//JUST ANSWER COMMENTS THANKS

//hashing.js

const express = require('express');

const path = require('path');

const bcrypt = require('bcryptjs');

PORT=8080;

app = express();

app.use(express.static(path.join(__dirname, 'static')));

app.use(express.urlencoded({extended: false}));

app.set('view engine', 'ejs');

app.get('/hashword', (req,res) => {

res.render('passwordForm');

});

app.post('/hashword', async (req,res) => {

const hash = await bcrypt.hash(req.body.password, 10);

// on login

const matched = await bcrypt.compare(req.body.password, hash);

res.render('passwordResult', {

password: req.body.password,

hash: hash,

compare: matched

});

});

app.listen(PORT, () => console.log(`Server listening on port ${PORT}`));

// user.js

const bcrypt = require('bcryptjs');

// making a class to hold all our user logic

// in web development, this is called a "model"

class User {

// constructor gets called when a new object is made, just like C++, java, etc.

// taking in an assoc array of parameters ("properties") is nice here because

// it means we can pass in a row that we get from a database query

constructor(props) {

// store the props in the new object

// (explicit "this" is a good practice)

this.id = props.id;

this.username = props.username;

this.password_hash = props.password_hash;

this.admin = props.admin;

}

// static method to get a user from the database and return a new User object

// with that user's data

// (using a static method to control how object(s) are created is a common "Factory" pattern)

static async findByUsername(username, db) {

// look up the user in the database

const row = await db.get('SELECT * FROM User WHERE username = ?', [username]);

// if they exist, create and return a new User object with that data

if (row)

{

return new User(row);

}

// otherwise, return null

return null;

}

// static method to validate the user-supplied data, save the new

// user to the database, and return a User object representing that user

static async signup(username, password, db) {

// get all the errors before responding, not one at a time

const errors = [];

// rule 1: Username cannot be blank

// rule 2: Username cannot already be used (hint: use findByUsername to check this)

// rule 3: Password must be at least four characters

// if any rules failed, do not save the user to the db

// done here, must return [success, user, errors]. at this point:

// success is false

// user is null (we didn't create one)

// errors is the array of errors we found

// if you got here, the data is good

// hash the password and save the user to database

// create a new User object to return

// - id, username, password_hash, and admin should match what just got saved to the db

// - INSERT queries return an object that includes lastID, the id that was generated for the new row

// return [success, user, errors] (replace the placeholder below w/ real values)

return [false, null, errors];

}

// static method to see if the username/password combination is valid

// and return a User object representing that user if it is

static async login(username, password, db) {

// quick check if username is blank or password < 4

// if so, don't bother the database, just return null

// get user from database (hint: findByUsername)

// if no user, return null

// got user, check password and return the user or null

return null;

}

}

// this allows us to do the "require" statement from another file (module)

module.exports = User;

// testing.js

const express = require('express');

const path = require('path');

const sqlite3 = require('sqlite3');

const { open } = require('sqlite');

// require our User class just like the above (./ means "in this directory")

User = require('./models/user');

PORT=8081;

// connect to db

let db;

(async () => {

db = await open({

filename: 'awesome.sqlite',

driver: sqlite3.Database

});

})();

app = express();

app.get('/', async (req,res) => {

// set content-type header to let the browser know that HTML is coming

// (res.send does this automatically)

res.setHeader('Content-Type', 'text/html');

// res.write can be called repeatedly to keep sending more data to the client

// until you call res.end to close the stream

res.write('

Testing User Login

');

res.write('

Test: user object creation (maria)

');

// create a (local) user object

// just like creating an object in any c-style language

// except that we like to pass in an associative array of named

// parameters instead of having parameters based on position

let user = new User({

id: 15,

username: 'maria',

admin: 0

});

// dump to stream as JSON

res.write(`

${JSON.stringify(user)}

`);

res.write('

Test: user retreive from database (testguy)

');

// this should succeed (notice static method here, we don't start with a User object)

user = await User.findByUsername('testguy', db);

// dump to stream as JSON

res.write(`

${JSON.stringify(user)}

`);

res.write('

Test: user retreive from database (notarealusername)

');

// this should fail

user = await User.findByUsername('notarealusername', db);

// dump to stream as JSON

res.write(`

${JSON.stringify(user)}

`);

res.write('

Test: signup new user (username: "", password: "a")

');

// this should fail (again static method)

let [success, newuser, errors] = await User.signup('', 'a', db);

// dump to stream as JSON

res.write(`

success: ${JSON.stringify(success)}

`);

res.write(`

newuser: ${JSON.stringify(newuser)}

`);

res.write(`

errors: ${JSON.stringify(errors)}

`);

res.write('

Test: signup new user (username: "newgirl", password: "lousypassword")

');

// this should succeed the first time it's run (after that the user already exists)

[success, newuser, errors] = await User.signup('newgirl', 'lousypassword', db);

// dump to stream as JSON

res.write(`

success: ${JSON.stringify(success)}

`);

res.write(`

newuser: ${JSON.stringify(newuser)}

`);

res.write(`

errors: ${JSON.stringify(errors)}

`);

res.write('

Test: signup new user (duplicate of "newgirl")

');

// this should fail even the first time, because the user already exists

[success, newuser, errors] = await User.signup('newgirl', 'lousypassword', db);

// dump to stream as JSON

res.write(`

success: ${JSON.stringify(success)}

`);

res.write(`

newuser: ${JSON.stringify(newuser)}

`);

res.write(`

errors: ${JSON.stringify(errors)}

`);

res.write('

Test: bad login (username: "", password: "")

');

user = await User.login('', '', db);

// dump to stream as JSON

res.write(`

user: ${JSON.stringify(user)}

`);

res.write('

Test: bad login (username: notarealusername, password: "aaaaaa")

');

user = await User.login('notarealusername', 'aaaaaa', db);

// dump to stream as JSON

res.write(`

user: ${JSON.stringify(user)}

`);

res.write('

Test: bad login (username: "newgirl", password: "notthepassword")

');

user = await User.login('newgirl', 'notthepassword', db);

// dump to stream as JSON

res.write(`

user: ${JSON.stringify(user)}

`);

res.write('

Test: good login (newgirl)

');

user = await User.login('newgirl', 'lousypassword', db);

// dump to stream as JSON

res.write(`

user: ${JSON.stringify(user)}

`);

// close the stream

res.end('

Complete

');

})

app.listen(PORT, () => console.log(`Server listening on port ${PORT}`));