aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--app.js1
-rw-r--r--auth/index.js8
-rw-r--r--package.json1
3 files changed, 9 insertions, 1 deletions
diff --git a/app.js b/app.js
index 6351b60..7a70867 100644
--- a/app.js
+++ b/app.js
@@ -2,6 +2,7 @@ require("dotenv").config();
require("./db").init();
const express = require("express");
const session = require("express-session");
+require("log-timestamp");
const { auth, checkUser, checkAdmin } = require("./auth");
const mottovote = require("./mottovote");
diff --git a/auth/index.js b/auth/index.js
index 5f5db63..2e3fa17 100644
--- a/auth/index.js
+++ b/auth/index.js
@@ -33,6 +33,7 @@ app.post("/api/login", async (req, res) => {
if (!user || !user.password) return res.redirect("/auth");
const loggedIn = await bcrypt.compare(password, user.password);
if (loggedIn) {
+ console.log("LOGIN: " + user.id);
req.session.loggedIn = true;
req.session.isAdmin = user.is_admin;
req.session.uid = user.id;
@@ -40,7 +41,11 @@ app.post("/api/login", async (req, res) => {
res.redirect("/auth");
});
-app.use("/api/logout", (req, res) => req.session.destroy() & res.redirect("/"));
+app.use("/api/logout", checkUser, (req, res) => {
+ console.log("LOGOUT: " + req.session.uid);
+ req.session.destroy();
+ res.redirect("/");
+});
app.post("/api/password", checkUser, async (req, res) => {
const { oldPassword, newPassword, newPasswordRep } = req.body;
@@ -50,6 +55,7 @@ app.post("/api/password", checkUser, async (req, res) => {
if (!user || !user.password) return res.send("error");
if (!(await bcrypt.compare(oldPassword, user.password))) return res.send("error");
try {
+ console.log("PASSWORD CHANGE: " + user.id);
const newHash = await bcrypt.hash(newPassword, 12);
await db.query("UPDATE users SET password = ? WHERE id = ?", [newHash, req.session.uid]);
res.redirect("/");
diff --git a/package.json b/package.json
index d1525be..0206d6d 100644
--- a/package.json
+++ b/package.json
@@ -13,6 +13,7 @@
"express-fileupload": "^1.2.0",
"express-rate-limit": "^5.1.3",
"express-session": "^1.17.1",
+ "log-timestamp": "^0.3.0",
"mariadb": "^2.4.2",
"nanoid": "^3.1.12",
"redis": "^3.0.2"