const { UserModel, SecretModel } = require("../models"); const { Router } = require("express"); const app = Router(); const bcrypt = require("bcrypt"); app.get("/", (req, res) => res.render("login",{redirect: req.query.redirect,user:null})); app.post("/", async (req, res) => { req.session.userid = null; const { username = null, password = null } = req.body; if (username && password) { const user = await SecretModel.findOne({ username }); if (user) { const validPassword = await bcrypt.compare(password, user.password); if (!validPassword) return res.error( 403, 'Incorrect Password!') const member = await UserModel.findOne({ name: username }); if (!member || member.deleted) return res.error( 403, 'Incorrect Username and/or Password!') req.session.userid = user.id; res.redirect( req.query.redirect || '/'); } else res.error( 403, 'Incorrect Username and/or Password!') } else res.error( 400, "You forgot entering some values") }) module.exports = app;