added Function to recognise the frontend if the logged in user is an admin or not.
This commit is contained in:
@@ -36,11 +36,9 @@ app.post("/api/login", async (req, res) => {
|
|||||||
...result,
|
...result,
|
||||||
});
|
});
|
||||||
} else if (result.success && result.user.role === "user") {
|
} else if (result.success && result.user.role === "user") {
|
||||||
// PROBLEM BELOW DOESNT WORK
|
res.status(403).json(result, { message: "You are not an Admin!" }); // Event Handler is in LoginCard.tsx - there is defined what happens when the status is 403
|
||||||
// FIX LATER
|
|
||||||
res.redirect("http://localhost:5003");
|
|
||||||
} else {
|
} else {
|
||||||
res.status(401).json(result, { message: "Invalid credentials" });
|
res.status(401).json(result, { message: "Invalid credentials" }); // Event Handler is in LoginCard.tsx - there is defined what happens when the status is 401
|
||||||
}
|
}
|
||||||
} catch (err) {
|
} catch (err) {
|
||||||
console.error("Error logging in:", err);
|
console.error("Error logging in:", err);
|
||||||
@@ -117,7 +115,7 @@ app.post("/api/updateUser", authenticate, async (req, res) => {
|
|||||||
});
|
});
|
||||||
console.log("User updated successfully");
|
console.log("User updated successfully");
|
||||||
}
|
}
|
||||||
})
|
});
|
||||||
|
|
||||||
app.listen(port, () => {
|
app.listen(port, () => {
|
||||||
console.log(`Express backend server is running at http://localhost:${port}`);
|
console.log(`Express backend server is running at http://localhost:${port}`);
|
||||||
|
|||||||
@@ -22,9 +22,9 @@ export async function loginUser(username, password) {
|
|||||||
);
|
);
|
||||||
|
|
||||||
// If a user is found, return success and user data
|
// If a user is found, return success and user data
|
||||||
if (result.length > 0 && result[0].role === "admin") {
|
if (result.length > 0) {
|
||||||
console.log("User found: ", result[0].username, " ", result[0].id);
|
console.log("User found: ", result[0]);
|
||||||
return { success: true, user: result[0] };
|
return { success: true, user: result[0] }; // result[0] contains ALL of the user data
|
||||||
} else {
|
} else {
|
||||||
// If no user is found, return failure message
|
// If no user is found, return failure message
|
||||||
console.error(`Invalid username or password!; ${result[0]}`);
|
console.error(`Invalid username or password!; ${result[0]}`);
|
||||||
@@ -99,10 +99,7 @@ export async function updateUser(
|
|||||||
export async function deleteUser(id) {
|
export async function deleteUser(id) {
|
||||||
try {
|
try {
|
||||||
// Delete user based on username and password
|
// Delete user based on username and password
|
||||||
const [result] = await pool.query(
|
const [result] = await pool.query("DELETE FROM users WHERE id = ?", [id]);
|
||||||
"DELETE FROM users WHERE id = ?",
|
|
||||||
[id]
|
|
||||||
);
|
|
||||||
const resultOfquery = result.affectedRows;
|
const resultOfquery = result.affectedRows;
|
||||||
|
|
||||||
// If a user was deleted, return success
|
// If a user was deleted, return success
|
||||||
|
|||||||
@@ -50,6 +50,8 @@ const LoginCard: React.FC<LoginCardProps> = ({ onClose }) => {
|
|||||||
document.location.reload();
|
document.location.reload();
|
||||||
} else if (response.status === 401) {
|
} else if (response.status === 401) {
|
||||||
alert("Invalid credentials");
|
alert("Invalid credentials");
|
||||||
|
} else if (response.status === 403) {
|
||||||
|
alert("You are not an Admin!");
|
||||||
}
|
}
|
||||||
})
|
})
|
||||||
.catch((error) => {
|
.catch((error) => {
|
||||||
|
|||||||
Reference in New Issue
Block a user