diff --git a/.env b/.env
new file mode 100644
index 0000000000000000000000000000000000000000..f7607c09c1c3eb800d76513b23d4103226b77c36
--- /dev/null
+++ b/.env
@@ -0,0 +1 @@
+SECRET=b528de99b1ee795573b242b41872f257d7e7ad95a2a0801b93c90886e5162798
\ No newline at end of file
diff --git a/app.js b/app.js
index e1232f3b11156193f35770bef5ee0943a9cc84f9..d3b5bfd5ee5ed3945aa739925dc9c8774b86ad99 100644
--- a/app.js
+++ b/app.js
@@ -1,16 +1,22 @@
const path = require('path');
const express = require('express');
-const app = express();
const db = require('./db/Database.js');
+const { checkLogin } = require('./controller/AuthController.js');
+const bodyParser = require('body-parser');
+
+const app = express();
//Configuration
const viewsPath = path.join(__dirname, 'views');
app.set("views", viewsPath);
app.set("view engine", "ejs");
+app.use(bodyParser.urlencoded({ extended: true }));
+app.use(bodyParser.json());
//chemin d'accès
app.get("/", defaut).get("/accueil",defaut);
app.get("/db/:collection", collection).get("/db", dbAdmin);
+app.get("/login", (req, res) => res.render("login")).post("/login", postLogin);
app.all("*", (req, res) => res.status(404).send("<h1>Il semblerait que cette page n'existe pas.</h1>"));
function defaut(req, res){
@@ -29,5 +35,17 @@ async function dbAdmin(req, res){
res.render("db/admin", {collections});
}
+async function postLogin(req, res){
+ let { username, password } = req.body;
+ let token = await checkLogin(username, password);
+
+ if (token == -1) {
+ res.render("login",{username, password, error: "Il semblerait que le nom d'utilisateur ou le mot de passe soit incorrect."});
+ } else {
+ /*res.cookie("accessToken", token, {httpOnly: true});*/
+ res.redirect("/accueil");
+ }
+}
+
module.exports = app;
\ No newline at end of file
diff --git a/controller/AuthController.js b/controller/AuthController.js
new file mode 100644
index 0000000000000000000000000000000000000000..27b3e51e25d5fd6ddc17c6236989b07875935f51
--- /dev/null
+++ b/controller/AuthController.js
@@ -0,0 +1,22 @@
+const db = require('../db/Database.js');
+const { createHash } = require('crypto');
+
+async function checkLogin(username, password) {
+ let user = await db.find("users",{username: username});
+ if(user.length == 0){
+ return -1; //pas d'utilitisateur avec ce nom
+ }
+
+ let salt = user[0].salt;
+ password = salt+password;
+ let hash = createHash("sha256").update(password).digest("hex"); //hash du mot de passe rentré
+
+ if (hash != user[0].password){
+ return -1; //mot de passe incorrect
+ } else {
+ //TODO: JWT
+ return; //mot de passe correct
+ }
+}
+
+module.exports = {checkLogin};
\ No newline at end of file
diff --git a/keyGen.js b/keyGen.js
new file mode 100644
index 0000000000000000000000000000000000000000..8c7ba3fc9592316b68ec39687a97d7dd66ba6980
--- /dev/null
+++ b/keyGen.js
@@ -0,0 +1,3 @@
+const crypto = require('crypto');
+const secretKey = crypto.randomBytes(32).toString('hex');
+console.log('SECRET='+secretKey);
\ No newline at end of file
diff --git a/package-lock.json b/package-lock.json
index 77fc4b1cdc0fab107c3c71758964310788e36879..5fcc65b531021541d95f5b057cc9721cb73753d7 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -9,6 +9,7 @@
"version": "0.0.1",
