derv-net/routes/youApi.js

import { Router } from "express";
import { apiStat } from "../lib.js";
import { hash, compare } from "bcrypt";
import { initDb } from "../db.js";
import { randomBytes } from 'node:crypto';
import { rename } from 'node:fs/promises';

let db = await initDb();

const router = Router();
const minChar = 1;
const maxChar = 32;

function legalName(user) {
    return user.search(/[^A-Za-z0-9\-\_]/g) == -1;
}

router.post('/settings', async (req, res, next) => {
    let {file} = req;
    let {username, valid} = res.auth;

    if (!valid) return;

    if (file) {
        await rename(file.path,`./uploads/pfp_${username}.png`);
    }

    next();
});

router.post('/logout', (req, res, next) => {
    res.clearCookie('token');
    apiStat(res, next, `Goodbye!`, '/');
    return;
});

async function login(req, res, next) {
    let { user, pass } = req.body;

    if (!pass || !user) {
        apiStat(res, next, 'Fields are missing.')
        return;
    }

    let isExist = await db.all('SELECT * FROM auth WHERE UPPER(username) LIKE UPPER(?)', [
        user
    ]); // TODO: dont use all

    if (isExist.length < 1) {
        apiStat(res, next, `Username wasn't taken.`)
        return;
    }

    let passHash = await compare(pass, isExist[0].password);

    if (!passHash) {
        apiStat(res, next, `Password is wrong.`);
        return;
    }

    let token = randomBytes(32).toString('hex');

    await db.run('INSERT INTO token (username, token) VALUES (?, ?)', [
        user,
        token
    ])

    res.cookie('token', token);

    let stat = `Login succeeded.`;
    apiStat(res, next, stat, '/');
    return stat;
}

router.post('/login', login)

router.post('/new', async (req, res, next) => {
    let { user, pass, pass2 } = req.body;

    if (pass != pass2) {
        apiStat(res, next, "Passwords don't match.")
        return;
    }

    if (!pass || !user || !pass2) {
        apiStat(res, next, 'Fields are missing.')
        return;
    }

    if (!legalName(user)) {
        apiStat(res, next, 'Username is invalid.')
        return;
    }

    if (user.length < minChar || user.length > maxChar) {
        apiStat(res, next, `Username length isn't ${minChar} to ${maxChar} characters.`)
        return;
    } // TODO: fix this horrible logic chain thing

    let isExist = await db.all('SELECT * FROM auth WHERE UPPER(username) LIKE UPPER(?)', [
        user
    ]); // TODO: dont use all

    if (isExist.length > 0) {
        apiStat(res, next, `Username was taken.`)
        return;
    }

    var passHash = await hash(pass, 10);

    await db.run('INSERT INTO auth (username, password) VALUES (?, ?)', [
        user,
        passHash
    ]);

    let testLogin = await login(req, res, () => { });

    apiStat(res, next, `Account created. Login status: ${testLogin}`, '/')
})

export default router;
login and register logic 2025-02-25 19:47:28 -05:00			`import { Router } from "express";`
			`import { apiStat } from "../lib.js";`
			`import { hash, compare } from "bcrypt";`
			`import { initDb } from "../db.js";`
			`import { randomBytes } from 'node:crypto';`
some beta stuff 2025-02-26 22:12:46 -05:00			`import { rename } from 'node:fs/promises';`
login and register logic 2025-02-25 19:47:28 -05:00
			`let db = await initDb();`

			`const router = Router();`
			`const minChar = 1;`
			`const maxChar = 32;`

			`function legalName(user) {`
			`return user.search(/[^A-Za-z0-9\-\_]/g) == -1;`
			`}`

some beta stuff 2025-02-26 22:12:46 -05:00			`router.post('/settings', async (req, res, next) => {`
			`let {file} = req;`
			`let {username, valid} = res.auth;`

			`if (!valid) return;`

			`if (file) {`
			await rename(file.path,`./uploads/pfp_${username}.png`);
			`}`

			`next();`
			`});`

add log out 2025-02-25 19:51:46 -05:00			`router.post('/logout', (req, res, next) => {`
			`res.clearCookie('token');`
			apiStat(res, next, `Goodbye!`, '/');
			`return;`
			`});`

login and register logic 2025-02-25 19:47:28 -05:00			`async function login(req, res, next) {`
			`let { user, pass } = req.body;`

			`if (!pass \|\| !user) {`
			`apiStat(res, next, 'Fields are missing.')`
			`return;`
			`}`

			`let isExist = await db.all('SELECT * FROM auth WHERE UPPER(username) LIKE UPPER(?)', [`
			`user`
			`]); // TODO: dont use all`

			`if (isExist.length < 1) {`
			apiStat(res, next, `Username wasn't taken.`)
			`return;`
			`}`

			`let passHash = await compare(pass, isExist[0].password);`

			`if (!passHash) {`
			apiStat(res, next, `Password is wrong.`);
			`return;`
			`}`

			`let token = randomBytes(32).toString('hex');`

			`await db.run('INSERT INTO token (username, token) VALUES (?, ?)', [`
			`user,`
			`token`
			`])`

			`res.cookie('token', token);`

			let stat = `Login succeeded.`;
			`apiStat(res, next, stat, '/');`
			`return stat;`
			`}`

			`router.post('/login', login)`

			`router.post('/new', async (req, res, next) => {`
			`let { user, pass, pass2 } = req.body;`

			`if (pass != pass2) {`
			`apiStat(res, next, "Passwords don't match.")`
			`return;`
			`}`

			`if (!pass \|\| !user \|\| !pass2) {`
			`apiStat(res, next, 'Fields are missing.')`
			`return;`
			`}`

			`if (!legalName(user)) {`
			`apiStat(res, next, 'Username is invalid.')`
			`return;`
			`}`

			`if (user.length < minChar \|\| user.length > maxChar) {`
			apiStat(res, next, `Username length isn't ${minChar} to ${maxChar} characters.`)
			`return;`
			`} // TODO: fix this horrible logic chain thing`

			`let isExist = await db.all('SELECT * FROM auth WHERE UPPER(username) LIKE UPPER(?)', [`
			`user`
			`]); // TODO: dont use all`

			`if (isExist.length > 0) {`
			apiStat(res, next, `Username was taken.`)
			`return;`
			`}`

			`var passHash = await hash(pass, 10);`

			`await db.run('INSERT INTO auth (username, password) VALUES (?, ?)', [`
			`user,`
			`passHash`
			`]);`

			`let testLogin = await login(req, res, () => { });`

			apiStat(res, next, `Account created. Login status: ${testLogin}`, '/')
			`})`

			`export default router;`