/* Copyright © 2016 Stefano Pigozzi, Emiliano Maccaferri * Released under the GPL v3 license */ var mysql = require("mysql"); var bcrypt = require("bcrypt-nodejs"); var conn = require("./connection"); var random = require("randomstring"); module.exports.register = function(username, password, firstname, lastname, rank, classname, response, callback){ var checkQuery = "SELECT * FROM users WHERE username = ?"; conn.query(checkQuery, [username], function(err, rows){ console.log("debug"); if(rows.length > 0){ console.log("debug"); console.log("Username esistente"); response = { success: false, error: "username_in_use" }; callback(null, response) if(err){ throw err; callback(err, null); console.log(err); console.log("debug"); } }else{ var hash = bcrypt.hashSync(password); var registerQuery = "INSERT INTO users VALUES(?,?,?,?,?,?)"; if(rank == 'prof'){ classname = ''; } conn.query(registerQuery, [username, hash, firstname, lastname, rank, classname], function(err, row){ if(!err){ response = { success: true } callback(null, response); }else{ response = { success: false, error: "generic" } callback(err, null); } }); } }); } module.exports.login = function(username, password, response, callback){ var loginQuery = "SELECT password,firstname,lastname,rank FROM users WHERE username = ?"; conn.query(loginQuery, [username], function(err, row){ console.log("query"); if(!err){ console.log("no errori"); if(row.length > 1){ console.log("Cos...?"); response = { success: false, error: "generic" }; } if(row.length == 0){ console.log("username inesistente"); response = { success: false, error: "username_does_not_exist" }; } if(row.length == 1){ console.log("Username ok"); var rankQuery = "SELECT rank FROM users WHERE username = ?"; conn.query(rankQuery, [username], function(err, rank){ global.rank = rank; }); setTimeout(function(){ var jsonRow = JSON.stringify(row); var parsedRow = JSON.parse(jsonRow); var hashedPassword = parsedRow[0]["password"]; var jsonRank = JSON.stringify(global.rank); var parsedRank = JSON.parse(jsonRank); var actualRank = parsedRank[0]["rank"]; var name = parsedRow[0]["firstname"]; var last = parsedRow[0]["lastname"]; var unixdate = Math.round((new Date()).getTime() / 1000); var session = random.generate(32); var res = bcrypt.compare(password, hashedPassword, function(err, res){ if(res){ console.log("Autorizzato"); var writeQuery = "INSERT INTO sessions (username, rank, sess_date, session_id) VALUES(?,?,?,?)"; conn.query(writeQuery, [username, actualRank, unixdate, session], function(err, row){ console.log(username, actualRank, unixdate, session); if(err){ throw err; console.log(err); } }); response = { success: true, rank: actualRank, "name": name, "lastname": last, sessionid: session }; }else{ console.log("Password errata"); response = { success: false, error: "invalid_password" } } callback(null, response); }); }, 770); } } }); };