dok/routes/login.js

const express = require("express");
const router = express.Router();
const db = require("../database/database");
const bcrypt = require("bcrypt");
const crypto = require("crypto");

/* ================================
   Login verarbeiten
================================ */

router.post("/", async (req, res) => {
  const { username, password } = req.body;

  try {
    /* Server laden (für index.ejs) */
    const [servers] = await db.query("SELECT * FROM servers");

    /* User laden */
    const [rows] = await db.query(
      "SELECT * FROM accounts WHERE username = ? AND verified = 1",
      [username],
    );

    if (rows.length === 0) {
      return res.render("index", {
        error: "Login fehlgeschlagen",
        servers,
      });
    }

    const user = rows[0];

    /* Passwort prüfen */
    const passwordMatch = await bcrypt.compare(password, user.password);

    if (!passwordMatch) {
      return res.render("index", {
        error: "Login fehlgeschlagen",
        servers,
      });
    }

    /* ================================
       Session Token erstellen
    ================================= */

    const sessionToken = crypto.randomBytes(64).toString("hex");

    /* Token in DB speichern (überschreibt alten Login) */

    await db.query("UPDATE accounts SET session_token = ? WHERE id = ?", [
      sessionToken,
      user.id,
    ]);

    /* ================================
       Session speichern
    ================================= */

    req.session.user = {
      id: user.id,
      username: user.username,
      token: sessionToken,
    };

    /* ================================
       Weiterleitung
    ================================= */

    if (!user.ingame_name) {
      return res.redirect("/create-character");
    }

    return res.redirect("/launcher");
  } catch (error) {
    console.error("Login Fehler:", error);
    res.status(500).send("Serverfehler beim Login");
  }
});

module.exports = router;