API tools faq
paste
Guest User

Untitled

a guest
Feb 10th, 2018
298
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.12 KB | None | 0 0
raw download clone embed print report
  1. const express = require('express');
  2. const asyncify = require('express-asyncify');
  3. const session = require('express-session');
  4. const createFileStore = require('session-file-store');
  5. const bodyParser = require('body-parser');
  6. const csurf = require('csurf')
  7. const templates = require('./templates');
  8.  
  9. const PORT = 5000;
  10. const SESSION_COOKIE_SECRET = 'minimum viable web auth secret';
  11. const SESSOIN_COOKIE_MAX_AGE_IN_MS = 60 * 60 * 1000;
  12. const SESSION_COOKIE_IS_SECURE = false;
  13.  
  14. const app = asyncify(express());
  15. const FileStore = createFileStore(session);
  16.  
  17. app.disable('x-powered-by');
  18. app.use(session({
  19. store: new FileStore(),
  20. name: 'sid',
  21. resave: false,
  22. saveUninitialized: false,
  23. secret: SESSION_COOKIE_SECRET,
  24. cookie: {
  25. maxAge: SESSOIN_COOKIE_MAX_AGE_IN_MS,
  26. secure: SESSION_COOKIE_IS_SECURE,
  27. sameSite: 'lax',
  28. },
  29. }));
  30. app.use(bodyParser.urlencoded({ extended: false }));
  31. app.use(csurf({ cookie: false }));
  32.  
  33. app.get('/', (req, res) => {
  34. res.setHeader('Content-type', 'text/html');
  35. res.end(templates.layout(`
  36. ${req.session.user ?
  37. templates.loggedInGreeting(req.session.user) :
  38. templates.loggedOut()}
  39. `));
  40. });
  41.  
  42. app.get('/login', (req, res) => {
  43. res.setHeader('Content-type', 'text/html');
  44. res.end(templates.layout(`
  45. ${templates.error(req.session)}
  46. ${templates.loginForm(req.csrfToken())}
  47. `));
  48. });
  49.  
  50. app.get('/signup', (req, res) => {
  51. res.setHeader('Content-type', 'text/html');
  52. res.end(templates.layout(`
  53. ${templates.error(req.session)}
  54. ${templates.signupForm(req.csrfToken())}
  55. `));
  56. });
  57.  
  58. app.post('/login', (req, res) => {
  59. if (req.body.email == 'a@a.com' && req.body.password == 'password') {
  60. req.session.user = {
  61. id: 'a0234aDdfj-2f4sdfa3oEerq-2U4',
  62. fullName: 'A Ayevich',
  63. email: 'a@a.com',
  64. };
  65. return res.redirect('/');
  66. }
  67. req.session.error = {
  68. message: 'Invalid email or password',
  69. };
  70. res.redirect('/login');
  71. });
  72.  
  73. app.post('/signup', (req, res) => {
  74. req.session.user = {
  75. id: 'a0234aDdfj-2f4sdfa3oEerq-2U4',
  76. fullName: 'Boy Good',
  77. email: req.body.email,
  78. };
  79. return res.redirect('/');
  80. });
  81.  
  82. app.listen(PORT, () => console.log(`on :${PORT}`));
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!