Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- const express = require('express');
- const path = require('path');
- const bodyparser = require('body-parser');
- const passport = require('passport');
- const LocalStrategy = require('passport-local').Strategy;
- // const cookieParser = require('cookie-parser');
- const session = require('express-session')
- const RedisStore = require('connect-redis')(session);
- const bcrypt = require('bcrypt');
- const db = require('./models');
- const { User } = require('./models');
- const saltRounds = 10;
- const app = express();
- app.use(bodyparser.urlencoded({extended: false}));
- // app.use(cookieParser());
- app.use(session({
- store: new RedisStore(),
- secret: 'something_super-weird',
- resave: false,
- saveUninitialized: true
- }))
- app.use(passport.initialize())
- app.use(passport.session());
- passport.use(new LocalStrategy (
- function(username, password, done) {
- console.log('runs before serializing')
- User.findOne({
- where: {
- username: username
- }
- }).then ( user => {
- if (user === null) {
- console.log('user failed')
- return done(null, false, {message: 'bad username'})
- }else {
- bcrypt.compare(password, user.password).then(res => {
- if (res) {
- return done(null, user);
- }else {
- return done(null, false, {message: 'bad password'})
- }
- })
- }
- }).catch(err => {
- console.log('error: ', err)
- })
- }
- ))
- passport.serializeUser(function(user, done) {
- console.log('serializing')
- // ^ ---------- given from authentication strategy
- // building the object to serialize to save
- return done(null, {
- id: user.id,
- username: user.username
- })
- });
- passport.deserializeUser(function(user, done) {
- console.log('deserializing')
- // ^ ---------- given from serializeUser
- User.findOne({
- where: {
- id: user.id
- }
- }).then(user => {
- return done(null, user) // <------- inserts into the request object
- })
- });
- // app.use((req, res, next) => {
- // if (req.method.toUpperCase() !== "GET") {
- // isAuthenticated(req, res, next);
- // }else {
- // next();
- // }
- // })
- app.post('/createuser', (req, res) => {
- User.create({
- username: req.body.username,
- password: req.body.password
- }).then( _ => {
- res.redirect('/login')
- })
- })
- app.get('/', (req, res) => {
- res.send('hello')
- })
- app.get('/login', (req, res) => {
- res.sendFile(path.join(__dirname + '/views/login.html'));
- })
- app.post('/user/new', (req, res) => {
- bcrypt.genSalt(saltRounds, function(err, salt) {
- bcrypt.hash(req.body.password, salt, function(err, hash) {
- User.create({
- username: req.body.username,
- password: hash
- }).then( _ => {
- res.redirect('/login')
- })
- });
- });
- })
- app.get('/secret', isAuthenticated, (req, res) => {
- // console.log('req.user: ', req.user);
- console.log('req.user id', req.user.id)
- console.log('req.username', req.user.username)
- console.log('req.user.password: ', req.user.password);
- console.log('pinging the secret')
- res.send('you found the secret!')
- })
- app.post('/login', passport.authenticate('local', {
- successRedirect: '/secret',
- failureRedirect: '/login'
- }))
- function isAuthenticated (req, res, next) {
- console.log('checking')
- if(req.isAuthenticated()) {
- console.log('you good')
- next();
- }else {
- console.log('you bad!!!!')
- res.redirect('/login')
- }
- }
- app.listen(9000, () => {
- console.log('starting server');
- db.sequelize.sync();
- })
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement