const express = require('express');const path = require('path');const bodypars

1. const express = require('express');
2. const path = require('path');
3. const bodyparser = require('body-parser');
4. const passport = require('passport');
5. const LocalStrategy = require('passport-local').Strategy;
6. // const cookieParser = require('cookie-parser');
7.  
8. const session = require('express-session')
9. const RedisStore = require('connect-redis')(session);
10.  
11. const bcrypt = require('bcrypt');
12. const db = require('./models');
13. const { User } = require('./models');
14.  
15. const saltRounds = 10;
16.  
17. const app = express();
18. app.use(bodyparser.urlencoded({extended: false}));
19.  
20. // app.use(cookieParser());
21. app.use(session({
22. store: new RedisStore(),
23. secret: 'something_super-weird',
24. resave: false,
25. saveUninitialized: true
26. }))
27.  
28. app.use(passport.initialize())
29. app.use(passport.session());
30.  
31. passport.use(new LocalStrategy (
32. function(username, password, done) {
33. console.log('runs before serializing')
34. User.findOne({
35. where: {
36. username: username
37. }
38. }).then ( user => {
39. if (user === null) {
40. console.log('user failed')
41. return done(null, false, {message: 'bad username'})
42. }else {
43. bcrypt.compare(password, user.password).then(res => {
44. if (res) {
45. return done(null, user);
46. }else {
47. return done(null, false, {message: 'bad password'})
48. }
49. })
50. }
51. }).catch(err => {
52. console.log('error: ', err)
53. })
54. }
55. ))
56.  
57.  
58. passport.serializeUser(function(user, done) {
59. console.log('serializing')
60. // ^ ---------- given from authentication strategy
61. // building the object to serialize to save
62. return done(null, {
63. id: user.id,
64. username: user.username
65. })
66. });
67.  
68. passport.deserializeUser(function(user, done) {
69. console.log('deserializing')
70. // ^ ---------- given from serializeUser
71. User.findOne({
72. where: {
73. id: user.id
74. }
75. }).then(user => {
76. return done(null, user) // <------- inserts into the request object
77. })
78. });
79.  
80. // app.use((req, res, next) => {
81. // if (req.method.toUpperCase() !== "GET") {
82. // isAuthenticated(req, res, next);
83. // }else {
84. // next();
85. // }
86. // })
87.  
88.  
89. app.post('/createuser', (req, res) => {
90. User.create({
91. username: req.body.username,
92. password: req.body.password
93. }).then( _ => {
94. res.redirect('/login')
95. })
96. })
97.  
98. app.get('/', (req, res) => {
99. res.send('hello')
100. })
101.  
102. app.get('/login', (req, res) => {
103. res.sendFile(path.join(__dirname + '/views/login.html'));
104. })
105.  
106. app.post('/user/new', (req, res) => {
107. bcrypt.genSalt(saltRounds, function(err, salt) {
108. bcrypt.hash(req.body.password, salt, function(err, hash) {
109. User.create({
110. username: req.body.username,
111. password: hash
112. }).then( _ => {
113. res.redirect('/login')
114. })
115. });
116. });
117. })
118.  
119. app.get('/secret', isAuthenticated, (req, res) => {
120. // console.log('req.user: ', req.user);
121. console.log('req.user id', req.user.id)
122. console.log('req.username', req.user.username)
123. console.log('req.user.password: ', req.user.password);
124.  
125. console.log('pinging the secret')
126. res.send('you found the secret!')
127. })
128.  
129. app.post('/login', passport.authenticate('local', {
130. successRedirect: '/secret',
131. failureRedirect: '/login'
132. }))
133.  
134. function isAuthenticated (req, res, next) {
135. console.log('checking')
136. if(req.isAuthenticated()) {
137. console.log('you good')
138. next();
139. }else {
140. console.log('you bad!!!!')
141. res.redirect('/login')
142. }
143. }
144.  
145.  
146. app.listen(9000, () => {
147. console.log('starting server');
148. db.sequelize.sync();
149. })