158 lines
5.4 KiB
JavaScript
158 lines
5.4 KiB
JavaScript
const express = require('express')
|
|
const mysql = require("mysql")
|
|
const dotenv = require('dotenv')
|
|
const app = express()
|
|
const path = require("path")
|
|
const publicDir = path.join(__dirname, './public')
|
|
const bcrypt = require("bcryptjs")
|
|
var bodyParser = require('body-parser')
|
|
var cookieParser = require("cookie-parser")
|
|
|
|
|
|
/* Connexion à la BDD MySQL */
|
|
dotenv.config({ path: './.env'})
|
|
const db = mysql.createConnection({
|
|
host: process.env.DATABASE_HOST,
|
|
port: process.env.DATABASE_PORT,
|
|
user: process.env.DATABASE_USER,
|
|
password: process.env.DATABASE_PASSWORD,
|
|
database: process.env.DATABASE
|
|
})
|
|
db.connect((error) => {
|
|
if(error) {
|
|
console.log(error)
|
|
} else {
|
|
console.log("MySQL connected!")
|
|
}
|
|
})
|
|
|
|
app.set('view engine', 'hbs');
|
|
app.use(express.static(publicDir));
|
|
/* Pour utiliser le bootstrap local */
|
|
app.use('/css', express.static(__dirname + '/node_modules/bootstrap/dist/css'));
|
|
app.use(cookieParser());
|
|
|
|
/* configure the Express.js server to receive the form values as JSON */
|
|
app.use(bodyParser.urlencoded({extended: false}));
|
|
app.use(express.json())
|
|
|
|
|
|
app.get("/", (req, res) => { res.render("login-session") });
|
|
app.get("/login", (req, res) => { res.render("login") });
|
|
app.get("/register", (req, res) => { res.render("register") });
|
|
app.get("/index", (req, res) => { res.render("index") });
|
|
|
|
|
|
app.post("/auth/register", (req, res) => {
|
|
const { gender, name, firstname, dob, title, email, password, password_confirm, session, role } = req.body
|
|
|
|
// db.query() code goes here
|
|
db.query('SELECT email FROM user WHERE email = ?', [email], async (error, result) => {
|
|
if(error){
|
|
console.log(error)
|
|
}
|
|
if( result.length > 0 ) {
|
|
return res.render('register', {
|
|
error: 'Adresse email déjà utilisée : choisissez-en une autre ou bien cliquez sur le lien ci-dessus pour vous connecter'
|
|
})
|
|
} else if(password !== password_confirm) {
|
|
return res.render('register', {
|
|
error: 'Vos mots de passe ne correspondent pas'
|
|
})
|
|
}
|
|
|
|
let hashedPassword = await bcrypt.hash(password, 8)
|
|
db.query('INSERT INTO user SET?', {gender : (gender != undefined ? gender : ""), firstname: firstname, name: name, date_of_birth: dob, title: title, email: email, password: hashedPassword}, (err, result) => {
|
|
if(error) {
|
|
console.log(error)
|
|
} else {
|
|
return res.render('login-session')
|
|
}
|
|
})
|
|
})
|
|
})
|
|
|
|
app.post("/auth/check-login", (req, res) => {
|
|
const { email, password, role, session } = req.body
|
|
|
|
db.query('SELECT * FROM user WHERE email = ?', [email], async (error, result) => {
|
|
if(error){
|
|
console.log(error)
|
|
}
|
|
|
|
if( result.length == 0 ) {
|
|
return res.render('login', {
|
|
error: 'Utilisateur inconnu : veuillez créer votre compte via le lien ci-dessus'
|
|
})
|
|
}
|
|
|
|
var userId = result[0].ID
|
|
bcrypt.compare(password, result[0].password, function(err, result) {
|
|
if(result) {
|
|
|
|
// Le user est connecté avec succès : on vérifie qu'il n'est pas déjà inscrit à la session et si pas le cas, on l'inscrit et on incrémente le compteur des participants
|
|
db.query('SELECT * FROM participation WHERE ID_user = ?', [userId], async (error, result) => {
|
|
if(error) {
|
|
console.log(error)
|
|
}
|
|
|
|
if (result.length == 0) {
|
|
db.query('INSERT INTO participation (ID_user, ID_session, role_during_session) VALUES (?, ?, ?)', [userId, session, role], function (err, result) {
|
|
if (err) throw err;
|
|
console.log("1 record inserted");
|
|
});
|
|
|
|
db.query('UPDATE session SET nb_of_participants = nb_of_participants + 1 WHERE ID=?', session, function (err, result) {
|
|
if (err) throw err;
|
|
console.log("1 record updated");
|
|
});
|
|
}
|
|
})
|
|
|
|
//res.cookie("authorization", userId, { maxAge: 900000, httpOnly: true });
|
|
|
|
return res.render('index')
|
|
}
|
|
else {
|
|
return res.render('login', {
|
|
error: 'Mot de passe incorrect : corriger votre saisie'
|
|
})
|
|
}
|
|
})
|
|
})
|
|
})
|
|
|
|
app.post("/auth/check-session", (req, res) => {
|
|
|
|
const { session, session_password, role } = req.body
|
|
|
|
db.query('SELECT password FROM session WHERE ID = ?', [session], async (error, result) => {
|
|
if(error){
|
|
console.log(error)
|
|
}
|
|
|
|
if( result.length == 0 ) {
|
|
return res.render('login-session', {
|
|
error: 'Session inconnue : veuillez saisir un identifiant de session valide'
|
|
})
|
|
}
|
|
else {
|
|
if (result[0].password === session_password) {
|
|
|
|
//res.send(req.cookies);
|
|
|
|
return res.render('login', {"session": session, "role": role})
|
|
}
|
|
else {
|
|
return res.render('login-session', {
|
|
error: 'Mot de passe incorrect : corriger votre saisie'
|
|
})
|
|
}
|
|
}
|
|
})
|
|
})
|
|
|
|
|
|
app.listen(5005, ()=> {
|
|
console.log("server started on port 5005")
|
|
}) |