if user is logged in have now have acces to chat

2024-08-21 18:37:54 +02:00
parent 06a2c03859
commit 4d7d67fd95
1 changed files with 6 additions and 6 deletions
--- a/index.js
+++ b/index.js
@@ -28,11 +28,11 @@ app.use(session({
    resave: true,
    saveUninitialized: true
 }));
-
+// aut login api
 app.post('/auth/login', async function(req, res) {
    await loginUser(req, res);
 });
-
+// auth signup api
 app.post('/auth/signup', async (req, res) => {
    await signupUser(req, res);
 });
@@ -46,7 +46,7 @@ app.get('/login', (req, res) => {
 app.get('/signup', (req, res) => {
    res.sendFile(path.join(__dirname, '/frontend/routes/signup.html'));
 })
-
+// serving the chat page if logged in
 app.get('/', (req, res) => {
    if(req.session.loggedin){
        res.sendFile(path.join(__dirname, '/frontend/routes/chat.html'));
@@ -80,9 +80,6 @@ async function signupUser(req, res) {

        // Insert user
        await insertUser(username, hash);
-        req.session.loggedin = true;
-        req.session.username = username;
-
        return res.status(200).send("Account successfully created <a href=/login>Login screen</a>");

    } catch (err) {
@@ -102,8 +99,11 @@ async function loginUser(req, res) {
            const result = await client.query('SELECT * FROM accounts WHERE username = $1', [username]);
            if (result.rows.length > 0) {
                const user = result.rows[0];
+                // Compare password
                const match = await bcrypt.compare(password, user.password);
                if (match) {
+                    req.session.loggedin = true;
+                    req.session.username = username;
                    res.send(`
                        <p>Login successful!</p>
                        <p>Redirecting to chat...</p>