diff --git a/app.js b/app.js index 20a91af..d08cb2b 100644 --- a/app.js +++ b/app.js @@ -33,6 +33,26 @@ app.use(bodyParser.urlencoded({extended: false})); app.use(express.json()) +function hashPassword(plaintextPassword) { + bcrypt.hash(plaintextPassword, 10) + .then(hash => { + return hash; + }) + .catch(err => { + console.log(err) + }) +} + +function comparePassword(plaintextPassword, hash) { + bcrypt.compare(plaintextPassword, hash) + .then(result => { + return result; + }) + .catch(err => { + console.log(err) + }) + } + // ******************************************* Arrivée sur la page d'accueil ******************************************* app.get("/", (req, res) => { let today = dateFormat(new Date(), "yyyymmdd"); @@ -100,7 +120,7 @@ app.post("/auth/register", (req, res) => { } }) - let hashedPassword = await bcrypt.hash(password, 8); + let hashedPassword = hashPassword(password); db.query('INSERT INTO user SET?', {gender : (gender != undefined ? gender : ""), firstname: firstname, name: name, title: title, email: email, nickname : nickname, password: hashedPassword}, (err, result) => { if(error) { console.log(error) @@ -113,7 +133,9 @@ app.post("/auth/register", (req, res) => { }) // ******************************************* Connexion sur le compte utilisateur ******************************************* -app.post("/auth/check-login", (req, res) => { +app.post("/auth/check-login", (req, res) => { + var userId, + passwordStocke; const { email, nickname, password, role, session } = req.body if (email == '' && nickname == '') { @@ -124,7 +146,14 @@ app.post("/auth/check-login", (req, res) => { }) } - db.query('SELECT * FROM user WHERE email = ? OR nickname = ?', [email,nickname], async (error, result) => { + let requete = ''; + if (nickname != '') { + requete = "SELECT * FROM user WHERE UPPER(nickname) = '?'".replace("?", nickname.toUpperCase()); + } + if (email != '') { + requete = "SELECT * FROM user WHERE UPPER(email) = '?'".replace("?", email.toUpperCase()); + } + db.query(requete, async (error, result) => { if(error){ console.log(error) } @@ -137,44 +166,41 @@ app.post("/auth/check-login", (req, res) => { }) } - var userId = result[0].ID - bcrypt.compare(password, result[0].password, function(err, result) { - if(result) { - - // Le user est connecté avec succès : on vérifie qu'il n'est pas déjà inscrit à la session et si pas le cas, on l'inscrit et on incrémente le compteur des participants - db.query('SELECT * FROM participation WHERE user = ?', [userId], async (error, result) => { - if(error) { - console.log(error) - } - - if (result.length == 0) { - db.query('INSERT INTO participation (user, session, role_during_session) VALUES (?,?,?)', [userId, session[0], role[0]], function (err, result) { - if (err) throw err; - console.log("1 record inserted"); - }); - - db.query('UPDATE session SET nb_of_participants = nb_of_participants + 1 WHERE ID=?', session, function (err, result) { - if (err) throw err; - console.log("1 record updated"); - }); - } - }) - - if (role == 'A') { - res.redirect('https://slave.thecoredev.fr'); + userId = result[0].ID; + if (comparePassword(password, result[0].password)) { + // Le user est connecté avec succès : on vérifie qu'il n'est pas déjà inscrit à la session et si pas le cas, on l'inscrit et on incrémente le compteur des participants + db.query('SELECT * FROM participation WHERE user = ?', [userId], async (error, result) => { + if(error) { + console.log(error) } - else { - res.redirect('https://master.thecoredev.fr'); + + if (result.length == 0) { + db.query('INSERT INTO participation (user, session, role_during_session) VALUES (?,?,?)', [userId, session[0], role[0]], function (err, result) { + if (err) throw err; + console.log("1 record inserted"); + }); + + db.query('UPDATE session SET nb_of_participants = nb_of_participants + 1 WHERE ID=?', session, function (err, result) { + if (err) throw err; + console.log("1 record updated"); + }); } + }) + + if (role == 'A') { + res.redirect('https://slave.thecoredev.fr'); } else { - return res.render('login', { - error: 'Mot de passe incorrect : corriger votre saisie', - "session": session, - "role": role - }) + res.redirect('https://slave.thecoredev.fr'); } - }) + } + else { + return res.render('login', { + error: 'Mot de passe incorrect : corriger votre saisie', + "session": session, + "role": role + }) + } }) }) diff --git a/package.json b/package.json index 6c8387a..c580f05 100644 --- a/package.json +++ b/package.json @@ -18,8 +18,10 @@ "dotenv": "^16.3.1", "express": "^4.18.2", "hbs": "^4.2.0", - "mysql": "^2.18.1", - "wrtc": "^0.4.7", - "ws": "^8.14.2" + "mysql": "^2.18.1" + }, + "engines": { + "npm": ">=7.0.0 <8.0.0", + "node": ">=18.0.0 <19.0.0" } }