-1

Does anyone know how to use Cardinity-js? Their documentation isn't really complete and would like to know how it would work in action.

  • did you try to import crypto as well? Directly? Not leaning on cardinity-js import of crypto? – Nikola Kirincic Feb 12 '19 at 09:02
  • My best guess is you are missing the crypto-package which may be part of nodejs but not available in browser/angular-environment. Take a look here https://stackoverflow.com/questions/43353718/how-to-use-crypto-module-in-angular2 Minor Note on your imports... you don't need the file reference in your angular.json – Florian Feb 12 '19 at 09:08

1 Answers1

2

CAUTION! DANGER!

I took a look at the repository of cardinity-js and recognized this library isn't meant for use in browser at all - it's a payment provider meant to be implemented on the server only.

If you really found someone implementing this in angular warn them, that this is a very very bad idea!!!!

From the usage-example:

   const client = new CardinityClient(
     <your_key>,
     <your_secret>
   );

These values passed to the CardinityClient are your personal cardinity registration-data that mustn't be available client-side code. Otherwise someone could find and steal them, which would allow them to perform transactions in your name.

The right way to implement this is to create a payment-route on your server which receives the payment-data from the client, for example 'Payment-Methode', 'Card-Number' and then uses these values to perform the transaction.

From this question i recommend you should hand of this development-task to a more seasoned developer, who knows what he is doing - as these is critical to get right - otherwise some bad stuff will happen, i promise you...

Florian
  • 451
  • 3
  • 13
  • Okay great thanks! Definately, I was just testing. This was never going to be released anyway. But thanks for the heads up. –  Feb 12 '19 at 11:55
  • @SanderFrentz you should accept this answer and change your title to include cardinity-js. That is fails is a valid behaviour because only the server implements `randomBytes`, not the browser. – Stefan Feb 12 '19 at 12:02
  • @SanderFrentz Well - you possibly can add this https://www.npmjs.com/package/crypto-browserify to your project to fix the dependency on the nodejs crypto-library, but you may encounter other errors because of other missing depenencies and i still wouldn't recommand to let this get out in the wild. – Florian Feb 12 '19 at 12:48