//http://www.expertphp.in/article/user-login-and-registration-using-nodejs-and-mysql-with-example var connection = require('./../bdd'); var passwordProtection = require('./securepw'); const util = require('util'); module.exports = function(req, res, next) { var name = req.body.username; var password = passwordProtection(req.body.password); connection.query('SELECT * FROM user WHERE userName = ?', [name], function(error, results, fields) { if (error) { console.log("ERROR SQL LOGIN-CONTROLLER : " + console.error); req.session.authStatus = false; req.session.authMessage = 'SQL0' + error; next(); } else { if (results.length > 0) { if (password == results[0].pw) { req.session.userName = name; req.session.authStatus = true; req.session.authMessage = 'OK'; console.log(name + " SUCESSFULL LOGED"); next(); } else { console.log(name + " BAD PASSWORD"); req.session.authStatus = false, req.session.authMessage = "BAD PASSWORD"; next(); } } else { if (req.body.password != "") { var users = { "userName": req.body.username, "pw": passwordProtection(req.body.password) } connection.query('INSERT INTO user SET ?', users, function(error, results, fields) { if (error) { //res.local.stat = 0; res.locals.message = '0'; console.log("ERROR SQL LOGIN-CONTROLLER : " + error); req.session.authStatus = false; req.session.authMessage = 'SQL INSERT ERROR'; next(); } else { req.session.userName = name; req.session.authStatus = true; req.session.authMessage = 'SQL INSERT OK'; console.log(name + "SUCESSFULL REGISTER"+req.session.authMessage); next(); } }); } else { req.session.userName = name; req.session.authStatus = true; req.session.authMessage = 'AUTH WITHOUT REG OK'; console.log(name + "SUCESSFULL LOGED WITHOUTH PW"); next(); } } } }); }