From 2ecb69c828e84f86974e247fab463d23a1b37e74 Mon Sep 17 00:00:00 2001
From: newtbot <limtiseng@gmail.com>
Date: Sat, 20 Jan 2024 01:22:19 +0800
Subject: [PATCH] a

---
 consumerWebsite/database/model/apiKeyModel.js |  1 -
 consumerWebsite/functions/apiDatabase.js      | 16 +++++-------
 consumerWebsite/functions/bcrypt.js           |  5 ++++
 consumerWebsite/middleware/authChecker.js     |  4 +++
 consumerWebsite/public/js/app.js              | 24 +++++++++++++++--
 consumerWebsite/routes/render.js              |  2 +-
 consumerWebsite/routes/user.js                | 26 +++++++++----------
 consumerWebsite/views/signuplogin.ejs         | 16 +++++-------
 8 files changed, 59 insertions(+), 35 deletions(-)

diff --git a/consumerWebsite/database/model/apiKeyModel.js b/consumerWebsite/database/model/apiKeyModel.js
index 55e096b..f644a14 100644
--- a/consumerWebsite/database/model/apiKeyModel.js
+++ b/consumerWebsite/database/model/apiKeyModel.js
@@ -64,7 +64,6 @@ const apikeyModel = sequelize.define(
 
 module.exports = { apikeyModel };
 
-
 /*
   class AuthToken extends Model {
     check(){
diff --git a/consumerWebsite/functions/apiDatabase.js b/consumerWebsite/functions/apiDatabase.js
index 09dce25..7033e84 100644
--- a/consumerWebsite/functions/apiDatabase.js
+++ b/consumerWebsite/functions/apiDatabase.js
@@ -4,12 +4,9 @@ const { userModel } = require("../database/model/userModel.js");
 const { Op, Sequelize } = require("sequelize");
 const { hashAPIKey } = require("../functions/bcrypt.js");
 const { generateUUID } = require("../functions/generateUUID.js");
-const { hashPassword , hashAPIKey } = require("../functions/bcrypt.js");
+const { hashPassword , comparePassword , hashAPIKey } = require("../functions/bcrypt.js");
+
 
-async function getUser() {
-	const user = await userModel.findAll();
-	return user;
-}
 //api/v0/user/register
 
 /* Registering new user 
@@ -31,6 +28,10 @@ async function addUser(user) {
 	});
 }
 
+async function getAPIKey() {
+	const apikey = await apikeyModel.findAll();
+	return apikey;
+}
 
 /*
 1) take userid 
@@ -40,8 +41,6 @@ async function addUser(user) {
 5) you give the user rowid-uuidv4
 6) store in database
 */
-
-
 async function addAPIKey(userId, permission) {
 	let token = await generateUUID();
     let usertoken = userId + "-" + token;
@@ -62,8 +61,7 @@ async function addAPIKey(userId, permission) {
 }
 
 module.exports = {
-	getUser,
 	addUser,
-	getAPIKey,
+	loginUser,
 	addAPIKey,
 };
diff --git a/consumerWebsite/functions/bcrypt.js b/consumerWebsite/functions/bcrypt.js
index a303cae..bf644e0 100644
--- a/consumerWebsite/functions/bcrypt.js
+++ b/consumerWebsite/functions/bcrypt.js
@@ -29,9 +29,14 @@ async function hashAPIKey(apikey) {
     return await bcrypt.hash(apikey, saltRounds);
 }
 
+async function comparePassword(password, hash) {
+    return await bcrypt.compare(password, hash);
+}
+
 
 
 module.exports = { 
     hashPassword,
     hashAPIKey,
+    comparePassword
 };
\ No newline at end of file
diff --git a/consumerWebsite/middleware/authChecker.js b/consumerWebsite/middleware/authChecker.js
index e69de29..343cd14 100644
--- a/consumerWebsite/middleware/authChecker.js
+++ b/consumerWebsite/middleware/authChecker.js
@@ -0,0 +1,4 @@
+/*v
+1) check if token proided by JSON req is valid against db
+2) if valid its passed to next()
+*/
\ No newline at end of file
diff --git a/consumerWebsite/public/js/app.js b/consumerWebsite/public/js/app.js
index e7dd68b..b450cbd 100644
--- a/consumerWebsite/public/js/app.js
+++ b/consumerWebsite/public/js/app.js
@@ -153,6 +153,14 @@ app.auth = (function (app) {
 		localStorage.setItem("APIToken", token);
 	}
 
