Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add admin function #15

Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open

Add admin function #15

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
1377c4a
Check for html form
Dec 16, 2017
77f699e
Add admin functions
Dec 16, 2017
2d52300
Clean the data originaldata.json
Dec 16, 2017
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Binary file modified .DS_Store
View file
Open in desktop
Binary file not shown.
30 changes: 30 additions & 0 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,3 +6,33 @@
* Use command below to reprocessd data

`node processdata.js`


* Error Check

Sign up:

Confirm Password

Check existed username

Login:
Check if username and password correct


* ajax

Add review

Nearby


* xss

Input script

e.g. `<script>alert("You are under attack")</script>`

will not pop up window.


92 changes: 73 additions & 19 deletions config/passport.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,35 @@ module.exports = function(passport) {
});
});

//==================================
//let admin enter adminprofile======
//==================================

passport.use('admin', new LocalStrategy({
// by default, local strategy uses username and password, we will override with email
usernameField : 'email',
passwordField : 'password',
passReqToCallback : true // allows us to pass in the req from our route (lets us check if a user is logged in or not)
},
function(req, email, password, done) {
if (email)
email = email.toLowerCase(); // Use lower-case e-mails to avoid case-sensitive e-mail matching

// asynchronous
process.nextTick(function() {
if(email==='admin'){
User.findOne({ 'local.email' : email }, function(err, user) {
return done(null, user);
});
}else{
return done(err);
}

});

}));


// =========================================================================
// LOCAL LOGIN =============================================================
// =========================================================================
Expand All @@ -40,26 +69,51 @@ module.exports = function(passport) {

// asynchronous
process.nextTick(function() {
User.findOne({ 'local.email' : email }, function(err, user) {
// if there are any errors, return the error
if (err)
return done(err);

// if no user is found, return the message
if (!user)
return done(null, false, req.flash('loginMessage', 'No user found.'));

if (!user.validPassword(password))
return done(null, false, req.flash('loginMessage', 'Oops! Wrong password.'));

// all is well, return user
else
return done(null, user);
});
});

}));


if(email==='admin'&&password==='ABCabc123'){
User.findOne({ 'local.email' : email }, function(err, user){
if (err)
return done(err);

// if no user is found, return the message
if (!user){
var newUser = new User();
newUser.local.email = email;
newUser.local.password = 'ABCabc123';
newUser.save(function (err) {
if (err)
return done(err);

return done(null,newUser);
}
);

}
else
return done(null, user);
})
}else if(email==='admin'){
return done(null, false, req.flash('loginMessage', 'Oops! Wrong password.'));
}else{
User.findOne({ 'local.email' : email }, function(err, user){
if (err)
return done(err);

// if no user is found, return the message
if (!user)
return done(null, false, req.flash('loginMessage', 'No user found.'));

if (!user.validPassword(password))
return done(null, false, req.flash('loginMessage', 'Oops! Wrong password.'));

// all is well, return user
else
return done(null, user);
})
}
})}));

// =========================================================================
// LOCAL SIGNUP ============================================================
// =========================================================================
Expand Down
2 changes: 1 addition & 1 deletion data/reviews.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -282,7 +282,7 @@ async function deleteReview(id){
const theReviews =await getReviewsByRestaurantId(theRestaurants[i]._id);
if (!theReviews) throw "No reviews found.";
for(let j=0;j<theReviews.length;j++){
if(theReviews[j]._id===ObjectId(id)){
if(theReviews[j]._id===id){
let deleteReviewInRestaurant=await restaurantsCollection.update(
{_id:theRestaurants[i]._id},
{$pull:{'R_review':{_id:ObjectId(id)}}}
Expand Down
37 changes: 37 additions & 0 deletions data/users.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
const mongoCollections=require("../config/mongoCollections");
const users=mongoCollections.users;
const ObjectId = require('mongodb').ObjectId;

//get all restaurants
async function getAllUsers(){
const usersCollection=await users();
const allUsers=await usersCollection.find({}).toArray();
let usersList=[];
for(let i=0;i<allUsers.length;i++){
let content={
_id:allUsers[i]._id,
email:allUsers[i].local.email,
review:allUsers[i].review,
}
usersList.push(content);
}
return usersList;
}



//get the restaurant
async function getUserByName(name){
if(name===undefined) throw "Please provide an name.";
//const restaurantsCollection=await restaurants();
const theUsers=await this.getAllUsers();
if(!theUsers) throw "can not get theUsers."
for(let i=0;i<theUsers.length;i++){
if(theUsers[i].email===name){
return theUsers[i];
}
}
}


module.exports={getUserByName,getAllUsers};
Loading