changed the whole structure

2025-09-13 07:05:02 +02:00 · 2023-10-01 03:34:35 +02:00
parent 99dc9d3e93
commit e32b25845e
40 changed files with 7489 additions and 0 deletions
--- a/app-rappaurio/server/controllers/auth.js
+++ b/app-rappaurio/server/controllers/auth.js
@@ -0,0 +1,162 @@
+const mysql = require('mysql');
+const jwt = require('jsonwebtoken');
+const bcrypt = require('bcryptjs');
+const { promisify } = require('util');
+
+const db = mysql.createConnection({
+    host: process.env.DATABASE_HOST,
+    user: process.env.DATABASE_USER,
+    password: process.env.DATABASE_PASSWORD,
+    database: process.env.DATABASE
+});
+
+exports.login = async (req, res) => {
+    try {
+        const { email, password } = req.body;
+        if (!email || !password) {
+            return res.status(400).render('contains/connexion', {
+                message: 'Veuillez entrer un email et un mot de passe'
+            })
+        }
+
+        db.query('SELECT * FROM users WHERE email = ?', [email], async (error, result) => {
+            console.log(result)
+            if (!result || result.length == 0 || !(await bcrypt.compare(password, result[0].password))) {
+                res.status(401).render('contains/connexion', {
+                    message: 'Email ou Mot de passe incorrect'
+                })
+            }
+            else {
+                const id = result[0].id;
+                // creating a token
+                const token = jwt.sign({ id: id }, process.env.JWT_SECRET, {
+                    expiresIn: process.env.JWT_EXPIRES_IN
+                });
+
+                console.log("The token is : " + token);
+
+                // when does our token expires
+                const cookieOptions = {
+                    expires: new Date(
+                        Date.now() + process.env.JWT_COOKIE_EXPIRES_IN * 24 * 60 * 60 * 1000
+                    ),
+                    // just to prevent if someone is not messing with our cookies 
+                    httpOnly: true
+                }
+                // we can use any name here in res.cookie(name , token , cookieoptions ) ;
+                // after a user is loged in we put cookie in browser
+                res.cookie('jwt', token, cookieOptions);
+                res.status(200).redirect('/');
+            }
+        })
+    } catch (error) {
+        console.log(error);
+    }
+
+}
+
+exports.register = (req, res) => {
+    console.log(req.body);
+
+    // de-structuring in javaScript....
+    const { name, email, password } = req.body;
+
+    db.query('SELECT email FROM  users WHERE email = ?', [email], async (error, result) => {
+        if (error) {
+            console.log(error);
+        }
+        if (result.length > 0) {
+            return res.render('contains/inscription', {
+                message: 'Cet email est déjà utilisé'
+            })
+        }
+
+        let hashedPassword = await bcrypt.hash(password, 8);
+
+        console.log(hashedPassword);
+
+        db.query('INSERT INTO users SET ?', { name: name, email: email, password: hashedPassword }, (error, result) => {
+            if (error) {
+                console.log(error);
+            }
+            else {
+                console.log(result);
+
+                db.query('SELECT * FROM users WHERE email = ?', [email], async (error, result) => {
+                    console.log(result)
+
+                    const id = result[0].id;
+                    // creating a token
+                    const token = jwt.sign({ id: id }, process.env.JWT_SECRET, {
+                        expiresIn: process.env.JWT_EXPIRES_IN
+                    });
+
+                    console.log("The token is : " + token);
+
+                    // when does our token expires
+                    const cookieOptions = {
+                        expires: new Date(
+                            Date.now() + process.env.JWT_COOKIE_EXPIRES_IN * 24 * 60 * 60 * 1000
+                        ),
+                        // just to prevent if someone is not messing with our cookies 
+                        httpOnly: true
+                    }
+                    // we can use any name here in res.cookie(name , token , cookieoptions ) ;
+                    // after a user is loged in we put cookie in browser
+                    res.cookie('jwt', token, cookieOptions);
+                    res.status(200).redirect('/');
+
+                })
+
+
+            }
+        });
+    })
+
+}
+
+exports.isLoggedIn = async (req, res, next) => {
+
+    console.log(req.cookies);
+    if (req.cookies.jwt) {
+        try {
+            // step 1 : Verify the token
+            const decoded = await promisify(jwt.verify)(
+                req.cookies.jwt,
+                process.env.JWT_SECRET
+            )
+
+            //console.log(decoded);
+
+            const userId = decoded.id;
+            req.userId = userId;
+
+            // step 2: check if the user still exists 
+            db.query('SELECT * FROM users WHERE id = ?', [decoded.id], (error, result) => {
+                console.log(result);
+
+                if (!result) {
+                    return next();
+                }
+                req.user = result[0];
+                return next();
+            });
+
+        } catch (error) {
+            console.log(error);
+            return next();
+        }
+    }
+    else {
+        next();
+    }
+}
+
+
+exports.logout = async (req, res) => {
+    res.cookie('jwt', 'déconnecté', {
+        expires: new Date(Date.now() + 2 * 1000),
+        httpOnly: true
+    });
+    res.status(200).redirect('/');
+}