Week17

homeworks/week17/hw1/.gitignore

@@ -0,0 +1 @@
+node_modules/

homeworks/week17/hw1/controllers/Articles.js

@@ -0,0 +1,98 @@
+const db = require('../models')
+const User = db.User
+const Articles = db.Articles
+
+const articlesController = {
+  homePage: async(req, res) => {
+    const articles = await Articles.findAll({
+      order: [['id', 'DESC']],
+      include: User  
+    })
+    res.render('index', {
+      articles
+    })
+  },
+  add: (req, res) => {
+		const {userId} = req.session //這從登入帳號存在session的帳號 ，用解構語法拿出來的
+		const {content} = req.body //從輸入框拿的
+		const {title} = req.body
+		if (!userId || !content) {
+			return res.redirect('/')
+		}
+
+		Articles.create({
+			title,
+			content,
+			UserId: userId
+		}).then(() => {
+			res.redirect('/')
+		})
+  },
+
+	articlePage: async(req, res) => {
+    // id 本來就是 URL 的一部分，所以不用特地檢查
+    const { id } = req.params
+
+		Articles.findOne({
+      where: {
+        id: req.params.id,
+      },
+			include: User
+    }).then(article => {
+      res.render('page/article_page', {
+        article      
+      })
+    })
+  },
+
+
+	//這邊傳username是為了確認這個id是不是真的有這篇文章，不然id可以隨意竄改
+	delete: (req, res) => {
+    Articles.findOne({
+      where: {
+        id: req.params.id,
+        UserId: req.session.userId
+      }
+    }).then(articles => {
+      return articles.destroy()
+    }).then(() => {
+      res.redirect('/')
+    }).catch(() => {
+      res.redirect('/')
+		})
+  },
+
+
+	update: (req, res) => {
+		Articles.findOne({
+      where: {
+        id: req.params.id,
+      }
+    }).then(article => {
+      res.render('update', {
+        article      
+      })
+    })
+	},
+
+	//req.body.content 這邊是從view的form的 name來的
+	handleUpdate: (req, res) => {
+		Articles.findOne({
+      where: {
+        id: req.params.id,
+        UserId: req.session.userId
+      }
+    }).then(article => {
+      return article.update({
+				title: req.body.title,
+				content: req.body.content
+			})
+    }).then(() => {
+      res.redirect('/')
+    }).catch(() => {
+      res.redirect('/')
+		})
+	}
+}
+
+module.exports = articlesController

homeworks/week17/hw1/controllers/user.js

@@ -0,0 +1,97 @@
+const bcrypt = require('bcrypt');
+const saltRounds = 10;
+const db = require('../models')
+const User = db.User
+
+const userController = {
+
+	login: (req, res) => {
+		res.render('user/login')
+	},
+
+	handleLogin: (req, res, next) => {
+		const { username, password } = req.body
+		if (!username || !password) {
+			req.flash('errorMessage', '請輸入帳號或密碼')
+			return next()
+		}
+
+		User.findOne({
+			where: {
+				username
+			}
+		}).then(user => {
+			if (!user) {
+				req.flash('errorMessage', '使用者不存在')
+				return next()
+			}
+			//使用者輸入的Password , 資料庫來的Password 看密碼有沒有正確
+			bcrypt.compare(password, user.password, function (err, isSuccess) {
+				// res == true 
+				if (err || !isSuccess) {
+					req.flash('errorMessage', '密碼錯誤')
+					return next()
+				}
+				req.session.username = user.username
+				req.session.userId = user.id
+
+				res.redirect('/')
+			});
+
+		}).catch(err => {
+			req.flash('errorMessage', err.toString())
+			return next()
+		})
+
+	},
+
+	register: (req, res) => {
+		res.render('user/register')
+	},
+
+	handleRegister: (req, res, next) => {
+		const { username, password, nickname } = req.body
+		if (!username || !password || !nickname) {
+			return req.flash('errorMessage', '缺少必要欄位')
+		}
+
+		User.findOne({
+			where: {
+				username
+			}
+		}).then(user => {
+			if (user) {
+				req.flash('errorMessage', '此帳號已被註冊')
+				return next()
+			}
+		})
+
+		bcrypt.hash(password, saltRounds, function (err, hash) {
+			if (err) {
+				req.flash('errorMessage', err.toString())
+				return next()
+			}
+
+			User.create({
+				username,
+				nickname,
+				password: hash
+			}).then(user => {
+				req.session.username = username //新增username 之後直接是登入狀態所以把username存進session
+				req.session.userId = user.id
+
+				res.redirect('/')
+			}).catch(err => {
+				req.flash('errorMessage', err.toString())
+				return next()
+			})
+		});
+	},
+
+	logout: (req, res) => {
+		req.session.username = null
+		res.redirect('/')
+	}
+}
+
+module.exports = userController

