//http://www.expertphp.in/article/user-login-and-registration-using-nodejs-and-mysql-with-example
var connection = require('./../bdd');
var passwordProtection = require('./securepw');

module.exports=function(req,res,next){
    var name=req.body.username;
    var password=passwordProtection(req.body.password);
    connection.query('SELECT * FROM user WHERE name = ? AND actif = 1',[name], function (error, results, fields) {
      if (error) {
          req.session.auth.json({
            status:false,
            message:'there are some error with query'
            })
            next();
      }else{
        if(results.length >0){
            if(password==results[0].pw){

                    req.session.authStatus=true;
                    req.session.authMessage='successfully authenticated';

                next();
            }else{

                  req.session.authStatus=false,
                  req.session.authMessage="Email and password does not match";

                 next();
            }

        }
        else{

              req.session.authStatus=false;
            req.session.authMessage="Email does not exits";

          next();
        }
      }
    });
}