const path = require('path');const express = require('express');const sessio

1. const path = require('path');
2. const express = require('express');
3. const session = require('express-session');
4. const app = express();
5. const router = express.Router();
6. const cors = require('cors');
7. const numeral = require('numeral');
8. const alasql = require('alasql');
9. const receipt = require('receipt');
10. const passport = require('passport');
11. const LocalStrategy = require('passport-local').Strategy;
12. //const hbs = require('hbs');
13. const bodyParser = require('body-parser');
14. const users = require('./public/js/users');
15. var sessionuser;
16. const ip = require("ip");
17.  
18. app.use(cors());
19. app.use(bodyParser.urlencoded({extended: true}));
20. app.use(bodyParser.json({limit:1024*1024*20, type:'application/json'}));
21. //app.use(session({ secret: 'keyboard cat', resave: false, saveUninitialized: true }));
22.  
23. var db = require("./public/js/db_config");
24. var date = new Date();
25. var now = new Date(date.getFullYear(), date.getMonth(), 1);
26. var ipserver=ip.address();
27. var ispusat="";
28. var cookieParser = require('cookie-parser');
29.  
30. app.set('views',path.join(__dirname,'views'));//set views file
31. app.set('view engine', 'html');//set view engine
32. app.engine('html', require('hbs').__express);
33. app.use('/assets',express.static(__dirname + '/public'));
34. app.use(cookieParser());
35. app.use(session({ secret: 'keyboard cat', resave: true, saveUninitialized: false,cookie: { path: '/', httpOnly: true, maxAge: 30 * 30000 },rolling: true}));
36. app.use(checkAuth);
37.  
38. //login
39. function checkAuth (req, res, next) {
40. //console.log('checkAuth ' + req.url);
41. // don't serve /secure to those not logged in,you should add to this list, for each and every secure url
42. if (req.url === '/home' && (!req.session || !req.session.authenticated)) {
43. //console.log(req.session+'xxx'+req.session.authenticated);
44. res.render('login', { status: 403 });
45. return;
46. }
47. next();
48. }
49.  
50. app.post('/login', function (req, res, next) {
51. db.getConnection(function (err, connection) {
52. SQL="SELECT TMU.*,TTS.ROLE FROM muser TMU CROSS JOIN tsetting TTS WHERE TMU.USER = ? and TMU.PASSWORD = ?";
53. connection.query(SQL, [req.body.username, req.body.password], function (err, rows) {
54. connection.release();
55. if(err) return done(err);
56.  
57. // if user not found
58. if (rows.length <= 0) {
59. console.log('gagal');
60. res.redirect('/login');
61. }
62. req.session.authenticated = true;
63. req.session.user=rows;
64. res.redirect('/home');
65. });
66. });
67. });
68. app.get('/home',(req,res)=>{ => this one I still get session value
69. if (req.session.user) {
70. console.log('- sessionhome -');
71. console.log(req.session.user);
72. console.log('---------------');
73. res.render('home',{username: req.session.user[0].USER,level:req.session.user[0].IDLEVEL,role:req.session.user[0].ROLE,ip:ipserver});
74. }else {
75. res.redirect('/login');
76. }
77. });
78.  
79. app.get('/getcart',(req,res)=>{ => this one i cant get session value
80. console.log(req.session.authenticated);
81. if (req.session.user) {
82. var userdata=sessionuser;
83. SQL="SELECT TC.ID,TC.IDITEM,TC.KODEBARANG,TC.NAMA,SUM(TC.QTY) AS QTY,TC.PRICE, TC.SUBTOTAL"+'\n'+
84. "FROM cart TC "+'\n'+
85. "WHERE TC.IDUSER="+req.session.user[0].ID+'\n'+
86. "GROUP BY TC.KODEBARANG,TC.IDITEM,TC.KODEBARANG,TC.NAMA,TC.PRICE,TC.SUBTOTAL,TC.IDUSER";
87. rowsalasql=alasql(SQL);
88. res.send(JSON.stringify(rowsalasql));
89. }else {
90. console.log('session undefined');
91. }
92. });
93.  
94. //