Merge pull request #12 from bitholla/develop

Develop

Author: abeikverdi

.env.example

@@ -1 +1,2 @@
-ACCESS_TOKEN = PUT_YOUR_ACCESS_TOKEN_HERE
+API_KEY = <PUT_YOUR_API_KEY_HERE>
+API_SECRET = <PUT_YOUR_API_SECRET_HERE>

.eslintrc.json

@@ -6,7 +6,7 @@
 	},
 	"extends": "eslint:recommended",
 	"parserOptions": {
-		"ecmaVersion": 2017
+		"ecmaVersion": 2018
 	},
 	"rules": {
 		"linebreak-style": ["error", "unix"],

README.md

@@ -10,18 +10,22 @@ const HollaEx = require('hollaex-node-lib');
 var client = new HollaEx();
 ```
 
-You can pass your Access_Token generated from the site as follows:
+You can pass your `apiKey` and `apiSecret` generated from the site as follows:
 
 ```node
-var client = new HollaEx({ accessToken: MY_ACCESS_TOKEN });
+var client = new HollaEx({ apiKey: <MY_API_KEY>, apiSecret: <MY_API_SECRET> });
 ```
 
+You can also pass the field `apiExpiresAfter` which is the length of time in seconds each request is valid for. The default value is `60`.
+
 There is a list of functions you can call which will be added later and they are not at this point implemented yet.
 
-### getTicker
+> - **Note**: v1 has a new authentication mechanism using HMAC signature. HollaEx previously was using JSON Web Token (JWT) which is now changed to HMAC authentication.
+
+### Example:
 
