Merge branch 'principal' of https://github.com/timitoc/LearningPointers into principal

Author: timitoc

.gitignore

@@ -5,3 +5,4 @@ programs/
 .env
 *.swp
 static/avatars/*
+npm-debug.log

DatabaseApi/src/db_sql_api.js

@@ -123,7 +123,7 @@ class DbApi {
 	getAllMyCourses(userId) {
 		return new Promise((resolve, reject) => {
 			this.connection.query(
-				`SELECT user_id, course_id, courses.name as course_name, avg_rating
+				`SELECT user_id, course_id, courses.url as course_url, courses.name as course_name, avg_rating
 				FROM users JOIN user_courses ON users.id = user_id JOIN courses ON course_id=courses.id
 				WHERE users.id=?
 				ORDER BY avg_rating DESC;`,

npm-debug.log

@@ -27,6 +27,7 @@ module.exports = (app) => {
 	app.get('/', (req, res) => {
 		if(req.session.user) {
 			dbApi.getAllMyCourses(req.session.user.id).then(data => {
+				console.log(data);
 				res.render("dashboard", {
 					user: req.session.user,
 					subscribed_courses: data
@@ -187,8 +188,26 @@ module.exports = (app) => {
 	});
 
 
-	app.get('/profile', checkAuth, (req, res) => {
-		res.render("profile");
+	app.get('/profile', checkAuth, _csrf, (req, res) => {
+		res.render("profile", {
+			user: req.session.user,
+			csrfToken: req.csrfToken()
+		});
+	});
+
+	app.post('/profile', checkAuth, _csrf, (req, res) => {
+		if(!req.body.current_password) {
+			req.flash('error', 'Password required!');
+			return res.redirect('/profile');
+		}
+		dbApi.loginUser(req.user.email, req.body.current_password)
+			.then(data => {
+				res.redirect('/');
+			})
+			.catch(err => {
+				req.flash('error', 'Incorrect password!');
+				return res.redirect('/profile');
+			});
 	});
 
 	app.get('/contribute', checkAuth, _csrf, (req, res) => {

routes.js

@@ -3,6 +3,25 @@
 <head>
 	<meta charset="UTF-8">
 	<title></title>
+	<style>
+	#success {
+		text-align: center;
+		color: white;
+		background: #2ECC40;
+		padding: 10px;
+		font-family: 'Open Sans', sans-serif;
+	}
+
+	#errors {
+		text-align: center;
+		color: white;
+		background: #FF4136;
+		padding: 10px;
+		font-family: 'Open Sans', sans-serif;
+	}
+	</style>
+
+
 	<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.6/css/bootstrap.min.css" integrity="sha384-rwoIResjU2yc3z8GV/NPeZWAv56rSmLldC3R/AZzGRnGxQQKnKkoFVhFQhNUwEyJ" crossorigin="anonymous">
 	<script src="https://code.jquery.com/jquery-3.1.1.slim.min.js" integrity="sha384-A7FZj7v+d/sdmMqp/nOQwliLvUsJfDHW+k9Omg/a/EheAdgtzNs3hpfag6Ed950n" crossorigin="anonymous"></script>
 	<script src="https://cdnjs.cloudflare.com/ajax/libs/tether/1.4.0/js/tether.min.js" integrity="sha384-DztdAPBWPRXSA/3eYEEUWrWCy7G5KFbe8fFjk5JAIxUYHKkDx6Qin1DkWx51bBrb" crossorigin="anonymous"></script>
@@ -43,12 +62,41 @@
 </nav>
 
 	<div class="container">
+		<form action="/profile" method="post">
+		<input type="hidden" name="_csrf" value="<%=csrfToken%>">
 		<div class="card">
 			<div class="card-block">
-				<h3 class="card-title">Name</h3>
+				<p class="card-text row">
+					<div class="col-lg-3">
+						<h4>Name:</h4>
+					</div>
+					<div class="col-lg-5">
+						<input type="text" name="name" value="<%=user.name%>" class="form-control"/>
+					</div>
+				</p>
 			</div>
 		</div>
-	</div>
+		<br>
+		<div class="card">
+			<div class="card-block">
+				<p class="card-text row">
+					<div class="col-lg-3">
+						<h4>Password:</h4>
+					</div>
+					<div class="col-lg-5">
+						<input type="password" name="current_password" placeholder="Old password (required)"
+						class="form-control" required/>
+					</div>
+					<br>
+					<div class="col-lg-5">
+						<input type="password" name="password_new" placeholder="New password" class="form-control"/>
+					</div>
+				</p>
+			</div>
+		</div>
+		<br>
+		<button class="btn btn-primary" type="submit">Save settings</button>
+		</form>
 	</div>
 </body>
 </html>