theis.gaedigk/bikelane
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

added Function to recognise the frontend if the logged in user is an admin or not.

Browse Source
This commit is contained in:
theis.gaedigk
2025-07-24 11:30:00 +02:00
parent 85113daf45
commit d1bb95c2a8
3 changed files with 9 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
backend/server.js
View File

@@ -36,11 +36,9 @@ app.post("/api/login", async (req, res) => {
...result,
});
} else if (result.success && result.user.role === "user") {
// PROBLEM BELOW DOESNT WORK
// FIX LATER
res.redirect("http://localhost:5003");
res.status(403).json(result, { message: "You are not an Admin!" }); // Event Handler is in LoginCard.tsx - there is defined what happens when the status is 403
} else {
res.status(401).json(result, { message: "Invalid credentials" });
res.status(401).json(result, { message: "Invalid credentials" }); // Event Handler is in LoginCard.tsx - there is defined what happens when the status is 401
}
} catch (err) {
console.error("Error logging in:", err);
@@ -117,7 +115,7 @@ app.post("/api/updateUser", authenticate, async (req, res) => {
});
console.log("User updated successfully");
}
})
});
app.listen(port, () => {
console.log(`Express backend server is running at http://localhost:${port}`);

11
backend/services/database.js
View File

@@ -22,9 +22,9 @@ export async function loginUser(username, password) {
);
// If a user is found, return success and user data
if (result.length > 0 && result[0].role === "admin") {
console.log("User found: ", result[0].username, " ", result[0].id);
return { success: true, user: result[0] };
if (result.length > 0) {
console.log("User found: ", result[0]);
return { success: true, user: result[0] }; // result[0] contains ALL of the user data
} else {
// If no user is found, return failure message
console.error(`Invalid username or password!; ${result[0]}`);
@@ -99,10 +99,7 @@ export async function updateUser(
export async function deleteUser(id) {
try {
// Delete user based on username and password
const [result] = await pool.query(
"DELETE FROM users WHERE id = ?",
[id]
);
const [result] = await pool.query("DELETE FROM users WHERE id = ?", [id]);
const resultOfquery = result.affectedRows;
// If a user was deleted, return success