Skip to content

Instantly share code, notes, and snippets.

@AsadSaleh

AsadSaleh/index.js

Created March 25, 2023 03:45
Show Gist options
  • Save AsadSaleh/de1b5493328915342124a02e2354b296 to your computer and use it in GitHub Desktop.
Save AsadSaleh/de1b5493328915342124a02e2354b296 to your computer and use it in GitHub Desktop.
Download ZIP
Bare minimum example auth in express js
Raw
index.js
const express = require('express');
const app = express();
const bcrypt = require('bcryptjs');
const jwt = require('jsonwebtoken');
const session = require('express-session');
// User model
const User = require('./models/user');
// Login form
app.get('/login', (req, res) => {
res.render('login');
});
// Login route
app.post('/login', async (req, res) => {
const { email, password } = req.body;
const user = await User.findOne({ email });
// Verify user
if (!user) {
return res.status(401).send({ error: 'Invalid email or password' });
}
// Verify password
const validPassword = await bcrypt.compare(password, user.password);
if (!validPassword) {
return res.status(401).send({ error: 'Invalid email or password' });
}
// Generate JWT token
const token = jwt.sign({ userId: user._id }, 'secret-key', { expiresIn: '1h' });
// Set session cookie
req.session.token = token;
res.redirect('/dashboard');
});
// Authentication middleware
const authenticate = (req, res, next) => {
const token = req.session.token;
// Verify token
jwt.verify(token, 'secret-key', (err, decodedToken) => {
if (err || !decodedToken) {
return res.status(401).send({ error: 'Unauthorized' });
}
req.userId = decodedToken.userId;
next();
});
};
// Protected route
app.get('/dashboard', authenticate, (req, res) => {
res.render('dashboard');
});
// Logout route
app.post('/logout', (req, res) => {
req.session.destroy();
res.redirect('/login');
});
app.listen(3000, () => console.log('Server started on port 3000'));
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment