ผมอยากให้พี่ๆ เพื่อนๆที่นี่ช่วยตรวจสอบ code หน่อยได้มั้ยครับ
ในส่วนของ Frontend
โค้ด: เลือกทั้งหมด
<div class="row">
<div class="col-sm-5 bg-light rounded py-3 ">
<h2 class="text-center">Login</h2>
<form action="" method="post">
<div class="form-group mt-2">
<label for="_email">Email</label>
<input type="text" name="user_email" id="_email" class="form-control" placeholder="Email" placeholder="Email" required>
</div>
<div class="form-group mt-2">
<label for="_pass">Password</label>
<input type="password" name="user_pass" id="_pass" class="form-control" placeholder="Password">
</div>
<% if (locals.login_errors) {
login_errors.forEach(function(error_msg){ %>
<div class="alert alert-danger" role="alert"><%= error_msg %></div>
<% });
} %>
<button type="submit" class="mt-2 btn btn-primary">Login</button>
</form>
</div>
โค้ด: เลือกทั้งหมด
// LOGIN PAGE
app.post('/', ifLoggedIn, [
body('user_email').custom((value) => {
return dbConnection.execute('SELECT email FROM users WHERE email=?', [value])
.then(([rows]) => {
if(rows.length == 1){
return true;
}
return Promise.reject('Invalid Email Address!');
});
}),
body('user_pass','Password is empty!').trim().not().isEmpty(),
], (req, res) => {
const validation_result = validationResult(req);
const {user_pass, user_email} = req.body;
if(validation_result.isEmpty()){
dbConnection.execute("SELECT * FROM users WHERE email =?",[user_email])
.then(([rows]) => {
bcrypt.compare(user_pass, rows[0].password).then(compare_result => {
if(compare_result === true){
req.session.isLoggedIn = true;
req.session.userID = rows[0].id;
res.redirect('/');
}
else{
res.render('login-register',{
login_errors:['Invalid Password!']
});
}
})
.catch(err => {
if (err) throw err;
});
}).catch(err => {
if (err) throw err;
});
}
else{
let allErrors = validation_result.errors.map((error) => {
return error.msg;
});
// REDERING login-register PAGE WITH LOGIN VALIDATION ERRORS
res.render('login-register',{
login_errors:allErrors
});
}
});
// END OF LOGIN PAGE// LOGOUT
app.get('/logout',(req,res)=>{
//session destroy
req.session = null;
res.redirect('/'); // BACK TO HOME PAGE
});
// END OF LOGOUT
app.use('/', (req,res) => {
res.status(404).send('<h1>404 Page Not Found!</h1>');
});