Dognation: Password Authentication

--Dognation: Password Authentication.md

Dognation: Password Authentication

Welcome to Dognation!

Dognation is collaborative site for dogwalkers to share pictures of their buddies. People can sign in and post pictures of the dogs they walk and share them with everyone!

We were recently hired to complete a missing feature for the app! It currently doesn’t have any configuration to authenticate users. In this project, we’ll be using express-sessions, Passport’s passport-local, and bcrypt.js in order to authenticate users so they can register, login and stay, and log out of the app!

We’re provided with some boilerplate code that we’ll be modifying and adding to in order to complete this. Let’s get started!

app.js

// Import packages
const express = require("express");
const app = express();
const session = require("express-session");
const passport = require("passport");

// App config
app.set("trust proxy", 1);
const PORT = process.env.PORT || 4001;
app.use(express.json());
app.use(express.urlencoded({ extended: true }));
app.use(express.static(__dirname + '/public'));
app.set("view engine", "ejs");
// Import Passport config
require("./config/passport");

// Session Config
app.use(session({
  secret: "#TERCES#",
  cookie: { maxAge: 1000 * 60 * 60 * 48 },
  saveUninitialized: false,
  resave: false,
  sameSite: "none",
  secure: true
}));

// Passport Config
app.use(passport.initialize());
app.use(passport.session());

// Routes
app.use(require("./routes/index.routes"));

app.get("/", (req, res) => {
  const user = null || "Guest";
  res.render("home", { user });
});


app.listen(PORT, () => {
  console.log(`Server is listening on port: ${PORT}`);
});

passport.js

const passport = require("passport");
const LocalStrategy = require("passport-local").Strategy;
const bcrypt = require("bcrypt");
const helper = require("../helpers/helper");

// Set up the Passport strategy:
passport.use(
  new LocalStrategy(function (username, password, done) {
    helper.findByUserName(username, async (error, user) => {
      if (error) { return done(error); }
      const match = await bcrypt.compare(password, user.password);
      if (!user || !match) { 
        return done(null, false); 
      }
      return done(null, user);
    });
 })
);

// Serialize a user
passport.serializeUser((user, done) => {
  done(null, user.id);
});

// Deserialize a user
passport.deserializeUser((id, done) => {
  helper.findById(id, function (error, user) {
    if (error) { return done(error); }
    return done(null, user);
  })
});

users.routes.js

const express = require("express");
const router = express.Router();
const helper = require("../helpers/helper");
const passport = require("passport");
const filename = "./data/users.json";
const bcrypt = require("bcrypt");
let users = require("../data/users.json");

// Register New User:
router.post("/register", async (req, res) => {
  const { username, password } = req.body;
  const id = { id: helper.getNewId(users) };
  try {
    const user = await helper.userExists(username);
    if (user) {
      console.log("User already exists!");
      return res.redirect("login");
    }
    // Hash password before storing in local DB:
    const salt = await bcrypt.genSalt(10)
    password = await bcrypt.hash(password, salt);
    
    const newUser = { ...id, username, password: password };

    // Store new user in local DB
    await users.push(newUser);
    await helper.writeJSONFile(filename, users);

    res.redirect("login");
  } catch (err) {
    res.status(500).json({ message: err.message });
  }
});

// Log In User:
router.post("/login",
  passport.authenticate("local", { failureRedirect: "/login", failureMessage: true }),
  function(req, res) {
     res.redirect("../");
  }
);

// Log out user:
router.get("/logout", (req, res) => {
  req.logout();
  res.redirect("../");
});

router.get("/register", (req, res) => {
  res.render("register");
});

router.get("/login", (req, res) => {
  res.render("login");
});

module.exports = router;