Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- // Check if the user is authenticated: I have a middleware function named CheckAuth which I use on every route that needs the user to be authenticated:
- function checkAuth(req, res, next) {
- if (!req.session.user_id) {
- res.send('You are not authorized to view this page');
- } else {
- next();
- }
- }
- // I use this function in my routes like this:
- app.get('/my_secret_page', checkAuth, function (req, res) {
- res.send('if you are viewing this page it means you are logged in');
- });
- // 2) The login route:
- app.post('/login', function (req, res) {
- var post = req.body;
- if (post.user === 'john' && post.password === 'johnspassword') {
- req.session.user_id = johns_user_id_here;
- res.redirect('/my_secret_page');
- } else {
- res.send('Bad user/pass');
- }
- });
- // 3) The logout route:
- app.get('/logout', function (req, res) {
- delete req.session.user_id;
- res.redirect('/login');
- });
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement