const express = require('express');const router = express.Router();const User

1. const express = require('express');
2. const router = express.Router();
3. const User = require('../models/user');
4. const mid = require('../middleware');
5.  
6. router.get('/profile', mid.requiresLogin, function(req, res, next){
7. User.findById(req.session.userId)
8. .exec(function( error, user){
9. if(error){
10. return next(error);
11. }else{
12. return res.render('profile', {
13. title:'Profile',
14. name: user.name,
15. favorite: user.favoriteBook});
16. }
17. });
18.  
19. });
20.  
21. // GET /logout
22. router.get('/logout', function(req, res, next) {
23. if (req.session) {
24. // delete session object
25. req.session.destroy(function(err) {
26. if(err) {
27. return next(err);
28. } else {
29. return res.redirect('/');
30. }
31. });
32. }
33. });
34.  
35.  
36. //GET for /Login
37. router.get('/login', mid.loggedOut,function(req,res,next){
38. return res.render('login', {title: 'Login'})
39. })
40.  
41. router.post('/login', function(req, res, next){
42. if(req.body.email && req.body.password){
43. User.authenticate( req.body.email, req.body.password, function(error, user){
44. if(error || !user){
45. const err = new Error("Wrong Email or Password");
46. err.status = 401;
47. return next(err);
48. }else{
49. req.session.userId = user._id;
50. return res.redirect('/profile');
51. }
52. });
53. }else{
54. const err = new Error('The Password and Email must be filled out');
55. err.status =401;
56. return next(err);
57. }
58. });
59.  
60.  
61. //GET /register
62. router.get('/register',mid.loggedOut, function(req, res, next) {
63. return res.render('register', { title: 'Register' });
64. });
65.  
66.  
67. router.post('/register', function(req, res, next) {
68. if (req.body.email &&
69. req.body.name &&
70. req.body.favoriteBook &&
71. req.body.password &&
72. req.body.confirmPassword
73. ) {
74. if (req.body.password !== req.body.confirmPassword) {
75. const err = new Error('Passwords must both match');
76. err.status = 400;
77. return next(err);
78. }
79. if (!req.body.email){
80. const err = new Error('This email has already been used please use another');
81. err.status = 400;
82. return next(err);
83. }
84.  
85. const userData = {
86. email: req.body.email,
87. name: req.body.name,
88. favoriteBook: req.body.favoriteBook,
89. password: req.body.password,
90. }
91.  
92. /*Using the Schema create method to insert the data into mongo
93. after the user has created their profile for the page*/
94. User.create(userData, function(error, user ){
95. if(error){
96. return next(error);
97. } else {
98. req.session.userId = user._id;
99. return res.redirect("/profile");
100. }
101. } )
102. } else {
103. const err = new Error('All fields must be filled out');
104. err.status = 400;
105. return next(err);
106. }
107. });
108.  
109.  
110. // GET /
111. router.get('/', function(req, res, next) {
112. return res.render('index', { title: 'Home' });
113. });
114.  
115. // GET /about
116. router.get('/about', function(req, res, next) {
117. return res.render('about', { title: 'About' });
118. });
119.  
120. // GET /contact
121. router.get('/contact', function(req, res, next) {
122. return res.render('contact', { title: 'Contact' });
123. });
124.  
125.  
126. module.exports = router;
127.  
128.  
129.  
130.  
131.  
132. `
133.  
134. App.js
135. const express = require('express');
136. const bodyParser = require('body-parser');
137. const mongoose = require('mongoose');
138. const session = require('express-session');
139. const MongoStore = require('connect-mongo')(session);
140. const app = express();
141.  
142. //mongodb connection
143. mongoose.connect('mongodb://localhost:27017/myapp');
144. const db = mongoose.connection;
145.  
146. //Checks for any errors in the database
147. db.on('error', console.error.bind(console, 'connection error'));
148.  
149. //Use the Express-session middleware that was required above
150. app.use(session({
151. secret: "Kevin's here",
152. resave: true,
153. saveUninitialized: false,
154. store: new MongoStore({
155. mongooseConnection: db
156. })
157. }));
158.  
159. //This will allow the templates to use the session ID
160. app.use(function (req, res, next){
161. res.locals.currentUser = req.session.userId;
162. next();
163. })
164.  
165.  
166. // parse incoming requests
167. app.use(bodyParser.json());
168. app.use(bodyParser.urlencoded({ extended: false }));
169.  
170. // serve static files from /public
171. app.use(express.static(__dirname + '/public'));
172.  
173. // view engine setup
174. app.set('view engine', 'pug');
175. app.set('views', __dirname + '/views');
176.  
177. // include routes
178. var routes = require('./routes/index');
179. app.use('/', routes);
180.  
181. // catch 404 and forward to error handler
182. app.use(function(req, res, next) {
183. var err = new Error('File Not Found');
184. err.status = 404;
185. next(err);
186. });
187.  
188. // error handler
189. // define as the last app.use callback
190. app.use(function(err, req, res, next) {
191. res.status(err.status || 500);
192. res.render('error', {
193. message: err.message,
194. error: {}
195. });
196. });
197.  
198. // listen on port 3000
199. app.listen(3000, function() {
200. console.log('Express app listening on port 3000');
201. });