ArmoredDragon
/
yet-another-blog
mirror of https://github.com/Armored-Dragon/yet-another-blog
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
yet-another-blog/backend/page_scripts.js

49 lines
2.2 KiB
JavaScript
Raw Blame History

const internal = require("./core/internal_api");
const bcrypt = require("bcrypt");
const settings = require("./settings");
async function index(request, response) {
// Check if the master admin has been created
const is_setup_complete = (await settings.setupComplete()) || false;
if (!is_setup_complete) return response.redirect("/register");
response.render("index.ejs", { user: request.session.user || null, website_name: process.env.WEBSITE_NAME });
}
function register(request, response) {
response.render("register.ejs", { user: request.session.user || null, website_name: process.env.WEBSITE_NAME });
}
function login(request, response) {
response.render("login.ejs", { user: request.session.user || null, website_name: process.env.WEBSITE_NAME });
}
async function admin(request, response) {
const reg_allowed = await settings.userRegistrationAllowed();
response.render("admin.ejs", { user: request.session.user || null, website_name: process.env.WEBSITE_NAME, settings: { registration_enabled: reg_allowed } });
}
async function registerPost(request, response) {
const hashedPassword = await bcrypt.hash(request.body.password, 10); // Hash the password for security :^)
response.json(await internal.registerUser(request.body.username, hashedPassword));
}
async function loginPost(request, response) {
const login = await internal.loginUser(request.body.username, request.body.password);
const password_match = await bcrypt.compare(request.body.password, login.data.password);
if (!password_match) return { success: false, message: "Incorrect password" };
request.session.user = { username: login.data.username, id: login.data.id };
response.json({ success: true });
}
async function settingPost(request, response) {
const user = await internal.getUser({ id: request.session.user.id });
if (!user.success) return response.json({ success: false, message: user.message });
if (user.data.role !== "ADMIN") return response.json({ success: false, message: "User is not permitted" });
if (request.body.setting_name === "ACCOUNT_REGISTRATION") settings.setUserRegistrationAllowed(request.body.value);
response.json({ success: true });
}
module.exports = { index, register, login, admin, registerPost, loginPost, settingPost };
Reference in New Issue View Git Blame Copy Permalink