theis.gaedigk/login-page
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: enhance user management functionality with detailed feedback and improved error handling

Browse Source
This commit is contained in:
theis.gaedigk
2025-06-22 01:16:58 +02:00
parent 0fd042c9ca
commit c52193e697
4 changed files with 93 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

61
backend/database.js
View File

@@ -2,6 +2,7 @@ import mysql from "mysql2";
import dotenv from "dotenv"; import dotenv from "dotenv";
dotenv.config(); dotenv.config();
// Create a MySQL connection pool using environment variables for configuration
const pool = mysql const pool = mysql
.createPool({ .createPool({
host: process.env.DB_HOST, host: process.env.DB_HOST,
@@ -11,21 +12,26 @@ const pool = mysql
}) })
.promise(); .promise();
// Function to authenticate a user by username and password
export async function loginUser(username, password) { export async function loginUser(username, password) {
// Query the users table for a matching username and password
const [result] = await pool.query( const [result] = await pool.query(
"SELECT * FROM users WHERE username = ? AND password = ?", "SELECT * FROM users WHERE username = ? AND password = ?",
[username, password] [username, password]
); );
// If a user is found, return success and user data
if (result.length > 0) { if (result.length > 0) {
console.log("User found: ", result[0].username, " ", result[0].id); console.log("User found: ", result[0].username, " ", result[0].id);
return { success: true, user: result[0] }; return { success: true, user: result[0] };
} else { } else {
// If no user is found, return failure message
console.error(`Invalid username or password!; ${result[0]}`); console.error(`Invalid username or password!; ${result[0]}`);
return { success: false, message: "Invalid username or password" }; return { success: false, message: "Invalid username or password" };
} }
} }
// Function to create a new user in the database
export async function createUser( export async function createUser(
username, username,
first_name, first_name,
@@ -34,19 +40,22 @@ export async function createUser(
email email
) { ) {
try { try {
// Insert a new user record into the users table
const [result] = await pool.query( const [result] = await pool.query(
"INSERT INTO users (username, first_name, last_name, password, email) VALUES (?, ?, ?, ?, ?)", "INSERT INTO users (username, first_name, last_name, password, email) VALUES (?, ?, ?, ?, ?)",
[username, first_name, last_name, password, email] [username, first_name, last_name, password, email]
); );
console.log("User created successfully!"); console.log("User created successfully!");
return { success: true }; return { success: true, message: "User created successfully!" };
} catch (error) { } catch (error) {
console.error("Error creating user: ", error); // Handle errors during user creation
return { success: false, message: "Error creating user" }; console.log("Error creating user: ", error);
return { success: false, message: "Error creating user!" };
} }
} }
// Function to update an existing user's information
export async function updateUser( export async function updateUser(
username, username,
first_name, first_name,
@@ -55,25 +64,36 @@ export async function updateUser(
email email
) { ) {
try { try {
// Update user details based on username
const [result] = await pool.query( const [result] = await pool.query(
"UPDATE users SET first_name = ?, last_name = ?, password = ?, email = ? WHERE username = ?", "UPDATE users SET first_name = ?, last_name = ?, password = ?, email = ? WHERE username = ?",
[first_name, last_name, password, email, username] [first_name, last_name, password, email, username]
); );
return { const resultOfquery = result.affectedRows;
success: true,
message: "User updated successfully", // If a user was updated, return success
resultOfquery: result, if (resultOfquery > 0) {
}; console.log("User updated successfully!");
} catch (error) { return {
console.error("Error updating user: ", error); success: true,
return { message: "User updated successfully!",
success: false, resultOfquery: result,
message: "Error updating user", };
resultOfquery: result, }
};
} // If no user was updated, return failure
if (resultOfquery === 0) {
console.log("Error updating user!");
return {
success: false,
message: "Error updating user!",
resultOfquery: null,
};
}
} catch (err) {}
} }
// Function to delete a user from the database
export async function deleteUser( export async function deleteUser(
username, username,
first_name, first_name,
@@ -82,26 +102,29 @@ export async function deleteUser(
email email
) { ) {
try { try {
// Delete user based on username and password
const [result] = await pool.query( const [result] = await pool.query(
"DELETE FROM users WHERE username = ? AND password = ?", "DELETE FROM users WHERE username = ? AND password = ?",
[username, password] [username, password]
); );
const resultOfquery = result.affectedRows; const resultOfquery = result.affectedRows;
// If a user was deleted, return success
if (resultOfquery > 0) { if (resultOfquery > 0) {
console.log("User deleted successfully!"); console.log("User deleted successfully!");
return { return {
success: true, success: true,
message: "User deleted successfully", message: "User deleted successfully!",
resultOfquery: result, resultOfquery: result,
}; };
} }
// If no user was deleted, return failure
if (resultOfquery === 0) { if (resultOfquery === 0) {
console.log("Error deleting user."); console.log("Error deleting user!");
return { return {
success: false, success: false,
message: "Error deleting user", message: "Error deleting user!",
resultOfquery: null, resultOfquery: null,
}; };
} }

