· 8 years ago · Feb 01, 2018, 09:36 PM
1module.exports = function(app, request, MongoClient, bcrypt){
2
3 app.post('/api/inscription', function(req,res){ //page connexion / inscription
4
5 var ip = req.headers['x-forwarded-for'];
6 var pseudo = req.body.pseudo;
7 var password = req.body.password; //récupération des champs du formulaire
8 var verifPassword = req.body.verifPassword;
9 var mail = req.body.mail;
10 var recaptcha = req.body.recaptcha;
11 var errorInscription = []; //tableau stock toute les erreur d'inscriptions
12 var regEmail = new RegExp('^[0-9A-Za-z._-]+@{1}[0-9A-Za-z.-]{2,}[.]{1}[A-Za-z]{2,5}$'); //reg format email
13 var regPseudo = new RegExp('^[a-zA-Z]+[0-9]{0,4}[_-]{0,1}[A-Za-z0-9]+$'); //start par une lettre, puis peut mettre 0 Ã 4 chiffre puis 1 tirets puis doit finir par chiffres ou lettres/
14
15 MongoClient.connect("mongodb://localhost", function(err,client){
16 if(err) throw err;
17
18 var db = client.db('viewmc');
19
20 db.collection('account').find({user: { $regex: "^"+pseudo+"$", $options: '-i' }}).count(function(err, results){
21 if (err) throw err;
22
23 if (pseudo != undefined && password != undefined && verifPassword != undefined && pseudo != '' && password != '' && verifPassword != '' && mail != undefined && mail != '') {
24
25 }else{
26 errorInscription.champs = "Veuillez remplir tous les champs !";
27 }
28
29 if (results != 0){
30 if(errorInscription.champs == undefined){
31 errorInscription.pseudoCheck = "Le pseudo est déjà utilisé"; //requete => regarde si pseudo déjà use
32 }
33 }
34
35 if(pseudo != undefined){
36 if(pseudo.length >= 4 && pseudo.length <=30){ //check taille pseudo
37
38 }else{
39 if(errorInscription.champs == undefined){
40 errorInscription.pseudoLength = "Votre pseudo doit être compris entre 4 et 30 carcatères !";
41 }
42 }
43 }
44
45 if(regPseudo.test(pseudo)){ //check format pseudo
46
47 }else{
48 if(errorInscription.champs == undefined){
49 errorInscription.pseudoVerif = "Pseudo invalide !"
50 }
51 }
52
53 if(password != undefined){
54 if(password.length >= 5 && password.length <=255){ //check taille mdp
55
56 }else{
57 if(errorInscription.champs == undefined){
58 errorInscription.passwordLength = "Votre mot de passe doit contenir plus de 5 caractères !";
59 }
60 }
61 }
62
63 if(password == verifPassword && password != '' && verifPassword != '' && password !== 'undefined' && verifPassword !== 'undefined'){ //check saisie mdp si identique
64
65 }else{
66 if(errorInscription.champs == undefined){
67 errorInscription.passwordConfirm = "Les deux mots de passe entrées ne sont pas identiques.";
68 }
69 }
70
71 if(regEmail.test(mail)){ //test format email
72
73 }else{
74 if(errorInscription.champs == undefined){
75 errorInscription.mail = "Le format de l'email n'est pas valide !";
76 }
77 }
78
79 /**********************************RECAPTCHA******************************************/
80
81 if(recaptcha === undefined || recaptcha === '' || recaptcha === null){
82 if(errorInscription.champs == undefined){
83 errorInscription.captchaVide = "Captcha non remplis (si vous ne voyez pas le captcha, CTRL + F5)";
84 }
85 }
86 const secretKey = "6LdIuEEUAAAAAGYz77p9ExTlGDFV_lBK7gktAQYY";
87 const verificationURL = "https://www.google.com/recaptcha/api/siteverify?secret=" + secretKey + "&response=" + recaptcha;
88 request(verificationURL,function(error,response,body) {
89 body = JSON.parse(body);
90 if(body.success !== undefined && !body.success) {
91 errorInscription.errorCaptcha = "Avez-vous bien remplis le captcha :) ?"; //C'est probablement un bot
92 }
93 });
94
95 /**********************************RECAPTCHA******************************************/
96
97 var nbr_error = 0;
98 for(var msgError in errorInscription){ //compte le nombre d'error
99 nbr_error+=1;
100 }
101 if (nbr_error == 0){
102
103 var start = new Date(); //DATE
104 var inscriptionDate = 'Le ' + start.getDate() + '/' + start.getMonth() + parseInt(1) + '/' + start.getFullYear() + ' Ã ' + start.getHours() + 'h:' + start.getMinutes() + 'm:' + start.getSeconds() + 's';
105
106 bcrypt.hash(password, 10, function(err, hash) {
107 if (err) throw err;
108
109 MongoClient.connect("mongodb://localhost", function(err, client){ //connection à la bdd
110 if (err) throw err;
111
112 var data = {user: pseudo, password: hash, mail: mail, inscriptionDate: inscriptionDate};
113 var db = client.db('viewmc')
114
115 db.collection('account').insert(data, null, function(err,results){
116 if (err) throw err;
117
118 req.session.user = pseudo;
119 req.session.mail = mail;
120 res.json({successInscription: "Bravo, vous êtes maintenant inscrit !", user: req.session.user, mail: req.session.mail, etat: 1});
121 });
122 });
123 });
124 }else{
125
126 var inscription = {
127 pseudoCheck: errorInscription.pseudoCheck,
128 champs: errorInscription.champs,
129 mail: errorInscription.mail,
130 passwordConfirm: errorInscription.passwordConfirm,
131 passwordLength: errorInscription.passwordLength,
132 pseudoVerif: errorInscription.pseudoVerif, //reponse json client
133 pseudoLength: errorInscription.pseudoLength,
134 captchaVide: errorInscription.captchaVide,
135 errorCaptcha: errorInscription.errorCaptcha,
136 etat: 0
137 }
138
139 res.json(inscription);
140 }
141 });
142 });
143 });
144};