-
Notifications
You must be signed in to change notification settings - Fork 0
/
app.js
108 lines (95 loc) · 3.22 KB
/
app.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
const express = require("express");
const path = require("path");
const { open } = require("sqlite");
const sqlite3 = require("sqlite3");
const bcrypt = require("bcrypt");
const app = express();
app.use(express.json());
let dbPath = path.join(__dirname, "userData.db");
let db = null;
const initializeServerAndDatabase = async () => {
try {
db = await open({
filename: dbPath,
driver: sqlite3.Database,
});
app.listen(3000, () => {
console.log("server is running on http://localhost:3000");
});
} catch (error) {
console.log(`DB error message: '${error.message}'`);
}
};
initializeServerAndDatabase();
// REGISTER USER - API
app.post("/register", async (request, response) => {
const { username, name, password, gender, location } = request.body;
const hashedPassword = await bcrypt.hash(password, 10);
const selectUserQuery = `SELECT* FROM user WHERE username = '${username}';`;
const dbUser = await db.get(selectUserQuery);
if (dbUser === undefined) {
if (password.length > 5) {
const createUserQuery = `INSERT INTO user(username, name, password, gender, location)
VALUES('${username}', '${name}', '${hashedPassword}', '${gender}', '${location}');`;
const dbResponse = await db.run(createUserQuery);
response.status(200);
response.send("User created successfully");
} else {
response.status(400);
response.send("Password is too short");
}
} else {
response.status(400);
response.send("User already exists");
}
});
// LOGIN USER - API
app.post("/login/", async (request, response) => {
const { username, password } = request.body;
const selectUserQuery = `SELECT* FROM user WHERE username = '${username}';`;
const dbUser = await db.get(selectUserQuery);
if (dbUser === undefined) {
response.status(400);
response.send("Invalid user");
} else {
const isPassowrdMatched = await bcrypt.compare(password, dbUser.password);
if (isPassowrdMatched === true) {
response.status(200);
response.send("Login success!");
} else {
response.status(400);
response.send("Invalid password");
}
}
});
// CHANGE PASSWORD - API
app.put("/change-password", async (request, response) => {
const { username, oldPassword, newPassword } = request.body;
const selectUserQuery = `SELECT* FROM user WHERE username = '${username}';`;
const dbUser = await db.get(selectUserQuery);
if (dbUser === undefined) {
response.status(400);
response.send("Invalid user");
} else {
const isPasswordMatched = await bcrypt.compare(
oldPassword,
dbUser.password
);
if (isPasswordMatched === true) {
if (newPassword.length >= 5) {
const hashedPassword = await bcrypt.hash(newPassword, 10);
const updatePasswordQuery = `UPDATE user SET password = '${hashedPassword}' where username = '${username}';`;
const dbResponse = await db.run(updatePasswordQuery);
response.status(200);
response.send("Password updated");
} else {
response.status(400);
response.send("Password is too short");
}
} else {
response.status(400);
response.send("Invalid current password");
}
}
});
module.exports = app;