20
backend/server.js
View File

@@ -3,17 +3,22 @@ import express from "express";
const app = express(); const app = express();
const port = 4000; const port = 4000;
// Importing database functions for user operations
import { loginUser, createUser, updateUser, deleteUser } from "./database.js"; import { loginUser, createUser, updateUser, deleteUser } from "./database.js";
// Middleware to parse URL-encoded bodies (form submissions)
app.use(express.urlencoded({ extended: true })); app.use(express.urlencoded({ extended: true }));
// Set EJS as the view engine for rendering templates
app.set("view engine", "ejs"); app.set("view engine", "ejs");
import path from "path"; import path from "path";
import { fileURLToPath } from "url"; import { fileURLToPath } from "url";
// Setup for __dirname and __filename in ES modules
const __filename = fileURLToPath(import.meta.url); const __filename = fileURLToPath(import.meta.url);
const __dirname = path.dirname(__filename); const __dirname = path.dirname(__filename);
// Start the server and listen on the specified port
app.listen(port, () => { app.listen(port, () => {
console.log(`Server is running on http://localhost:${port}`); console.log(`Server is running on http://localhost:${port}`);
}); });
@@ -26,18 +31,21 @@ app.use(express.static("public"));
// Main code below // Main code below
// Route to handle GET requests to the root URL // Route to handle GET requests to the root URL (login page)
app.get("/", (req, res) => { app.get("/", (req, res) => {
res.render("login.ejs", { error: null, reload: false }); res.render("login.ejs", { error: null, reload: false });
console.log("Frontend user requested frontend login page."); console.log("Frontend user requested frontend login page.");
}); });
// Variable to keep track of the latest logged-in user
let latestUser; let latestUser;
// Route to handle user login // Route to handle user login
app.post("/login", (req, res) => { app.post("/login", (req, res) => {
// Attempt to log in the user with provided credentials
loginUser(req.body.username, req.body.password).then((result) => { loginUser(req.body.username, req.body.password).then((result) => {
if (result.success) { if (result.success) {
// On successful login, render the dashboard and update latestUser
res.status(200).render("dashboard.ejs", { res.status(200).render("dashboard.ejs", {
sqlResult: result, sqlResult: result,
newLink: `/dashboard/${result.user.id}`, newLink: `/dashboard/${result.user.id}`,
@@ -46,6 +54,7 @@ app.post("/login", (req, res) => {
}); });
latestUser = result; latestUser = result;
} else { } else {
// On failure, re-render login page with error message
res res
.status(401) .status(401)
.render("login.ejs", { error: result.message, reload: true }); .render("login.ejs", { error: result.message, reload: true });
@@ -53,18 +62,22 @@ app.post("/login", (req, res) => {
}); });
}); });
// Route to handle user creation, update, and deletion
app.post(["/createUser", "/updateUser", "/deleteUser"], (req, res) => { app.post(["/createUser", "/updateUser", "/deleteUser"], (req, res) => {
let action = req.path; let action = req.path;
let funcName; let funcName;
// Determine which database function to use based on the route
if (action === "/createUser") { if (action === "/createUser") {
funcName = createUser; funcName = createUser;
} else if (action === "/updateUser") { } else if (action === "/updateUser") {
funcName = updateUser; funcName = updateUser;
} else if (action === "/deleteUser") { } else if (action === "/deleteUser") {
// Prevent deleting the currently logged-in user
if (latestUser && req.body.username !== latestUser.user.username) { if (latestUser && req.body.username !== latestUser.user.username) {
funcName = deleteUser; funcName = deleteUser;
} else { } else {
// Render dashboard with alert if trying to delete logged-in user
res.status(400).render("dashboard.ejs", { res.status(400).render("dashboard.ejs", {
sqlResult: latestUser, sqlResult: latestUser,
newLink: latestUser ? `/dashboard/${latestUser.id}` : "#", newLink: latestUser ? `/dashboard/${latestUser.id}` : "#",
@@ -74,9 +87,11 @@ app.post(["/createUser", "/updateUser", "/deleteUser"], (req, res) => {
return; return;
} }
} else { } else {
// Handle invalid actions
res.status(400).send("Invalid action"); res.status(400).send("Invalid action");
return; return;
} }
// Call the selected database function with user data
funcName( funcName(
req.body.username, req.body.username,
req.body.first_name, req.body.first_name,
@@ -85,6 +100,7 @@ app.post(["/createUser", "/updateUser", "/deleteUser"], (req, res) => {
req.body.email req.body.email
).then((result) => { ).then((result) => {
if (result.success === true) { if (result.success === true) {
// On success, render dashboard with success message
res.status(201).render("dashboard.ejs", { res.status(201).render("dashboard.ejs", {
sqlResult: latestUser, sqlResult: latestUser,
newLink: `/dashboard/${latestUser.id}`, newLink: `/dashboard/${latestUser.id}`,
@@ -92,6 +108,7 @@ app.post(["/createUser", "/updateUser", "/deleteUser"], (req, res) => {
success: "User action successful!", success: "User action successful!",
}); });
} else { } else {
// On failure, render dashboard with alert
res.status(400).render("dashboard.ejs", { res.status(400).render("dashboard.ejs", {
sqlResult: latestUser, sqlResult: latestUser,
newLink: `/dashboard/${latestUser.id}`, newLink: `/dashboard/${latestUser.id}`,
@@ -104,6 +121,7 @@ app.post(["/createUser", "/updateUser", "/deleteUser"], (req, res) => {
// error handling code // error handling code
app.use((err, req, res, next) => { app.use((err, req, res, next) => {
// Log the error stack and send a generic error response
console.error(err.stack); console.error(err.stack);
res.status(500).send("Something broke!"); res.status(500).send("Something broke!");
}); });

