, $6, $7, $8, $9, $10, $11)'; await db.query(query, [ customerNo, trxType, @@ -46,6 +49,7 @@ const recordInterBankTransaction = async ( beneficiaryName, remitterName, status, + clientType, ]); }; From 654b4ddaf760e29629531acaaf89fbfb534e340e Mon Sep 17 00:00:00 2001 From: asif Date: Tue, 28 Oct 2025 17:59:22 +0530 Subject: [PATCH 2/6] added two routes for getting and setting the daily limit of users --- src/middlewares/clientVerifier.middleware.js | 2 +- src/middlewares/limitCheck.middleware.js | 8 +-- src/routes/customer_details.route.js | 51 +++++++++++++++++++- src/services/paymentLimit.service.js | 30 ++++++++---- 4 files changed, 75 insertions(+), 16 deletions(-) diff --git a/src/middlewares/clientVerifier.middleware.js b/src/middlewares/clientVerifier.middleware.js index 25a68c3..5916f68 100644 --- a/src/middlewares/clientVerifier.middleware.js +++ b/src/middlewares/clientVerifier.middleware.js @@ -10,7 +10,7 @@ function verifyClient(req, res, next) { return res .status(401) - .json({ error: 'missing or invalid client type header' }); + .json({ error: 'MISSING OR INVALID CLIENT TYPE HEADER' }); } req.client = clientHeader; diff --git a/src/middlewares/limitCheck.middleware.js b/src/middlewares/limitCheck.middleware.js index f60d974..12d6ac1 100644 --- a/src/middlewares/limitCheck.middleware.js +++ b/src/middlewares/limitCheck.middleware.js @@ -8,14 +8,14 @@ async function checkLimit(req, res, next) { const { amount } = req.body; const { user, client } = req; const dailyLimit = await getDailyLimit(user, client); + if (!dailyLimit) { + logger.info('NO LIMIT SET FOR CUSTOMER. ALLOWING TRANSACTIONS'); + next(); + } const usedLimit = await getUsedLimit(user, client); const remainingLimit = dailyLimit - usedLimit; - logger.info( - `dailyLimit = ${dailyLimit} | usedLimit = ${usedLimit} | remainingLimit = ${remainingLimit}` - ); - if (amount > remainingLimit) { const midnight = new Date(); midnight.setHours(24, 0, 0, 0); diff --git a/src/routes/customer_details.route.js b/src/routes/customer_details.route.js index 7e1114d..ec17cde 100644 --- a/src/routes/customer_details.route.js +++ b/src/routes/customer_details.route.js @@ -1,5 +1,13 @@ const customerController = require('../controllers/customer_details.controller'); +const { + getDailyLimit, + getUsedLimit, + setDailyLimit, +} = require('../services/paymentLimit.service'); const { logger } = require('../util/logger'); +const express = require('express'); + +const router = express.Router(); const customerRoute = async (req, res) => { const customerNo = req.user; @@ -12,4 +20,45 @@ const customerRoute = async (req, res) => { } }; -module.exports = customerRoute; +const limitRoute = async (req, res) => { + const customerNo = req.user; + const client = req.client; + + try { + const dailyLimit = await getDailyLimit(customerNo, client); + if (!dailyLimit) { + return res.status(400).json({ error: 'NO DAILY LIMIT SET FOR USER' }); + } + const usedLimit = await getUsedLimit(customerNo, client); + res.json({ dailyLimit: dailyLimit, usedLimit: usedLimit }); + } catch (err) { + logger.error(err, 'Unknown error encountered while checking daily limit'); + res.status(500).json({ error: 'INTERNAL_SERVER_ERROR' }); + } +}; +const limitChangeRoute = async (req, res) => { + const customerNo = req.user; + const client = req.client; + const { amount } = req.body; + const numericLimit = Number(amount); + + if (!Number.isFinite(numericLimit)) { + logger.error(`Invalid new Limit, found: ${newLimit}`); + return res + .status(400) + .json({ error: 'NEW LIMIT AMOUNT IS REQUIRED WHEN SETTING LIMIT' }); + } + try { + await setDailyLimit(customerNo, client, numericLimit); + return res.status(200).json({ message: 'LIMIT SET' }); + } catch (err) { + logger.error(err, 'Unexpected error while setting limit amount'); + res.status(500).json({ error: 'INTERNAL SERVER ERROR' }); + } +}; + +router.get('/', customerRoute); +router.get('/daily-limit', limitRoute); +router.post('/daily-limit', limitChangeRoute); + +module.exports = router; diff --git a/src/services/paymentLimit.service.js b/src/services/paymentLimit.service.js index ebf39ed..b4acba7 100644 --- a/src/services/paymentLimit.service.js +++ b/src/services/paymentLimit.service.js @@ -1,10 +1,7 @@ const db = require('../config/db'); +const { logger } = require('../util/logger'); async function getDailyLimit(customerNo, clientType) { - if (clientType !