gsg

ProjectSourceCode/.env

@@ -0,0 +1,7 @@
+# database credentials
+POSTGRES_USER="postgres"
+POSTGRES_PASSWORD="pwd"
+POSTGRES_DB="users_db"
+
+# Node vars
+SESSION_SECRET="super duper secret!"

ProjectSourceCode/docker-compose.yaml

@@ -1,14 +1,15 @@
 version: '3.9'
 services:
-  db:
+  #these are containers
+  db: #this is for the database
     image: postgres:14
     #env_file: .env
     expose:
       - '5432'
     volumes:
       - group-project:/var/lib/postgresql/data
       - ./src/init_data:/docker-entrypoint-initdb.d
-  web:
+  web: #this is for the website
     image: node:lts
     user: 'node'
     working_dir: /repository
@@ -21,6 +22,6 @@ services:
       - '3000:3000'
     volumes:
       - ./:/repository
-    command: 'npm start'
+    command: 'npm run start'
 volumes:
   group-project:

ProjectSourceCode/package.json

@@ -1,18 +1,27 @@
 {
-    "name": "node-ejs",
-    "main": "index.js",
-    "dependencies": {
-      "ejs": "^2.5.5",
-      "ejs-lint": "^0.3.0",
-      "body-parser": "^1.20.0",
-      "express": "^4.6.1",
-      "express-session": "^1.17.3",
-      "express-handlebars": "^7.1.2",
-      "pg-promise": "^10.11.1",
-      "nodemon": "2.0.20"
-    },
-    "scripts": {
-      "prestart": "npm install",
-      "start": "nodemon src/index.js"
-    }
-  }
+  "name": "SoftwareDevTeamProject",
+  "main": "src/index.js",
+  "dependencies": {
+    "express": "^4.6.1",
+    "pg-promise": "^10.11.1",
+    "body-parser": "1.20.0",
+    "express-session": "1.17.3",
+    "express-handlebars": "^7.1.2",
+    "handlebars": "^4.7.8",
+    "axios": "^1.1.3",
+    "bcryptjs": "^2.4.0"
+  },
+  "devDependencies": {
+    "nodemon": "^2.0.7",
+    "mocha": "^6.2.2",
+    "chai": "^4.2.0",
+    "chai-http": "^4.3.0",
+    "npm-run-all": "^4.1.5"
+  },
+  "scripts": {
+    "prestart": "npm install",
+    "start": "nodemon index.js",
+    "test": "mocha",
+    "testandrun": "npm run prestart && npm run test && npm start"
+  }
+}

ProjectSourceCode/src/index.js

@@ -3,105 +3,215 @@ const express = require('express');
 const app = express();
 const handlebars = require('express-handlebars');
 const path = require('path');
-const pgp = require('pg-promise')();
+const pgp = require('pg-promise')(); //library that gives me access to make any database that i have access to normally
+const bcrypt = require('bcryptjs'); //  To hash passwords
 const bodyParser = require('body-parser');
 const session = require('express-session');
+const { getBuiltinModule } = require('process');
 
 // -------------------------------------  APP CONFIG   ----------------------------------------------
 
 // create `ExpressHandlebars` instance and configure the layouts and partials dir.
 const hbs = handlebars.create({
   extname: 'hbs',
-  layoutsDir: path.join(__dirname, 'views/layouts'),
-  partialsDir: [
-    path.join(__dirname, 'views/partials'),
-    path.join(__dirname, 'views/partials/svg_components')
-  ],
-  helpers: {
-    range: function(start, end, options) {
-      let result = '';
-      for (let i = start; i < end; i++) {
-        result += options.fn(i);
-      }
-      return result;
-    }
-  }
+  layoutsDir: __dirname + '/views/layouts',
+  partialsDir:[
+    __dirname + '/views/partials',
+    __dirname + '/views/partials/svg_components'
+  ]
 });
+// -------------------------------------  DB CONFIG AND CONNECT   ---------------------------------------
+//TODO: Use this later for setting up db!
+//accessed by either: hosted by another entity (need to have the url to access that)
+                    //hosted outself, create two docker containers that runs the application and the other the database
+const dbConfig = {
+  host: 'db',
+  port: 5432,
+  database: process.env.POSTGRES_DB,
+  user: process.env.POSTGRES_USER,
+  password: process.env.POSTGRES_PASSWORD,
+};
+const db = pgp(dbConfig);
+
+
+//// db test
+db.connect()
+  .then(obj => {
+    // Can check the server version here (pg-promise v10.1.0+):
+    console.log('Database connection successful');
+    obj.done(); // success, release the connection;
+  })
+  .catch(error => {
+    console.log('ERROR', error.message || error);
+  });
 