+	function setUserId(userId) {
+		localStorage.setItem("userId", userId);
+	}
+
+	function setUsername(username) {
+		localStorage.setItem("username", username);
+	}
+
 	function getToken() {
 		return localStorage.getItem("APIToken");
 	}
@@ -167,7 +175,7 @@ app.auth = (function (app) {
 			callback(null, false);
 		}
 	}
-
+	/*
 	function logIn(args, callback) {
 		app.api.post("auth/login", args, function (error, data) {
 			if (data.login) {
@@ -176,9 +184,14 @@ app.auth = (function (app) {
 			callback(error, !!data.token);
 		});
 	}
+	*/
 
 	function logOut(callback) {
 		localStorage.removeItem("APIToken");
+		localStorage.removeItem("userId");
+		localStorage.removeItem("username");
+
+		//remove token from db NOT the api key.
 		callback();
 	}
 
@@ -196,17 +209,24 @@ app.auth = (function (app) {
 
 	function logInRedirect() {
 		window.location.href =
+			//window.location.href = location.href.replace(location.origin+'/login', '') || '/'
 			location.href.replace(location.replace(`/login`)) || "/";
 	}
 
+	function homeRedirect(){
+		window.location.href = 
+		location.href.replace(location.replace(`/`)) || "/";
+	}
+
 	return {
 		getToken: getToken,
 		setToken: setToken,
 		isLoggedIn: isLoggedIn,
-		logIn: logIn,
+		//logIn: logIn,
 		logOut: logOut,
 		forceLogin,
 		logInRedirect,
+		homeRedirect,
 	};
 })(app);
 
diff --git a/consumerWebsite/routes/render.js b/consumerWebsite/routes/render.js
index 471df93..b864966 100644
--- a/consumerWebsite/routes/render.js
+++ b/consumerWebsite/routes/render.js
@@ -51,7 +51,7 @@ router.get('/news', function(req, res, next) {
     res.render('news'); 
 });
 
-//login / register page
+//login | register page
 router.get('/login', function(req, res, next) {
     res.render('signuplogin'); 
 });
diff --git a/consumerWebsite/routes/user.js b/consumerWebsite/routes/user.js
index 1471fbe..16ddaaf 100644
--- a/consumerWebsite/routes/user.js
+++ b/consumerWebsite/routes/user.js
@@ -1,19 +1,8 @@
-const { getUser, addUser } = require("../functions/apiDatabase.js");
+const { addUser , loginUser } = require("../functions/apiDatabase.js");
 
 const express = require("express");
 const router = express.Router();
 
-//get all users
-router.get("/", async (req, res, next) => {
-	try {
-		const location = await getUser();
-		res.status(200).json(location);
-	} catch (error) {
-		console.error(error);
-		next(error);
-	}
-});
-
 
 // /user/register
 router.post("/register", async (req, res, next) => {
@@ -27,8 +16,19 @@ router.post("/register", async (req, res, next) => {
 	}
 });
 
-
 //login
+router.post("/login", async (req, res, next) => {
+	try {
+		console.log("this is " , req.body);
+		let res = await loginUser(req.body);
+		if (res == false){
+			console.log("user not found");
+		}
+	} catch (error) {
+		console.error(error);
+		next(error);
+	}
+});
 //update
 //delete
 //getbyid
diff --git a/consumerWebsite/views/signuplogin.ejs b/consumerWebsite/views/signuplogin.ejs
index 0eda68c..a73fd63 100644
--- a/consumerWebsite/views/signuplogin.ejs
+++ b/consumerWebsite/views/signuplogin.ejs
@@ -5,11 +5,8 @@
         <div class="form signup" >
             <!--<div class="form signup card" -->
             <header>Signup</header>
-            <!-- Return message from api -->
-            <div class="actionMessage" style="display:none"></div>
             <!-- localhost/api/v0/user/register -->
-
-            <!-- evalAjax Fires when status is returned  -->
+            <!-- evalAjax Fires when status 200 is returned  -->
             <form action="user/register" onsubmit="formAJAX(this)" evalAJAX="app.auth.logInRedirect();">
                 <input type="text" name="username" placeholder="Username" required />
                 <input type="text" name="email" placeholder="Email" required />
@@ -23,11 +20,12 @@
 
         <div class="form login">
             <header>Login</header>
-            <!-- Return message from api -->
-            <div class="actionMessage" style="display:none"></div>
-            <form action="user/login" onsubmit="formAJAX(this)" evalAJAX="app.auth.logInRedirect();">
-                <input type="text" id="email" placeholder="Email address" required />
-                <input type="password" id="password" placeholder="Password" required />
+            <!-- evalAjax Fires when status 200 is returned  -->
+            <form action="user/login" onsubmit="formAJAX(this)" 
+            evalAJAX="app.auth.homeRedirect();"
+            >
+                <input type="text" name="userInfo" placeholder="Email address | Username" required />
+                <input type="password" name="password" placeholder="Password" required />
                 <a href="/resetPassword">Forgot password?</a>
                 <input type="submit" value="Login" />
             </form>