"license": "ISC",
"dependencies": {
+ "body-parser": "^1.20.2",
"ejs": "^3.1.9",
"express": "^4.18.2",
"mongodb": "^6.2.0"
@@ -86,12 +87,12 @@
"integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw=="
},
"node_modules/body-parser": {
- "version": "1.20.1",
- "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.20.1.tgz",
- "integrity": "sha512-jWi7abTbYwajOytWCQc37VulmWiRae5RyTpaCyDcS5/lMdtwSz5lOpDE67srw/HYe35f1z3fDQw+3txg7gNtWw==",
+ "version": "1.20.2",
+ "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.20.2.tgz",
+ "integrity": "sha512-ml9pReCu3M61kGlqoTm2umSXTlRTuGTx0bfYj+uIUKKYycG5NtSbeetV3faSU6R7ajOPw0g/J1PvK4qNy7s5bA==",
"dependencies": {
"bytes": "3.1.2",
- "content-type": "~1.0.4",
+ "content-type": "~1.0.5",
"debug": "2.6.9",
"depd": "2.0.0",
"destroy": "1.2.0",
@@ -99,7 +100,7 @@
"iconv-lite": "0.4.24",
"on-finished": "2.4.1",
"qs": "6.11.0",
- "raw-body": "2.5.1",
+ "raw-body": "2.5.2",
"type-is": "~1.6.18",
"unpipe": "1.0.0"
},
@@ -333,6 +334,43 @@
"node": ">= 0.10.0"
}
},
+ "node_modules/express/node_modules/body-parser": {
+ "version": "1.20.1",
+ "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.20.1.tgz",
+ "integrity": "sha512-jWi7abTbYwajOytWCQc37VulmWiRae5RyTpaCyDcS5/lMdtwSz5lOpDE67srw/HYe35f1z3fDQw+3txg7gNtWw==",
+ "dependencies": {
+ "bytes": "3.1.2",
+ "content-type": "~1.0.4",
+ "debug": "2.6.9",
+ "depd": "2.0.0",
+ "destroy": "1.2.0",
+ "http-errors": "2.0.0",
+ "iconv-lite": "0.4.24",
+ "on-finished": "2.4.1",
+ "qs": "6.11.0",
+ "raw-body": "2.5.1",
+ "type-is": "~1.6.18",
+ "unpipe": "1.0.0"
+ },
+ "engines": {
+ "node": ">= 0.8",
+ "npm": "1.2.8000 || >= 1.4.16"
+ }
+ },
+ "node_modules/express/node_modules/raw-body": {
+ "version": "2.5.1",
+ "resolved": "https://registry.npmjs.org/raw-body/-/raw-body-2.5.1.tgz",
+ "integrity": "sha512-qqJBtEyVgS0ZmPGdCFPWJ3FreoqvG4MVQln/kCgF7Olq95IbOp0/BWyMwbdtn4VTvkM8Y7khCQ2Xgk/tcrCXig==",
+ "dependencies": {
+ "bytes": "3.1.2",
+ "http-errors": "2.0.0",
+ "iconv-lite": "0.4.24",
+ "unpipe": "1.0.0"
+ },
+ "engines": {
+ "node": ">= 0.8"
+ }
+ },
"node_modules/filelist": {
"version": "1.0.4",
"resolved": "https://registry.npmjs.org/filelist/-/filelist-1.0.4.tgz",
@@ -743,9 +781,9 @@
}
},
"node_modules/raw-body": {
- "version": "2.5.1",
- "resolved": "https://registry.npmjs.org/raw-body/-/raw-body-2.5.1.tgz",
- "integrity": "sha512-qqJBtEyVgS0ZmPGdCFPWJ3FreoqvG4MVQln/kCgF7Olq95IbOp0/BWyMwbdtn4VTvkM8Y7khCQ2Xgk/tcrCXig==",
+ "version": "2.5.2",
+ "resolved": "https://registry.npmjs.org/raw-body/-/raw-body-2.5.2.tgz",
+ "integrity": "sha512-8zGqypfENjCIqGhgXToC8aB2r7YrBX+AQAfIPs/Mlk+BtPTztOvTS01NRW/3Eh60J+a48lt8qsCzirQ6loCVfA==",
"dependencies": {
"bytes": "3.1.2",
"http-errors": "2.0.0",
@@ -1026,12 +1064,12 @@
"integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw=="
},
"body-parser": {
- "version": "1.20.1",
- "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.20.1.tgz",
- "integrity": "sha512-jWi7abTbYwajOytWCQc37VulmWiRae5RyTpaCyDcS5/lMdtwSz5lOpDE67srw/HYe35f1z3fDQw+3txg7gNtWw==",
+ "version": "1.20.2",
+ "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.20.2.tgz",
+ "integrity": "sha512-ml9pReCu3M61kGlqoTm2umSXTlRTuGTx0bfYj+uIUKKYycG5NtSbeetV3faSU6R7ajOPw0g/J1PvK4qNy7s5bA==",
