-
Notifications
You must be signed in to change notification settings - Fork 0
/
app.js
256 lines (227 loc) · 10.6 KB
/
app.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
//import required packages (all listed in package.json)
const mysql = require('mysql'); //mysql driver
const express = require('express'); //creates a web application server
var favicon = require('serve-favicon');
var path = require('path'); //The Path module provides a way of working with directories and file paths.
var cookieParser = require('cookie-parser'); //needed for session storing
var bodyParser = require('body-parser'); //bodyparser parses incoming request bodies (inputs) before we use them
var expressValidator = require('express-validator'); //validates input and reports any errors before creating user
var flash = require('connect-flash'); //used for storing messages
//authentication packages
var session = require('express-session') //needed to store sessions (for user)
var passport = require('passport')
var LocalStrategy = require('passport-local').Strategy;
var MySQLStore = require('express-mysql-session')(session);
const bcrypt = require('bcrypt');
const saltRounds = 10;
//create web app server
const app = express();
//create database connection
const db = mysql.createConnection({
host : 'localhost',
user : 'root',
password : 'F96NjP!x',
database : 'glorymark'
});
db.connect((err) => {
if(err){
throw err;
}
console.log('MySql Connected...');
});
global.db = db; //allows variable db to be accessed in all files
//creates a sessions table in glorymark and stores the session (when user is logged in) in it
var options = {
host : 'localhost',
user : 'root',
password : 'F96NjP!x',
database : 'glorymark'
};
var sessionStore = new MySQLStore(options);
app.set("view engine", "ejs"); //we are using ejs instead of html
app.set('views', __dirname + '/views'); // set express to look in this folder to render our view
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: false }));
app.use(expressValidator()); //(this line must be immediately after any of the bodyParser middlewares!)
app.use(cookieParser());
app.use(favicon(path.join(__dirname,'public', 'assets', 'img','favicon.ico')));
app.use(express.static(path.join(__dirname, 'public')));
app.use(flash());
app.use(session({
secret: 'qsaeolilyffutif', //what we are using to hash our cookie
store: sessionStore,
resave: false, //only saving session whenever a change is made directly to it
saveUninitialized: false, //only creating sessions for users that have LOGGED IN
//cookie: { secure: true } //if we have https enable this to true
}));
app.use(passport.initialize()); //initialize the authentication module
app.use(passport.session()); // alters the value of the 'user' property in the req object to contain the deserialized identity of the user.
//verify callback for local authentication
passport.use(new LocalStrategy({
usernameField: 'username',
passwordField: 'pword', //default is 'password' so we need to include this to change it
passReqToCallback : true // lets us send error message using connect-flash package
},
function(req, username, pword, done) {
db.query('SELECT b_id, pword FROM better WHERE username = ?', [username], function(err, results, fields) {
if(err) {
done(err);
}
if(results.length == 0) {
//username doesn't exists in database => navigate you to failure option and stores failure message
done(null, false, req.flash('failureFlash', "Username doesn't exist"));
} else {
//hash password and compare it to the hashed password in database
const hash = results[0].pword.toString();
bcrypt.compare(pword, hash, function(err, response) {
if(response == true) {
//password exists in database => navigates you to success options
return done(null, {user_id: results[0].b_id});
} else {
//password doesn't exist in database => => navigate you to failure option and stores failure message
return done(null, false, req.flash('failureFlash', "Wrong password"));
}
});
}
})
}
));
function populateIsCorrect(betArr, winArr) {
for(var i = 0; i < betArr.length; i++) {
for(var j = 0; j < winArr.length; j++) {
if(winArr[j].winType == 'Win') {
if(betArr[i].contestant_id == winArr[j].contestant_id && betArr[i].event_id == winArr[j].event_id) {
db.query("UPDATE bet SET isCorrect = 1 WHERE bet_id = ?", betArr[i].bet_id, function(err, result) {
if(err) throw err;
});
break;
}
else {
db.query("UPDATE bet SET isCorrect = 0 WHERE bet_id = ?", betArr[i].bet_id, function(err, result) {
if(err) throw err;
});
}
}
else {
if(betArr[i].contestant_id == winArr[j].contestant_id && betArr[i].event_id == winArr[j].event_id && winArr[j].winType == 'Place') {
