Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- const createError = require('http-errors');
- const express = require('express');
- const session = require('express-session');
- const path = require('path');
- const helmet = require('helmet');
- const cookieParser = require('cookie-parser');
- const logger = require('morgan');
- const bodyParser = require('body-parser');
- const indexRouter = require('./routes/index');
- const usersRouter = require('./routes/users');
- const admRouter = require('./routes/adm');
- const urlencodedParser = bodyParser.urlencoded({extended : false});
- const app = express();
- // view engine setup
- app.set('views', path.join(__dirname, 'views'));
- app.set('view engine', 'ejs');
- app.use(logger('dev'));
- app.use(express.json());
- app.use(urlencodedParser);
- app.use(cookieParser());
- app.use(express.static(path.join(__dirname, 'public')));
- app.use(session({secret: 'secret', resave: false, saveUninitialized: false, cookie: { maxAge : 60000, secure: false }}));
- app.use('/', indexRouter);
- app.use('/users', usersRouter);
- app.use('/adm', admRouter);
- // On utilise helmet pour sécuriser l'application.
- app.use(helmet());
- // catch 404 and forward to error handler
- app.use(function(req, res, next) {
- next(createError(404));
- });
- // error handler
- app.use(function(err, req, res, next) {
- // set locals, only providing error in development
- res.locals.message = err.message;
- res.locals.error = req.app.get('env') === 'development' ? err : {};
- // render the error page
- res.status(err.status || 500);
- res.render('error');
- });
- module.exports = app;
- app.listen(80);
- const express = require('express');
- const router = express.Router();
- const bodyParser = require('body-parser');
- const verif = require('../functions/verif');
- const password = require('node-php-password');
- const dbServer = require('../database');
- // const credentials = require('../functions/dbCredentials');
- // const dbServer = mysql.createConnection(credentials);
- const urlencodedParser = bodyParser.urlencoded({extended : false});
- /* GET home page. */
- router.get('/', function(req, res, next) {
- console.log(JSON.stringify(req.session.user));
- res.render('index', {verif, req });
- });
- router.post('/login', urlencodedParser, (req, res, next) => {
- if(req.body.username !== undefined && req.body.password !== undefined) {
- if(req.body.username !== null && req.body.password !== null) {
- dbServer.query('SELECT * FROM users WHERE username = ?', [req.body.username], function(error, result, fields) {
- if (error) throw error;
- // if(password.verify(req.body.password, result))
- console.log("resultat : " + JSON.stringify(result));
- if(result.length > 0) {
- const utilisateur = result[0]; // On stocke la ligne concernant l'utilisateur dans une constante locale.
- console.log("L'utilisateur existe.");
- // On teste le résultat obtenu, pour savoir si son mot de passe est correct.
- if(password.verify(req.body.password, utilisateur.password)) {
- console.log("Mot de passe correct.");
- req.session.user = utilisateur;
- console.log(req.session.user);
- } else {
- // TODO : Session, pour afficher l'erreur.
- console.log("Mot de passe incorrect.");
- }
- }
- else {
- console.log("L'utilisateur n'existe pas.")
- // TODO : Session, pour afficher l'erreur.
- }
- });
- }
- }
- res.redirect('/');
- });
- module.exports = router;
- console.log(req.session.user);
- console.log(JSON.stringify(req.session.user));
Add Comment
Please, Sign In to add comment