 ```node
-var client = new HollaEx({ accessToken: MY_ACCESS_TOKEN });
+var client = new HollaEx({ apiKey: <MY_API_KEY>, apiSecret: <MY_API_SECRET> });
 client
 	.getTicker('hex-usdt')
 	.then((res) => {
@@ -33,6 +37,8 @@ client
 	});
 ```
 
+### Available functions:
+
 | Command             | Parameters                                                                                                                                                                         | Description                                                                                                                                                            |
 | ------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
 | `getTicker`         | **symbol** e.g. `hex-usdt`                                                                                                                                                          | Last, high, low, open and close price and volume within the last 24 hours                                                                                              |

example/hollaex.js

@@ -1,8 +1,9 @@
 const HollaEx = require('../index');
 require('dotenv').load();
 
-const ACCESS_TOKEN = process.env.ACCESS_TOKEN || '';
-const client = new HollaEx({ accessToken: ACCESS_TOKEN });
+const API_KEY = process.env.API_KEY || '';
+const API_SECRET = process.env.API_SECRET || '';
+const client = new HollaEx({ apiKey: API_KEY, apiSecret: API_SECRET });
 
 client
 	.getTicker('hex-usdt')

index.js

@@ -1,23 +1,28 @@
 const io = require('socket.io-client');
 const EventEmitter = require('events');
-
-const { createRequest } = require('./utils');
+const moment = require('moment');
+const { createRequest, createSignature, generateHeaders } = require('./utils');
 
 class HollaEx {
 	constructor(
 		opts = {
 			apiURL: 'https://api.hollaex.com',
 			baseURL: '/v1',
-			accessToken: ''
+			apiKey: '',
+			apiSecret: '',
+			apiExpiresAfter: 60
 		}
 	) {
 		this._url = opts.apiURL + opts.baseURL || 'https://api.hollaex.com/v1';
 		this._wsUrl = opts.apiURL || 'https://api.hollaex.com';
-		this._accessToken = opts.accessToken || '';
+		this._baseUrl = opts.baseURL || '/v1';
+		this.apiKey = opts.apiKey;
+		this.apiSecret = opts.apiSecret;
+		this.apiExpiresAfter = opts.apiExpiresAfter || 60;
 		this._headers = {
 			'content-type': 'application/json',
 			Accept: 'application/json',
-			Authorization: 'Bearer ' + this._accessToken
+			'api-key': opts.apiKey,
 		};
 	}
 
@@ -81,15 +86,29 @@ class HollaEx {
 	 * @return {string} A stringified JSON object showing user's information such as id, email, bank_account, crypto_wallet, balance, etc
 	 */
 	getUser() {
-		return createRequest('GET', `${this._url}/user`, this._headers);
+		const verb = 'GET';
+		const path = this._baseUrl + '/user';
+		const headers = generateHeaders(this._headers, this.apiSecret, verb, path, this.apiExpiresAfter);
+		return createRequest(
+			verb,
+			`${this._url}/user`,
+			headers
+		);
 	}
 
 	/**
 	 * Retrieve user's wallet balance
 	 * @return {string} A stringified JSON object with the keys updated_at(string), usdt_balance(number), usdt_pending(number), usdt_available(number), hex_balance, hex_pending, hex_available, eth_balance, eth_pending, eth_available, bch_balance, bch_pending, bch_available
 	 */
 	getBalance() {
-		return createRequest('GET', `${this._url}/user/balance`, this._headers);
+		const verb = 'GET';
+		const path = this._baseUrl + '/user/balance';
+		const headers = generateHeaders(this._headers, this.apiSecret, verb, path, this.apiExpiresAfter);
+		return createRequest(
+			verb,
+			`${this._url}/user/balance`,
+			headers
+		);
 	}
 
 	/**
@@ -102,12 +121,15 @@ class HollaEx {
 	 * @return {string} A stringified JSON object with the keys count(total number of user's deposits) and data(array of deposits as objects with keys id(number), type(string), amount(number), transaction_id(string), currency(string), created_at(string), status(boolean), fee(number), dismissed(boolean), rejected(boolean), description(string))
 	 */
 	getDeposit(currency, limit = 50, page = 1, orderBy, order = 'asc') {
+		const verb = 'GET';
+		const path = this._baseUrl + `/user/deposits?limit=${limit}&page=${page}&currency=${currency}&order_by=${orderBy}&order=${order}`;
+		const headers = generateHeaders(this._headers, this.apiSecret, verb, path, this.apiExpiresAfter);
 		return createRequest(
-			'GET',
+			verb,
 			`${
 				this._url
 			}/user/deposits?limit=${limit}&page=${page}&currency=${currency}&order_by=${orderBy}&order=${order}`,
-			this._headers
+			headers
 		);
 	}
 
@@ -122,12 +144,15 @@ class HollaEx {
 	 * @return {string} A stringified JSON object with the keys count(total number of user's withdrawals) and data(array of withdrawals as objects with keys id(number), type(string), amount(number), transaction_id(string), currency(string), created_at(string), status(boolean), fee(number), dismissed(boolean), rejected(boolean), description(string))
 	 */
 	getWithdrawal(currency, limit = 50, page = 1, orderBy, order = 'asc') {
+		const verb = 'GET';
+		const path = this._baseUrl + `/user/withdrawals?limit=${limit}&page=${page}&currency=${currency}&order_by=${orderBy}&order=${order}`;
+		const headers = generateHeaders(this._headers, this.apiSecret, verb, path, this.apiExpiresAfter);
 		return createRequest(
-			'GET',
+			verb,
 			`${
 				this._url
 			}/user/withdrawals?limit=${limit}&page=${page}&currency=${currency}&order_by=${orderBy}&order=${order}`,
-			this._headers
+			headers
 		);
 	}
 
@@ -155,11 +180,14 @@ class HollaEx {
 	 * @return {string} A stringified JSON object {message:"Success"}
 	 */
 	requestWithdrawal(currency, amount, address) {
-		let data = { currency, amount, address, fee: 0 };
+		const verb = 'POST';
+		const path = this._baseUrl + '/user/request-withdrawal';
+		const data = { currency, amount, address, fee: 0 };
+		const headers = generateHeaders(this._headers, this.apiSecret, verb, path, this.apiExpiresAfter, data);
 		return createRequest(
-			'POST',
+			verb,
 			`${this._url}/user/request-withdrawal`,
-			this._headers,
+			headers,
 			data
 		);
 	}
@@ -172,14 +200,17 @@ class HollaEx {
 	 * @return {string} A stringified JSON object with the keys count(total number of user's completed trades) and data(array of up to the user's last 50 completed trades as objects with keys side(string), symbol(string), size(number), price(number), timestamp(string), and fee(number))
