35 lines
1.0 KiB
JavaScript
35 lines
1.0 KiB
JavaScript
import bcrypt from 'bcrypt';
|
|
import { getCollections } from '../db/mongo.js';
|
|
import pkg from '../package.json' with { type: "json" }
|
|
|
|
export function registerAuthRoutes(app) {
|
|
const { usersCollection } = getCollections();
|
|
const errText = 'Falsche Email oder falsches Passwort.'
|
|
|
|
|
|
app.get('/login', (req, res) => {
|
|
const version = pkg.version
|
|
const vdate = pkg.date
|
|
res.render('login', {
|
|
error: null,
|
|
version: version,
|
|
vdate: vdate
|
|
})
|
|
});
|
|
|
|
app.post('/login', async (req, res) => {
|
|
const { email, password } = req.body;
|
|
const user = await usersCollection.findOne({ email: email.toLowerCase() });
|
|
if (!user) return res.render('login', { error: errText });
|
|
const match = await bcrypt.compare(password, user.passwordHash);
|
|
if (!match) return res.render('login', { error: errText });
|
|
req.session.userId = user._id;
|
|
req.session.isAdmin = user.role === 'admin';
|
|
res.redirect('/');
|
|
});
|
|
|
|
app.get('/logout', (req, res) => {
|
|
req.session.destroy(() => res.redirect('/login'));
|
|
});
|
|
}
|