TheCoreDev/mia
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Correction du bug sur les mots de passe

Browse Source
This commit is contained in:
TheCoreDev
2023-11-16 16:44:27 +01:00
parent 9f0924f06b
commit e844fbf3b0
2 changed files with 67 additions and 39 deletions
Download Patch File Download Diff File Expand all files Collapse all files

98
app.js
View File

@@ -33,6 +33,26 @@ app.use(bodyParser.urlencoded({extended: false}));
app.use(express.json()) app.use(express.json())
function hashPassword(plaintextPassword) {
bcrypt.hash(plaintextPassword, 10)
.then(hash => {
return hash;
})
.catch(err => {
console.log(err)
})
}
function comparePassword(plaintextPassword, hash) {
bcrypt.compare(plaintextPassword, hash)
.then(result => {
return result;
})
.catch(err => {
console.log(err)
})
}
// ******************************************* Arrivée sur la page d'accueil ******************************************* // ******************************************* Arrivée sur la page d'accueil *******************************************
app.get("/", (req, res) => { app.get("/", (req, res) => {
let today = dateFormat(new Date(), "yyyymmdd"); let today = dateFormat(new Date(), "yyyymmdd");
@@ -100,7 +120,7 @@ app.post("/auth/register", (req, res) => {
} }
}) })
let hashedPassword = await bcrypt.hash(password, 8); let hashedPassword = hashPassword(password);
db.query('INSERT INTO user SET?', {gender : (gender != undefined ? gender : ""), firstname: firstname, name: name, title: title, email: email, nickname : nickname, password: hashedPassword}, (err, result) => { db.query('INSERT INTO user SET?', {gender : (gender != undefined ? gender : ""), firstname: firstname, name: name, title: title, email: email, nickname : nickname, password: hashedPassword}, (err, result) => {
if(error) { if(error) {
console.log(error) console.log(error)
@@ -113,7 +133,9 @@ app.post("/auth/register", (req, res) => {
}) })
// ******************************************* Connexion sur le compte utilisateur ******************************************* // ******************************************* Connexion sur le compte utilisateur *******************************************
app.post("/auth/check-login", (req, res) => { app.post("/auth/check-login", (req, res) => {
var userId,
passwordStocke;
const { email, nickname, password, role, session } = req.body const { email, nickname, password, role, session } = req.body
if (email == '' && nickname == '') { if (email == '' && nickname == '') {
@@ -124,7 +146,14 @@ app.post("/auth/check-login", (req, res) => {
}) })
} }
db.query('SELECT * FROM user WHERE email = ? OR nickname = ?', [email,nickname], async (error, result) => { let requete = '';
if (nickname != '') {
requete = "SELECT * FROM user WHERE UPPER(nickname) = '?'".replace("?", nickname.toUpperCase());
}
if (email != '') {
requete = "SELECT * FROM user WHERE UPPER(email) = '?'".replace("?", email.toUpperCase());
}
db.query(requete, async (error, result) => {
if(error){ if(error){
console.log(error) console.log(error)
} }
@@ -137,44 +166,41 @@ app.post("/auth/check-login", (req, res) => {
}) })
} }
var userId = result[0].ID userId = result[0].ID;
bcrypt.compare(password, result[0].password, function(err, result) { if (comparePassword(password, result[0].password)) {
if(result) { // Le user est connecté avec succès : on vérifie qu'il n'est pas déjà inscrit à la session et si pas le cas, on l'inscrit et on incrémente le compteur des participants
db.query('SELECT * FROM participation WHERE user = ?', [userId], async (error, result) => {
// Le user est connecté avec succès : on vérifie qu'il n'est pas déjà inscrit à la session et si pas le cas, on l'inscrit et on incrémente le compteur des participants if(error) {
db.query('SELECT * FROM participation WHERE user = ?', [userId], async (error, result) => { console.log(error)
if(error) {
console.log(error)
}
if (result.length == 0) {
db.query('INSERT INTO participation (user, session, role_during_session) VALUES (?,?,?)', [userId, session[0], role[0]], function (err, result) {
if (err) throw err;
console.log("1 record inserted");
});
db.query('UPDATE session SET nb_of_participants = nb_of_participants + 1 WHERE ID=?', session, function (err, result) {
if (err) throw err;
console.log("1 record updated");
});
}
})
if (role == 'A') {
res.redirect('https://slave.thecoredev.fr');
} }
else {
res.redirect('https://master.thecoredev.fr'); if (result.length == 0) {
db.query('INSERT INTO participation (user, session, role_during_session) VALUES (?,?,?)', [userId, session[0], role[0]], function (err, result) {
if (err) throw err;
console.log("1 record inserted");
});
db.query('UPDATE session SET nb_of_participants = nb_of_participants + 1 WHERE ID=?', session, function (err, result) {
if (err) throw err;
console.log("1 record updated");
});
} }
})
if (role == 'A') {
res.redirect('https://slave.thecoredev.fr');
} }
else { else {
return res.render('login', { res.redirect('https://slave.thecoredev.fr');
error: 'Mot de passe incorrect : corriger votre saisie',
"session": session,
"role": role
})
} }
}) }
else {
return res.render('login', {
error: 'Mot de passe incorrect : corriger votre saisie',
"session": session,
"role": role
})
}
}) })
}) })

8
package.json
View File

@@ -18,8 +18,10 @@
"dotenv": "^16.3.1", "dotenv": "^16.3.1",
"express": "^4.18.2", "express": "^4.18.2",
"hbs": "^4.2.0", "hbs": "^4.2.0",
"mysql": "^2.18.1", "mysql": "^2.18.1"
"wrtc": "^0.4.7", },
"ws": "^8.14.2" "engines": {
"npm": ">=7.0.0 <8.0.0",
"node": ">=18.0.0 <19.0.0"
} }
} }