Metzploreur/routes/auth.js

187 lines
5.9 KiB
JavaScript
Raw Normal View History

2023-11-01 02:01:18 +00:00
const express = require('express');
const mongodb = require('mongodb')
const bcrypt = require('bcryptjs');
const db = require('../data/database');
const router = express.Router();
router.get('/creer-compte', function (req, res) {
2023-11-06 00:15:56 +00:00
let sessionInputData = req.session.inputData;
2023-11-01 02:01:18 +00:00
req.session.input = null;
2023-11-04 17:11:22 +00:00
res.render('creer_compte', {inputData: sessionInputData});
2023-11-01 02:01:18 +00:00
});
router.post('/creer-compte', async function (req, res) {
const userData = req.body;
const enteredNom = userData.nom;
const enteredPrenom = userData.prenom;
const enteredNom_dutilisateur = userData.nom_dutilisateur;
const enteredEmail = userData.email;
const enteredConfirmEmail = userData['confirm-email'];
const enteredPassword = userData.password;
const enteredConfirmPassword = userData['confirm-password'];
2023-11-04 17:17:57 +00:00
console.log("here1")
2023-11-01 02:01:18 +00:00
if (!enteredNom ||
!enteredPrenom ||
!enteredNom_dutilisateur ||
!enteredEmail ||
!enteredConfirmEmail ||
!enteredConfirmPassword ||
!enteredPassword ||
enteredPassword < 6 ||
enteredEmail !== enteredConfirmEmail ||
enteredPassword !== enteredConfirmPassword ||
!enteredEmail.includes('@')
) {
req.session.inputData = {
hasError: true,
message: 'Invalid input - please check your data.',
nom: enteredNom,
prenom: enteredPrenom,
nom_dutilisateur: enteredNom_dutilisateur,
email: enteredEmail,
confirmEmail: enteredConfirmEmail,
password: enteredPassword,
confirmPassword: enteredConfirmPassword
};
req.session.save(function () {
res.redirect('/creer-compte')
});
return;
}
2023-11-06 00:15:56 +00:00
const existingUser1 = await db.getDb().collection('users').findOne({email: enteredEmail})
const existingUser2 = await db.getDb().collection('users').findOne({nom_dutilisateur: enteredNom_dutilisateur})
if (existingUser1 || existingUser2) {
2023-11-01 02:01:18 +00:00
req.session.inputData = {
hasError: true,
message: 'User exists already!',
nom: enteredNom,
prenom: enteredPrenom,
nom_dutilisateur: enteredNom_dutilisateur,
email: enteredEmail,
confirmEmail: enteredConfirmEmail,
password: enteredPassword,
confirmPassword: enteredConfirmPassword
};
req.session.save(function () {
res.redirect('/creer-compte')
});
return;
}
const hashedPassword = await bcrypt.hash(enteredPassword, 12);
const user = {
nom: enteredNom,
prenom: enteredPrenom,
nom_dutilisateur: enteredNom_dutilisateur,
email: enteredEmail,
password: hashedPassword,
isAdmin: false
}
await db.getDb().collection('users').insertOne(user);
return res.redirect('/connexion');
});
router.get('/connexion', function (req, res) {
let sessionInputData = req.session.inputData;
req.session.input = null;
res.render('connexion', {inputData: sessionInputData});
});
router.post('/connexion', async function (req, res) {
const userData = req.body;
const enteredNom_dutilisateur = userData.nom_dutilisateur;
const enteredPassword = userData.password;
2023-11-06 00:15:56 +00:00
const existingUser1 = await db.getDb().collection('users').findOne({nom_dutilisateur: enteredNom_dutilisateur});
const existingUser2 = await db.getDb().collection('users').findOne({email: enteredNom_dutilisateur})
2023-11-01 02:01:18 +00:00
2023-11-06 00:15:56 +00:00
if (!existingUser1 && !existingUser2) {
2023-11-01 02:01:18 +00:00
req.session.inputData = {
hasError: true,
message: 'Could not log you in - please check your credentials!',
nom_dutilisateur: enteredNom_dutilisateur,
password: enteredPassword,
};
req.session.save(function () {
res.redirect('/connexion')
})
return;
}
2023-11-06 00:15:56 +00:00
if (existingUser1) {
const passwordsAreEqual = await bcrypt.compare(enteredPassword, existingUser1.password);
if (!passwordsAreEqual) {
req.session.inputData = {
hasError: true,
message: 'Could not log you in - please check your credentials!',
nom_dutilisateur: enteredNom_dutilisateur,
password: enteredPassword,
};
req.session.save(function () {
res.redirect('/connexion')
})
return;
}
req.session.user = { id: existingUser1._id, nom_dutilisateur: existingUser1.nom_dutilisateur, nom: existingUser1.nom, prenom: existingUser1.prenom, email: existingUser1.email};
req.session.isAuthenticated = true;
req.session.save(function () {
return res.redirect('/');
});
return
}
2023-11-01 02:01:18 +00:00
2023-11-06 00:15:56 +00:00
const passwordsAreEqual = await bcrypt.compare(enteredPassword, existingUser2.password);
2023-11-01 02:01:18 +00:00
if (!passwordsAreEqual) {
req.session.inputData = {
hasError: true,
message: 'Could not log you in - please check your credentials!',
nom_dutilisateur: enteredNom_dutilisateur,
password: enteredPassword,
};
req.session.save(function () {
res.redirect('/connexion')
})
return;
}
2023-11-06 00:15:56 +00:00
req.session.user = { id: existingUser2._id, nom_dutilisateur: existingUser2.nom_dutilisateur, nom: existingUser2.nom, prenom: existingUser2.prenom, email: existingUser2.email};
2023-11-01 02:01:18 +00:00
req.session.isAuthenticated = true;
req.session.save(function () {
2023-11-06 00:15:56 +00:00
return res.redirect('/');
2023-11-01 02:01:18 +00:00
});
});
router.post('/supprimer-compte', function (req,res) {
db.getDb().collection('users').deleteOne({_id: req.session.id})
req.session.user = null;
req.session.isAuthenticated = false;
res.redirect('/');
})
router.post('/logout', function (req, res) {
req.session.user = null;
req.session.isAuthenticated = false;
res.redirect('/');
});
2023-11-06 00:46:03 +00:00
router.post('/mettreAdmin', async function (req,res) {
const enteredNomDutilisateur = req.body.utilisateurs;
2023-11-01 02:01:18 +00:00
await db.getDb().collection('users').updateOne({nom_dutilisateur: enteredNomDutilisateur}, {$set: {isAdmin: true}})
2023-11-06 00:46:03 +00:00
return res.redirect('/admin')
2023-11-01 02:01:18 +00:00
})
router.post('/supprAdmin', async function (req,res) {
2023-11-06 00:46:03 +00:00
const enteredNomDutilisateur = req.body.utilisateurs;
2023-11-01 02:01:18 +00:00
await db.getDb().collection('users').updateOne({nom_dutilisateur: enteredNomDutilisateur}, {$set: {isAdmin: false}})
2023-11-06 00:46:03 +00:00
return res.redirect('/admin')
2023-11-01 02:01:18 +00:00
})
module.exports = router