const createError = require('http-errors');const express = require('express');

1. const createError = require('http-errors');
2. const express = require('express');
3. const session = require('express-session');
4. const path = require('path');
5. const helmet = require('helmet');
6. const cookieParser = require('cookie-parser');
7. const logger = require('morgan');
8. const bodyParser = require('body-parser');
9.  
10. const indexRouter = require('./routes/index');
11. const usersRouter = require('./routes/users');
12. const admRouter = require('./routes/adm');
13.  
14. const urlencodedParser = bodyParser.urlencoded({extended : false});
15.  
16. const app = express();
17.  
18. // view engine setup
19. app.set('views', path.join(__dirname, 'views'));
20. app.set('view engine', 'ejs');
21.  
22. app.use(logger('dev'));
23. app.use(express.json());
24. app.use(urlencodedParser);
25. app.use(cookieParser());
26. app.use(express.static(path.join(__dirname, 'public')));
27. app.use(session({secret: 'secret', resave: false, saveUninitialized: false, cookie: { maxAge : 60000, secure: false }}));
28.  
29. app.use('/', indexRouter);
30. app.use('/users', usersRouter);
31. app.use('/adm', admRouter);
32.  
33. // On utilise helmet pour sécuriser l'application.
34. app.use(helmet());
35.  
36. // catch 404 and forward to error handler
37. app.use(function(req, res, next) {
38. next(createError(404));
39. });
40.  
41. // error handler
42. app.use(function(err, req, res, next) {
43. // set locals, only providing error in development
44. res.locals.message = err.message;
45. res.locals.error = req.app.get('env') === 'development' ? err : {};
46.  
47. // render the error page
48. res.status(err.status || 500);
49. res.render('error');
50. });
51.  
52. module.exports = app;
53.  
54. app.listen(80);
55.  
56. const express = require('express');
57. const router = express.Router();
58. const bodyParser = require('body-parser');
59. const verif = require('../functions/verif');
60. const password = require('node-php-password');
61.  
62. const dbServer = require('../database');
63. // const credentials = require('../functions/dbCredentials');
64.  
65. // const dbServer = mysql.createConnection(credentials);
66.  
67. const urlencodedParser = bodyParser.urlencoded({extended : false});
68.  
69. /* GET home page. */
70. router.get('/', function(req, res, next) {
71. console.log(JSON.stringify(req.session.user));
72. res.render('index', {verif, req });
73. });
74.  
75. router.post('/login', urlencodedParser, (req, res, next) => {
76. if(req.body.username !== undefined && req.body.password !== undefined) {
77. if(req.body.username !== null && req.body.password !== null) {
78. dbServer.query('SELECT * FROM users WHERE username = ?', [req.body.username], function(error, result, fields) {
79. if (error) throw error;
80. // if(password.verify(req.body.password, result))
81. console.log("resultat : " + JSON.stringify(result));
82. if(result.length > 0) {
83. const utilisateur = result[0]; // On stocke la ligne concernant l'utilisateur dans une constante locale.
84. console.log("L'utilisateur existe.");
85. // On teste le résultat obtenu, pour savoir si son mot de passe est correct.
86. if(password.verify(req.body.password, utilisateur.password)) {
87. console.log("Mot de passe correct.");
88. req.session.user = utilisateur;
89. console.log(req.session.user);
90. } else {
91. // TODO : Session, pour afficher l'erreur.
92. console.log("Mot de passe incorrect.");
93. }
94. }
95. else {
96. console.log("L'utilisateur n'existe pas.")
97. // TODO : Session, pour afficher l'erreur.
98. }
99. });
100. }
101. }
102. res.redirect('/');
103. });
104.  
105. module.exports = router;
106.  
107. console.log(req.session.user);
108.  
109. console.log(JSON.stringify(req.session.user));