var express = require("express");var mssql = require("mssql");var bodyParser =

1. var express = require("express");
2. var mssql = require("mssql");
3. var bodyParser = require("body-parser");
4. var bcrypt = require('bcrypt');
5. var config = require('./config.js');
6. var db = require('./db.js');
7. var app = express();
8. app.use(bodyParser.json());
9. app.use(bodyParser.urlencoded({extended:true}));
10. app.get('/',function (request, response) {
11. response.end('Demo');
12. });
13. app.post('/users', function (request, response) {
14. var data = request.body;
15. db.executeSql("select UserId ,UserName from aspnet_Users where UserName='" + data.UserName + "'", function (result, error) {
16. if (error) {
17. console.log(error);
18. response.end(JSON.stringify(error));
19. }
20. else if (result.length == 0) {
21. response.end('Inavlid User');
22. }
23. else {
24. var userId = result[0].UserId;
25. var userName = result[0].UserName;
26. db.executeSql("select Password, PasswordSalt from aspnet_Membership where UserId='" + userId + "'",
27. function (pwdResult, pwdError) {
28. if (pwdError) {
29. response.end(JSON.stringify(pwdError));
30. }
31. else {
32. var hashPassword = pwdResult[0].Password;
33. var salt = pwdResult[0].PasswordSalt;
34. bcrypt.compare(data.Password+salt, hashPassword, function (err, res) {
35. if (err) {
36. response.end(err);
37. }
38. if (res) {
39. response.end(res);
40. }
41. else {
42. response.end("Password Mismatch");
43. }
44. });
45. }
46.  
47. });
48. }
49.  
50. });
51. });
52. app.listen(config.portNumber);