== 'IB' && clientType !== 'MB') { - throw new Error('Invalid client type. IB and MB accepted'); - } - let query = ''; if (clientType === 'IB') { query = `SELECT inb_limit_amount AS daily_limit FROM users WHERE customer_no = $1`; @@ -17,12 +14,25 @@ async function getDailyLimit(customerNo, clientType) { } async function getUsedLimit(customerNo, clientType) { - if (clientType !== 'IB' && clientType !== 'MB') { - throw new Error('Invalid client type. IB and MB accepted'); - } - let query = `SELECT SUM(amount) AS used_limit FROM transactions WHERE created_at BETWEEN CURRENT_DATE AND (CURRENT_DATE + INTERVAL '1 day') AND customer_no = $1 AND client = $2`; + let query = `SELECT SUM(amount::numeric) AS used_limit FROM transactions WHERE created_at BETWEEN CURRENT_DATE AND (CURRENT_DATE + INTERVAL '1 day') AND customer_no = $1 AND client = $2`; const result = await db.query(query, [customerNo, clientType]); - return result.rows[0].used_limit; + const usedLimit = result.rows[0].used_limit; + return Number(usedLimit); } -module.exports = { getDailyLimit, getUsedLimit }; +async function setDailyLimit(customerNo, clientType, amount) { + let query = ''; + if (clientType === 'IB') { + query = `UPDATE users SET inb_limit_amount = $1 WHERE customer_no = $2`; + } else { + query = `UPDATE users SET mobile_limit_amount = $1 WHERE customer_no = $2`; + } + + const result = await db.query(query, [amount, customerNo]); + if (result.rowCount === 0) { + throw new Error('No rows affected'); + } + logger.info(`set new limit: ${result.rowCount} rows affected`); +} + +module.exports = { getDailyLimit, getUsedLimit, setDailyLimit }; From f807f6266014014bcd7cd73ff6a322545698f1b3 Mon Sep 17 00:00:00 2001 From: "tomosa.sarkar" Date: Wed, 29 Oct 2025 15:34:54 +0530 Subject: [PATCH 3/6] fix: Add X-header for EMandate. wip: add message template --- .vscode/settings.json | 1 + src/config/config.js | 1 + src/controllers/otp.controller.js | 7 +++++++ src/middlewares/clientVerifier.middleware.js | 2 +- src/util/sms_template.js | 8 +++++++- 5 files changed, 17 insertions(+), 2 deletions(-) diff --git a/.vscode/settings.json b/.vscode/settings.json index f05d849..fef8a46 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -3,6 +3,7 @@ "MPIN", "occured", "otpgenerator", + "TLIMIT", "tpassword", "tpin", "TPWORD" diff --git a/src/config/config.js b/src/config/config.js index c2e8ebe..376b2b3 100644 --- a/src/config/config.js +++ b/src/config/config.js @@ -6,5 +6,6 @@ dotenv.config({ path: path.resolve(__dirname, '../../.env') }); module.exports = { port: process.env.PORT || 8080, dbUrl: process.env.DATABASE_URL, + redisUrl: process.env.REDIS_URL, jwtSecret: process.env.JWT_SECRET, }; diff --git a/src/controllers/otp.controller.js b/src/controllers/otp.controller.js index 231bd7d..88ceb5d 100644 --- a/src/controllers/otp.controller.js +++ b/src/controllers/otp.controller.js @@ -107,6 +107,13 @@ async function SendOtp(req, res) { case 'USERNAME_SAVED': message = templates.USERNAME_SAVED(PreferName); break; + case 'TLIMIT': + otp = generateOTP(6); + message = templates.TLIMIT(otp); + break; + case 'TLIMIT_SET': + message = templates.TLIMIT_SET(amount); + break; default: return res.status(400).json({ error: 'Invalid OTP type' }); } diff --git a/src/middlewares/clientVerifier.middleware.js b/src/middlewares/clientVerifier.middleware.js index 5916f68..a340ac2 100644 --- a/src/middlewares/clientVerifier.middleware.js +++ b/src/middlewares/clientVerifier.middleware.js @@ -3,7 +3,7 @@ const { logger } = require('../util/logger'); function verifyClient(req, res, next) { const clientHeader = req.headers['x-login-type']; - if (!clientHeader || (clientHeader !