Merge pull request #23 from solana-developers/new-transaction-checks

adding new validation endpoint

Author: notEduardo

README.md

@@ -113,134 +113,185 @@ Below are the available endpoints for each table.
 
 ---
 
-## Rate Limits Endpoints
+## Github Validation Endpoints
+
+### **Validate Github User ID**
+
+**GET** `/api/github-validation/:userId`
+
+- **Description**: Validates a Github user by fetching their information from the Github API using their user ID.
+- **Request Params**:
+    - `userId` (string): The Github User ID to validate.
+
+- **Curl Command**:
+  ```bash
+  curl -v http://localhost:3000/api/gh-validation/exampleUser 
+  ```
+-**Response**:
+```json
+{
+  "valid": "boolean"
+} 
+```
+
+---
+
+## Transactions Endpoints
 
-### **Create a New Rate Limit**
+### **Create a New Transaction**
 
-**POST** `/api/rate-limits`
+**POST** `/api/transactions`
 
-- **Description**: Adds a new rate limit entry.
+- **Description**: Creates a new transaction entry with a unique signature.
 - **Request Body**:
   ```json
   {
-    "key": "string",
-    "timestamps": ["number"]
+    "signature": "string",
+    "ip_address": "string",
+    "wallet_address": "string",
+    "github_id": "string (optional)",
+    "timestamp": "number"
   }
   ```
 - **Curl Command**:
   ```bash
-  curl -v -X POST http://localhost:3000/api/rate-limits \
-  -H "Content-Type: application/json" \
-  -d '{"key": "test_key_1", "timestamps": [1635793421]}'
+  curl -v -X POST http://localhost:3000/api/transactions \
+    -H "Content-Type: application/json" \
+    -d '{
+      "signature": "tx_123",
+      "ip_address": "192.168.0.1",
+      "wallet_address": "wallet_abc",
+      "github_id": "user123",
+      "timestamp": 1714752000
+    }'
   ```
 - **Response**:
   ```json
   {
-    "key": "string",
-    "timestamps": ["number"]
+    "signature": "tx_123",
+    "ip_address": "192.168.0.1",
+    "wallet_address": "wallet_abc",
+    "github_id": "user123",
+    "timestamp": 1714752000
   }
   ```
 
-### **Get a Rate Limit by Key**
+---
+
+### **Get the Most Recent Transaction(s)**
+
+**GET** `/api/transactions/last`
 
-**GET** `/api/rate-limits/:key`
+- **Description**: Retrieves the most recent transaction(s) matching the given query parameters. You must provide at least one of `wallet_address` or `ip_address`.
+- **Query Params**:
+    - `wallet_address` (string, optional)
+    - `github_id` (string, optional)
+    - `ip_address` (string, optional)
+    - `count` (number, optional – number of results to return; defaults to 1)
 
-- **Description**: Retrieves the rate limit entry for a specific key.
 - **Curl Command**:
   ```bash
-  curl -v http://localhost:3000/api/rate-limits/test_key_1
+  curl -v "http://localhost:3000/api/transactions/last?wallet_address=wallet_abc&count=2"
   ```
-- **Response**:
+- **Response** (if found):
+  ```json
+  [
+    {
+      "signature": "tx_123",
+      "ip_address": "192.168.0.1",
+      "wallet_address": "wallet_abc",
+      "github_id": "user123",
+      "timestamp": 1714752000
+    }
+  ]
+  ```
+
+- **Response** (if not found):
   ```json
   {
-    "key": "string",
-    "timestamps": ["number"]
+    "message": "No transaction found for the given criteria."
   }
   ```
 
-### **Update Timestamps for a Rate Limit**
+---
 
-**PUT** `/api/rate-limits/:key`
+### **Delete a Transaction by Signature**
 
-- **Description**: Updates the timestamps for a specific rate limit key.
-- **Request Body**:
+**DELETE** `/api/transactions/:signature`
+
+- **Description**: Deletes a transaction based on its signature.
+- **Curl Command**:
+  ```bash
+  curl -v -X DELETE http://localhost:3000/api/transactions/tx_123
+  ```
+- **Response** (if deleted):
   ```json
   {
-    "timestamps": ["number"]
+    "signature": "tx_123",
+    "ip_address": "192.168.0.1",
+    "wallet_address": "wallet_abc",
+    "github_id": "user123",
+    "timestamp": 1714752000
   }
   ```
-- **Curl Command**:
-  ```bash
-  curl -v -X PUT http://localhost:3000/api/rate-limits/test_key_1 \
-  -H "Content-Type: application/json" \
-  -d '{"timestamps": [1635793500]}'
-  ```
-- **Response**:
+
+- **Response** (if not found):
   ```json
   {
-    "key": "string",
-    "timestamps": ["number"]
+    "message": "Transaction not found"
   }
   ```
 
-### **Create a New Rate Limit Combination**
+---
+
+### **Validate User Information**
+
+**POST** `/api/validate`
+
+- **Description**: Validates a GitHub account and checks the transaction history for the given IP address, wallet address, and GitHub ID.
 
