Authentication and Authorization - Logging In/Out & Registration

app.js

// Import packages
const express = require("express");
const app = express();
const session = require("express-session");
const passport = require("passport");
const morgan = require("morgan");

// App config
app.set("trust proxy", 1);
const PORT = process.env.PORT || 4001;
app.use(express.json());
app.use(express.urlencoded({ extended: true }));
app.use(express.static(__dirname + "/public"));
app.set("view engine", "ejs");
// Import Passport config
require("./config/passport");

app.use(morgan("dev"));

// Session Config
app.use(
  session({
    secret: "dogs4U",
    resave: false,
    saveUninitialized: true,
    cookie: { secure: true, sameSite: "none", maxAge: 86400000 },
  })
);
// Passport Config
app.use(passport.initialize());
app.use(passport.session());

// Routes
app.use(require("./routes/index.routes"));

app.get("/", (req, res) => {
  const user = req.user || "Guest";
  res.render("home", { user });
});

app.listen(PORT, () => {
  console.log(`Server is listening on port: ${PORT}`);
});

passport.js

const passport = require("passport");
const LocalStrategy = require("passport-local").Strategy;
const bcrypt = require("bcrypt");
const helper = require("../helpers/helper");

// Set up the Passport strategy:
passport.use(
  new LocalStrategy(function (username, password, done) {
    const user = helper.findByUsername(username, async function (err, user) {
      if (err) {
        console.log(err);
        return done(err);
      }
      if (!user) {
        console.log("No user found");
        return done(null, false);
      }
      const matchedPassword = await bcrypt.compare(password, user.password);
      if (!matchedPassword) {
        console.log("Incorrect password");
        return done(null, false);
      }
      console.log("Auth Ok");
      return done(null, user);
    });
  })
);

// Serialize a user
passport.serializeUser((user, done) => {
  console.log(`${user}`);
  done(null, user.id);
});

// Deserialize a user
passport.deserializeUser((id, done) => {
  helper.findById(id, function (err, user) {
    console.log(`user ${id} deserialized`);
    if (err) return done(err);
    done(null, user);
  });
});

users.routes.js

const express = require("express");
const router = express.Router();
const helper = require("../helpers/helper");
const passport = require("passport");
const filename = "./data/users.json";
const bcrypt = require("bcrypt");
let users = require("../data/users.json");

// Register New User:
router.post("/register", async (req, res) => {
  const { username, password } = req.body;
  const id = { id: helper.getNewId(users) };
  try {
    const user = await helper.userExists(username);
    if (user) {
      console.log("User already exists!");
      return res.redirect("/users/login");
    }
    // Hash password before storing in local DB:
    const salt = await bcrypt.genSalt(10);
    const hashedPassword = await bcrypt.hash(password, salt);
    const newUser = { ...id, username, password: hashedPassword };
    // Store new user in local DB
    await users.push(newUser);
    await helper.writeJSONFile(filename, users);
    res.redirect("/users/login");
  } catch (err) {
    res.status(500).json({ message: err.message });
  }
});

// Log In User:
router.post(
  "/login",
  passport.authenticate("local", {
    failureRedirect: "/users/login",
    failureMessage: true,
  }),
  (req, res) => {
    res.redirect("../");
  }
);

// Log out user:
router.get("/logout", (req, res) => {
  req.logout((err) => {
    if (err) {
      next(err);
    }
  });
  res.redirect("../");
});

router.get("/register", (req, res) => {
  res.render("register");
});

router.get("/login", (req, res) => {
  res.render("login");
});

module.exports = router;

CodeCademy Dognation fork