forked from ftPeter/web-programming-final-project-base
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathindex.js
115 lines (112 loc) · 3.76 KB
/
index.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
const express = require("express");
const app = express();
const path = require("path");
const PORT = process.env.PORT || 5000;
const { Pool } = require("pg");
const pool = new Pool({
connectionString: process.env.DATABASE_URL,
ssl: {
rejectUnauthorized: false,
},
});
pool.connect(function(err) {
if (err) {
console.log("Error connecting to db:", err);
}
else {
console.log("Connection established");
}
});
app
.use(express.static(path.join(__dirname, 'public')))
.use(express.urlencoded({extended: true}))
.set('views', path.join(__dirname, 'views'))
.set('view engine', 'ejs')
.use(express.json())
.get('/', function(req, res) {
res.sendFile(path.join(__dirname + '/login.html'));
})
.get('/api/todos/:id', function(req, res) {
pool.query("SELECT * FROM todos WHERE user_id = " + req.params.id + ";", function (err, result) {
if (err) throw err;
if (result == null)
res.json([]);
else
res.json(result.rows);
});
})
.post('/api/todos', function(req, res) {
const todo = req.body;
pool.query("INSERT INTO todos (user_id, remind) VALUES ("+todo.id+",'"+todo.remind+"');", function (err) {
if (err) throw err;
res.sendStatus(201);
});
})
.delete('/api/todos', function(req, res) {
const todo = req.body;
console.log("id : "+ todo.id);
console.log("remind: "+ todo.remind);
pool.query("DELETE FROM todos WHERE user_id = "+todo.id+" AND remind = '"+todo.remind+"';", function (err) {
if (err) throw err;
res.sendStatus(204);
});
})
.post("/login", async (req, res) => {
const username = req.body.username;
const password = req.body.password;
if (validateLogin(username, password)) {
try {
pool.query("SELECT * FROM users WHERE username = '" + username + "' AND password = '"+password+"';", function (err, result) {
if (err) throw err;
if(result.rows.length != 0){
let user_info = {id: result.rows[0].id, username: result.rows[0].username, password: result.rows[0].password};
console.log(result.rows[0].username + " successfully login");
console.log("id: " + result.rows[0].id);
res.render('pages/todo', user_info);
}
else{
let error = {error: "username or password wrong"};
console.log('username or password wrong');
res.render('pages/login_fail',error);
}
});
} catch (err) {
console.error(err);
res.send("Error " + err);
}
}
else{
let error = {error: "not valid username or password"};
console.log("not valid username or password");
res.render('pages/login_fail',error);
}
})
.post("/signUp", async (req, res) => {
if (validateLogin(req.body.username, req.body.password)) {
pool.query("SELECT username FROM users WHERE username = '" + req.body.username + "';", function (err, result) {
if (err) throw err;
if(result.rows.length == 0){
pool.query("INSERT INTO users (username, password) VALUES ('"+req.body.username+"','"+req.body.password+"');");
res.sendFile(path.join(__dirname + '/public/login.html'));
}
else{
let error = {error: "username is used"};
console.log("username is used");
res.render('pages/signup_fail',error);
}
});
}
else{
let error = {error: "not valid username or password"};
console.log("not valid username or password");
res.render('pages/signup_fail',error);
}
})
.listen(PORT, () => console.log(`Listening on ${ PORT }`));
function validateLogin(username, password) {
let valid = false;
if (username.length != 0 && password.length != 0){
valid = true;
}
return valid;
}