From a3ec0ca01ded555543156bf15f8bcc1c22dfd519 Mon Sep 17 00:00:00 2001 From: Lucas Patenaude Date: Tue, 28 May 2024 20:42:45 -0500 Subject: [PATCH] Updated to separate login routes from app.js --- docker-compose.yml | 2 +- src/app.js | 42 ++---------------------- src/routes/database/login.js | 44 +++++++++++++++++++++++++ src/routes/database/register.js | 57 +++++++++++++++++++++++++++++++++ 4 files changed, 105 insertions(+), 40 deletions(-) create mode 100644 src/routes/database/login.js create mode 100644 src/routes/database/register.js diff --git a/docker-compose.yml b/docker-compose.yml index a4202b8..0587911 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -12,7 +12,7 @@ services: - "5432:5432" volumes: - users-database:/var/lib/postgresql/data - - /src/database/init_data:/docker-entrypoint-initdb.d + - ./src/database/init_data:/docker-entrypoint-initdb.d web: container_name: node-web-interface image: node:lts diff --git a/src/app.js b/src/app.js index 1f3995f..13676fe 100644 --- a/src/app.js +++ b/src/app.js @@ -147,45 +147,9 @@ app.get("/", (req, res) => { res.redirect("/home"); }); -// Render login page for /login route -app.get("/login", (req, res) => { - res.render("/"); -}); - -// Trigger login form to check database for matching username and password -app.post("/login", async (req, res) => { - try { - // Check if username exists in DB - const user = await db.oneOrNone( - "SELECT * FROM users WHERE username = $1", - req.body.username - ); - - if (!user) { - // Redirect user to login screen if no user is found with the provided username - return res.redirect("/register"); - } - - // Check if password from request matches with password in DB - const match = await bcrypt.compare(req.body.password, user.password); - - // Check if match returns no data - if (!match) { - // Render the login page with the message parameter - return res.render("/", { message: "Password does not match" }); - } else { - // Save user information in the session variable - req.session.user = user; - req.session.save(); - - // Redirect user to the home page - res.redirect("/"); - } - } catch (error) { - // Direct user to login screen if no user is found with matching password - res.redirect("/register"); - } -}); +// Account Routes +const loginRoutes = require("./routes/database/login"); +app.use("/", loginRoutes); /************************ Registration Page Routes diff --git a/src/routes/database/login.js b/src/routes/database/login.js new file mode 100644 index 0000000..ba48df7 --- /dev/null +++ b/src/routes/database/login.js @@ -0,0 +1,44 @@ +const express = require("express"); +const router = express.Router(); + +// Render login page for /login route +router.get("/login", (req, res) => { + res.redirect("/"); +}); + +// Trigger login form to check database for matching username and password +router.post("/login", async (req, res) => { + try { + // Check if username exists in DB + const user = await db.oneOrNone( + "SELECT * FROM users WHERE username = $1", + req.body.username + ); + + if (!user) { + // Redirect user to login screen if no user is found with the provided username + return res.redirect("/register"); + } + + // Check if password from request matches with password in DB + const match = await bcrypt.compare(req.body.password, user.password); + + // Check if match returns no data + if (!match) { + // Render the login page with the message parameter + return res.render("/", { message: "Password does not match" }); + } else { + // Save user information in the session variable + req.session.user = user; + req.session.save(); + + // Redirect user to the home page + res.redirect("/"); + } + } catch (error) { + // Direct user to login screen if no user is found with matching password + res.redirect("/register"); + } +}); + +module.exports = router; diff --git a/src/routes/database/register.js b/src/routes/database/register.js new file mode 100644 index 0000000..0f3d3a0 --- /dev/null +++ b/src/routes/database/register.js @@ -0,0 +1,57 @@ +const express = require("express"); +const path = require("path"); +const handlebars = require("express-handlebars"); +const Handlebars = require("handlebars"); +const bodyParser = require("body-parser"); +const bcrypt = require("bcryptjs"); // To hash passwords +const session = require("express-session"); // To set the session object. To store or access session data, use the `req.session`, which is (generally) serialized as JSON by the store. +const router = express.Router(); + +// Trigger Registration Form to Post +router.post("/register", async (req, res) => { + try { + if (!req.body.username || !req.body.password) { + // If username or password is missing, respond with status 400 and an error message + return res + .status(400) + .json({ status: "error", message: "Invalid input" }); + } + + // Check if the username already exists in the database + const existingUser = await db.oneOrNone( + "SELECT * FROM users WHERE username = $1", + req.body.username + ); + if (existingUser) { + // If a user with the same username already exists, respond with status 409 and an error message + return res + .status(409) + .json({ status: "error", message: "Username already exists" }); + } + + // Hash the password using bcrypt library + const hash = await bcrypt.hash(req.body.password, 10); + + // Insert username and hashed password into the 'users' table + await db.none("INSERT INTO users (username, password) VALUES ($1, $2)", [ + req.body.username, + hash, + ]); + const user = await db.oneOrNone( + "SELECT * FROM users WHERE username = $1", + req.body.username + ); + req.session.user = user; + req.session.save(); + // Redirect user to the home page + res.redirect("/"); + } catch (error) { + // If an error occurs during registration, respond with status 500 and an error message + res.status(500).json({ + status: "error", + message: "An error occurred during registration", + }); + } +}); + +module.exports = router;