1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
|
const router = require("express").Router();
const mysql = require("mysql2");
const bcrypt = require("bcryptjs");
const jwt = require("jsonwebtoken");
require("dotenv").config();
const connectionURL = process.env.DATABASE_URL;
const validationString = process.env.AUTHORIZATION_STRING;
router.post("/login", (req, res) => {
// Log in as user
const username = req.body.username;
const password = req.body.password;
const connection = mysql.createConnection(connectionURL);
connection.connect();
const sql = "SELECT * FROM Users WHERE username = ?";
connection.query(sql, [username], (err, results, fields) => {
if (err) {
res.status(500).json({
message: "Error logging in",
error: err,
});
} else {
if (results.length > 0) {
const user = results[0];
if (bcrypt.compareSync(password, user.password)) {
const token = jwt.sign(
{
username: user.username,
admin: user.admin,
},
validationString
);
res.status(200).json({
message: "Logged in",
token: token,
});
} else {
res.status(401).json({
message: "Incorrect password",
});
}
} else {
res.status(401).json({
message: "User not found",
});
}
}
});
connection.end();
});
router.post("/create", (req, res) => {
// Creates a regular user
const username = req.body.username;
const password = req.body.password;
const connection = mysql.createConnection(connectionURL);
connection.connect();
const sql = "INSERT INTO Users (username, password, admin) VALUES (?, ?, ?)";
const hashedPassword = bcrypt.hashSync(password, 10);
const admin = 0;
connection.query(
sql,
[username, hashedPassword, admin],
(err, results, fields) => {
if (err) {
res.status(500).json({
message: "Error creating user",
error: err,
});
} else {
res.status(201).json({
message: "User created",
});
}
}
);
connection.end();
});
module.exports = router;
|
