var bcrypt = require('bcrypt');
var mysql = require('mysql');
var config = require('./config.js');
var express = require('express');
var session = require('express-session');
var bodyParser = require('body-parser');
var path = require('path');

var connection = mysql.createConnection({
	host     : config.db.host,
	user     : config.db.username,
	password : config.db.password,
	database : config.db.dbname
});


var app = express();
app.use(session({
	secret: 'secret',
	resave: true,
	saveUninitialized: true,
}));


app.use(bodyParser.urlencoded({extended : true}));
app.use(bodyParser.json());

app.get('/', function(request, response) {
	response.sendFile(path.join(__dirname + '/index.html'));
});

app.post('/auth', function(request, response) {
	var username = request.body.username;
	var active = request.body.active;
	var password = request.body.password;
	if (username && password) {
		connection.query('SELECT * FROM accounts WHERE login = ? AND password = ? AND active != 0', [username, password], function(error, results, fields) {
			if (results.length > 0) {
				request.session.loggedin = true;
				request.session.username = username;
				response.redirect('/home');
			} else {
				response.redirect('/wrong');
			}  			
			response.end();
		});
	} else {
		response.send('Podaj nr dziennika oraz hasło');
		response.end();
	}
});

app.get('/index', function(request, response) {
	if (request.session.loggedin) {
		response.redirect('/home');
	} else {
		response.send('Zaloguj się, by widzieć tę stronę!');
	}
	response.end();
});
app.listen(3000);