correction bug

This commit is contained in:
adri 2019-01-07 22:50:35 +01:00
parent d1b502c110
commit 51558b193f
2 changed files with 66 additions and 69 deletions

View File

@ -3,64 +3,63 @@ var connection = require('./../bdd');
var passwordProtection = require('./securepw');
const util = require('util');
module.exports=function(req,res,next){
var name=req.body.username;
var password=passwordProtection(req.body.password);
module.exports = function(req, res, next) {
var name = req.body.username;
var password = passwordProtection(req.body.password);
connection.query('SELECT * FROM user WHERE userName = ?',[name], function (error, results, fields) {
if (error) {
console.log("ERROR SQL LOGIN-CONTROLLER : "+console.error);
req.session.authStatus=false;
req.session.authMessage='SQL0'+error;
next();
}else{
if(results.length >0){
if(password==results[0].pw){
req.session.userName = name;
req.session.authStatus=true;
req.session.authMessage='OK';
next();
}else{
req.session.authStatus=false,
req.session.authMessage="BAD PASSWORD";
next();
}
}
else{
if(req.body.password != "")
{
var users={
"userName":req.body.username,
"pw": passwordProtection(req.body.password)
}
connection.query('INSERT INTO user SET ?',users, function (error, results, fields) {
if (error) {
//res.local.stat = 0;
res.locals.message='0';
console.log("ERROR SQL LOGIN-CONTROLLER : "+console.error);
req.session.authStatus=false;
req.session.authMessage='SQL INSERT ERROR';
next();
}else{
req.session.userName = name;
req.session.authStatus=true;
req.session.authMessage='SQL INSERT OK';
next();
}
});
}
else {
req.session.userName = name;
req.session.authStatus=true;
req.session.authMessage='AUTH WITHOUT REG OK';
}
connection.query('SELECT * FROM user WHERE userName = ?', [name], function(error, results, fields) {
if (error) {
console.log("ERROR SQL LOGIN-CONTROLLER : " + console.error);
req.session.authStatus = false;
req.session.authMessage = 'SQL0' + error;
next();
} else {
if (results.length > 0) {
if (password == results[0].pw) {
req.session.userName = name;
req.session.authStatus = true;
req.session.authMessage = 'OK';
console.log(name + " SUCESSFULL LOGED");
next();
} else {
console.log(name + " BAD PASSWORD");
req.session.authStatus = false,
req.session.authMessage = "BAD PASSWORD";
next();
}
} else {
if (req.body.password != "") {
var users = {
"userName": req.body.username,
"pw": passwordProtection(req.body.password)
}
connection.query('INSERT INTO user SET ?', users, function(error, results, fields) {
if (error) {
//res.local.stat = 0;
res.locals.message = '0';
console.log("ERROR SQL LOGIN-CONTROLLER : " + error);
req.session.authStatus = false;
req.session.authMessage = 'SQL INSERT ERROR';
next();
} else {
req.session.userName = name;
req.session.authStatus = true;
req.session.authMessage = 'SQL INSERT OK';
console.log(name + "SUCESSFULL REGISTER"+req.session.authMessage);
next();
}
});
} else {
req.session.userName = name;
req.session.authStatus = true;
req.session.authMessage = 'AUTH WITHOUT REG OK';
console.log(name + "SUCESSFULL LOGED WITHOUTH PW");
next();
}
}
});
}
});
}

View File

@ -28,9 +28,7 @@ app.get('/', function(req, res){
res.redirect('/login');
}).get('/login', function(req, res){
res.render('login');
}).post('/login', function(req,res,next){
next();
}, loginController, function(req, res){
}).post('/login', loginController, function(req, res){
res.send('<!DOCTYPE html><html><body>'+req.session.authMessage+'<br><a href="/">HOME</a></body></html>');
});