-
Notifications
You must be signed in to change notification settings - Fork 0
/
server.js
108 lines (90 loc) · 2.79 KB
/
server.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
const express = require('express'),
path = require('path'),
bodyParser = require('body-parser'),
methodOverride = require('method-override'),
session = require('express-session')
require('dotenv').config()
const db = require('./config/db')
const index = require('./routes/index')
const teams = require('./routes/team')
const matches = require('./routes/match')
const schiri = require('./routes/schiri')
const admin = require('./routes/admin')
const Team = require('./schema/team')
const Match = require('./schema/match')
const app = express()
const { PORT = 5050 } = process.env
const dev = true
app.use(session({
secret: process.env.SESSION_TOKEN,
resave: true,
saveUninitialized: true,
cookie: {secure: false}
}))
app.set('views', path.join(__dirname, 'views'))
.set('view engine', 'ejs')
app.use(express.static(path.join(__dirname, 'public')))
app.use(bodyParser.urlencoded({ extended: true }))
app.use(bodyParser.json())
app.use(methodOverride(function (req, res) {
if (req.body && typeof req.body === 'object' && '_method' in req.body) {
const method = req.body._method
delete req.body._method
return method
}
}))
let users = {}
users[process.env.USER_NAME] = process.env.USER_PW
users['schiri'] = process.env.SCHIRI_PW
function auth(req, res, next) {
if (((req.session) && users[req.session.user] && req.session.admin) || dev)
return next();
else
req.session.redirectTo = req.originalUrl
res.redirect('/login');
}
app.get('/login', (req, res) => {
let schiri = false;
if (req.session.redirectTo && req.session.redirectTo.indexOf('schiri/') != -1) {
schiri = true;
}
res.render('login', {schiri: schiri})
})
app.post('/login', (req, res) => {
console.log('login request')
if (!req.body.username || !req.body.password) {
res.send('Login Failed')
}
else if (users[req.body.username] && users[req.body.username] === req.body.password ) {
console.log('login granted')
let redirectTo
if (req.body.username == 'schiri') {
redirectTo = req.session.redirectTo ? req.session.redirectTo : '/'
} else {
redirectTo = req.session.redirectTo ? req.session.redirectTo : '/admin'
}
delete req.session.redirectTo
req.session.user = req.body.username
req.session.admin = true
req.session.save()
res.redirect(redirectTo)
}
else {
console.log(users[req.body.username])
console.log(req.body.password)
console.log('wuuut')
res.redirect('/login')
}
})
app.get('/logout', (req, res) => {
req.session.destroy()
res.redirect('/')
})
app.use(index)
.use(auth)
.use(schiri)
.use(admin)
.use(matches)
.use(teams)
.use((req, res) => res.status(404).send({ url: `${req.originalUrl} not found` }))
app.listen(PORT, () => console.log(`Server running on port ${PORT}`))