globalController.js
4.27 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
import fetch from"node-fetch";
import User from "../../models/User"
import bcrypt from "bcrypt"
export const home = async(req,res)=>{
const KEY= process.env.API_KEY
const data = await fetch(`https://api.themoviedb.org/3/trending/movie/week?api_key=${KEY}`,{
method:"GET",
})
const movies = await data.json();
return res.render("home",{siteTitle: "movie!",pageTitle:"home Page!",movies: movies.results});
}
export const getJoin = (req,res) =>{
res.render('join.pug',{pageTitle:"Join!",siteTitle:"movie!"})
}
export const postJoin = async (req,res) =>{
const { email,
username,
password,
passwordcheck, } = req.body;
const pageTitle = "Join";
if (password !== passwordcheck) {
return res.status(400).render("join.pug", {
pageTitle,
errorMessage: "Password confirmation does not match.",
});
}
const exists = await User.exists({ $or: [{ username }, { email }] });
if (exists) {
return res.status(400).render("join", {
pageTitle,
errorMessage: "This username/email is already taken.",
});
}
try {
await User.create({
username,
email,
password,
});
return res.redirect("/login");
} catch(error){
return res.status(400).res.render("join", {
pageTitle: "Upload Video" ,
errorMessage: error._message,
});
}
}
export const getLogin = (req,res)=>{
return res.render("login",{siteTitle:"movie!",pageTitle:"Login!"})
}
export const postLogin = async (req,res) =>
{
const PAGETITLE = "Login"
const {username,password} = req.body;
const user = await User.findOne({username});
if(!user){
return res.status(400).render("login",{pageTitle:PAGETITLE,error:"An account with that username is not found"})
}
if (user.isO_Auth)
return res.status(400).render("login",{pageTitle:PAGETITLE,error:"Please login with Github"})
const ok = await bcrypt.compare(password,user.password);
if(!ok){
return res.status(400).render("login",{pageTitle:PAGETITLE,error:"something wrong..."})
}
req.session.loggedIn = true;
req.session.user = user;
return res.redirect('/');
}
export const startGithubLogin = (req,res) =>
{
const baseURL = `https://github.com/login/oauth/authorize`
const config = {
client_id: process.env.O_Auth_client_id,
allow_signup:false,
scope:"read:user user:email"
}
const params = new URLSearchParams(config).toString();
const finalURL = `${baseURL}?${params}`
return res.redirect(finalURL);
}
export const finishGithubLogin = async (req,res) =>
{
const config = {
client_id: process.env.O_AUTH_CLIENT_ID,
client_secret : process.env.O_Auth_scret,
code: req.query.code
}
const params = new URLSearchParams(config).toString();
const baseURL = `https://github.com/login/oauth/access_token`;
const finalURL = `${baseURL}?${params}`;
const data = await fetch(finalURL,{
method:"POST",
headers:{
Accept: "application/json",
}
});
const token = await data.json();
if("access_token" in token)
{
const {access_token} = token;
const apiUrl = "https://api.github.com"
const getUserData = await fetch(`${apiUrl}/user`,{
method:"GET",
headers:{
Authorization: `token ${access_token}`
}
});
const emailData = await (
await fetch(`${apiUrl}/user/emails`,{
method:"GET",
headers:{
Authorization: `token ${access_token}`
}
})
).json();
const emailObj = emailData.find((email) => email.primary === true && email.verified === true);
if(!emailObj){
return res.status(400).redirect('/login');
}
let user = await User.findOne({email: emailObj.email});
if(!user){
user = await User.create({
email:emailObj.email,
username:userData.login,
password:"",
isO_Auth: true,
});
}
req.session.loggedIn = true,
req.session.user = user;
return res.redirect("/");
}else{
res.status(400).redirect("/login")
}
}