72 lines
1.6 KiB
JavaScript
72 lines
1.6 KiB
JavaScript
var express = require('express');
|
|
var router = express.Router();
|
|
|
|
/* Login action */
|
|
router.post('/login', function(req, res) {
|
|
var bcrypt = require('bcrypt-nodejs');
|
|
|
|
var user = req.body.user,
|
|
pass = req.body.pass;
|
|
|
|
req.getConnection(function(err, connection) {
|
|
if (err) throw err;
|
|
|
|
var sql = " SELECT id, username, email, password, timezone, num_format " +
|
|
" FROM todo_user " +
|
|
" WHERE email = ? OR username = ? ";
|
|
|
|
// Find the username / email
|
|
connection.execute(sql, [user, user], function(err, rows, fields) {
|
|
if (err) throw err;
|
|
|
|
var user = rows[0];
|
|
|
|
// Verify the password hash
|
|
bcrypt.compare(pass, user.password, function(err, passRes) {
|
|
if (err) throw err;
|
|
|
|
// Password is good, set session data and redirect
|
|
if (passRes === true)
|
|
{
|
|
req.session.uid = user.id;
|
|
req.session.num_format = user.num_format;
|
|
req.session.username = user.username;
|
|
|
|
res.redirect(303, '/');
|
|
}
|
|
});
|
|
});
|
|
})
|
|
});
|
|
|
|
/* Logout action */
|
|
router.get('/logout', function(req, res) {
|
|
// Destroy the session, and redirect to the index page
|
|
req.session.destroy(function(err) {
|
|
res.redirect(303, '/');
|
|
});
|
|
});
|
|
|
|
/* GET users listing. */
|
|
router.get('/list', function(req, res) {
|
|
res.send('respond with a resource');
|
|
});
|
|
|
|
router.get('/:id', function(req, res) {
|
|
res.send('respond with a resource');
|
|
});
|
|
|
|
router.post('/', function(req, res) {
|
|
res.send('respond with a resource');
|
|
});
|
|
|
|
router.put('/:id', function(req, res) {
|
|
res.send('respond with a resource');
|
|
});
|
|
|
|
router.delete('/:id', function(req, res) {
|
|
res.send('respond with a resource');
|
|
});
|
|
|
|
module.exports = router;
|