2021-11-16 07:18:59 +01:00
|
|
|
const express = require('express');
|
|
|
|
|
const bcrypt = require("bcrypt");
|
|
|
|
|
const randtoken = require("rand-token");
|
|
|
|
|
const router = express.Router();
|
|
|
|
|
const db = require('../modules/db');
|
|
|
|
|
const mail = require('../modules/mail');
|
|
|
|
|
|
|
|
|
|
const saltRounds = 10;
|
2021-11-15 10:59:21 +01:00
|
|
|
|
2021-11-17 09:32:44 +01:00
|
|
|
let config;
|
|
|
|
|
try {
|
|
|
|
|
config = require('../config');
|
|
|
|
|
} catch (e) {
|
|
|
|
|
console.log('No config file found');
|
|
|
|
|
process.exit(0);
|
|
|
|
|
}
|
|
|
|
|
|
2021-11-15 10:59:21 +01:00
|
|
|
router.get('/getproducts', (req, res) => {
|
|
|
|
|
const conn = db.connect();
|
2021-11-16 07:18:59 +01:00
|
|
|
conn.execute('SELECT * FROM `products`', [], function (err, results) {
|
2021-11-15 10:59:21 +01:00
|
|
|
res.json(results);
|
|
|
|
|
});
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
router.get('/getproduct', (req, res) => {
|
|
|
|
|
const conn = db.connect();
|
2021-11-16 07:18:59 +01:00
|
|
|
conn.execute('SELECT * FROM `products` WHERE `ID` = ?', [req.query.id], function (err, results) {
|
2021-11-15 10:59:21 +01:00
|
|
|
res.json(results);
|
|
|
|
|
});
|
|
|
|
|
})
|
|
|
|
|
|
2021-11-16 07:18:59 +01:00
|
|
|
router.post('/register', async (req, res) => {
|
|
|
|
|
if (!req.body.email || !req.body.password || !req.body.first_name || !req.body.last_name) {
|
|
|
|
|
res.status(400);
|
|
|
|
|
res.json({
|
|
|
|
|
'message': 'Bad Request'
|
|
|
|
|
})
|
|
|
|
|
} else {
|
|
|
|
|
const conn = db.connect();
|
|
|
|
|
conn.query("SELECT * FROM users WHERE email = ?", [req.body.email], async function (error, response, fields) {
|
|
|
|
|
if (error) {
|
|
|
|
|
res.status(400);
|
|
|
|
|
res.json({
|
|
|
|
|
'message': 'Bad Request'
|
|
|
|
|
})
|
|
|
|
|
} else {
|
|
|
|
|
if (response.length > 0) {
|
|
|
|
|
res.status(400);
|
|
|
|
|
res.json({
|
|
|
|
|
'message': 'Bad Request'
|
|
|
|
|
})
|
|
|
|
|
} else {
|
|
|
|
|
const encryptedPassword = await bcrypt.hash(req.body.password, saltRounds);
|
|
|
|
|
var users = {
|
|
|
|
|
first_name: req.body.first_name,
|
|
|
|
|
last_name: req.body.last_name,
|
|
|
|
|
email: req.body.email,
|
|
|
|
|
password: encryptedPassword,
|
2021-11-17 09:22:12 +01:00
|
|
|
session: [],
|
2021-11-16 07:18:59 +01:00
|
|
|
};
|
|
|
|
|
conn.query("INSERT INTO users SET ?", users, function (error, response, fields) {
|
|
|
|
|
if (error) {
|
|
|
|
|
res.status(400);
|
|
|
|
|
res.json({
|
|
|
|
|
'message': 'Bad Request'
|
|
|
|
|
})
|
|
|
|
|
} else {
|
2021-11-17 09:32:44 +01:00
|
|
|
conn.query('SELECT * FROM users WHERE email ="' + req.body.email + '"', function (err, result) {
|
2021-11-16 07:18:59 +01:00
|
|
|
if (err) {
|
|
|
|
|
res.status(400);
|
|
|
|
|
res.json({
|
|
|
|
|
'message': 'Bad Request'
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
if (result.length > 0) {
|
|
|
|
|
var token = randtoken.generate(20);
|
|
|
|
|
if (result[0].verify == 0) {
|
2021-11-17 09:32:44 +01:00
|
|
|
let subject = "Account Verification - Nekoya";
|
2021-11-17 09:52:36 +01:00
|
|
|
let content = `<p>Hello!!! Please click this link <a href="${config.host}/verify-mail?token=${token}">link</a> to verify your account!!! Thanks!!!</p>`;
|
2021-11-17 09:32:44 +01:00
|
|
|
var sent = mail.send(req.body.email, subject, content);
|
2021-11-16 07:18:59 +01:00
|
|
|
if (sent != "0") {
|
|
|
|
|
var data = {
|
|
|
|
|
token: token,
|
|
|
|
|
};
|
2021-11-17 09:32:44 +01:00
|
|
|
conn.query('UPDATE users SET ? WHERE email ="' + req.body.email + '"', data, function (err, result) {
|
2021-11-16 07:18:59 +01:00
|
|
|
if (err) {
|
|
|
|
|
res.status(400);
|
|
|
|
|
res.json({
|
|
|
|
|
'message': 'Bad Request'
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
});
|
|
|
|
|
res.status(200);
|
|
|
|
|
res.json({
|
|
|
|
|
'message': 'Register Verification Sent ~'
|
|
|
|
|
})
|
|
|
|
|
} else {
|
|
|
|
|