32
backend/views/dashboard.ejs
View File

@@ -1,14 +1,10 @@
<!DOCTYPE html> <!DOCTYPE html>
<html lang="en"> <html lang="en">
<head> <head>
<!--
<script>
window.history.pushState({}, "", "<%=// newLink %>");
</script>
-->
<meta charset="utf-8" /> <meta charset="utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" /> <meta name="viewport" content="width=device-width, initial-scale=1" />
<title>Dashboard</title> <title>Dashboard</title>
<!-- Bootstrap CSS for styling -->
<link <link
href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.7/dist/css/bootstrap.min.css" href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.7/dist/css/bootstrap.min.css"
rel="stylesheet" rel="stylesheet"
@@ -16,12 +12,16 @@
crossorigin="anonymous" crossorigin="anonymous"
/> />
<!-- Set the right attributes for form --> <!--
setAction JS function dynamically sets the form action and required fields
based on which button is clicked (Create, Update, Delete)
-->
<script> <script>
function setAction(action) { function setAction(action) {
const form = document.getElementById("myForm"); const form = document.getElementById("myForm");
form.action = action; form.action = action;
// For deleteUser, only username and password are required
if (action === "/deleteUser") { if (action === "/deleteUser") {
const first_name = document.getElementById("first_name"); const first_name = document.getElementById("first_name");
const last_name = document.getElementById("last_name"); const last_name = document.getElementById("last_name");
@@ -32,6 +32,7 @@
email.removeAttribute("required"); email.removeAttribute("required");
} }
// For createUser and updateUser, all fields are required
if (action === "/createUser" || action === "/updateUser") { if (action === "/createUser" || action === "/updateUser") {
const first_name = document.getElementById("first_name"); const first_name = document.getElementById("first_name");
const last_name = document.getElementById("last_name"); const last_name = document.getElementById("last_name");
@@ -50,20 +51,22 @@
</head> </head>
<body class="bg-dark text-light"> <body class="bg-dark text-light">
<div class="container py-5"> <div class="container py-5">
<!-- Header --> <!-- Header with greeting and logout button -->
<div class="d-flex justify-content-between align-items-center mb-4"> <div class="d-flex justify-content-between align-items-center mb-4">
<div> <div>
<!-- Displays user's first name from server-side variable -->
<h2>Hello, <%= sqlResult.user.first_name %>!</h2> <h2>Hello, <%= sqlResult.user.first_name %>!</h2>
</div> </div>
<div> <div>
<h3>Welcome to your dashboard</h3> <h3>Welcome to your dashboard</h3>
</div> </div>
<div> <div>
<!-- Logout button -->
<a href="/" class="btn btn-info">Logout</a> <a href="/" class="btn btn-info">Logout</a>
</div> </div>
</div> </div>
<!-- User creation form --> <!-- Card containing the user form for create, update, delete -->
<div class="card text-dark shadow"> <div class="card text-dark shadow">
<div class="card-body"> <div class="card-body">
<h4 class="card-title mb-4"> <h4 class="card-title mb-4">
@@ -76,8 +79,10 @@
> >
a user a user
</h4> </h4>
<!-- Main user form, method POST, action set dynamically -->
<form id="myForm" method="post"> <form id="myForm" method="post">
<div class="row g-3"> <div class="row g-3">
<!-- First Name input -->
<div class="col-md-6"> <div class="col-md-6">
<label for="first_name" class="form-label" <label for="first_name" class="form-label"
