Authentication (#22)

* Authorization added

* added secret to password, md5 hashing, removed promise from verifyToken, deleted links when not authorized

* added dbinsert script

* turned verifyToken to middleware, added description for dbinsert, added hidden csrf field in auth form

* added middlewares, user model and controller

* JSDoc fix

* wrong password processing fix

* added comments to dbinsert script, moved salt and passHash to singe db doc

* Moved salt to .env, upgradedscript for generating password was, fixed comments and JSDoc

* Deleted using salt (now user is only one), changed verifying password to bcrypt.compare, added httpyOnly property to jwt cookie

src/routes/home.js

@@ -1,9 +1,10 @@
 const express = require('express');
+const verifyToken = require('./middlewares/token');
 const router = express.Router();
 
 /* GET home page. */
-router.get('/', function (req, res, next) {
-  res.render('pages/index');
+router.get('/', verifyToken, async (req, res) => {
+  res.render('pages/index', { isAuthorized: res.locals.isAuthorized });
 });
 
 module.exports = router;