var mysql = require('mysql');
var express = require('express');
var session = require('express-session');
var bodyParser = require('body-parser');
var path = require('path');

var connection = mysql.createConnection({
	host     : 'mysql49.mydevil.net',
	user     : 'm1344_dziennik',
	password : 'K8T2nB>_vgX6qvw8(zBuw4B318cmw8',
	database : 'm1344_dziennik'
});

var app = express();
app.use(session({
	secret: 'secret',
	resave: true,
	saveUninitialized: true
}));
app.use(bodyParser.urlencoded({extended : true}));
app.use(bodyParser.json());

app.get('/', function(request, response) {
	response.sendFile(path.join(__dirname + '/public/home.html'));
});

app.post('/auth', function(request, response) {
	var username = request.body.username;
	var active = request.body.active;
	var password = request.body.password;
	if (username && password) {
		connection.query('SELECT * FROM accounts WHERE username = ? AND password = ? AND active != 0', [username, password], function(error, results, fields) {
			if (results.length > 0) {
				request.session.loggedin = true;
				request.session.username = username;
				response.redirect('/home');
			} else {
				response.redirect('/wrong');
			}  			
			response.end();
		});
	} else {
		response.send('Podaj nr dziennika oraz hasło');
		response.end();
	}
});

app.get('/home.html', function(request, response) {
	if (request.session.loggedin) {
		response.send('Witaj, ' + request.session.username + '!');
	} else {
		response.send('Zaloguj się, by widzieć tę stronę!');
	}
	response.end();
});
app.listen(3000);