From da3642c7c4d04a3c9f0d08d5daa2accc58b95971 Mon Sep 17 00:00:00 2001
From: rsgltzyd <rsgltzyd@hotmail.com>
Date: Tue, 14 May 2024 23:57:42 +0800
Subject: [PATCH] =?UTF-8?q?=E5=AE=8C=E5=96=84=E7=99=BB=E5=BD=95=E9=80=BB?=
 =?UTF-8?q?=E8=BE=91=20=E5=AE=8C=E5=96=84session=E5=92=8Ccookie=E7=9A=84?=
 =?UTF-8?q?=E4=BD=BF=E7=94=A8?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 app.js                        | 14 ++++-----
 controllers/userController.js |  8 ++++++
 routes/index.js               | 53 +++++++++++++++++++++++++++--------
 utils/LoginUtil.js            | 10 +++++++
 4 files changed, 65 insertions(+), 20 deletions(-)
 create mode 100644 utils/LoginUtil.js

diff --git a/app.js b/app.js
index dd9a6e3..329cf50 100644
--- a/app.js
+++ b/app.js
@@ -1,10 +1,10 @@
 const createError = require('http-errors');
 const express = require('express');
 const path = require('path');
-const cookieParser = require('cookie-parser');
 const logger = require('morgan');
 const cors = require('cors');
 const session = require('express-session');
+const cookieParser = require('cookie-parser');
 
 const indexRouter = require('./routes/index');
 const mongodbConfig = require('./db/mongodb.config');
@@ -15,26 +15,24 @@ const app = express();
 require("dotenv").config();
 const dbAccount = process.env.DB_ACCOUNT;
 const dbPassword = process.env.DB_PASSWORD;
+const loginSecret = process.env.SESSION_SECRET;
 mongodbConfig.connectMongoDB(dbAccount, dbPassword);
 
 app.use(cors());
 app.use(logger('dev'));
 app.use(express.json());
 app.use(express.urlencoded({ extended: false }));
-app.use(cookieParser());
 app.use(express.static(path.join(__dirname, 'public')));
+app.use(cookieParser());
 app.use(session({
-  secret: 'sessiontest',
+  name: 'identityKey',
+  secret: loginSecret,
   resave: false,
   saveUninitialized: false,
   cookie: {
-    path: '/',
-    name: 'login',
-    secret: 'sessiontest',
     secure: false,
-    maxAge: 1000 * 60 * 60,
+    maxAge: 1000 * 60 * 10,
   },
-  name: 'ivan',
 }));
 
 app.use('/', indexRouter);
diff --git a/controllers/userController.js b/controllers/userController.js
index bc52aaf..9cd20af 100644
--- a/controllers/userController.js
+++ b/controllers/userController.js
@@ -9,4 +9,12 @@ exports.user_list = expressAsyncHandler(async (req, res, next) => {
     } catch (err) {
         next(err);
     }
+});
+
+exports.find_user_login = expressAsyncHandler(async (account) => {
+    try {
+        return await User.findOne({ account: account });
+    } catch (err) {
+        next(err);
+    }
 });
\ No newline at end of file
diff --git a/routes/index.js b/routes/index.js
index a64625e..540e1f6 100644
--- a/routes/index.js
+++ b/routes/index.js
@@ -14,28 +14,57 @@ router.get('/', function (req, res, next) {
 });
 
 router.get('/user', async function (req, res, next) {
+  console.log(req.session);
+  console.log(req.session.account);
+  if (req.session.account === null || req.session.account === '' || req.session.account === undefined) {
+    res.send('not login');
+    return;
+  }
   let us = await user_controller.user_list();
   us = JSON.stringify(us);
   res.send(us);
 })
 
 router.post('/login', async function (req, res, next) {
-  let us = await user_controller.user_list();
   const body = JSON.parse(JSON.stringify(req.body));
-  if (StringUtils.isNotEmpty(body)) {
-    if (body.account === '' || body.account === undefined || body.account === null) {
-      res.send('account is null');
-    }
-    if (body.password === '' || body.password === undefined || body.password === null) {
-      res.send('password is null');
-    }
+  if (!StringUtils.isNotEmpty(body)) {
+    res.json({ ret_code: -1, ret_msg: '登录失败' });
+  }
+  const account = body.account;
+  const password = body.password;
+
+  if (account === '' || account === undefined || account === null) {
+    return res.json({ ret_code: -1, ret_msg: '没有填写账号' });
+  }
+  if (password === '' || password === undefined || password === null) {
+    return res.json({ ret_code: -1, ret_msg: '没有填写密码' });
   }
 
+  const user = await user_controller.find_user_login(account);
+  if (!user) {
+    return res.json({ ret_code: -1, ret_msg: '账号不存在' })
+  }
+
+  if (user.password != password) {
+    return res.json({ ret_code: -1, ret_msg: '密码错误' })
+  }
+
+  req.session.regenerate((err) => {
+    if (err) {
+      return res.json({ ret_code: -1, ret_msg: '登录失败' });
+    }
+    req.session.account = account;
+    console.log(req.session.account);
+    res.json({ ret_code: 0, ret_msg: '登录成功' });
+  });
+});
+
+router.get('/logout', async function (req, res, next) {
   console.log(req.session);
-  console.log(body.account);
-  req.session.userid = body.account;
-  console.log(req.session);
-  res.send('return ok');
+  console.log(req.sessionID);
+  console.log(req.session.account);
+  console.log(req.session.cookie);
+  res.json({ ret_code: 1, ret_msg: '成功' });
 });
 
 module.exports = router;
diff --git a/utils/LoginUtil.js b/utils/LoginUtil.js
new file mode 100644
index 0000000..5f137ac
--- /dev/null
+++ b/utils/LoginUtil.js
@@ -0,0 +1,10 @@
+exports.aopMiddleware = function (req, res, next) {
+    console.log(req.url);
+    console.log(req.method);
+
+    if (req.session) {
+
+    }
+
+    next();
+}
\ No newline at end of file