|
|
|
const router = require('express-promise-router')()
|
|
|
|
const parseJSON = require('body-parser').json()
|
|
|
|
const db = require('../db')
|
|
|
|
|
|
|
|
const {loginRateLimit} = require('./middleware/rateLimits')
|
|
|
|
|
|
|
|
const validate = require('./middleware/validators')
|
|
|
|
|
|
|
|
const loginValidation = [
|
|
|
|
validate.validEmail('email'),
|
|
|
|
validate.validPassword('password'),
|
|
|
|
validate.handleApiError
|
|
|
|
]
|
|
|
|
|
|
|
|
router.post('/', parseJSON, loginValidation, loginRateLimit, async (req, res) => {
|
|
|
|
const user = await db.user.login(
|
|
|
|
req.body.email,
|
|
|
|
req.body.password
|
|
|
|
)
|
|
|
|
|
|
|
|
if(!user){
|
|
|
|
return res.status(403).json({errors: [{
|
|
|
|
param: 'email',
|
|
|
|
msg: 'Invalid login'
|
|
|
|
},{
|
|
|
|
param: 'password',
|
|
|
|
msg: ' '
|
|
|
|
}]})
|
|
|
|
}
|
|
|
|
|
|
|
|
await loginRateLimit.reset(req.body.email);
|
|
|
|
|
|
|
|
const cart = req.sessionObj?.cart
|
|
|
|
const session = await db.session.create(req, user)
|
|
|
|
|
|
|
|
if (cart)
|
|
|
|
await db.session.attachCart(session.uuid, cart.uuid)
|
|
|
|
else if (user.last_cart)
|
|
|
|
await db.session.attachCart(session.uuid, user.last_cart)
|
|
|
|
|
|
|
|
res.json(user)
|
|
|
|
})
|
|
|
|
|
|
|
|
// TODO: Login link stuff
|
|
|
|
|
|
|
|
router.get('/', async (req, res) => {
|
|
|
|
res.json(req.user)
|
|
|
|
})
|
|
|
|
|
|
|
|
router.get('/logout', async (req, res) => {
|
|
|
|
await db.session.end(req.session.uuid);
|
|
|
|
|
|
|
|
req.session = null
|
|
|
|
res.redirect('/')
|
|
|
|
})
|
|
|
|
|
|
|
|
module.exports = router;
|