Add ability to create user from admin panel

main
sudoer777 2021-11-24 22:29:29 -07:00
parent 4828ef2c7c
commit 173c075aa3
10 changed files with 134 additions and 6 deletions

View File

@ -3,6 +3,14 @@ const passport = require('passport');
const localStrategy = require('passport-local').Strategy; const localStrategy = require('passport-local').Strategy;
const bcrypt = require('bcrypt'); const bcrypt = require('bcrypt');
class User {
constructor(id, email, isAdmin) {
this.id = id;
this.email = email;
this.isAdmin = isAdmin;
}
}
passport.use(new localStrategy({ passport.use(new localStrategy({
usernameField: 'email', usernameField: 'email',
@ -54,5 +62,19 @@ async function createUser(email, password, isAdmin) {
await database.executeQuery(query, [email, hash, isAdmin]); await database.executeQuery(query, [email, hash, isAdmin]);
} }
async function retrieveAll() {
const query = `SELECT user_id, email, admin
FROM accounts.users
ORDER BY email;`
const table = await database.executeQuery(query);
const accountsList = [];
table.forEach((row) => {
accountsList.push(new User(row[0], row[1], row[2]));
});
return accountsList;
}
exports.createUser = createUser; exports.createUser = createUser;
exports.retrieveAll = retrieveAll;
exports.passport = passport; exports.passport = passport;

View File

@ -69,4 +69,10 @@ export async function getGame(gameID) {
const response = await fetch(`/data/game?game=${gameID}`); const response = await fetch(`/data/game?game=${gameID}`);
const game = await response.json(); const game = await response.json();
return game; return game;
}
export async function getAccounts() {
const response = await fetch(`/data/accounts`);
const accounts = await response.json();
return accounts;
} }

View File

@ -294,6 +294,49 @@ CATEGORIES.push(new Category(
} }
)); ));
CATEGORIES.push(new Category(
"accounts",
async function getAccounts() {
return await Data.getAccounts();
},
async function listAccountHeaders() {
const headerRow = document.createElement('tr');
const emailHeader = document.createElement('th');
emailHeader.textContent = "Email";
headerRow.appendChild(emailHeader);
const spacerHeader = document.createElement('th');
spacerHeader.classList.add('spacer-column');
headerRow.appendChild(spacerHeader);
const adminHeader = document.createElement('th');
adminHeader.textContent = "Admin?";
headerRow.appendChild(adminHeader);
itemsListTable.appendChild(headerRow);
},
function listAccount(account, row) {
const emailCell = document.createElement('td');
emailCell.textContent = account.email;
row.appendChild(emailCell);
const spacerCell = document.createElement('td');
row.appendChild(spacerCell);
const adminCell = document.createElement('td');
adminCell.textContent = account.isAdmin;
row.appendChild(adminCell);
},
async function addAccount() {
window.location.href = "/manage/account";
},
async function editAccount(id) {
window.location.href = `/manage/account?account=${id}`;
}
));
async function listItems(category) { async function listItems(category) {

View File

@ -35,4 +35,13 @@ form {
#delete-button { #delete-button {
visibility: hidden; visibility: hidden;
}
.form-section-checkbox {
flex-direction: row;
align-items: center;
}
#admin {
width: auto;
} }

View File

@ -5,8 +5,20 @@ const app = require('../app');
const accounts = require('./../database/accounts/accounts'); const accounts = require('./../database/accounts/accounts');
router.get('/createuser', (req, res, next) => { function adminLoggedIn(req, res, next) {
res.render('accounts/createuser', { title: 'Create user' }); if (req.user && req.user[2]) {
next();
}
else {
req.flash('error', 'An admin account is required to access this page.');
res.redirect('/auth/login');
}
}
router.get('/', adminLoggedIn, (req, res, next) => {
res.render
}); });
module.exports = router; module.exports = router;

View File

@ -4,6 +4,17 @@ const passport = require('passport');
const accounts = require('./../database/accounts/accounts'); const accounts = require('./../database/accounts/accounts');
const app = require('../app'); const app = require('../app');
function adminLoggedIn(req, res, next) {
if (req.user && req.user[2]) {
next();
}
else {
req.flash('error', 'An admin account is required to access this page.');
res.redirect('/auth/login');
}
}
router.get('/login', (req, res, next) => { router.get('/login', (req, res, next) => {
res.render('accounts/login', { title : "Login", message: req.flash('error') }); res.render('accounts/login', { title : "Login", message: req.flash('error') });
}); });
@ -23,9 +34,9 @@ router.post('/login',
console.log(req.user); console.log(req.user);
}); });
router.post('/register', (req, res, next) => { router.post('/register', adminLoggedIn, (req, res, next) => {
accounts.createUser(req.body.email, req.body.password) accounts.createUser(req.body.email, req.body.password, !!req.body.admin)
.then(res.redirect('/')); .then(res.redirect('/manage'));
}); });
module.exports = router; module.exports = router;

View File

@ -6,7 +6,17 @@ var genders = require('../database/scores/genders');
var divisions = require('../database/scores/divisions'); var divisions = require('../database/scores/divisions');
var teams = require('../database/scores/teams'); var teams = require('../database/scores/teams');
var games = require('../database/scores/games'); var games = require('../database/scores/games');
var accounts = require('../database/accounts/accounts');
function adminLoggedIn(req, res, next) {
if (req.user && req.user[2]) {
next();
}
else {
req.flash('error', 'An admin account is required to access this page.');
res.redirect('/auth/login');
}
}
router.get('/sports', function(req, res, next) { router.get('/sports', function(req, res, next) {
sports.retrieveAll() sports.retrieveAll()
@ -61,4 +71,9 @@ router.get('/game', function(req, res, next) {
.then(data => res.json(data)); .then(data => res.json(data));
}) })
router.get('/accounts', adminLoggedIn, function(req, res, next) {
accounts.retrieveAll()
.then(data => res.json(data));
})
module.exports = router; module.exports = router;

View File

@ -22,7 +22,8 @@ function adminLoggedIn(req, res, next) {
next(); next();
} }
else { else {
res.send('UNAUTHORIZED'); req.flash('error', 'An admin account is required to access this page.');
res.redirect('/auth/login');
} }
} }
@ -136,4 +137,8 @@ router.post('/team', adminLoggedIn, function(req, res, next) {
else teams.add(name, sport).then(res.redirect("/manage")); else teams.add(name, sport).then(res.redirect("/manage"));
}); });
router.get('/account', adminLoggedIn, (req, res, next) => {
res.render('accounts/createuser', { title: 'Create user' });
});
module.exports = router; module.exports = router;

View File

@ -16,5 +16,9 @@ block content
label Password label Password
span(class='form-section-input') span(class='form-section-input')
input(type="password", name="password") input(type="password", name="password")
span(class='form-section')
span(class='form-section-checkbox')
input#admin(type="checkbox", name="admin")
label(for="admin") Grant admin privileges
span(class='form-section') span(class='form-section')
button#submit-button(type="submit") Submit button#submit-button(type="submit") Submit

View File

@ -17,6 +17,7 @@ block content
option(value="divisions") Divisions option(value="divisions") Divisions
option(value="teams") Teams option(value="teams") Teams
option(value="games") Games option(value="games") Games
option(value="accounts") Accounts
div div
h2#table-header h2#table-header
table#items-list table#items-list