homeworks/week17/hw1/index.js

@@ -0,0 +1,61 @@
+const express = require("express")
+const bodyParser = require('body-parser')
+const session = require('express-session')
+const flash = require('connect-flash');
+
+const app = express()
+const port = process.env.PORT || 5001
+
+
+const userController = require('./controllers/user')
+const articlesController = require('./controllers/Articles')
+
+app.set('view engine','ejs')
+
+// app.use('/static', express.static(__dirname + '/public'));
+app.use(express.static(`${__dirname}/public`))
+
+
+app.use(session({
+	secret: 'keyboard cat',
+	resave: false,
+	saveUninitialized: true
+}))
+
+
+app.use(bodyParser.urlencoded({extended: false}))
+app.use(bodyParser.json())
+app.use(flash())
+
+
+app.use((req, res, next) => {
+	res.locals.username = req.session.username
+	res.locals.errorMessage = req.flash('errorMessage')
+	next()
+})
+
+app.get('/', articlesController.homePage) 
+
+function redirectBack(req, res) {
+	res.redirect('back')	
+}
+
+app.get('/login', userController.login)
+app.post('/login', userController.handleLogin, redirectBack)
+app.get('/logout', userController.logout)
+
+app.get('/register', userController.register)
+app.post('/register', userController.handleRegister, redirectBack)
+
+app.post('/articles',articlesController.add)
+
+app.get('/article-page/:id', articlesController.articlePage)
+
+app.get('/delete_articles/:id', articlesController.delete)
+app.get('/update_articles/:id', articlesController.update)
+app.post('/update_articles/:id', articlesController.handleUpdate)
+
+
+app.listen(port, () => {
+	console.log(`Example app listening on port ${port}!`)
+})

homeworks/week17/hw1/migrations/20220401142423-create-user.js

@@ -0,0 +1,33 @@
+'use strict';
+module.exports = {
+  async up(queryInterface, Sequelize) {
+    await queryInterface.createTable('Users', {
+      id: {
+        allowNull: false,
+        autoIncrement: true,
+        primaryKey: true,
+        type: Sequelize.INTEGER
+      },
+      username: {
+        type: Sequelize.STRING
+      },
+      password: {
+        type: Sequelize.STRING
+      },
+      nickname: {
+        type: Sequelize.STRING
+      },
+      createdAt: {
+        allowNull: false,
+        type: Sequelize.DATE
+      },
+      updatedAt: {
+        allowNull: false,
+        type: Sequelize.DATE
+      }
+    });
+  },
+  async down(queryInterface, Sequelize) {
+    await queryInterface.dropTable('Users');
+  }
+};

homeworks/week17/hw1/migrations/20220401154601-create-articles.js

@@ -0,0 +1,33 @@
+'use strict';
+module.exports = {
+  async up(queryInterface, Sequelize) {
+    await queryInterface.createTable('Articles', {
+      id: {
+        allowNull: false,
+        autoIncrement: true,
+        primaryKey: true,
+        type: Sequelize.INTEGER
+      },
+      title: {
+        type: Sequelize.STRING
+      },
+      content: {
+        type: Sequelize.TEXT
+      },
+      createdAt: {
+        allowNull: false,
+        type: Sequelize.DATE
+      },
+      updatedAt: {
+        allowNull: false,
+        type: Sequelize.DATE
+      },
+      UserId: {
+        type: Sequelize.INTEGER
+      }
+    });
+  },
+  async down(queryInterface, Sequelize) {
+    await queryInterface.dropTable('Articles');
+  }
+};

homeworks/week17/hw1/models/articles.js

@@ -0,0 +1,26 @@
+'use strict';
+const {
+  Model
+} = require('sequelize');
+module.exports = (sequelize, DataTypes) => {
+  class Articles extends Model {
+    /**
+     * Helper method for defining associations.
+     * This method is not a part of Sequelize lifecycle.
+     * The `models/index` file will call this method automatically.
+     */
+    static associate(models) {
+      // define association here
+      Articles.belongsTo(models.User)
+    }
+  }
+  Articles.init({
+    title: DataTypes.STRING,
+    content: DataTypes.TEXT,
+	UserId: DataTypes.INTEGER
+  }, {
+    sequelize,
+    modelName: 'Articles',
+  });
+  return Articles;
+};