diff --git a/controllers/loginController.js b/controllers/loginController.js
index 0bdf2f389e4d3a2e77eb9042434808b5d5a69a88..0ef09e331296f71a84ad0793331683ccf104e51f 100644
--- a/controllers/loginController.js
+++ b/controllers/loginController.js
@@ -1,5 +1,5 @@
const bcrypt = require('bcrypt');
-const pool = require('../db'); // แยกไฟล์ connection ใน db.js
+const pool = require('../db');
module.exports = {
showLoginPage: (req, res) => {
@@ -17,14 +17,13 @@ module.exports = {
const user = rows[0];
const match = await bcrypt.compare(rpassword, user.password);
- if (!match) {
+ if (match) {
+ req.session.userId = user.id
+ res.redirect('/');
+ } else {
req.flash('message', 'Password incorrect');
return res.redirect('/login');
}
-
- // login success (สามารถสร้าง session ได้ที่นี่)
- req.flash('message', 'Login successful');
- res.redirect('/');
} catch (err) {
console.error(err);
res.status(500).send('Server error');
diff --git a/controllers/logoutController.js b/controllers/logoutController.js
new file mode 100644
index 0000000000000000000000000000000000000000..712c536d5ef228d81eacaee374d90a79f94ff009
--- /dev/null
+++ b/controllers/logoutController.js
@@ -0,0 +1,5 @@
+module.exports = (req, res) => {
+ req.session.destroy(() => {
+ res.redirect('/')
+ })
+}
\ No newline at end of file
diff --git a/index.js b/index.js
index 7b008b8d326a673145ea0c7c551d5d8d4f91a144..39e707b5f7d70313b95e960dceba00a0907cd3dd 100644
--- a/index.js
+++ b/index.js
@@ -3,6 +3,7 @@ const bodyParser = require('body-parser');
const session = require('express-session');
const flash = require('connect-flash');
+global.loggedIn = null
const app = express();
app.use(express.static('public'));
app.use(express.json());
@@ -10,21 +11,28 @@ app.use(express.urlencoded({ extended: true }));
app.use(bodyParser.urlencoded({ extended: true }));
app.use(session({
secret: 'secretkey',
- resave: false,
+ resave: true,
saveUninitialized: true
}));
app.use(flash());
app.set('view engine', 'ejs');
+app.use('*', (req, res, next) => {
+ loggedIn = req.session.userId
+ next()
+});
const indexController = require('./controllers/indexController');
const loginController = require('./controllers/loginController');
const registerController = require('./controllers/registerController');
+const logoutController = require('./controllers/logoutController');
app.get('/', indexController);
app.get('/login', loginController.showLoginPage);
app.post('/user/login', loginController.loginUser);
app.get('/register', registerController.showRegisterPage);
app.post('/user/register', registerController.registerUser);
+app.post('/user/register', registerController.registerUser);
+app.get('/logout', logoutController);
const port = process.env.PORT || 3000;
app.listen(port, () => {
diff --git a/views/index.ejs b/views/index.ejs
index 20838be9eefa23a6e8881e992cca8151f89ff2d1..11f2fbebc6a994746a8a1da9753f7d4bea3d437b 100644
--- a/views/index.ejs
+++ b/views/index.ejs
@@ -50,12 +50,19 @@
<li class="nav-item">
<a class="nav-link" href="gallery.html">Gallery</a>
</li>
+ <% if (loggedIn) { %>
+ <li class="nav-item">
+ <a class="nav-link text-danger" href="/logout">Logout</a>
+ </li>
+ <% } %>
+ <% if (!loggedIn) { %>
<li class="nav-item">
<a class="nav-link" href="/login">Login</a>
</li>
<li class="nav-item">
<a class="nav-link" href="/register">Register</a>
</li>
+ <% } %>
<li class="nav-item">
<a class="nav-link" href="#"><i class="fa fa-search" aria-hidden="true"></i></a>
</li>
diff --git a/views/login.ejs b/views/login.ejs
index 0b4d5d246d0b6024e7bebbf97da61730a3c70b62..3b22bb0be07420fee0c64f44dcaa65eb4a3cb7b8 100644
--- a/views/login.ejs
+++ b/views/login.ejs
@@ -130,6 +130,12 @@
<main class="form-signin w-100 m-auto">
<form action="/user/login" method="POST">
+ <% if (message && message.length > 0) { %>
+ <div class="alert alert-danger" role="alert">
+ <%= message %>
+ </div>
+ <% } %>
+
<h1 class="h3 mb-3 fw-normal">Sign in</h1>
<div class="form-floating">