db.query("UPDATE bet SET isCorrect = 1 WHERE bet_id = ?", betArr[i].bet_id, function(err, result) {
if(err) throw err;
});
break;
}
else {
db.query("UPDATE bet SET isCorrect = 0 WHERE bet_id = ?", betArr[i].bet_id, function(err, result) {
if(err) throw err;
});
}
}
}
}
return 0;
}
//initializes functions that will be called in the specified routes
const {getHomePage, getSignUpPage, getSignInPage, getProfilePage, getEventPage, getManageBetPage} = require('./routes/render-pages')
const {getBPRep, getMP, getPush, getChin, getPull, getAdmin, getResultsPage} = require('./routes/render-pages')
const {getPlank, getWall, getJR, getMile, getMeter, getBPWeight} = require('./routes/render-pages')
const {getSelectWinnerPage, getAdminManageBetPage, getAdminMeter, getAdminBPRep, getAdminBPWeight, getAdminChin} = require('./routes/render-pages')
const {getAdminJR, getAdminMP, getAdminMile, getAdminPlank, getAdminPull, getAdminPush, getAdminWall} = require('./routes/render-pages')
const {addUser} = require('./routes/login-users')
const {deleteBet, addBet, adminDeleteBet, disableEvent, selectWinner, deleteWinner} = require('./routes/manage-bets')
//routes for the app
app.get('/', getHomePage);
app.get('/sign-up', getSignUpPage);
app.get('/sign-in', getSignInPage);
app.get('/profile', getProfilePage);
app.get('/events', getEventPage);
app.get('/manage-bet', getManageBetPage);
app.get('/admin-manage-bet',getAdminManageBetPage);
app.get('/select-winner', getSelectWinnerPage);
app.get('/bp-rep', getBPRep);
app.get('/admin-bp-rep', getAdminBPRep);
app.get('/mp', getMP);
app.get('/admin-mp', getAdminMP);
app.get('/push', getPush);
app.get('/admin-push', getAdminPush);
app.get('/chin', getChin);
app.get('/admin-chin', getAdminChin);
app.get('/pull', getPull);
app.get('/admin-pull', getAdminPull);
app.get('/plank', getPlank);
app.get('/admin-plank', getAdminPlank);
app.get('/wall', getWall);
app.get('/admin-wall', getAdminWall);
app.get('/jr', getJR);
app.get('/admin-jr', getAdminJR);
app.get('/mile', getMile);
app.get('/admin-mile', getAdminMile);
app.get('/meter', getMeter);
app.get('/admin-meter', getAdminMeter);
app.get('/admin', getAdmin);
app.get('/bp-weight', getBPWeight);
app.get('/results', function(req, res) {
if(req.isAuthenticated()) {
var better_id = req.session.passport.user.user_id;
db.query("SELECT betterType FROM better WHERE b_id = ?", better_id, function(err, result) {
var betterType = result[0].betterType;
if(betterType == 'admin') {
db.query("SELECT * FROM bet", function(err, resB) {
if(err) throw err;
var betArr = resB;
db.query("SELECT * FROM winners", function(err, resW) {
var winArr = resW;
populateIsCorrect(betArr, winArr);
});
});
db.query("DELETE FROM results", function(err, result) {
if(err) throw err;
})
db.query("INSERT INTO results(betAmount, better_name, contestant_name, event_name, bet_type, w_win, contrib) SELECT betAmount, CONCAT(better.firstname, ' ', better.lastname) as b_fullname, CONCAT(contestants.firstname, ' ', contestants.lastname) as c_fullname , eventName, betType, (SELECT IF(betType = 'Win', 1, 0)) * betAmount * isCorrect AS w_win, betAmount*isCorrect AS contrib FROM bet JOIN better ON bet.better_id = better.b_id JOIN contestants ON bet.contestant_id = contestants.c_id JOIN sport ON bet.event_id = sport.e_id", function(err, result) {
if(err) throw err;
});
db.query("call getAllWinnings()", function(err, result) {
if(err) throw err;
});
db.query("SELECT * FROM results ORDER BY event_name", function(err, result) {
if(err) throw err;
db.query("SELECT better_name, Sum(winningMinusCut) AS sum FROM results GROUP BY better_name", function(err, result2) {
db.query("SELECT SUM(cut) AS sum FROM results", function(err, result3) {
if(err) throw err;
res.render('display-results', {results: result, totalPerBetter: result2, amountToCharity: result3});
});
});
})
}
else {
res.redirect('/profile')
}
});
}
else {
res.redirect('/')
}
});
app.get('/admin-bp-weight', getAdminBPWeight);
app.get('/log-out', function(req, res) {
req.logout();
req.session.destroy(() => {
res.clearCookie('connect.sid')
res.redirect('/')
})
});
app.post('/sign-up', addUser);
app.post('/delete-bet', deleteBet);
app.post('/admin-delete-bet', adminDeleteBet);
app.post('/delete-winner', deleteWinner)
app.post('/add-bet', addBet);
app.post('/disable-event', disableEvent);
app.post('/select-winner', selectWinner);
app.post('/sign-in', passport.authenticate('local',
{
successRedirect: '/profile', //success option
failureRedirect: '/sign-in', //failure option
failureFlash: true //allows you to store failure messages
}));
//set the app to listen on port 3000
app.listen('3000', () => {
console.log('Server started on port 3000');
});