const express = require('express'); const fs = require('fs'); const path = require('path'); const mysql = require("mysql2/promise"); const config = require("./config/db.config.js"); const session = require('express-session'); const PORT = process.env.PORT || 5000; // Default port is 5000 const log = { yellow: '\x1b[33m%s\x1b[0m', //yellow cyan: '\x1b[36m%s\x1b[0m',//cyan red: '\x1b[31m%s\x1b[0m', //red green: '\x1b[32m%s\x1b[0m', //green black: '\x1b[30m%s\x1b[0m', //black blue: '\x1b[34m%s\x1b[0m', //blue gray: '\x1b[90m%s\x1b[0m' //gray } // Create a connection pool const pool = mysql.createPool({ host: config.host, user: config.user, password: config.password, database: config.database, waitForConnections: true, connectionLimit: 10, queueLimit: 0 }); const app = express(); app.set('view engine', 'ejs'); app.set('views', path.join(__dirname, 'views')); app.use(session({ secret: config.secret, resave: true, saveUninitialized: true })); app.use(express.json()); app.use(express.urlencoded({ extended: true })); app.use(express.static(path.join(__dirname, 'static'))); app.get('/', function(request, response) { if (request.session.loggedin) { // Output username // response.send('Welcome back, ' + request.session.username + '!'); console.log(request.session.username , 'open main page'); // Render home page with username response.render('home', { username: request.session.username }); } else { // Not logged in // response.send('Please login to view this page!'); response.redirect('/login'); } }); app.get('/login', function(request, response) { /// Render login template with any message from query parameters console.log('Message:', request.query.message); // Log the message response.render('login', { message: request.query.message || '' }); // response.sendFile(path.join(__dirname + '/login.html')); }); app.post('/auth', async function(request, response) { // Capture the input fields const { login, password } = request.body; // Ensure the input fields exist and are not empty if (login && password) { try { // Get a connection from the pool const connection = await pool.getConnection(); // Execute SQL query // const [rows] = await connection.execute( // 'SELECT * FROM accounts WHERE username = ? AND password = ?', // [username, password] // ); const [rows] = await connection.execute( 'SELECT * FROM accounts WHERE (username = ? OR email = ?) AND password = ?', [login, login, password] ); // console.log(rows); // Release the connection back to the pool connection.release(); // If the account exists if (rows.length > 0) { // Authenticate the user request.session.loggedin = true; request.session.username = rows[0].username; // request.session.username = username; // Redirect to home page response.redirect('/'); } else { response.redirect('/login?message=Incorrect Username and/or Password!'); } } catch (error) { console.error('Database query error:', error); response.status(500).send('An error occurred while processing your request.'); } } else { // response.send('Please enter Username and Password!'); response.redirect('/login?message=Please enter Username and Password!'); } }); // http://localhost:3000/home app.get('/home', function(request, response) { // If the user is loggedin if (request.session.loggedin) { // Output username // response.send('Welcome back, ' + request.session.username + '!'); // Render home page with username response.render('home', { username: request.session.username }); } else { // Not logged in // response.send('Please login to view this page!'); response.redirect('/login'); } response.end(); }); // http://localhost:3000/logout app.get('/logout', function(request, response) { request.session.destroy((err) => { if (err) { return response.status(500).send('Failed to logout'); } response.redirect('/'); }); }); app.listen(PORT, () => { console.info(`Listening on http://0.0.0.0:${PORT}/`); });