Metzploreur/routes/auth.js
2023-11-06 01:46:03 +01:00

187 lines
No EOL
5.9 KiB
JavaScript

const express = require('express');
const mongodb = require('mongodb')
const bcrypt = require('bcryptjs');
const db = require('../data/database');
const router = express.Router();
router.get('/creer-compte', function (req, res) {
let sessionInputData = req.session.inputData;
req.session.input = null;
res.render('creer_compte', {inputData: sessionInputData});
});
router.post('/creer-compte', async function (req, res) {
const userData = req.body;
const enteredNom = userData.nom;
const enteredPrenom = userData.prenom;
const enteredNom_dutilisateur = userData.nom_dutilisateur;
const enteredEmail = userData.email;
const enteredConfirmEmail = userData['confirm-email'];
const enteredPassword = userData.password;
const enteredConfirmPassword = userData['confirm-password'];
console.log("here1")
if (!enteredNom ||
!enteredPrenom ||
!enteredNom_dutilisateur ||
!enteredEmail ||
!enteredConfirmEmail ||
!enteredConfirmPassword ||
!enteredPassword ||
enteredPassword < 6 ||
enteredEmail !== enteredConfirmEmail ||
enteredPassword !== enteredConfirmPassword ||
!enteredEmail.includes('@')
) {
req.session.inputData = {
hasError: true,
message: 'Invalid input - please check your data.',
nom: enteredNom,
prenom: enteredPrenom,
nom_dutilisateur: enteredNom_dutilisateur,
email: enteredEmail,
confirmEmail: enteredConfirmEmail,
password: enteredPassword,
confirmPassword: enteredConfirmPassword
};
req.session.save(function () {
res.redirect('/creer-compte')
});
return;
}
const existingUser1 = await db.getDb().collection('users').findOne({email: enteredEmail})
const existingUser2 = await db.getDb().collection('users').findOne({nom_dutilisateur: enteredNom_dutilisateur})
if (existingUser1 || existingUser2) {
req.session.inputData = {
hasError: true,
message: 'User exists already!',
nom: enteredNom,
prenom: enteredPrenom,
nom_dutilisateur: enteredNom_dutilisateur,
email: enteredEmail,
confirmEmail: enteredConfirmEmail,
password: enteredPassword,
confirmPassword: enteredConfirmPassword
};
req.session.save(function () {
res.redirect('/creer-compte')
});
return;
}
const hashedPassword = await bcrypt.hash(enteredPassword, 12);
const user = {
nom: enteredNom,
prenom: enteredPrenom,
nom_dutilisateur: enteredNom_dutilisateur,
email: enteredEmail,
password: hashedPassword,
isAdmin: false
}
await db.getDb().collection('users').insertOne(user);
return res.redirect('/connexion');
});
router.get('/connexion', function (req, res) {
let sessionInputData = req.session.inputData;
req.session.input = null;
res.render('connexion', {inputData: sessionInputData});
});
router.post('/connexion', async function (req, res) {
const userData = req.body;
const enteredNom_dutilisateur = userData.nom_dutilisateur;
const enteredPassword = userData.password;
const existingUser1 = await db.getDb().collection('users').findOne({nom_dutilisateur: enteredNom_dutilisateur});
const existingUser2 = await db.getDb().collection('users').findOne({email: enteredNom_dutilisateur})
if (!existingUser1 && !existingUser2) {
req.session.inputData = {
hasError: true,
message: 'Could not log you in - please check your credentials!',
nom_dutilisateur: enteredNom_dutilisateur,
password: enteredPassword,
};
req.session.save(function () {
res.redirect('/connexion')
})
return;
}
if (existingUser1) {
const passwordsAreEqual = await bcrypt.compare(enteredPassword, existingUser1.password);
if (!passwordsAreEqual) {
req.session.inputData = {
hasError: true,
message: 'Could not log you in - please check your credentials!',
nom_dutilisateur: enteredNom_dutilisateur,
password: enteredPassword,
};
req.session.save(function () {
res.redirect('/connexion')
})
return;
}
req.session.user = { id: existingUser1._id, nom_dutilisateur: existingUser1.nom_dutilisateur, nom: existingUser1.nom, prenom: existingUser1.prenom, email: existingUser1.email};
req.session.isAuthenticated = true;
req.session.save(function () {
return res.redirect('/');
});
return
}
const passwordsAreEqual = await bcrypt.compare(enteredPassword, existingUser2.password);
if (!passwordsAreEqual) {
req.session.inputData = {
hasError: true,
message: 'Could not log you in - please check your credentials!',
nom_dutilisateur: enteredNom_dutilisateur,
password: enteredPassword,
};
req.session.save(function () {
res.redirect('/connexion')
})
return;
}
req.session.user = { id: existingUser2._id, nom_dutilisateur: existingUser2.nom_dutilisateur, nom: existingUser2.nom, prenom: existingUser2.prenom, email: existingUser2.email};
req.session.isAuthenticated = true;
req.session.save(function () {
return res.redirect('/');
});
});
router.post('/supprimer-compte', function (req,res) {
db.getDb().collection('users').deleteOne({_id: req.session.id})
req.session.user = null;
req.session.isAuthenticated = false;
res.redirect('/');
})
router.post('/logout', function (req, res) {
req.session.user = null;
req.session.isAuthenticated = false;
res.redirect('/');
});
router.post('/mettreAdmin', async function (req,res) {
const enteredNomDutilisateur = req.body.utilisateurs;
await db.getDb().collection('users').updateOne({nom_dutilisateur: enteredNomDutilisateur}, {$set: {isAdmin: true}})
return res.redirect('/admin')
})
router.post('/supprAdmin', async function (req,res) {
const enteredNomDutilisateur = req.body.utilisateurs;
await db.getDb().collection('users').updateOne({nom_dutilisateur: enteredNomDutilisateur}, {$set: {isAdmin: false}})
return res.redirect('/admin')
})
module.exports = router