diff --git a/pass/app/payment_processor/Paypal.js b/pass/app/payment_processor/Paypal.js
index d8454a328098530236b3fc5b77932d446a024763..f940e2cf02e53c61ae7f0db773300e0291782aa4 100644
--- a/pass/app/payment_processor/Paypal.js
+++ b/pass/app/payment_processor/Paypal.js
@@ -301,7 +301,7 @@ class Paypal extends PaymentProcessor {
},
})
.then((response) => {
- if (response.code !== 201) {
+ if (response.status !== 201) {
console.debug(response);
throw "Error issuing refund.";
} else {
diff --git a/pass/routes/key.js b/pass/routes/key.js
index a14acb7ea6793f6756c92303e1e0b7dd51a17fb9..cc295e879b914eb8bb9e8173616796b51f30e5ca 100644
--- a/pass/routes/key.js
+++ b/pass/routes/key.js
@@ -127,14 +127,15 @@ router.use("/:key", param("key").isUUID(4), async (req, res, next) => {
// Basic account page
router.get("/:key", async (req, res) => {
- if (!req.data.admin && (!req.cookies.key || req.cookies.key !== req.data.key.key)) {
+ if (req.data.admin) {
+ res.redirect(`${res.locals.baseDir}/logout`);
+ return;
+ } else if (!req.cookies.key || req.cookies.key !== req.data.key.key) {
res.cookie("key", req.data.key.key, {
sameSite: "lax"
});
- res.render("key", req.data);
- } else {
- res.redirect(`${res.locals.baseDir}/logout`);
}
+ res.render("key", req.data);
});
router.use("/:key/orders", orderRouter);
diff --git a/pass/routes/orders/refund.js b/pass/routes/orders/refund.js
index 45505f34e70b142232a8fc9d521eac4bb5e2726d..5e8dc2a48807841a2e91dbb5481169c6e8ebe90d 100644
--- a/pass/routes/orders/refund.js
+++ b/pass/routes/orders/refund.js
@@ -19,18 +19,17 @@ router.use("/", (req, res, next) => {
(
Math.ceil(
(refund_count / req.data.order.order.getAmount()) *
- req.data.order.order.getPrice() *
- 100
+ req.data.order.order.getPrice() *
+ 100
) / 100
).toFixed(2)
),
};
if (req.data.admin === true) {
- req.data.order.refund.approval_link = `/key/${
- req.data.key.key
- }/orders/${req.data.order.order.getOrderID()}/refund/process`;
+ req.data.order.refund.approval_link = `${res.locals.baseDir}/key/${req.data.key.key
+ }/orders/${req.data.order.order.getOrderID()}/refund/process`;
}
- req.data.css.push("/styles/orders/refund.css");
+ req.data.css.push(`${res.locals.baseDir}/styles/orders/refund.css`);
next();
});
router.get("/", (req, res) => {
@@ -54,11 +53,10 @@ router.post("/", (req, res, next) => {
let request_data = {
moderation: true,
};
- req.data.order.refund.moderation_url = `${config.get("app.url")}/key/${
- req.data.key.key
- }/orders/${req.data.order.order.getOrderID()}/refund?${new URLSearchParams(
- request_data
- ).toString()}`;
+ req.data.order.refund.moderation_url = `${res.locals.baseDir}/key/${req.data.key.key
+ }/orders/${req.data.order.order.getOrderID()}/refund?${new URLSearchParams(
+ request_data
+ ).toString()}`;
// Render the message
let ejs = require("ejs"),
fs = require("fs"),
diff --git a/pass/views/orders/refund.ejs b/pass/views/orders/refund.ejs
index 695de45180a979fc681fdeaa78b311f028d09493..7adc8fa0d75114d77dec280fd25dcd9544dcde1e 100644
--- a/pass/views/orders/refund.ejs
+++ b/pass/views/orders/refund.ejs
@@ -33,7 +33,7 @@
<%_ } else { _%>
<div id="moderation-buttons">
<button class="button" name="action" value="approve">
- <img src="/images/money.svg" alt="" aria-hidden="true" />
+ <img src="<%= baseDir _%>/images/money.svg" alt="" aria-hidden="true" />
<span><%= order.refund.amount %>€ erstatten</span>
</button>
<button class="button" name="action" value="deny">
@@ -83,7 +83,7 @@
autofocus
></textarea>
<button class="button">
- <img src="/images/money.svg" alt="" aria-hidden="true" />
+ <img src="<%= baseDir _%>/images/money.svg" alt="" aria-hidden="true" />
<span><%= order.refund.amount.toFixed(2) %>€ Erstattung anfragen</span>
</button>
</form>