Add user login and setup extand pug template

2020-04-26 18:55:21 +02:00 · 2020-04-26 18:55:21 +02:00 · 356f25ef33
parent a28c293e87
commit 356f25ef33
5 changed files with 81 additions and 16 deletions
--- a/app.js
+++ b/app.js
@ -1,10 +1,12 @@
 let express = require("express");
 let morgan = require("morgan");
+let cookieParser = require("cookie-parser");
+let bodyParser = require('body-parser');
+let session = require("express-session");
 let fs = require("fs");
-let rl = require("readline").createInterface({input: process.stdin, output: process.stdout, terminal: false});
 let passwordHash = require('password-hash');
-let app = express();

+let app = express();

 if (!fs.existsSync("users.json")) {
 	fs.writeFileSync("users.json", "{}");
@ -16,6 +18,7 @@ if (!fs.existsSync("users.json")) {
 }

 async function addUser() {
+	let rl = require("readline").createInterface({input: process.stdin, output: process.stdout, terminal: false});
 	let username;
 	let password;
 	file = JSON.parse(fs.readFileSync("users.json"));
@ -28,12 +31,49 @@ async function addUser() {
 }


+function isAuth(req, res, next) {
+	if (req.session.login) {
+		next();
+	} else {
+		res.redirect("/login");
+	}
+}
+
+
 app.use(morgan("dev"))
-.use(express.static("public"))
-.set("view engine", "pug")
-.get("/", (req, res) => {
-	res.render("index");
-});
-
-app.listen(8080)
+	.use(express.static("public"))
+	.use(bodyParser.urlencoded({ extended: true }))
+	.use(cookieParser())
+	.use(session({
+		secret: process.env.SECRET,
+		resave: false,
+		saveUninitialized: false,
+		cookie: { secure: "auto" }
+	}))
+	.set("trust proxy", 1)
+	.set("view engine", "pug")
+	.get("/", isAuth, (req, res) => {
+		res.render("index");
+	})
+	.get("/login", (req, res) => {
+		let fail = false;
+		if ("fail" in req.query) {
+			fail = true;
+		}
+		res.render("login", {title: "login", fail: fail});
+	}).post("/login", (req, res) => {
+		if ("username" in req.body && "password" in req.body) {
+			file = JSON.parse(fs.readFileSync("users.json"));
+			if (req.body.username in file && passwordHash.verify(req.body.password, file[req.body.username])) {
+				req.session.login = true;
+				req.session.save();
+				res.redirect("/");
+			} else {
+				res.redirect("/login?fail");
+			}
+		} else {
+			res.redirect("/login?fail");
+		}
+	})
+	.listen(8080);

--- a/package.json
+++ b/package.json
@ -4,7 +4,10 @@
  "description": "A light web image uploader",
  "main": "app.js",
  "dependencies": {
+    "body-parser": "^1.19.0",
+    "cookie-parser": "^1.4.5",
    "express": "^4.17.1",
+    "express-session": "^1.17.1",
    "morgan": "^1.10.0",
    "password-hash": "^1.2.2",
    "pug": "^2.0.4"
--- a/views/index.pug
+++ b/views/index.pug
@ -1,8 +1,7 @@
-doctype html
-html(lang="en")
-	head
-		meta(charset='utf-8')
-		title Image Node 
-	body
-		h1 Image Node	
+extend layout
+block content
+	h1 Image Node
+	form(method="POST", action="/upload", enctype="multipart/form-data")
+		input(type="file", name="image", accept="image/*")
+		button(type="submit") Upload

--- a/views/layout.pug
+++ b/views/layout.pug
@ -0,0 +1,11 @@
+doctype html
+html(lang="en")
+	head
+		meta(charset='utf-8')
+		if title
+			title Image Node - #{title} 
+		else
+			title Image Node
+	body
+		block content
+
--- a/views/login.pug
+++ b/views/login.pug
@ -0,0 +1,12 @@
+extend layout
+block content
+	h1 Login
+	if fail
+		h2 Invalid loggin !
+	form(method="POST", action="/login")
+		label(for="username") Username: 
+		input#username(type="text", name="username")
+		label(for="password") Password: 
+		input#password(type="password", name="password")
+		button(type="submit") Login
+