"requires": {
"bytes": "3.1.2",
- "content-type": "~1.0.4",
+ "content-type": "~1.0.5",
"debug": "2.6.9",
"depd": "2.0.0",
"destroy": "1.2.0",
@@ -1039,7 +1077,7 @@
"iconv-lite": "0.4.24",
"on-finished": "2.4.1",
"qs": "6.11.0",
- "raw-body": "2.5.1",
+ "raw-body": "2.5.2",
"type-is": "~1.6.18",
"unpipe": "1.0.0"
}
@@ -1215,6 +1253,38 @@
"type-is": "~1.6.18",
"utils-merge": "1.0.1",
"vary": "~1.1.2"
+ },
+ "dependencies": {
+ "body-parser": {
+ "version": "1.20.1",
+ "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.20.1.tgz",
+ "integrity": "sha512-jWi7abTbYwajOytWCQc37VulmWiRae5RyTpaCyDcS5/lMdtwSz5lOpDE67srw/HYe35f1z3fDQw+3txg7gNtWw==",
+ "requires": {
+ "bytes": "3.1.2",
+ "content-type": "~1.0.4",
+ "debug": "2.6.9",
+ "depd": "2.0.0",
+ "destroy": "1.2.0",
+ "http-errors": "2.0.0",
+ "iconv-lite": "0.4.24",
+ "on-finished": "2.4.1",
+ "qs": "6.11.0",
+ "raw-body": "2.5.1",
+ "type-is": "~1.6.18",
+ "unpipe": "1.0.0"
+ }
+ },
+ "raw-body": {
+ "version": "2.5.1",
+ "resolved": "https://registry.npmjs.org/raw-body/-/raw-body-2.5.1.tgz",
+ "integrity": "sha512-qqJBtEyVgS0ZmPGdCFPWJ3FreoqvG4MVQln/kCgF7Olq95IbOp0/BWyMwbdtn4VTvkM8Y7khCQ2Xgk/tcrCXig==",
+ "requires": {
+ "bytes": "3.1.2",
+ "http-errors": "2.0.0",
+ "iconv-lite": "0.4.24",
+ "unpipe": "1.0.0"
+ }
+ }
}
},
"filelist": {
@@ -1489,9 +1559,9 @@
"integrity": "sha512-Hrgsx+orqoygnmhFbKaHE6c296J+HTAQXoxEF6gNupROmmGJRoyzfG3ccAveqCBrwr/2yxQ5BVd/GTl5agOwSg=="
},
"raw-body": {
- "version": "2.5.1",
- "resolved": "https://registry.npmjs.org/raw-body/-/raw-body-2.5.1.tgz",
- "integrity": "sha512-qqJBtEyVgS0ZmPGdCFPWJ3FreoqvG4MVQln/kCgF7Olq95IbOp0/BWyMwbdtn4VTvkM8Y7khCQ2Xgk/tcrCXig==",
+ "version": "2.5.2",
+ "resolved": "https://registry.npmjs.org/raw-body/-/raw-body-2.5.2.tgz",
+ "integrity": "sha512-8zGqypfENjCIqGhgXToC8aB2r7YrBX+AQAfIPs/Mlk+BtPTztOvTS01NRW/3Eh60J+a48lt8qsCzirQ6loCVfA==",
"requires": {
"bytes": "3.1.2",
"http-errors": "2.0.0",
diff --git a/package.json b/package.json
index 75ec0ec33106ecb66e803668bb85e94b4bbec89d..17b18834d5dd2bfbe47f645a1ceb43baa3733fd5 100644
--- a/package.json
+++ b/package.json
@@ -6,6 +6,7 @@
"scripts": {
"start": "node index.js",
"serv_start": "node server.js",
+ "secretKey": "node keyGen.js",
"test": "echo \"Error: no test specified\" && exit 1"
},
"repository": {
@@ -15,6 +16,7 @@
"author": "Mohamad ALTAWEEL, Elhadji Moussa FAYE, Ludovic Tagnon, Lucas Villaume",
"license": "ISC",
"dependencies": {
+ "body-parser": "^1.20.2",
"ejs": "^3.1.9",
"express": "^4.18.2",
"mongodb": "^6.2.0"
diff --git a/views/login.ejs b/views/login.ejs
new file mode 100644
index 0000000000000000000000000000000000000000..995b76d2c54198d5b5f49a394d9acf148d61b825
--- /dev/null
+++ b/views/login.ejs
@@ -0,0 +1,18 @@
+<!DOCTYPE html>
+<html lang="fr">
+<head>
+ <meta charset="UTF-8">
+ <title>Connexion</title>
+</head>
+<body>
+ <h1>Connexion</h1>
+ <form action="/login" method="post">
+ <input type="text" name="username" value="<%= locals.username ?? '' %>">
+ <input type="password" name="password" value="<%= locals.password ?? '' %>">
+ <input type="submit" value="Se connecter">
+ </form>
+ <% if (locals.error) {%>
+ <p><%= locals.error %></p>
+ <% } %>
+</body>
+</html>
\ No newline at end of file