 // Register `hbs` as our view engine using its bound `engine()` function.
 app.engine('hbs', hbs.engine);
 app.set('view engine', 'hbs');
 app.set('views', path.join(__dirname, 'views'));
-
-// Static and session configuration
 app.use(bodyParser.json());
+// OHs this should fix my style.css inaccessibility issue
 app.use('/resources', express.static(path.join(__dirname, 'resources')));
+// set Session
 app.use(
   session({
-    secret: "super duper secret!", // Consider moving this to .env as process.env.SESSION_SECRET
+    secret: "super duper secret!", //TODO: they might want us to put this in an env file, like: process.env.SESSION_SECRET
     saveUninitialized: true,
     resave: true,
   })
 );
-app.use(bodyParser.urlencoded({ extended: true }));
-
-// -------------------------------------  DB CONFIG AND CONNECT   ---------------------------------------
-const dbConfig = {
-  host: 'db',
-  port: 5432,
-  database: process.env.POSTGRES_DB,
-  user: process.env.POSTGRES_USER,
-  password: process.env.POSTGRES_PASSWORD,
-};
-const db = pgp(dbConfig);
-
-// Routes
-app.get('/page1', (req, res) => {
-  res.render('pages/page1');
-});
+app.use(
+  bodyParser.urlencoded({
+    extended: true,
+  })
+);
 
-app.get('/page2', (req, res) => {
-  res.render('pages/page2');
+app.get('/welcome', (req, res) => {
+  res.json({status: 'success', message: 'Welcome!'});
 });
 
 app.get('/', (req, res) => {
-  res.redirect('/login');
+  res.redirect('/login'); //this will call the /anotherRoute route in the API
 });
-
+  
 app.get('/login', (req, res) => {
   res.render('pages/login');
 });
 
-app.get('/scoreboard', (req, res) => {
-  res.render('pages/scoreboard');
-});
+app.post('/login', async (req, res) => {
+    // console.log('login post accessed')
+    const username = req.body.username
+    const password = req.body.password
+    const hash = await bcrypt.hash(password, 10);
+    // console.log("Hashed password:", hash)
+    const sqlUsername = "SELECT * FROM users WHERE username = $1;"
+
+    try{
+      //async + await make it so that I don't need to do .then(data etc..) which makes the code cleaner and work more efficiently. 
+      const user = await db.one(sqlUsername, [username])
+      const match = await bcrypt.compare(password, user.password)
+
+      //looks like there's a space for some reason? Why tho...?
+      // console.log("Username is:", username, ", Other username is:", user.username);
+      // console.log("Password is: ", password, ", Other password is: ", user.password)
+      // console.log("Matched as:", match);
+      // rest is mine from earlier
+      if(match){
+        // if (user.password == password && user.username == username){
+        // console.log("if statement")
+        req.session.user = user;
+        req.session.save();
+        res.status(200);
+        res.redirect('/page1')
+      }
+
+      else{
+        // console.log("else statement")
+        // If the password is incorrect, render the login page and send a message to the user stating "Incorrect username or password."
+        res.render('pages/login', {message:"Incorrect username or password.", error:true})
+        // res.render('/login')
+      }
+    }
+    catch{
+      console.log("User doesn't exist! Try registering.")
+      res.redirect('/register')
+    }
+  })
 
