//A recovery hash means this is an external login. Try seeing if it matches.
db.query('select * from users where recovery_hash=$1 limit 1',[req.body.recoveryhash])
.then((data)=>{
if(data.rows.length>0){
db.query('update users set password_hash=$2 where id=$1',[data.rows[0].id,req.body.password])
res.status(200).json({verified:true})
}else{
res.status(200).json({verified:true})
//This doesn't exist. At this time we will register them since this is external.
db.query('insert into users(username,email,password_hash,created_on,roles_id,avatar,recovery_hash) values($1,$2,$3,$4,(select id from roles where name=\'Guest\'),$5,$6)',[req.body.username,req.body.email,req.body.password,newDate(),req.body.avatar,req.body.userID])
db.query('select * from users where username=$1 and password_hash=$2 limit 1',[req.body.username,sh.SecretHash(req.body.password)])
.then((data)=>{
if(data.rows.length>0){
res.status(200).json({verified:true})
}else{
res.status(200).json({verified:false})
}
})
.catch((err)=>{
res.status(500).send(err.message)
})
if(req.body.recoveryhash&&req.body.password){
//A recovery hash means this is an external login. Try seeing if it matches something.
db.query('select * from users where recovery_hash=$1 and password_hash=$2 limit 1',[req.body.recoveryhash,req.body.password])
.then((data)=>{
if(data.rows.length>0){
res.status(200).json({verified:true})
}else{
//This doesn't exist. At this time we will register them since this is external.
db.query('insert into users(username,email,password_hash,created_on,roles_id,avatar,recovery_hash) values($1,$2,$3,$4,(select id from roles where name=\'Guest\'),$5,$6)',[req.body.username,req.body.email,req.body.password,newDate(),req.body.avatar,req.body.userID])
}
})
}else{
db.query('select * from users where username=$1 and password_hash=$2 limit 1',[req.body.username,sh.SecretHash(req.body.password)])
