39 lines
1.1 KiB
JavaScript
39 lines
1.1 KiB
JavaScript
|
const express = require('express');
|
||
|
|
const router = express.Router();
|
||
|
|
|
||
|
|
const bcrypt = require('bcrypt');
|
||
|
|
|
||
|
|
const { better_sqlite_client } = require('../db');
|
||
|
|
|
||
|
|
router.post('/auth/login', (req, res) => {
|
||
|
|
const { username, password } = req.body;
|
||
|
|
const query = better_sqlite_client.prepare('SELECT * FROM users WHERE username = ?');
|
||
|
|
const user = query.get(username);
|
||
|
|
|
||
|
|
if (user) {
|
||
|
|
bcrypt.compare(password, user.password, (err, result) => {
|
||
|
|
if (result) {
|
||
|
|
req.session.user = user;
|
||
|
|
res.status(200).json({ status: 200, message: 'Login successful' });
|
||
|
|
} else {
|
||
|
|
res.status(200).json({ status: 401, message: 'Invalid credentials' });
|
||
|
|
}
|
||
|
|
});
|
||
|
|
} else {
|
||
|
|
res.status(401).json({ status: 401, message: 'Invalid credentials' });
|
||
|
|
}
|
||
|
|
});
|
||
|
|
|
||
|
|
router.post('/auth/logout', (req, res) => {
|
||
|
|
req.session.destroy((err) => {
|
||
|
|
if (err) {
|
||
|
|
console.error(err);
|
||
|
|
res.status(500).json({ status: 500, message: 'Logout failed' });
|
||
|
|
} else {
|
||
|
|
res.redirect('/');
|
||
|
|
}
|
||
|
|
});
|
||
|
|
});
|
||
|
|
|
||
|
|
module.exports = router;
|