res.status(400);
|
|
|
|
|
res.json({
|
|
|
|
|
'message': 'Bad Request'
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
res.status(400);
|
|
|
|
|
res.json({
|
|
|
|
|
'message': 'Bad Request'
|
|
|
|
|
})
|
|
|
|
|
}
|
2021-11-16 07:28:38 +01:00
|
|
|
});
|
2021-11-16 07:18:59 +01:00
|
|
|
}
|
|
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
});
|
|
|
|
|
}
|
2021-11-17 09:22:12 +01:00
|
|
|
})
|
|
|
|
|
|
|
|
|
|
router.post('/login', async (req, res) => {
|
|
|
|
|
if (!req.body.email || !req.body.password) {
|
|
|
|
|
res.status(400);
|
|
|
|
|
res.json({
|
|
|
|
|
'message': 'Bad Request'
|
|
|
|
|
})
|
|
|
|
|
} else {
|
|
|
|
|
const conn = db.connect();
|
|
|
|
|
conn.query(
|
|
|
|
|
"SELECT * FROM users WHERE email = ?",
|
|
|
|
|
[req.body.email],
|
|
|
|
|
async function (error, response, fields) {
|
|
|
|
|
const passCheck = await bcrypt.compare(req.body.password, response[0].password);
|
|
|
|
|
if (error) {
|
|
|
|
|
res.status(400);
|
|
|
|
|
res.json({
|
|
|
|
|
'message': 'Bad Request'
|
|
|
|
|
})
|
|
|
|
|
} else {
|
|
|
|
|
if (response.length > 0) {
|
|
|
|
|
if (passCheck) {
|
|
|
|
|
if (response[0].verify == 0) {
|
|
|
|
|
res.status(204);
|
|
|
|
|
res.json({
|
|
|
|
|
'message': 'Sorry You havent verified your email'
|
|
|
|
|
})
|
|
|
|
|
} else {
|
|
|
|
|
let token = randtoken.generate(256);
|
|
|
|
|
let session = JSON.parse(response[0].session);
|
|
|
|
|
session.push({
|
|
|
|
|
user_agent: req.body.ua || req.headers['user-agent'],
|
|
|
|
|
ip: req.body.ip || req.headers['x-forwarded-for'] || req.socket.remoteAddress,
|
|
|
|
|
session: token,
|
|
|
|
|
})
|
2021-11-17 09:51:52 +01:00
|
|
|
conn.query('UPDATE users SET ? WHERE email ="' + req.body.email + '"', {
|
|
|
|
|
session: JSON.stringify(session)
|
|
|
|
|
}, function (err, result) {
|
2021-11-17 09:22:12 +01:00
|
|
|
if (err) {
|
|
|
|
|
res.status(400);
|
|
|
|
|
res.json({
|
|
|
|
|
'message': 'Bad Request'
|
|
|
|
|
})
|
|
|
|
|
} else {
|
|
|
|
|
res.status(200);
|
|
|
|
|
res.json({
|
|
|
|
|
'id': response[0].id,
|
|
|
|
|
'first_name': response[0].first_name,
|
|
|
|
|
'last_name': response[0].last_name,
|
|
|
|
|
'email': response[0].email,
|
|
|
|
|
'verify': (response[0].verify == 1) ? true : false,
|
|
|
|
|
'session_token': token,
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
res.status(401);
|
|
|
|
|
res.json({
|
|
|
|
|
'message': 'Unauthorized'
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
res.status(400);
|
|
|
|
|
res.json({
|
|
|
|
|
'message': 'Bad Request'
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
})
|
2021-11-16 07:18:59 +01:00
|
|
|
|
2021-11-17 09:51:52 +01:00
|
|
|
router.get('/verify-mail', async (req, res) => {
|
|
|
|
|
const conn = db.connect();
|
|
|
|
|
conn.query(
|
|
|
|
|
'SELECT * FROM users WHERE token ="' + req.query.token + '"',
|
|
|
|
|
function (err, result) {
|
|
|
|
|
if (err) {
|
|
|
|
|
res.status(400);
|
|
|
|
|
res.json({
|
|
|
|
|
'message': 'Bad Request'
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
if (result.length > 0) {
|
|
|
|
|
if (result[0].verify == 0) {
|
|
|
|
|
var data = {
|
|
|
|
|
verify: 1,
|
|
|
|
|
};
|
|
|
|
|
db_connect.query(
|
|
|
|
|
'UPDATE users SET ? WHERE email ="' + result[0].email + '"',
|
|
|
|
|
data,
|
|
|
|
|
function (err, result) {
|
|
|
|
|
if (err) {
|
|
|
|
|
res.status(400);
|
|
|
|
|
res.json({
|
|
|
|
|
'message': 'Bad Request'
|
|
|
|
|
})
|
|
|
|
|
} else {
|
|
|
|
|
res.status(200);
|
|
|
|
|
res.json({
|
|
|
|
|
'message': 'Verified ~'
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
);
|
|
|
|
|
} else {
|
|
|
|
|
res.status(403);
|
|
|
|
|
res.json({
|
|
|
|
|
'message': 'Forbidden'
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
res.status(400);
|
|
|
|
|
res.json({
|
|
|
|
|
'message': 'Bad Request'
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
);
|
|
|
|
|
})
|
|
|
|
|
|
2021-11-15 10:59:21 +01:00
|
|
|
module.exports = router;
|