== 'MB' && clientHeader !== 'IB')) { + if (!clientHeader || (clientHeader !== 'MB' && clientHeader !== 'IB' && clientHeader !== 'eMandate')) { logger.error( `Invalid or missing client header. Expected 'MB' or 'IB'. Found ${clientHeader}` ); diff --git a/src/util/sms_template.js b/src/util/sms_template.js index e4a6373..63d8251 100644 --- a/src/util/sms_template.js +++ b/src/util/sms_template.js @@ -52,7 +52,13 @@ const templates = { `Dear Customer, Your OTP for updating your Preferred Name is ${otp}. It is valid for 1 minute. Do not share this OTP with anyone. -KCCB`, USERNAME_SAVED: (PreferName) => - `Dear Customer, Your Preferred Name -${PreferName} has been updated successfully. If this change was not made by you, please contact our support team immediately.` + `Dear Customer, Your Preferred Name -${PreferName} has been updated successfully. If this change was not made by you, please contact our support team immediately.`, + + TLIMIT :(otp) => + `Dear Customer,Please complete the transaction limit set with ${otp}. -KCCB`, + + TLIMIT_SET :(amount) => + `Dear Customer,Your transaction limit for Internet Banking is set to Rs ${amount}. -KCCB`, }; module.exports = templates; \ No newline at end of file From 2cc1f3fcad98fb9155ecddacfe1d6e899cad7800 Mon Sep 17 00:00:00 2001 From: asif Date: Wed, 29 Oct 2025 15:40:41 +0530 Subject: [PATCH 4/6] feat: added details of customer --- src/routes/customer_details.route.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/routes/customer_details.route.js b/src/routes/customer_details.route.js index ec17cde..744195c 100644 --- a/src/routes/customer_details.route.js +++ b/src/routes/customer_details.route.js @@ -57,7 +57,7 @@ const limitChangeRoute = async (req, res) => { } }; -router.get('/', customerRoute); +router.get('/details', customerRoute); router.get('/daily-limit', limitRoute); router.post('/daily-limit', limitChangeRoute); From 05db88f409e411d7ebc0c1a4e140479821957b02 Mon Sep 17 00:00:00 2001 From: "tomosa.sarkar" Date: Wed, 29 Oct 2025 15:57:21 +0530 Subject: [PATCH 5/6] fix: remove details from api --- src/routes/customer_details.route.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/routes/customer_details.route.js b/src/routes/customer_details.route.js index 744195c..ec17cde 100644 --- a/src/routes/customer_details.route.js +++ b/src/routes/customer_details.route.js @@ -57,7 +57,7 @@ const limitChangeRoute = async (req, res) => { } }; -router.get('/details', customerRoute); +router.get('/', customerRoute); router.get('/daily-limit', limitRoute); router.post('/daily-limit', limitChangeRoute); From 43cce9f04aa33af7742ea8d088508bb6232f0878 Mon Sep 17 00:00:00 2001 From: "tomosa.sarkar" Date: Thu, 30 Oct 2025 11:24:46 +0530 Subject: [PATCH 6/6] feat : add x header for admin --- src/middlewares/clientVerifier.middleware.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/middlewares/clientVerifier.middleware.js b/src/middlewares/clientVerifier.middleware.js index a340ac2..19889a9 100644 --- a/src/middlewares/clientVerifier.middleware.js +++ b/src/middlewares/clientVerifier.middleware.js @@ -3,7 +3,7 @@ const { logger } = require('../util/logger'); function verifyClient(req, res, next) { const clientHeader = req.headers['x-login-type']; - if (!clientHeader || (clientHeader !== 'MB' && clientHeader !== 'IB' && clientHeader !== 'eMandate')) { + if (!clientHeader || (clientHeader !== 'MB' && clientHeader !== 'IB' && clientHeader !== 'eMandate' && clientHeader !=='Admin')) { logger.error( `Invalid or missing client header. Expected 'MB' or 'IB'. Found ${clientHeader}` );