var sqlite = require('sqlite3').verbose();var db = new sqlite.Database('../use

1. var sqlite = require('sqlite3').verbose();
2. var db = new sqlite.Database('../users.db');
3. var bcrypt = require('bcrypt');
4. var express = require('express');
5. var app = express();
6. var bodyParser = require('body-parser');
7. var port = process.env.PORT || 3000;
8. var path = require('path');
9. var cookieParser = require('cookie-parser');
10. var session = require('express-session');
11. var cors = require('cors');
12.  
13. app.use(cors());
14. app.use(cookieParser());
15. app.use(session({ secret: 'robbieisawesome', resave: true, saveUninitialized: true }));
16. app.use(bodyParser.urlencoded({extended: true}));
17. app.set('view engine', 'ejs');
18.  
19. app.get('/', function(req, res) {
20.   var stat = 'You are not logged in.';
21.   if (req.session.userName) stat = 'You are logged in as ' + req.session.userName + '.';
22.   res.render('index', { status: stat });
23. });
24.  
25. app.post('/auth', function(req, res) {
26.   var user = req.body.user.toLowerCase();
27.   var pass = req.body.pass;
28.   var status = {type: 'auth', status: null};
29.   db.serialize();
30.   db.get('SELECT passhash FROM users WHERE username=?', user, function(err, row) {
31.     if (row) {
32.       if (bcrypt.compareSync(pass, row.passhash)) {
33.         req.session.user = user;
34.         res.redirect(301, '/');
35.         console.log('Account ' + user + ' authenticated successfully.');
36.       } else {
37.         res.writeHead(401, {'Content-Type': 'text/plain'});
38.         res.end('Password incorrect');
39.         console.log('Someone tried to log into the account ' + user + ' with an incorrect password.');
40.       }
41.     } else {
42.       res.writeHead(401, {'Content-Type': 'text/plain'});
43.       res.end('Nonexistent user');
44.       console.log('Someone tried to log into the nonexistent account ' + user + '.');
45.     }
46.   });
47. });
48. console.log('Authentication bound');
49.  
50. app.post('/create', function(req, res) {
51.   var user = req.body.user.toLowerCase();
52.   var pass = req.body.pass;
53.   var salt = bcrypt.genSaltSync(10);
54.   var hash = bcrypt.hashSync(pass, salt);
55.   var status = {type: 'create', status: null};
56.   db.serialize();
57.   db.run('INSERT INTO users VALUES (?,?)', user, hash, function(err) {
58.     if (err) {
59.       res.writeHead(401, {'Content-Type': 'application/json'});
60.       status.status = 'exists';
61.       res.end(JSON.stringify(status));
62.       console.log('Someone attempted to create the already-existent account ' + user + '.');
63.     } else {
64.       res.writeHead(200, {'Content-Type': 'application/json'});
65.       status.status = 'success';
66.       res.end(JSON.stringify(status));
67.       console.log('The account ' + user + ' was created successfully.');
68.     }
69.   });
70. });
71. console.log('Registration bound');
72.  
73. app.listen(port);
74. console.log('Listening on *:' + port);