-app.get('/inventory', (req, res) => {
-  res.render('pages/inventory');
+//register
+app.get('/register', (req, res) => {
+  res.render('pages/register');
 });
 
-app.post('/login', async (req, res) => {
+//from lab 8
+app.post('/register', async (req, res) => {
+  //hash the password using bcrypt library
+  const hash = await bcrypt.hash(req.body.password, 10);
+
+  // DONE: Insert username and hashed password into the 'users' table
   const username = req.body.username;
   const password = req.body.password;
-  const sqlUsername = "SELECT * FROM users WHERE username = $1;";
+  // console.log(username, password, hash);
+  //the rest of the information in the users table is auto generated
+  const sqlRegister = "INSERT INTO users (username, password) VALUES ($1, $2);" ;//removed returning *
 
-  try {
-    const user = await db.one(sqlUsername, [username]);
-    const match = await bcrypt.compare(password, user.password);
-    if (match) {
-      req.session.user = user;
-      req.session.save();
-      res.redirect('/discover');
-    } else {
-      res.render('pages/login', {message: "Incorrect username or password.", error: true});
-    }
-  } catch {
-    console.log("User doesn't exist! Try registering");
-    res.redirect('/register');
+  db.none(sqlRegister, [username, hash]) //changed any to none
+  /*
+    Redirect to GET /login route page after data has been inserted successfully.
+    If the insert fails, redirect to GET /register route.
+  */
+  .then(data => {
+    // console.log("Registered user with: ", data)
+    //res.redirect('/login', {message:"Error discovering data.", error:true})
+    // res.json({status: 'success'});     
+    res.status(200).render('pages/register', {message: "Registration Successful!"});
+    // res.redirect('/login', {message:"Registration Successful!"});
+    // res.redirect('/login');
+  })
+  .catch(function (err) {
+    res.status(400).render('pages/register', {message: "Registration Error!", error: true});
+    // res.redirect('/register', {message:"Registration Error!", error: true});
+  });
+});
+
+app.post('/update_item_status', async (req, res) => {
+  const {item_id, new_status} = req.body;
+  // console.log("Req.body in post req: ",req.body);
+  //try to update the item status 
+  try{
+    const sql_item_update = 'UPDATE items SET status = $1 WHERE item_id = $2 RETURNING *';
+    //call update with db.one and the new_status and item_id that we want to update
+    db.one(sql_item_update, [new_status, item_id])
+    //do we need the data? just put it because I always do.
+    //also, don't reload the page bc tehre's no need (I think? We dont' want to have to refresh the page everytime we click an item)
+    .then(data => {
+      res.status(200).send({message:"Item status updated successfully!"});
+      // console.log('Item_id: ', item_id, " and new_status: ", new_status);
+    })
+    //reload the page with the error message pop-up
+    .catch(function (err) {
+      res.status(400).json({message:"Item Status Update Error!"});
+      // res.redirect('/page2');
+    });
+  }
+  //error if unable to
+  catch (error){
+    console.error('Error updating item status: ', error);
+    res.status(400).send({error: 'Failed to update item status.'});
+  }
+})
+
+// Authentication Middleware.
+const auth = (req, res, next) => {
+  // console.log(req.session)
+  if (!req.session.user) {
+    // Default to login page.
+    return res.redirect('/login');
   }
+  next();
+};
+
+// Authentication Required
+app.use(auth);
+
+app.get('/page1', (req, res) => {
+  res.render('pages/page1'); //this will call the /anotherRoute route in the API
+});
+
+app.get('/page2', (req, res) => {
+  res.render('pages/page2'); //this will call the /anotherRoute route in the API
 });
 
-// Start the server
-app.listen(3000, () => {
-  console.log('Server is listening on port 3000');
+app.get('/page3', (req, res) => {
+  res.render('pages/page3'); //this will call the /anotherRoute route in the API
 });
+
+
+app.get('/logout', (req, res) => {
+  req.session.destroy()
+  res.status(200);
+  res.render('pages/login', {message:"Logged out successfully!", error:false})
+});
+
+module.exports = app.listen(3000);
+console.log('Server is listening on port 3000');