app.post('/login', (req, res) => { username = req.body.username; password =

1. app.post('/login', (req, res) => {
2. username = req.body.username;
3. password = req.body.password;
4. queryString = 'SELECT * FROM accounts WHERE username = "' + username + '";';
5. connection.query(queryString, function (err, result) {
6. if(result[0] == undefined){
7. console.log("user doesn't exist");
8. }
9. else{
10. var savedPass = result[0].password;
11. var json = {}
12. if(bcrypt.compareSync(password, savedPass)) {
13. console.log("success!")
14. req.session.user = username;
15. json.response = "correct";
16. console.log(req.session)
17. }
18. else{
19. console.log('wrong pass, try again');
20. json.response = "incorrect";
21. }
22. }
23.  
24. res.send(json);
25. });
26. })
27.  
28. Session {
29. cookie:
30. { path: '/',
31. _expires: 2017-12-10T01:25:45.023Z,
32. originalMaxAge: 60000,
33. httpOnly: false },
34. user: 'fuckun' }
35. }
36.  
37. Session {
38. cookie:
39. { path: '/',
40. _expires: 2017-12-10T01:25:48.499Z,
41. originalMaxAge: 60000,
42. httpOnly: false } }