Merge branch 'back' into 'master'

Back

See merge request LETU/LETU!3

app.js

@@ -8,6 +8,7 @@ const session = require("express-session");
 const config = require("./config/config.json");
 
 let indexRouter = require("./routes/index");
+const loginRouter = require("./routes/login");
 
 let app = express();
 const sessionMiddleware = session({secret: config.secret});
@@ -35,6 +36,7 @@ app.use((req, res, next) => {
 });
 
 app.use("/", indexRouter);
+app.use("/login", loginRouter);
 
 // catch 404 and forward to error handler
 app.use((req, res, next) => {

config/config_example.json

@@ -7,5 +7,6 @@
     "dialect": "postgres",
     "operatorsAliases": false
   },
-  "secret": "keyboard cat"
+  "secret": "keyboard cat",
+  "passwordPrivateKey": "ecc635295f200847b79299df48e15759"
 }

models/user.js

@@ -0,0 +1,72 @@
+"use strict";
+
+const crypto = require("crypto");
+const privateKey = require("../config/config.json").passwordPrivateKey;
+
+const {
+    Model
+} = require("sequelize");
+module.exports = (sequelize, DataTypes) => {
+    function hash(password, email) {
+        let cipher = crypto.createCipheriv(
+            "aes-256-cbc",
+            privateKey,
+            crypto.createHash("md5").update(email).digest("base64").slice(0, 16)
+        );
+        return cipher.update(password, "utf8", "base64") + cipher.final("base64");
+    }
+
+    class User extends Model {
+        static associate(models) {
+        }
+
+        checkPassword(password) {
+            return hash(password, this.email) === this.passwordHash
+        }
+    }
+    User.init({
+        email: {
+            type: DataTypes.STRING,
+            validate: {
+                isEmail: true
+            },
+            primaryKey: true
+        },
+        emailVerified : {
+            type: DataTypes.BOOLEAN,
+            defaultValue: false,
+            allowNull: false
+        },
+        emailToken: {
+            type: DataTypes.STRING,
+            unique: true
+        },
+        firstName: {
+            type: DataTypes.STRING,
+            allowNull: false,
+            unique: "userFullName"
+        },
+        lastName: {
+            type: DataTypes.STRING,
+            allowNull: false,
+            unique: "userFullName"
+        },
+        passwordHash: {
+            type: DataTypes.STRING,
+            allowNull: false,
+            set(value) {
+                if (value)
+                    this.setDataValue("passwordHash", hash(value, this.email));
+            }
+        },
+        permissions: {
+            type: DataTypes.INTEGER,
+            defaultValue: 0,
+            allowNull: false
+        }
+    }, {
+        sequelize,
+        modelName: "User",
+    });
+    return User;
+};

routes/login.js

@@ -0,0 +1,8 @@
+let express = require("express");
+let router = express.Router();
+
+router.get("/", (req, res) => {
+    res.render("login", { title: "L'ETU" });
+});
+
+module.exports = router;

sockets/index.js

@@ -1,4 +1,5 @@
 module.exports = socket => {
     console.log("New connection !");
+    socket.on("login", require("./login")(socket));
     socket.emit("connected");
 }

sockets/login.js

@@ -0,0 +1,20 @@
+const modules = require("../models");
+
+module.exports = socket => {
+    return async (data) => {
+        let user = await modules.User.findByPk(data.email);
+        if (!user) {
+            socket.emit("login", null);
+            return;
+        }
+
+        if (!user.checkPassword(data.password)) {
+            socket.emit("login", null);
+            return;
+        }
+
+        socket.request.session.user = user;
+        socket.request.session.save();
+        socket.emit("login", user)
+    }
+}

views/index.pug

@@ -1,52 +1,5 @@
 extends layout
 
 block content
-  div(class='row main-form')
+    h1= title
-    div(class='col s12 m8 offset-m2 signinup z-depth-5' id="signin")
+    p Welcome to #{title}
-        h2 Welcome back
-        form
-          div(class="input-field col s12")
-            i(class="material-icons prefix") mail
-            input(type="text" id="mail-input" class="autocomplete")
-            label(for="mail-input") Email
-
-          div(class="input-field col s12")
-            i(class="material-icons prefix") lock
-            input(type="password" id="password-input" class="autocomplete")
-            label(for="password-input") Password
-
-          input(type='submit' value='Login')
-
-    div(class='col s12 m8 offset-m2 signinup z-depth-5' id="signup")
-      h2 Welcome
-      form
-        div(class="input-field col s6")
-          i(class="material-icons prefix") portrait
-          input(type="text" id="firstname-input" class="autocomplete")
-          label(for="firstname-input") First Name
-
-        div(class="input-field col s6")
-          input(type="text" id="lastname-input" class="autocomplete")
-          label(for="lastname-input") Last Name
-
-        div(class="input-field col s12")
-          i(class="material-icons prefix") mail
-          input(type="text" id="mailreg-input" class="autocomplete")
-          label(for="mailreg-input") Email
-
-        div(class="input-field col s12")
-          i(class="material-icons prefix") lock
-          input(type="password" id="passwordreg-input" class="autocomplete")
-          label(for="passwordreg-input") Password
-
-        input(type='submit' value='Register')
-
-    div(class='col s12 m8 offset-m2 signinup z-depth-5' id="forgotPsw")
-      h2 Forgot password
-      form
-        div(class="input-field col s12")
-          i(class="material-icons prefix") mail
-          input(type="text" id="mailforgot-input" class="autocomplete")
-          label(for="mailforgot-input") Email
-
-        input(type='submit' value='Send email')

views/login.pug

@@ -0,0 +1,52 @@
+extends layout
+
+block content
+  div(class='row main-form')
+    div(class='col s12 m8 offset-m2 signinup z-depth-5' id="signin")
+        h2 Welcome back
+        form
+          div(class="input-field col s12")
+            i(class="material-icons prefix") mail
+            input(type="text" id="mail-input" class="autocomplete")
+            label(for="mail-input") Email
+
+          div(class="input-field col s12")
+            i(class="material-icons prefix") lock
+            input(type="password" id="password-input" class="autocomplete")
+            label(for="password-input") Password
+
+          input(type='submit' value='Login')
+
+    div(class='col s12 m8 offset-m2 signinup z-depth-5' id="signup")
+      h2 Welcome
+      form
+        div(class="input-field col s6")
+          i(class="material-icons prefix") portrait
+          input(type="text" id="firstname-input" class="autocomplete")
+          label(for="firstname-input") First Name
+
+        div(class="input-field col s6")
+          input(type="text" id="lastname-input" class="autocomplete")
+          label(for="lastname-input") Last Name
+
+        div(class="input-field col s12")
+          i(class="material-icons prefix") mail
+          input(type="text" id="mailreg-input" class="autocomplete")
+          label(for="mailreg-input") Email
+
+        div(class="input-field col s12")
+          i(class="material-icons prefix") lock
+          input(type="password" id="passwordreg-input" class="autocomplete")
+          label(for="passwordreg-input") Password
+
+        input(type='submit' value='Register')
+
+    div(class='col s12 m8 offset-m2 signinup z-depth-5' id="forgotPsw")
+      h2 Forgot password
+      form
+        div(class="input-field col s12")
+          i(class="material-icons prefix") mail
+          input(type="text" id="mailforgot-input" class="autocomplete")
+          label(for="mailforgot-input") Email
+
+        input(type='submit' value='Send email')

views/signinup.pug

@@ -1,3 +0,0 @@
-extends layout
-
-block content