router.get("/login",function(req,rep,next){
isLogin(req,function(err,result){
if(err){
next(err)
return
}
if(result==0){ //cookie修改之后resule为空也需要重新登录
rep.render("login.html")
return
}
rep.redirect("/profile?"+req.cookies.account.name)
})
})
router.post("/login",function(req,rep,next){
account=req.body.name
password=md5(req.body.password)
authenticateAccount(account,password,function(err,result){
if(err){
next(err)
return 0;
}
if(result!=false){
rep.cookie("account",{name:result[0].name,password:result[0].password},{maxAge:86400000*7})
rep.redirect("/profile?"+result[0].name)
}
else{
rep.send("account or password error!")
}
})
})
## 验证函数,回调函数在响应用户请求的时候写好的
function authenticateAccount(account,password,callback){
poolConnection.getConnection(function(err,connection){
if(err){
callback({errCode:"2",
errMessage:"mysql connection error"
})
return 0;
}
//verification
sql='SELECT * FROM `user` WHERE `name`=? and `password`=?'
connection.query(sql,[account,password],function(err,result,fields){
if(err){
callback(
{
errCode:"3",
errMessage:"sql language with error"})
return 0;
}
connection.release();
callback(null,result)
})
})
}
router.get("/profile",function(req,rep,next){
isLogin(req,function(err,result){
if(err){
next(err)
return
}
if(result==0){ //cookie修改之后resule为空也需要重新登录
rep.redirect("/login")
return
}
rep.render("profile.html",{user:req.cookies.account.name})
})
})
router.get("/logout",function(req,rep,next){
rep.clearCookie("account")
rep.redirect("/")
})