From 8422e15c089a55497e4e7b8832385110bc2c8a2a Mon Sep 17 00:00:00 2001
From: Kagamino <kagamino@8086.rez-gif.supelec.fr>
Date: Mon, 11 Feb 2019 19:10:56 +0100
Subject: [PATCH] authentication works
---
index.js | 59 +++++++++++++++++++++++++++++++++-----------------
package.json | 1 +
views/base.pug | 21 ++++++++++++++++++
3 files changed, 61 insertions(+), 20 deletions(-)
diff --git a/index.js b/index.js
index 12cb830..d307bc5 100644
--- a/index.js
+++ b/index.js
@@ -4,12 +4,21 @@ const bodyParser = require('body-parser');
const User = require('./models/user');
const mongoose = require('mongoose');
const bcrypt = require('bcrypt');
+const morgan = require('morgan');
const config = require('./config.json');
+// Utils
+const render = (req, res, view, options) => res.render(view, {
+ ...options,
+ user: req.session.user,
+ nextUrl: req.url,
+});
+
// Configuration
const app = express();
app.set('view engine', 'pug');
+app.use(morgan('tiny'));
app.use(session({
secret: config.secret,
resave: false,
@@ -21,42 +30,52 @@ app.use(bodyParser.urlencoded({
extended: false,
}));
app.use((req, res, next) => {
- if (!req.session.user && !['/', '/signup'].includes(req.url)) {
- return res.redirect('/signup');
+ if (req.session.user || ['/', '/signup', '/login'].includes(req.url)) {
+ next();
} else {
- return next();
+ return res.redirect('/signup');
}
});
app.get('/', (req, res) => {
- return res.render('home');
+ return render(req, res, 'home');
});
app.get('/signup', (req, res) => {
- return res.render('signup');
+ return render(req, res, 'signup');
});
app.post('/signup', (req, res) => {
- bcrypt.hash(req.body.password, config.cryptRounds).then((hash, err) => {
- User.create(req.body).then(user => {
- req.session.user = user;
- return res.redirect('/');
- });
+ const passwordHash = bcrypt.hashSync(req.body.password, config.cryptRounds);
+ User.create(req.body, (err, user) => {
+ err ? console.error(err) : null;
+ user.passwordHash = passwordHash;
+ user.save();
+ req.session.user = user;
+ return res.redirect('/');
});
});
app.post('/login', (req, res) => {
- User.findOne({ username: req.body.username }).then(user => {
- bcrypt.compare(req.body.password, user.passwordHash).then((err, same) => {
- if (same) {
- req.session.user = user;
- return res.redirect(req.query.nextUrl);
- } else {
- return res.redirect('/signup');
- }
- });
+ User.findOne({ username: req.body.username }, (err, user) => {
+ err ? console.error(err) : null;
+ if (bcrypt.compareSync(req.body.password, user.passwordHash)) {
+ req.session.user = user;
+ return res.redirect(req.query.nextUrl || '/');
+ } else {
+ console.error("Bad authentication");
+ return res.redirect('/signup');
+ }
});
});
+app.post('/logout', (req, res) => {
+ req.session.destroy();
+ return res.redirect('/');
+})
mongoose.connect('mongodb://localhost/rolegame', err => {
- console.log('Server connected to Mongo database');
+ if (err) {
+ console.error('ERROR Unable to connect to Mongo database')
+ } else {
+ console.log('Server connected to Mongo database');
+ }
app.listen(config.port, () => {
console.log(`Server listening on http://localhost:${config.port}`);
});
diff --git a/package.json b/package.json
index 0e2d5b3..e3b0f52 100644
--- a/package.json
+++ b/package.json
@@ -9,6 +9,7 @@
"express": "^4.16.4",
"express-session": "^1.15.6",
"mongoose": "^5.4.11",
+ "morgan": "^1.9.1",
"nodemon": "^1.18.10",
"pug": "^2.0.3"
}
diff --git a/views/base.pug b/views/base.pug
index 7c6b4cd..38855d3 100644
--- a/views/base.pug
+++ b/views/base.pug
@@ -8,6 +8,27 @@ html(lang="en")
title RoleGame
body
block navbar
+ if !user
+ form.ui.form(action="/login", method="post")
+ .ui.pointing.menu
+ .right.menu
+ .item
+ .ui.input.transparent
+ input#username(type="text" name="username" placeholder="username")
+ .item
+ .ui.transparent.input
+ input#password(type="password" name="password" placeholder="password")
+ .item
+ .ui.transparent.input
+ input.ui.button(type="submit" value="Se connecter")
+ else
+ form.ui.form(action="/logout", method="post")
+ .ui.pointing.menu
+ .right.menu
+ .item #{user.firstName} #{user.lastName}
+ .item
+ button.ui.icon.button.basic(type="submit")
+ i.power.off.icon
.ui.container
block main
block script
--
GitLab