LibraryAPI/admin.js at main · ImaadM097/LibraryAPI · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
const express = require('express')
const router = express.Router()
const Book = require('./bookSchema')
const Admin = require('./adminSchema')
const mongoose = require('mongoose')
const bcrypt = require('bcrypt');
const jwt = require("jsonwebtoken");
const saltRounds = 10;
var cookieSession = require('cookie-session')
// const cookieParser = require('cookie-parser')
// var session = require('./app')
var logon = false
//$2b$10$yYUtfwvm7wdMRAXYbklT7.udVLcQ3M2duO4R1OUVUt7FPmGbpA9cW
//$2b$10$9Gu3o/f.XF53CsjENx9V6uVPvajqwfym23GCK9aj3VtvgWPF/6o/K

router.get("/login", (req, res)=>{
    logon = false
    res.render('adminlog')
})

router.post("/db",async (req,res)=>{


    const check = req.body.pass
    const uname = req.body.uname
    const data = await Admin.findOne({username: uname})

    if(data !== null) {
        const hash = data.password
        console.log(req.body)
        console.log(hash)

        bcrypt.compare(check, hash, (err, result) => {
            console.log(result)
            if(result == true) {
                logon = true
                let token;
                try {
                    token = jwt.sign(
                    { username: uname},
                    "007",
                    { expiresIn: "1h" }
                    );
                } catch (err) {
                    console.log(err.message)
                }
                console.log(token)
                req.session.token = token
                if(data.isAdmin)
                    res.render('querypageAdmin', {token: 0})
                else res.render('querypage', {token: 0})
            }
            else {

                res.render('adminlog')
            }
        })
    }
    else res.render('adminlog')

})

router.post("/all", checkLog, async (req,res)=>{
    const result = await Book.find()
    res.send(result)
})
router.post("/find", checkLog, async (req, res)=>{
    const id = req.body.qid
    const result = await Book.find({id: parseInt(id)})
    res.send(result)
})

router.post("/insert", checkLog, async (req, res)=>{
    const id = req.body.Iid
    const bname = req.body.bname
    const aname = req.body.aname
    try {
    const result = await Book.create({id: parseInt(id), name: bname, author: aname})
    } catch (e) {
        console.log(e.message)
    }
    res.send("Inserted")
})
router.post("/update", checkLog,async (req, res)=>{
    const id = req.body.Iid
    const bname = req.body.bname
    const aname = req.body.aname
    console.log(req.body)
    try {
        const result = await Book.updateMany({id: parseInt(id)}, {id: parseInt(id), name: bname, author: aname})
    } catch (e) {
        console.log(e.message)
    }
    res.send("Updated")

})

router.post("/createUser", async(req, res)=>{
    const {newuname, newpass} = req.body
    try{
    bcrypt.hash(newpass, saltRounds, async function(err, hash) {
        const user = Admin.create({username: newuname, password: hash, isAdmin: false})
    });} catch(e) {console.log(e.message)}

    let token;
    try {
        token = jwt.sign(
            { username: newuname},
            "007",
            { expiresIn: "1h" }
        );
    } catch (err) {
        console.log(err.message)
    }
    res.session.token = token
    res.render('querypage', {token: 0})
})

router.post("/createAdmin", async(req, res)=>{
    const {newuname, newpass} = req.body
    try{
    bcrypt.hash(newpass, saltRounds, async function(err, hash) {
        const user = Admin.create({username: newuname, password: hash, isAdmin: true})
    });} catch(e) {console.log(e.message)}

    let token;
    try {
        token = jwt.sign(
            { username: newuname},
            "007",
            { expiresIn: "1h" }
        );
    } catch (err) {
        console.log(err.message)
    }
    res.session.token = token

    res.render('querypageAdmin', {token: 0})
})


async function checkLog(req, res, next) {
    console.log(req.session)
    const token = req.session.token
    if(!token) {
        console.log("No token provided")
    }
    try{
        const decoded = jwt.verify(token, "007")
        next()
    } catch(e) {
        console.log(e.message)
        res.send(e.message)
    }

}


module.exports = router