var express = require('express');var bodyParser = require('body-parser');var s

1. var express = require('express');
2. var bodyParser = require('body-parser');
3. var session = require('express-session');
4. var morgan = require('morgan');
5. var User = require('./model/user');
6. var cookieParser = require('cookie-parser');
7.  
8. // Create instance of express app
9. var app = express();
10.  
11. // set the port for the app
12. app.set('port',3000);
13.  
14. // set the view engine and where views are located
15. app.set('view engine', 'ejs');
16. app.set('views', 'views');
17.  
18. // set morgan to log info about app
19. app.use(morgan('dev'));
20.  
21. app.use(cookieParser());
22.  
23. // initializing body-parser to parse incoming parameters from requests to req.body
24. app.use(bodyParser.urlencoded({extended:true}));
25.  
26. // initializing express-session to track logged in user across sessions
27. app.use(session({
28. key: 'user_sid',
29. secret: 'some-private-key',
30. resave: false,
31. saveUninitialized: false,
32. cookie:{
33. expires: 600000
34. }
35. }));
36.  
37. // This middleware will check if user's cookie is still saved in browser and user is not set, then automatically log the user out.
38. // This usually happens when you stop your express server after login, your cookie still remains saved in the browser.
39. app.use((req, res, next) => {
40. if (req.cookies.user_sid && !req.session.user) {
41. res.clearCookie('user_sid');
42. }
43. next();
44. });
45.  
46. var sessionChecker = (req, res, next) => {
47. if (req.session.user === undefined ){ //&& !req.cookies.user_sid
48. req.session.redirect_to = req.path;
49. res.redirect('/login');
50. }else{
51. next();
52. }
53. };
54.  
55. // Route for when signup page is requested via get
56. app.get('/signup', function(req, res){
57. res.render('signup');
58. });
59.  
60. app.post('/signup', function(req, res) {
61. var userInfo = {
62. username : req.body.username,
63. password : req.body.password,
64. email : req.body.email,
65. roles : req.body.roles
66. };
67.  
68. var createdUser = User.create(userInfo);
69.  
70. if (createdUser){
71. req.session.user = userInfo;
72.  
73. res.redirect('/loggedin');
74. }else{
75. res.redirect('/signup');
76. }
77.  
78. });
79.  
80. app.get('/login', function(req, res){
81. res.render('login');
82. });
83.  
84. app.post('/login', function(req, res){
85. var userInfo = {
86. username : req.body.username,
87. password : req.body.password
88. }
89.  
90. var validate = User.validatePassword(userInfo);
91.  
92. if (validate){
93. req.session.user = userInfo;
94.  
95. //res.redirect('/loggedin');
96. res.redirect('/loggedin');
97. }
98. });
99.  
100. // route for user logout
101. app.get('/logout', (req, res) => {
102. if (req.session.user && req.cookies.user_sid) {
103. res.clearCookie('user_sid');
104. res.render('login');;
105. } else {
106. res.render('login');;
107. }
108. });
109.  
110. app.get('/loggedin', sessionChecker, function(req, res){
111. res.render('loggedin',{
112. user: req.session.user
113. });
114. });
115.  
116. app.get('/newpage', sessionChecker, (req, res) => {
117. res.render('newpage',{
118. user: req.session.user
119. });
120. });
121.  
122. app.get('/userprofile', sessionChecker, (req, res) => {
123. res.render('userprofile',{
124. user: req.session.user
125. });
126. });
127.  
128. // Starting app server on port
129. // start the express server
130. app.listen(app.get('port'), () => console.log(`App started on port ${app.get('port')}`));