Skip to content

Instantly share code, notes, and snippets.

@Unam3dd
Created June 29, 2023 21:43
Show Gist options
  • Save Unam3dd/72f5b4071424526777cf467f4f7dca5f to your computer and use it in GitHub Desktop.
Save Unam3dd/72f5b4071424526777cf467f4f7dca5f to your computer and use it in GitHub Desktop.
First Express Server without ridis storage
const express = require('express');
const session = require('express-session');
const path = require('path');
const bodyParser = require('body-parser');
const app = express();
const port = 8989;
let id = 1
// DISABLE
app.disable('x-powered-by');
// MIDLEWARES
app.use(session({
name: 'sid',
secret: 'thisismysuperkey',
cookie: {
sameSite: 'strict', // protect to csrf
secure: false, // only cookie on https when is true
maxAge: 3600000,
expires: new Date(Date.now() + 3600000),
httpOnly: true,
},
saveUninitialized: true, // true le session ID ne bouge jamais meme si rien est ecris dedans
resave: false,
}));
app.use(express.static(path.join(__dirname, '.')))
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({
extended: true
}));
// ROUTES
app.get('/already', (req, res) => {
res.status(401).send(`<h1>You are already logged as ${req.session.user} </h1>`);
});
app.post('/login', (req, res) => {
console.log(`POST /login - ${req.sessionID}`);
if (req.session.authenticated) {
res.status(301).redirect('/already');
return ;
}
const { user, password } = req.body;
if (user === 'admin' && password === 'admin') {
req.session.authenticated = true;
req.session._id = 0;
req.session.user = 'admin';
res.status(301).redirect('/');
return ;
}
else if (user === 'test' && password === 'test') {
req.session.authenticated = true;
req.session._id = id++;
req.session.user = user;
res.status(301).redirect('/');
return ;
}
req.session.authenticated = false;
req.session._id = -1;
req.session.user = '';
res.status(401).send("<h1>You are not authorized</h1>");
});
app.get('/login', (req, res) => {
console.log(`GET /login - ${req.sessionID}`);
if (req.session.authenticated) {
res.redirect('/already');
return ;
}
console.log("ACCESS login page !");
res.status(200).sendFile(__dirname + "/post.html");
})
app.get('/logout', (req, res) => {
console.log(`GET /logout - ${req.sessionID}`);
if (!req.session.authenticated) {
res.status(301).redirect("/");
return ;
}
req.session.authenticated = false;
console.log(`Removing ${req.sessionID} - ${req.session.user}`);
req.session.destroy((err) => {
console.log(err);
})
// Removing client cookie
res.clearCookie('sid');
res.status(301).redirect('/');
});
// Routes
app.get('/', (req, res) => {
console.log(`GET / - ${req.sessionID}`)
if (req.session.authenticated == undefined || req.session.authenticated == false) {
res.status(301).redirect('/login');
return ;
}
if (req.session.hits)
req.session.hits++;
else
req.session.hits = 1;
res.status(200).send(`<h1>Hello ${req.session.user} you have for id ${req.session._id} and ${req.session.hits} Hits points</h1>`);
});
// Start the server
app.listen(port, () => {
console.log(`Server is listening on port ${port}`);
});
{
"name": "test",
"version": "1.0.0",
"description": "",
"main": "index.js",
"scripts": {
"test": "nodemon index.js"
},
"author": "",
"license": "ISC",
"dependencies": {
"body-parser": "^1.20.2",
"connect-redis": "^7.1.0",
"express": "^4.18.2",
"express-session": "^1.17.3",
"ioredis": "^5.3.2",
"nodemon": "^2.0.22",
"redis": "^4.6.7"
}
}
<!DOCTYPE html>
<html>
<head>
<title>Login Page</title>
<meta charset="utf-8">
</head>
<body>
<h1>Welcome to the Login Page</h1>
<form action="/login" method="POST">
Username<input type="text" name="user" required/>
Password<input type="password" name="password" required/>
<button>submit</button>
</form>
</body>
</html>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment