Login route handlers

src/main.cpp

@@ -232,14 +232,9 @@ int main(int argc, char *argv[]) {
                 res.end();
             });
 
-
     /*
-     * Page for freelancer to log in
+     * Logs out a freelancer by replacing validation key and expiring cookies
      */
-    CROW_ROUTE(app, "/freelancer/login")
-            ([&,databaseURI](const crow::request& getRequest ) {
-
-                /*
                 auto& ctx = app.get_context<crow::CookieParser>(getRequest);
                 // Read cookies with get_cookie
                 auto value = ctx.get_cookie("cookieloggedin");
@@ -255,9 +250,20 @@ int main(int argc, char *argv[]) {
 
 
 
+    /*
+     * Page for freelancer to log in
+     */
+    CROW_ROUTE(app, "/freelancer/login")
+            ([&,configuration](const crow::request& getRequest ) {
+                auto& ctx = app.get_context<crow::CookieParser>(getRequest);
+                string loginKey = ctx.get_cookie("loginKey");
+                string freelancerEmail = ctx.get_cookie("freelancerEmail");
                 string templateHTML = "freelancer_Login.html";
+                if (!freelancerEmail.empty() && !loginKey.empty()) {
+                    if (Utilities::checkFreelancerLoginState(configuration, loginKey, freelancerEmail))
+                        templateHTML = "freelancer_Redirect_Profile.html";
+                }
                 auto page = crow::mustache::load(templateHTML);
-
                 return page.render();
             });
 
@@ -265,12 +271,13 @@ int main(int argc, char *argv[]) {
      * Page for freelancer to log in fulfillment
      */
     CROW_ROUTE(app, "/freelancer/login/fulfilment").methods("POST"_method)
-            ([databaseURI, configuration](const crow::request& postRequest ) {
+            ([&, configuration](const crow::request& postRequest ) {
                 crow::mustache::context ctx;
                 string postRequestBody = postRequest.body;
                 Utilities::decodeString(postRequestBody);
                 vector<string> splitPostRequestBody = Utilities::splitStringIntoVector(postRequestBody, '&');
                 string email, password;
+                bool stayLoggedIn;
 
                 for (const string& item : splitPostRequestBody) {
                     vector<string> splitItem = Utilities::splitStringIntoVector(item, '=');
@@ -278,12 +285,14 @@ int main(int argc, char *argv[]) {
                         email = splitItem.at(1);
                     if (splitItem.at(0) == "freelancerpassword")
                         password = splitItem.at(1);
+                    if (splitItem.at(0) == "stayloggedin")
+                        stayLoggedIn = !splitItem.at(1).empty(); //if checkbox not set result is empty ie stay logged in is false, if it is set result is "on" ie not empty ie stay logged in is true
                 }
 
                 //check if login data is complete
                 if (!email.empty() && !password.empty()){
                     //check if freelancer exists
-                    pqxx::connection databaseConnection(databaseURI);
+                    pqxx::connection databaseConnection(configuration.databaseConnectionString);
                     pqxx::result checkFreelancerExists = Database::executePreparedStatement_SELECT_CHECK_EMAIL_EXISTS(databaseConnection, email);
                     int checkFreelancerExistsExtracted = stoi(checkFreelancerExists.at(0).at(0).c_str());
                     if (checkFreelancerExistsExtracted == 1) {
@@ -293,7 +302,14 @@ int main(int argc, char *argv[]) {
                         pqxx::result checkFreelancerHash = Database::executePreparedStatement_SELECT_CHECK_HASH_VALID(databaseConnection, email, hash);
                         int checkFreelancerHashExtracted = stoi(checkFreelancerHash.at(0).at(0).c_str());
                         if (checkFreelancerHashExtracted == 1) {
-                            //todo::create secure cookie
+                            //create secureCookie
+                            auto& cookieCtx = app.get_context<crow::CookieParser>(postRequest);
+                            std::string loginKeyValue = Utilities::generateLoginKeyValue();
+                            Database::executePreparedStatement_UPDATE_LOGIN_VALIDATION_KEY(databaseConnection, loginKeyValue, email);
+                            std::string loginKeyCookieValue = Utilities::generateSecureCookieLoginKeyValue(loginKeyValue, stayLoggedIn);
+                            std::string freelancerEmailCookieValue = Utilities::generateSecureCookieFreelancerEmailValue(email, stayLoggedIn);
+                            cookieCtx.set_cookie("loginKey", loginKeyCookieValue);
+                            cookieCtx.set_cookie("freelancerEmail",freelancerEmailCookieValue);
                             ctx["LOGIN_SUCCESS"] = true;
                         }
                         else {