-
Notifications
You must be signed in to change notification settings - Fork 0
/
index.js
96 lines (85 loc) · 2.87 KB
/
index.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
const express = require('express');
const app = express();
const config = require('./config.js');
const ejs = require('ejs');
const bodyParser = require('body-parser');
const cookieParser = require('cookie-parser');
const sha256 = require('sha256');
const mongoose = require('mongoose');
app.use(bodyParser.urlencoded({ extended: false }));
app.use(bodyParser.json());
app.use(cookieParser());
app.set('view engine', 'ejs');
app.set('views', 'www');
let mongo_user = require('./mongo_user.js');
//checker
let checkAuth = async (req, res, next) => {
if (req.cookies.user_id || req.cookies.user_email) {
let user = await mongo_user.findOne({ _id: req.cookies.user_id, email: req.cookies.user_email });
if (user) {
next();
} else {
//clear cookies
res.clearCookie('user_id');
res.clearCookie('user_email');
res.redirect('/login');
}
} else {
res.redirect('/login?error=You must be logged in to view this page');
}
};
//routes
app.get('/', (req, res) => {
res.send('Home Page');
});
app.get('/login', (req, res) => {
res.render('page.ejs');
});
app.post('/login', async (req, res) => {
let {
email,
password
} = req.body;
if (!email || !password) return res.status(400).send('Missing email or password');
password = sha256(password + config.salt);
let user = await mongo_user.findOne({ email: email, password: password });
if (user) {
res.cookie('user_id', user._id);
res.cookie('user_email', user.email);
res.redirect('/dashboard');
} else {
res.redirect('/login?error=true&message=Invalid%20email%20or%20password');
}
});
app.post('/signup', async (req, res) => {
let {
username,
email,
password
} = req.body;
if (!username || !email || !password) return res.status(400).send('Missing username, email or password');
password = sha256(password + config.salt);
let user = await mongo_user.findOne({ email: email });
if (user) {
res.redirect('/login?error=true&message=Email%20already%20exists');
} else {
let newUser = new mongo_user({
username: username,
email: email,
password: password
});
await newUser.save().then(() => {
res.cookie('user_id', newUser._id);
res.cookie('user_email', newUser.email);
res.redirect('/dashboard?message=Account%20created');
});
}
});
app.get('/dashboard', checkAuth, async (req, res) => {
let user = await mongo_user.findOne({ _id: req.cookies.user_id, email: req.cookies.user_email });
res.send(`Welcome ${user.username}`);
});
//Listen port
app.listen(config.port, () => {
console.log('Listening on port ' + config.port);
});