 	 */
 	getUserTrade(symbol, limit = 50, page = 1) {
+		const verb = 'GET';
 		let queryString = `?limit=${limit}&page=${page}`;
 		if (symbol) {
 			queryString += `&symbol=${symbol}`;
 		}
+		const path = this._baseUrl + `/user/trades${queryString}`;
+		const headers = generateHeaders(this._headers, this.apiSecret, verb, path, this.apiExpiresAfter);
 		return createRequest(
-			'GET',
+			verb,
 			`${this._url}/user/trades${queryString}`,
-			this._headers
+			headers
 		);
 	}
 
@@ -190,10 +221,13 @@ class HollaEx {
 	 * @return {string} The selected order as a stringified JSON object with keys created_at(string), title(string), symbol(string), side(string), size(number), type(string), price(number), id(string), created_by(number), filled(number)
 	 */
 	getOrder(orderId) {
+		const verb = 'GET';
+		const path = this._baseUrl + `/user/orders/${orderId}`;
+		const headers = generateHeaders(this._headers, this.apiSecret, verb, path, this.apiExpiresAfter);
 		return createRequest(
-			'GET',
+			verb,
 			`${this._url}/user/orders/${orderId}`,
-			this._headers
+			headers
 		);
 	}
 
@@ -203,10 +237,13 @@ class HollaEx {
 	 * @return {string} A stringified JSON array of objects containing the user's active orders
 	 */
 	getAllOrder(symbol = '') {
+		const verb = 'GET';
+		const path = this._baseUrl + `/user/orders?symbol=${symbol}`;
+		const headers = generateHeaders(this._headers, this.apiSecret, verb, path, this.apiExpiresAfter);
 		return createRequest(
-			'GET',
+			verb,
 			`${this._url}/user/orders?symbol=${symbol}`,
-			this._headers
+			headers
 		);
 	}
 
@@ -220,8 +257,11 @@ class HollaEx {
 	 * @return {string} The new order as a stringified JSON object with keys symbol(string), side(string), size(number), type(string), price(number), id(string), created_by(number), and filled(number)
 	 */
 	createOrder(symbol, side, size, type, price) {
-		let data = { symbol, side, size, type, price };
-		return createRequest('POST', `${this._url}/order`, this._headers, data);
+		const verb = 'POST';
+		const path = this._baseUrl + '/order';
+		const data = { symbol, side, size, type, price };
+		const headers = generateHeaders(this._headers, this.apiSecret, verb, path, this.apiExpiresAfter, data);
+		return createRequest(verb, `${this._url}/order`, headers, data);
 	}
 
 	/**
@@ -230,10 +270,13 @@ class HollaEx {
 	 * @return {string} The cancelled order as a stringified JSON object with keys symbol(string), side(string), size(number), type(string), price(number), id(string), created_by(number), and filled(number)
 	 */
 	cancelOrder(orderId) {
+		const verb = 'DELETE';
+		const path = this._baseUrl + `/user/orders/${orderId}`;
+		const headers = generateHeaders(this._headers, this.apiSecret, verb, path, this.apiExpiresAfter);
 		return createRequest(
-			'DELETE',
+			verb,
 			`${this._url}/user/orders/${orderId}`,
-			this._headers
+			headers
 		);
 	}
 
@@ -243,10 +286,13 @@ class HollaEx {
 	 * @return {string} A stringified JSON array of objects containing the cancelled orders
 	 */
 	cancelAllOrder(symbol = '') {
+		const verb = 'DELETE';
+		const path = this._baseUrl + `/user/orders?symbol=${symbol}`;
+		const headers = generateHeaders(this._headers, this.apiSecret, verb, path, this.apiExpiresAfter);
 		return createRequest(
-			'DELETE',
+			verb,
 			`${this._url}/user/orders?symbol=${symbol}`,
-			this._headers
+			headers
 		);
 	}
 
@@ -256,15 +302,17 @@ class HollaEx {
 	 * @return {class} A new socket class that listens to the hollaEx websocket server and emits the event being passed
 	 */
 	connect(events) {
-		return new Socket(events, this._wsUrl, this._accessToken);
+		const apiExpires = moment().unix() + this.apiExpiresAfter;
+		const signature = createSignature(this.apiSecret, 'CONNECT', '/socket', apiExpires);
+		return new Socket(events, this._wsUrl, this.apiKey, signature, apiExpires);
 	}
 }
 
 /*******************
 Websocket
 *******************/
 class Socket extends EventEmitter {
-	constructor(events = '', url, accessToken) {
+	constructor(events = '', url, apiKey, apiSignature, apiExpires) {
 		super();
 		if (!Array.isArray(events)) {
 			let listeners = [];
@@ -287,7 +335,11 @@ class Socket extends EventEmitter {
 					break;
 				case 'user':
 					ioLink = io(`${url}/user`, {
-						query: { token: `Bearer ${accessToken}` }
+						query: {
+							'api-key': apiKey,
+							'api-signature': apiSignature,
+							'api-expires': apiExpires
+						}
 					});
 
 					listeners.push(ioLink);
@@ -319,7 +371,11 @@ class Socket extends EventEmitter {
 					});
 
 					ioLink = io(`${url}/user`, {
-						query: { token: `Bearer ${accessToken}` }
+						query: {
+							'api-key': apiKey,
+							'api-signature': apiSignature,
+							'api-expires': apiExpires
+						}
 					});
 					listeners.push(ioLink);
 					listeners[listeners.length - 1].on('user', (data) => {

package-lock.json

@@ -1,9 +1,10 @@
 {
 	"name": "hollaex-node-lib",
-	"version": "0.4.1",
+	"version": "1.0.0",
 	"description": "",
 	"main": "index.js",
 	"dependencies": {
+		"moment": "2.24.0",
 		"lodash": "4.17.13",
 		"request": "2.88.0",
 		"request-promise": "4.2.2",

package.json

@@ -1,4 +1,6 @@
 const rp = require('request-promise');
+const crypto = require('crypto');
+const moment = require('moment');
 
 const createRequest = (verb, url, headers, data) => {
 	const body = JSON.stringify(data);
@@ -10,6 +12,29 @@ const createRequest = (verb, url, headers, data) => {
 	return rp[verb.toLowerCase()](requestObj);
 };
 
+const createSignature = (secret = '', verb, path, expires, data = '') => {
+	const stringData = typeof data === 'string' ? data : JSON.stringify(data);
+
+	const signature = crypto
+		.createHmac('sha256', secret)
+		.update(verb + path + expires + stringData)
+		.digest('hex');
+	return signature;
+};
+
+const generateHeaders = (headers, secret, verb, path, expiresAfter, data) => {
+	const expires = moment().unix() + expiresAfter;
+	const signature = createSignature(secret, verb, path, expires, data);
+	const header = {
+		...headers,
+		'api-signature': signature,
+		'api-expires': expires
+	};
+	return header;
+};
+
 module.exports = {
-	createRequest
+	createRequest,
+	createSignature,
+	generateHeaders
 };