innocuous-symmetry/auth-template
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

better configuration for auth with middleware

Browse Source
This commit is contained in:
Mikayla Dobson
2023-01-31 22:32:17 -06:00
parent 4c3a31c77f
commit 0d18c1041f
7 changed files with 38 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
server/controllers/AuthController.js
View File

@@ -83,7 +83,7 @@ module.exports = class AuthController {
const newUser = new User(userData.username, userData.email, hash); const newUser = new User(userData.username, userData.email, hash);
const result = await User.create(newUser); const result = await User.create(newUser);
return new ControllerResponse(result.rows.length > 0, result, (result.rows.length > 0 ? 201 : 400)); return new ControllerResponse(result.length > 0, result, (result.length > 0 ? 201 : 400));
} catch (error) { } catch (error) {
console.log(error); console.log(error);
} }

3
server/loaders/express.js
View File

@@ -20,7 +20,8 @@ async function expressLoader(app) {
secret: secret, secret: secret,
cookie: { cookie: {
maxAge: 8 * 60 * 60 * 1000, maxAge: 8 * 60 * 60 * 1000,
secure: false secure: false,
httpOnly: false
}, },
resave: false, resave: false,
saveUninitialized: false, saveUninitialized: false,

14
server/loaders/passport.js
View File

@@ -7,16 +7,26 @@ async function passportLoader(app) {
app.use(passport.session()); app.use(passport.session());
passport.serializeUser((user, done) => { passport.serializeUser((user, done) => {
done(null, user); process.nextTick(() => {
done(null, user);
})
}) })
passport.deserializeUser((user, done) => { passport.deserializeUser((user, done) => {
done(null, user); process.nextTick(() => {
done(null, user);
})
}) })
passport.use(new Strategy({ usernameField: "email", passwordField: "password" }, async (email, password, done) => { passport.use(new Strategy({ usernameField: "email", passwordField: "password" }, async (email, password, done) => {
console.log('calling local strategy');
console.log(email, password);
try { try {
console.log('before response')
const response = await AuthController.login({ email: email, password: password }); const response = await AuthController.login({ email: email, password: password });
console.log(response);
if (response && response.ok) { if (response && response.ok) {
return done(null, response.data.data); return done(null, response.data.data);
} else { } else {

2
server/package.json
View File

@@ -18,7 +18,7 @@
"dotenv": "^16.0.3", "dotenv": "^16.0.3",
"express": "^4.18.2", "express": "^4.18.2",
"express-session": "^1.17.3", "express-session": "^1.17.3",
"passport": "^0.4.0", "passport": "^0.6.0",
"passport-local": "^1.0.0", "passport-local": "^1.0.0",
"pg": "^8.9.0" "pg": "^8.9.0"
}, },

17
server/routes/auth.js
View File

@@ -14,7 +14,7 @@ async function authRoute(app, passport) {
} }
}) })
router.post('/login', async (req, res, next) => { router.post('/login', passport.authenticate('local'), async (req, res, next) => {
try { try {
const data = req.body; const data = req.body;
const response = await AuthController.login(data); const response = await AuthController.login(data);
@@ -22,6 +22,7 @@ async function authRoute(app, passport) {
if (!response || !response.ok) { if (!response || !response.ok) {
res.status(response.code || 400).send(response.data || "Something went wrong"); res.status(response.code || 400).send(response.data || "Something went wrong");
} else { } else {
req.user = response.data;
req.session.user = response.data; req.session.user = response.data;
req.session.save((err) => { req.session.save((err) => {
return next(err); return next(err);
@@ -36,16 +37,12 @@ async function authRoute(app, passport) {
router.delete('/logout', async (req, res, next) => { router.delete('/logout', async (req, res, next) => {
try { try {
req.session.destroy((err) => { req.session = null;
if (err) throw err; req.user = null;
req.logout((err) => { res.status(200).clearCookie('connect.sid');
if (err) return next(err); res.end();
})
})
res.status(204).send({ ok: true });
} catch (error) { } catch (error) {
next(error); console.log(error);
} }
}) })

10
server/routes/index.js
View File

@@ -2,15 +2,17 @@ const authRoute = require("./auth");
const itemRoute = require("./item"); const itemRoute = require("./item");
async function routesLoader(app, passport) { async function routesLoader(app, passport) {
const authRouter = await authRoute(app, passport); app.use('/', (req, res, next) => {
const itemRouter = await itemRoute(app, passport); console.log(req.user || "no user");
next();
})
app.get('/', (req, res) => { app.get('/', (req, res) => {
res.send(req.session); res.send(req.session);
}) })
app.use('/auth', authRouter); app.use('/auth', await authRoute(app, passport));
app.use('/app', passport.authenticate('local'), itemRouter); app.use('/app', await itemRoute(app, passport));
} }
module.exports = routesLoader; module.exports = routesLoader;

9
server/routes/item.js
View File

@@ -2,6 +2,15 @@ const router = require('express').Router();
const ItemController = require('../controllers/ItemController'); const ItemController = require('../controllers/ItemController');
function itemRoute(app, passport) { function itemRoute(app, passport) {
router.use('/', (req, res, next) => {
if (req.user == null) {
res.status(403).send("Unauthorized");
return;
} else {
next();
}
})
router.get('/item', async (req, res) => { router.get('/item', async (req, res) => {
const response = await ItemController.getAll(); const response = await ItemController.getAll();
const { data, code } = response; const { data, code } = response;