const express = require('express'), //include express module Url

1. const
2. express = require('express'), //include express module
3. Url = require('url'), //include url module
4. bodyParser = require('body-parser'), //for post requests
5. mysql = require('mysql'), //include mySQL module
6. cookieParser = require('cookie-parser'),
7. session = require('express-session'),
8. app = express(); //server
9.  
10. var jsonParser = bodyParser.json();
11. app.use(jsonParser);
12.  
13. var connection = mysql.createConnection({ //connecting to database
14. host: '127.0.0.1', //ip adress
15. user: 'admin', //name of user in mySQL
16. password: '123', //user password
17. database: 'news' //database name
18. });
19.  
20. connection.connect(function(err) { //establishing connecting to DB
21. if (err) throw err; //if we have some exception
22. console.log('Connected!'); //if everything is OK
23. });
24.  
25. app.set('view engine', 'ejs'); //connect ejs to application
26. app.use('/public', express.static('public')); //using static folder for css and more
27. app.use(bodyParser.urlencoded({ extended: true })); //using body parser for POST requests
28.  
29. var user = {
30. username: 'moderator',
31. password: '123'
32. }
33.  
34. var sessionHandler = require('./js/sessionHandler');
35. var store = sessionHandler.createStore();
36.  
37. app.use(cookieParser());
38. app.use(session({
39. store: store,
40. resave: false,
41. saveUninitialized: true,
42. secret: 'supersecret'
43. }));
44.  
45. //generate root page for user
46. app.get('/', function(request,response) {
47. connection.query('SELECT title, text, date FROM news', function(err, result) {
48. if (err) throw err;
49. response.render('user', { posts: result });
50. response.end();
51. });
52. });
53.  
54. //genetate moderator page
55. app.get('/moderator', function(request,response) {
56. if (request.session.username == 'moderator') {
57. connection.query('SELECT title, text, date FROM news', function(err, result) {
58. if (err) throw err;
59. response.render('moderator', { posts: result });
60. response.end();
61. });
62. } else {
63. response.status(403).send('Access Denied!');
64. }
65. });
66.  
67. app.get('/log-in', function(request, response) {
68. response.render('log-in');
69. });
70.  
71. app.get('/log-out', function(request, response) {
72. console.log('logging out!' + request.session.username);
73. request.session.username = '';
74. console.log('logged out!' + request.session.username);
75. response.redirect('/log-in');
76. response.end();
77. });
78.  
79.  
80. app.post('/log-in', function(request, response) {
81. console.log('Request body username: ' + request.body.username);
82. console.log('Request body password: ' + request.body.password);
83. console.log('User Username: ' + user.username);
84. console.log('User Password: ' + user.password);
85. var foundUser;
86. if (user.username == request.body.username && user.password == request.body.password)
87. foundUser = user.username;
88. console.log('Found User: ' + foundUser);
89. if (foundUser !== undefined) {
90. request.session.username = request.body.username;
91. response.redirect('/moderator');
92. console.log('Session Username: ' + request.session.username);
93. console.log('____________________________');
94. } else {
95. response.status(401).send('Login Error!');
96. }
97. });
98.  
99. //add new post to DB
100. app.post('/moderator', function(request, response) {
101. if (!request.body) return sendStatus(400);
102.  
103. var //date of adding new post
104. date = new Date(),
105. postDate = date.getDate() + '/' + date.getMonth() + '/' + date.getFullYear();
106.  
107. //push into DB
108. connection.query('INSERT INTO news(`title`, `text`, `date`) VALUES(' + ''' + request.body.title + ''' + ',' + ''' + request.body.text + ''' + ',' + ''' + postDate + ''' + ')', function(err, result) {
109. if (err) throw err;
110. });
111.  
112. response.redirect('/moderator');
113. response.end();
114. });
115.  
116. app.listen(8080); //listening to the port
117.  
118. const
119. cookieParser = require('cookie-parser'),
120. session = require('express-session'),
121. MSSQLStore = require('express-mysql-session')(session),
122. mssql = require('mssql');
123.  
124. module.exports = {
125. createStore: function() {
126. var config = {
127. user: 'admin',
128. password: '123',
129. server: '127.0.0.1',
130. database: 'news',
131. port: 3306,
132. pool: {
133. max: 10,
134. min: 0,
135. idleTimeoutMillis: 30000
136. }
137. }
138. return new MSSQLStore(config);
139. }
140. }
141.  
142. <script>
143. window.onload = function() {
144. var
145. logIn = document.getElementById('log_in'),
146. userLogin = document.getElementById('login'),
147. userPass = document.getElementById('password');
148.  
149. logIn.onclick = function() {
150. var xhr = new XMLHttpRequest();
151. xhr.open('POST', '/log-in');
152.  
153. var userData = {
154. username: userLogin.value,
155. password: userPass.value
156. };
157.  
158. xhr.setRequestHeader('Content-Type', 'application/json');
159. xhr.send(JSON.stringify(userData));
160. };
161. }
162. </script>
163.  
164. <script>
165. window.onload = function() {
166. var logOut = document.getElementById('log_out');
167.  
168. logOut.onclick = function() {
169. var xhr = new XMLHttpRequest();
170. xhr.open('GET', '/log-out');
171. xhr.send();
172. };
173. }
174. </script>
175.  
176. Connected!
177. Request body username: moderator
178. Request body password: 123
179. User Username: moderator
180. User Password: 123
181. Found User: moderator
182. Session Username: moderator
183. ____________________________
184. Request body username: undefined
185. Request body password: 123
186. User Username: moderator
187. User Password: 123
188. Found User: undefined
189. logging out!moderator
190. logged out!