-**POST** `/api/rate-limits-combo`
+  #### Validation Criteria:
+    - **GitHub Account**
+        - Must be at least 30 days old
+        - Must have at least 1 public repository
+        - Must be of type `User`
+
+    - **Transaction Limits**
+        - Max 200 transactions per IP address (all-time)
+        - Max 100 transactions per wallet address (all-time)
+        - Max 100 transactions per GitHub ID (all-time)
+        - Max 50 transactions for the combination of all three within the last 30 days
 
-- **Description**: Adds a new rate limit combination entry. Each combination of `ip_address`, `wallet_address`,
-  and `github_userid` is checked for uniqueness before inserting to DB.
 - **Request Body**:
   ```json
   {
     "ip_address": "string",
     "wallet_address": "string",
-    "github_userid": "string"
+    "github_id": "string"
   }
   ```
+
 - **Curl Command**:
   ```bash
-  curl -v -X POST http://localhost:3000/api/rate-limits-combo \
-    -H "Content-Type: application/json" \
-    -d '{
-      "ip_address": "19216801",
-      "wallet_address": "wallet_123",
-      "github_userid": "user123"
-    }'
+  curl -v -X POST http://localhost:3000/api/validate -H "Content-Type: application/json" -d '{"ip_address": "1234567", "wallet_address": "some_address", "github_id": "54321"}'
   ```
-- **Response**:
- ```json
+
+- **Response (Valid)**:
+  ```json
   {
-   "id": "3",
-  "ip_address":"19216801",
-  "wallet_address":"wallet_123",
-  "github_userid":"user123"
+    "valid": true,
+    "reason": ""
   }
   ```
 
----
-
-## Github Validation Endpoints
-
-### **Validate Github User ID**
-
-**GET** `/api/github-validation/:userId`
-
-- **Description**: Validates a Github user by fetching their information from the Github API using their user ID.
-- **Request Params**:
-    - `userId` (string): The Github User ID to validate.
-
-- **Curl Command**:
-  ```bash
-  curl -v http://localhost:3000/api/gh-validation/exampleUser 
+- **Response (Invalid)**:
+  ```json
+  {
+    "valid": false,
+    "reason": "Transaction history is invalid"
+  }
   ```
--**Response**:
-```json
-{
-  "valid": "boolean"
-} 
-```
 
----
 
 ## Error Handling
 

src/clients/githubClient.js

@@ -28,11 +28,17 @@ class GithubClient {
                 return await client.request(endpoint, params);
             } catch (err) {
                 lastError = err;
-                // If the error is due to rate limiting, rotate the token
+
                 if (err.status === 403) {
+                    // If the error is due to rate limiting, rotate the token
                     console.warn(`Token at index ${this.index} failed with status 403. Rotating token...`);
                     this.rotateToken();
                     attempts++;
+                } else if (err.status === 404) {
+                    throw {
+                        status: 404,
+                        message: "GitHub user not found"
+                    };
                 } else {
                     throw err;
                 }

src/db/transactions.js

@@ -11,7 +11,7 @@ const createTransaction = async (signature, ip_address, wallet_address, github_i
     return result.rows[0];
 };
 
-const getLastTransaction = async ({ wallet_address, github_id, ip_address, queryLimit }) => {
+const getLastTransaction = async ({wallet_address, github_id, ip_address, queryLimit}) => {
     let query;
     let values;
 
@@ -54,8 +54,44 @@ const deleteTransaction = async (signature) => {
     return result.rows[0];
 };
 
+// Get count for IP, wallet, and GitHub ID (all-time)
+const getTransactionStats = async ({ip_address, wallet_address, github_id}) => {
+    const query = `
+      SELECT 
+        COUNT(*) FILTER (WHERE ip_address = $1) AS ip_count,
+        COUNT(*) FILTER (WHERE wallet_address = $2) AS wallet_count,
+        COUNT(*) FILTER (WHERE github_id = $3) AS github_count
+      FROM faucet.transactions
+      WHERE 
+        ip_address = $1 OR
+        wallet_address = $2 OR
+        github_id = $3;
+    `;
+    const values = [ip_address, wallet_address, github_id];
+    const result = await db.query(query, values);
+    return result.rows[0];
+};
+
+// Get count of combo IP + Wallet + GitHub (last 30 days)
+const getMonthlyTransactionStats = async ({ip_address, wallet_address, github_id}) => {
+    const query = `
+      SELECT COUNT(*) AS combo_count
+      FROM faucet.transactions
+      WHERE 
+        ip_address = $1 AND
+        wallet_address = $2 AND
+        github_id = $3 AND
+        timestamp >= EXTRACT(EPOCH FROM NOW() - INTERVAL '30 days');
+    `;
+    const values = [ip_address, wallet_address, github_id];
+    const result = await db.query(query, values);
+    return Number(result.rows[0]?.combo_count || 0);
+};
+
 export default {
     createTransaction,
     getLastTransaction,
-    deleteTransaction
+    deleteTransaction,
+    getTransactionStats,
+    getMonthlyTransactionStats
 };

src/routes/githubValidationRoute.js

@@ -42,15 +42,6 @@ router.get("/gh-validation/:userId", async (req, res) => {
     res.status(200).json({ valid });
   } catch (error) {
     console.error("Error calling GitHub API:", error);
-
-    // Handle 404 error when user is not found
-    if (error.response?.status === 404) {
-      return res.status(404).json({
-        error: "GitHub user not found",
-        valid: false,
-      });
-    }
-
     res.status(500).json({ error: "Internal server error." });
   }
 });

src/routes/index.js

@@ -1,6 +1,7 @@
 import express from 'express';
 import rateLimitRoute from './rateLimitRoute.js';
 import transactionsRoute from './transactionsRoute.js';
+import transactionValidationRoute from './transactionValidationRoute.js';
 import solanaBalancesRoute from "./solanaBalancesRoute.js";
 import githubValidationRoute from "./githubValidationRoute.js";
 
@@ -12,6 +13,9 @@ router.use(rateLimitRoute);
 // Use transactions routes
 router.use(transactionsRoute);
 
+// Use transactions validation routes
+router.use(transactionValidationRoute);
+
 // Use Solana balances routes
 router.use(solanaBalancesRoute);