| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158 |
- const User = require('../database/UserModel');
- const bcrypt = require('bcrypt');
- exports.Login = function(req,res){
- // check whether we have a session
- if(req.session.user){
- // Redirect to log out.
- res.redirect("/logout");
- }else{
- // Render the login page.
- res.render("pages/login",{
- "error":"",
- "isLoggedIn": false
- });
- }
- }
- exports.processLogin = async function(req,res){
- // get the data.
- let email = req.body.email;
- let password = req.body.password;
- // check if we have data.
- if(email && password){
- // check if the user exists.
- let existingUser = await User.findOne({ where: {email:email}});
- if(existingUser){
- // compare the password.
- let match = await bcrypt.compare(password,existingUser.password);
- if(match){
- // set the session.
- req.session.user = existingUser.username;
- req.session.UUID = existingUser.UUID;
- req.session.role = existingUser.role;
- // Redirect to the home page.
- res.redirect("/");
- }else{
- // return an error.
- res.render("pages/login",{
- "error":"Invalid password",
- isLoggedIn: false
- });
- }
- }else{
- // return an error.
- res.render("pages/login",{
- "error":"User with that email does not exist.",
- isLoggedIn:false
- });
- }
- }else{
- res.status(400);
- res.render("pages/login",{
- "error":"Please fill in all the fields.",
- isLoggedIn:false
- });
- }
- }
- exports.Logout = function(req,res){
- // clear the session.
- req.session.destroy();
- // Redirect to the login page.
- res.redirect("/login");
- }
- exports.Register = function(req,res){
- // Check whether we have a session
- if(req.session.user){
- // Redirect to log out.
- res.redirect("/logout");
- } else {
- // Render the signup page.
- res.render("pages/register",{
- "error":"",
- isLoggedIn:false
- });
- }
- }
- exports.processRegister = async function(req,res){
- // Get the data.
- let { first_name, last_name, username, email, password, avatar, tos, secret } = req.body;
- let role = "user";
- // Check the data.
- if((first_name && last_name && email && password && username && tos) && (secret == process.env.SECRET)){
- // Check if there is an existing user with that username.
- let existingUser = await User.findOne({ where: {username:username}});
- let adminUser = await User.findOne({ where: {role:"admin"}});
- if(!existingUser){
- // hash the password.
- let hashedPassword = bcrypt.hashSync(password,10);
- if(!adminUser){
- console.log('Creating admin User');
- role = "admin";
- }
- try {
- const user = await User.create({
- first_name: first_name,
- last_name: last_name,
- username: username,
- email: email,
- password: hashedPassword,
- role: role,
- group: 'all',
- avatar: `<img src="./static/avatars/${avatar}">`
- });
- let newUser = await User.findOne({ where: {email:email}});
- let match = await bcrypt.compare(password,newUser.password);
- if(match){
- console.log(`User session created for ${newUser.username}`)
- req.session.user = newUser.username;
- req.session.UUID = newUser.UUID;
- req.session.role = newUser.role;
- }
- // Redirect to the home page.
- res.redirect("/");
- }
- catch (err) {
- // return an error.
- res.render("pages/register",{
- "error":"Something went wrong when creating account.",
- isLoggedIn:false
- });
- }
- }else{
- // return an error.
- res.render("pages/register",{
- "error":"User with that username already exists.",
- isLoggedIn:false
- });
- }
- }else{
- // Redirect to the signup page.
- res.render("pages/register",{
- "error":"Please fill in all the fields and accept TOS.",
- isLoggedIn:false
- });
- }
- }
|
