better configuration for auth with middleware
This commit is contained in:
Mikayla Dobson
@@ -83,7 +83,7 @@ module.exports = class AuthController {
|
||||
const newUser = new User(userData.username, userData.email, hash);
|
||||
const result = await User.create(newUser);
|
||||
|
||||
return new ControllerResponse(result.rows.length > 0, result, (result.rows.length > 0 ? 201 : 400));
|
||||
return new ControllerResponse(result.length > 0, result, (result.length > 0 ? 201 : 400));
|
||||
} catch (error) {
|
||||
console.log(error);
|
||||
}
|
||||
|
||||
@@ -20,7 +20,8 @@ async function expressLoader(app) {
|
||||
secret: secret,
|
||||
cookie: {
|
||||
maxAge: 8 * 60 * 60 * 1000,
|
||||
secure: false
|
||||
secure: false,
|
||||
httpOnly: false
|
||||
},
|
||||
resave: false,
|
||||
saveUninitialized: false,
|
||||
|
||||
@@ -7,16 +7,26 @@ async function passportLoader(app) {
|
||||
app.use(passport.session());
|
||||
|
||||
passport.serializeUser((user, done) => {
|
||||
done(null, user);
|
||||
process.nextTick(() => {
|
||||
done(null, user);
|
||||
})
|
||||
})
|
||||
|
||||
passport.deserializeUser((user, done) => {
|
||||
done(null, user);
|
||||
process.nextTick(() => {
|
||||
done(null, user);
|
||||
})
|
||||
})
|
||||
|
||||
passport.use(new Strategy({ usernameField: "email", passwordField: "password" }, async (email, password, done) => {
|
||||
console.log('calling local strategy');
|
||||
console.log(email, password);
|
||||
|
||||
try {
|
||||
console.log('before response')
|
||||
const response = await AuthController.login({ email: email, password: password });
|
||||
console.log(response);
|
||||
|
||||
if (response && response.ok) {
|
||||
return done(null, response.data.data);
|
||||
} else {
|
||||
|
||||
@@ -18,7 +18,7 @@
|
||||
"dotenv": "^16.0.3",
|
||||
"express": "^4.18.2",
|
||||
"express-session": "^1.17.3",
|
||||
"passport": "^0.4.0",
|
||||
"passport": "^0.6.0",
|
||||
"passport-local": "^1.0.0",
|
||||
"pg": "^8.9.0"
|
||||
},
|
||||
|
||||
@@ -14,7 +14,7 @@ async function authRoute(app, passport) {
|
||||
}
|
||||
})
|
||||
|
||||
router.post('/login', async (req, res, next) => {
|
||||
router.post('/login', passport.authenticate('local'), async (req, res, next) => {
|
||||
try {
|
||||
const data = req.body;
|
||||
const response = await AuthController.login(data);
|
||||
@@ -22,6 +22,7 @@ async function authRoute(app, passport) {
|
||||
if (!response || !response.ok) {
|
||||
res.status(response.code || 400).send(response.data || "Something went wrong");
|
||||
} else {
|
||||
req.user = response.data;
|
||||
req.session.user = response.data;
|
||||
req.session.save((err) => {
|
||||
return next(err);
|
||||
@@ -36,16 +37,12 @@ async function authRoute(app, passport) {
|
||||
|
||||
router.delete('/logout', async (req, res, next) => {
|
||||
try {
|
||||
req.session.destroy((err) => {
|
||||
if (err) throw err;
|
||||
req.logout((err) => {
|
||||
if (err) return next(err);
|
||||
})
|
||||
})
|
||||
|
||||
res.status(204).send({ ok: true });
|
||||
req.session = null;
|
||||
req.user = null;
|
||||
res.status(200).clearCookie('connect.sid');
|
||||
res.end();
|
||||
} catch (error) {
|
||||
next(error);
|
||||
console.log(error);
|
||||
}
|
||||
})
|
||||
|
||||
|
||||
@@ -2,15 +2,17 @@ const authRoute = require("./auth");
|
||||
const itemRoute = require("./item");
|
||||
|
||||
async function routesLoader(app, passport) {
|
||||
const authRouter = await authRoute(app, passport);
|
||||
const itemRouter = await itemRoute(app, passport);
|
||||
app.use('/', (req, res, next) => {
|
||||
console.log(req.user || "no user");
|
||||
next();
|
||||
})
|
||||
|
||||
app.get('/', (req, res) => {
|
||||
res.send(req.session);
|
||||
})
|
||||
|
||||
app.use('/auth', authRouter);
|
||||
app.use('/app', passport.authenticate('local'), itemRouter);
|
||||
app.use('/auth', await authRoute(app, passport));
|
||||
app.use('/app', await itemRoute(app, passport));
|
||||
}
|
||||
|
||||
module.exports = routesLoader;
|
||||
@@ -2,6 +2,15 @@ const router = require('express').Router();
|
||||
const ItemController = require('../controllers/ItemController');
|
||||
|
||||
function itemRoute(app, passport) {
|
||||
router.use('/', (req, res, next) => {
|
||||
if (req.user == null) {
|
||||
res.status(403).send("Unauthorized");
|
||||
return;
|
||||
} else {
|
||||
next();
|
||||
}
|
||||
})
|
||||
|
||||
router.get('/item', async (req, res) => {
|
||||
const response = await ItemController.getAll();
|
||||
const { data, code } = response;
|
||||
|
||||
Reference in New Issue
Block a user