adab-server/controller.js at master · bearcatsdev/adab-server · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
'use strict';

const response = require('./res');
const db = require('./conn');
const md5 = require('md5');
const crypto = require('crypto');
const cookie = require('cookie');
const axios = require('axios');

exports.home = (req, res) => {
    const cookies = cookie.parse(req.headers.cookie || '');
    const query = "SELECT * FROM users WHERE users.user_token = ?";

    db.all(query, [cookies.session_id], (error, response) => {
       if (!error) {
           if (response.length > 0) {
               res.sendFile(__dirname + '/public/home.html');
           } else {
               res.status(403).redirect("/login?error=Unauthorized");
           }
       }  else {
           res.status(500).redirect("/login?error=" + error.message);
       }
    });
};

exports.login = (req, res) => {
    res.sendFile(__dirname + '/public/login.html');
};

exports.session = (req, res) => {
    res.sendFile(__dirname + '/public/session.html');
};

exports.doLogin = (req, res) => {
    const {email, password} = req.body;
    const host = req.protocol + '://' + req.get('host');

    axios.post(host + '/api/v1/login', {
        user_email: email,
        user_password: password
    })
        .then(function(response) {
            res.setHeader('Set-Cookie', cookie.serialize('session_id', response.data.values.session_id, {
                httpOnly: true,
                maxAge: 60 * 60 * 24 * 0.5 // 1 week
            }));
            res.redirect('/home');
        })
        .catch(function(e) {
            if (e.response.status === 401) {
                res.redirect("/login?error=Invalid username or password");
            } else {
                res.redirect("/login?error=" + e.message);
            }

            console.log(e);
        });

};