><strong>First Name</strong></label ><strong>First Name</strong></label
@@ -92,6 +97,7 @@
/> />
</div> </div>
<!-- Last Name input -->
<div class="col-md-6"> <div class="col-md-6">
<label for="last_name" class="form-label" <label for="last_name" class="form-label"
><strong>Last Name</strong></label ><strong>Last Name</strong></label
@@ -106,6 +112,7 @@
/> />
</div> </div>
<!-- Username input (cannot be changed) -->
<div class="col-md-6"> <div class="col-md-6">
<label for="username" class="form-label" <label for="username" class="form-label"
><strong ><strong
@@ -123,6 +130,7 @@
/> />
</div> </div>
<!-- Email input -->
<div class="col-md-6"> <div class="col-md-6">
<label for="email" class="form-label" <label for="email" class="form-label"
><strong>Email</strong></label ><strong>Email</strong></label
@@ -137,6 +145,7 @@
/> />
</div> </div>
<!-- Password input -->
<div class="col-12"> <div class="col-12">
<label for="password" class="form-label" <label for="password" class="form-label"
><strong>Password</strong></label ><strong>Password</strong></label
@@ -150,6 +159,10 @@
required required
/> />
</div> </div>
<!--
Alert and success messages, shown conditionally
Uses EJS to check for alert or success variables
-->
<% if (alert !== null) { %> <% if (alert !== null) { %>
<div class="col-12 d-flex align-items-center"> <div class="col-12 d-flex align-items-center">
<div <div
@@ -183,6 +196,7 @@
<% } %> <% } %>
</div> </div>
<!-- Action buttons for Create, Update, Delete -->
<div class="row text-center gy-1 mt-4"> <div class="row text-center gy-1 mt-4">
<div class="col-sm"> <div class="col-sm">
<button <button
@@ -216,6 +230,7 @@
</div> </div>
</form> </form>
</div> </div>
<!-- Card footer with note about delete requirements -->
<div class="card-footer"> <div class="card-footer">
<p class="text-center mb-0"> <p class="text-center mb-0">
<strong>Note:</strong> When <strong>deleting a user</strong>, you <strong>Note:</strong> When <strong>deleting a user</strong>, you
@@ -226,6 +241,7 @@
</div> </div>
</div> </div>
<!-- Bootstrap JS Bundle -->
<script <script
src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.7/dist/js/bootstrap.bundle.min.js" src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.7/dist/js/bootstrap.bundle.min.js"
integrity="sha384-ndDqU0Gzau9qJ1lfW4pNLlhNTkCfHzAVBReH9diLvGRem5+R9g2FzA8ZGN954O5Q" integrity="sha384-ndDqU0Gzau9qJ1lfW4pNLlhNTkCfHzAVBReH9diLvGRem5+R9g2FzA8ZGN954O5Q"

14
backend/views/login.ejs
View File

@@ -12,15 +12,18 @@
/> />
</head> </head>
<body class="bg-dark"> <body class="bg-dark">
<div class="container d-flex justify-content-center align-items-center" style="min-height: 100vh;"> <div
<div class="card shadow-lg" style="width: 100%; max-width: 400px;"> class="container d-flex justify-content-center align-items-center"
style="min-height: 100vh"
>
<div class="card shadow-lg" style="width: 100%; max-width: 400px">
<div class="card-body"> <div class="card-body">
<h2 class="card-title text-center mb-4">Login</h2> <h2 class="card-title text-center mb-4">Login</h2>
<% if (error) { %> <% if (error) { %>
<div class="alert alert-danger text-center" role="alert"> <div class="alert alert-danger text-center" role="alert">
<%= error %> <%= error %>
</div> </div>
<% } %> <% } %>
<form action="/login" method="post"> <form action="/login" method="post">
@@ -61,4 +64,3 @@
></script> ></script>
</body> </body>
</html> </html>