admin/espid2sensor
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Nun mit login und Einrichten zusätzlicher User

Browse Source
This commit is contained in:
rxf
2025-09-02 18:49:50 +02:00
parent 6466bb2d92
commit 5ccd37b931
12 changed files with 191 additions and 109 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
routes/api.js
View File

@@ -9,7 +9,7 @@ export function registerApiRoutes(app, requireLogin) {
const email = (req.query.email || '').toLowerCase().trim();
if (!email) return res.json({ exists: false });
try {
const existingUser = await usersCollection.findOne({ email });
const existingUser = await usersCollection.findOne({ email:`${email}` });
res.json({ exists: !!existingUser });
} catch (err) {
console.error(err);
@@ -79,4 +79,17 @@ export function registerApiRoutes(app, requireLogin) {
await prop_fluxCollection.deleteOne({ _id: parseInt(req.params.id) });
res.json({ success: true });
});
app.post('/api/createUser', requireLogin, async (req, res) => {
if (!req.session.isAdmin) return res.status(403).json({ error: 'Nur Admins erlaubt' });
const { username, password, role } = req.body;
if (!username || !password) return res.status(400).json({ error: 'Benutzername und Passwort erforderlich' });
try {
const hash = await bcrypt.hash(password, 10);
await usersCollection.insertOne({ email: username.toLowerCase(), passwordHash: hash, role: role || 'user' });
res.json({ success: true });
} catch (err) {
res.status(500).json({ error: 'Fehler beim Anlegen' });
}
});
}

10
routes/auth.js
View File

@@ -3,6 +3,7 @@ import { getCollections } from '../db/mongo.js';
export function registerAuthRoutes(app) {
const { usersCollection } = getCollections();
const errText = 'Falsche Email oder falsches Passwort.'
app.get('/register', (req, res) => res.render('register', { error: null }));
@@ -21,11 +22,12 @@ export function registerAuthRoutes(app) {
app.post('/login', async (req, res) => {
const { email, password } = req.body;
const user = await usersCollection.findOne({ email: email.toLowerCase() });
if (!user) return res.render('login', { error: 'Falsche Email oder Passwort.' });
if (!user) return res.render('login', { error: errText });
const match = await bcrypt.compare(password, user.passwordHash);
if (!match) return res.render('login', { error: 'Falsche Email oder Passwort.' });
req.session.userId = user._id;
res.redirect('/');
if (!match) return res.render('login', { error: errText });
req.session.userId = user._id;
req.session.isAdmin = user.role === 'admin';
res.redirect('/');
});
app.get('/logout', (req, res) => {