mirror of
https://github.com/Akif9748/akf-forum.git
synced 2024-10-06 12:48:30 +03:00
Akif9748
11965e8de9
added ratelimit to post threads and messages. Added encryption to passwords. Thread.ejs is fixed
39 lines
No EOL
1.1 KiB
JavaScript
39 lines
No EOL
1.1 KiB
JavaScript
const { UserModel, SecretModel } = require("../models");
|
|
const { Router } = require("express");
|
|
const error = require("../errors/error");
|
|
const app = Router();
|
|
const bcrypt = require("bcrypt");
|
|
|
|
app.get("/", (req, res) => res.render("login"));
|
|
|
|
app.post("/", async (req, res) => {
|
|
req.session.userid = null;
|
|
|
|
const { username = null, password = null } = req.body;
|
|
|
|
if (username && password) {
|
|
const user = await SecretModel.findOne({ username });
|
|
if (user) {
|
|
|
|
const validPassword = await bcrypt.compare(password, user.password);
|
|
|
|
if (!validPassword) return error(res, 403, 'Incorrect Password!')
|
|
const member = await UserModel.findOne({ name: username });
|
|
if (!member || member.deleted) return error(res, 403, 'Incorrect Username and/or Password!')
|
|
|
|
req.session.userid = user.id;
|
|
|
|
res.redirect('/');
|
|
} else
|
|
error(res, 403, 'Incorrect Username and/or Password!')
|
|
|
|
|
|
} else
|
|
error(res, 400, "You forgot entering some values")
|
|
|
|
|
|
|
|
})
|
|
|
|
|
|
module.exports = app; |