2023-09-13 19:56:58 +00:00
|
|
|
const internal = require("./core/internal_api");
|
|
|
|
const bcrypt = require("bcrypt");
|
2023-09-21 00:41:57 +00:00
|
|
|
const settings = require("./settings");
|
2023-09-13 19:56:58 +00:00
|
|
|
|
|
|
|
async function index(request, response) {
|
|
|
|
// Check if the master admin has been created
|
2023-09-21 00:41:57 +00:00
|
|
|
const is_setup_complete = (await settings.setupComplete()) || false;
|
2023-09-13 19:56:58 +00:00
|
|
|
if (!is_setup_complete) return response.redirect("/register");
|
|
|
|
|
2023-09-25 20:17:52 +00:00
|
|
|
response.render("index.ejs", { user: request.session.user || null, website_name: process.env.WEBSITE_NAME });
|
2023-09-13 19:56:58 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
function register(request, response) {
|
2023-09-25 20:17:52 +00:00
|
|
|
response.render("register.ejs", { user: request.session.user || null, website_name: process.env.WEBSITE_NAME });
|
2023-09-13 19:56:58 +00:00
|
|
|
}
|
|
|
|
function login(request, response) {
|
2023-09-25 20:17:52 +00:00
|
|
|
response.render("login.ejs", { user: request.session.user || null, website_name: process.env.WEBSITE_NAME });
|
2023-09-13 19:56:58 +00:00
|
|
|
}
|
2023-09-21 00:41:57 +00:00
|
|
|
async function admin(request, response) {
|
|
|
|
const reg_allowed = await settings.userRegistrationAllowed();
|
2023-09-25 20:17:52 +00:00
|
|
|
response.render("admin.ejs", { user: request.session.user || null, website_name: process.env.WEBSITE_NAME, settings: { registration_enabled: reg_allowed } });
|
2023-09-21 00:41:57 +00:00
|
|
|
}
|
2023-09-13 19:56:58 +00:00
|
|
|
|
|
|
|
async function registerPost(request, response) {
|
|
|
|
const hashedPassword = await bcrypt.hash(request.body.password, 10); // Hash the password for security :^)
|
|
|
|
response.json(await internal.registerUser(request.body.username, hashedPassword));
|
|
|
|
}
|
|
|
|
async function loginPost(request, response) {
|
|
|
|
const login = await internal.loginUser(request.body.username, request.body.password);
|
|
|
|
|
|
|
|
const password_match = await bcrypt.compare(request.body.password, login.data.password);
|
|
|
|
if (!password_match) return { success: false, message: "Incorrect password" };
|
|
|
|
|
|
|
|
request.session.user = { username: login.data.username, id: login.data.id };
|
|
|
|
response.json({ success: true });
|
|
|
|
}
|
2023-09-21 00:41:57 +00:00
|
|
|
|
|
|
|
async function settingPost(request, response) {
|
|
|
|
const user = await internal.getUser({ id: request.session.user.id });
|
|
|
|
|
|
|
|
if (!user.success) return response.json({ success: false, message: user.message });
|
|
|
|
if (user.data.role !== "ADMIN") return response.json({ success: false, message: "User is not permitted" });
|
|
|
|
|
|
|
|
if (request.body.setting_name === "ACCOUNT_REGISTRATION") settings.setUserRegistrationAllowed(request.body.value);
|
|
|
|
|
|
|
|
response.json({ success: true });
|
|
|
|
}
|
|
|
|
module.exports = { index, register, login, admin, registerPost, loginPost, settingPost };
|