-
-
Save anonymous/c8ed0f2cc858942c4c3b to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/** | |
* Most of the code is found here : | |
* http://naholyr.fr/2011/07/authentification-et-websocket-avec-node-js-express-et-socket-io/ | |
* | |
* Code exporting into other files : | |
* http://stackoverflow.com/questions/6059246/how-to-include-route-handlers-in-multiple-files-in-express | |
* | |
* Interesting link about socket.io and sessions : | |
* http://www.danielbaulig.de/socket-ioexpress/ | |
* | |
* Savior link about session length : | |
* http://rahulmehta1.wordpress.com/2011/11/03/login-form-in-node-js-with-session-mangement/ | |
*/ | |
var path = require('path'); | |
var express = require('express'); | |
var app = module.exports = express.createServer(); | |
var port = process.env.PORT || 1337; | |
var RedisStore = require('connect-redis')(express); | |
var redis = require('redis'); | |
var client = redis.createClient(); | |
var util; | |
/** | |
* In case an error happens with redis | |
*/ | |
client.on("error", function (err) { | |
console.log("error event - " + client.host + ":" + client.port + " - " + err); | |
}); | |
/** | |
* Configuration | |
*/ | |
app.configure(function() { | |
// Defines the view folder and engine used. | |
this.set('views', path.join(__dirname, 'views')); | |
this.set('view engine', 'ejs'); | |
// Allow parsing form data | |
this.use(express.bodyParser()); | |
// Allow parsing cookies from request headers | |
this.use(express.cookieParser()); | |
// Session management | |
this.use(express.session({ | |
// Private crypting key | |
secret: 'keyboard cat', | |
store: new RedisStore, | |
cookie: { | |
maxAge: 1800000 | |
} | |
})); | |
this.use(app.router); | |
}); | |
app.configure('development', function(){ | |
this.use(express.errorHandler({ | |
dumpExceptions: true, | |
showStack: true | |
})); | |
}); | |
app.configure('production', function(){ | |
this.use(express.errorHandler()); | |
}); | |
/** | |
* Routes | |
*/ | |
require('./routes/middlewares.js')(app); | |
require('./routes/home.js')(app); | |
require('./routes/guest.js')(app, client); | |
/** | |
* Start server | |
*/ | |
if (!module.parent) { | |
app.listen(port); | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
module.exports = function(app, client) { | |
/** | |
* Login page - Only guests will see this page | |
*/ | |
app.get('/guest', [app.requireGuest], function (req, res, next) { | |
// Render form | |
res.render('guest', { | |
page_language: 'fr', | |
page_title: "Formulaire d'identification", | |
meta_description: "Page de login de ce site de test.", | |
error: null, | |
message: null | |
}); | |
}); | |
/** | |
* Handles login post | |
*/ | |
app.post('/guest', [app.requireGuest], function (req, res, next) { | |
require('bufferjs/concat'); | |
var username = new Buffer(req.body.username); | |
var password = new Buffer(req.body.password); | |
// Preparing options to render if it fails | |
var options = { | |
page_language: 'fr', | |
page_title: "Formulaire d'identification", | |
meta_description: "Page de login de ce site de test.", | |
error: null, | |
message: null | |
}; | |
// If a field is missing, render the login form | |
if (!username || !password) { | |
options.error = "All fields are required."; | |
res.render('guest', options); | |
} | |
// Now, check if the user he entered exists | |
client.sismember(['users', Buffer.concat(new Buffer('user:'), username)], function(err, reply) { | |
if (err) { | |
options.error = err; | |
res.render('guest', options); | |
// Cleanly close Redis' connection | |
client.end(); | |
} | |
if (reply) { | |
// If he does, check if the password matches | |
client.hget([Buffer.concat(new Buffer('user:'), username), 'password'], function(err, reply) { | |
if (err) { | |
options.error = err; | |
res.render('guest', options); | |
// Cleanly close Redis' connection | |
client.end(); | |
} | |
if (reply === password.toString()) { | |
// If the password matches, add the session and redirects to home | |
req.session.username = username.toString(); | |
console.log(req.session); | |
res.redirect('/home'); | |
// Cleanly close Redis' connection | |
client.end(); | |
} | |
else { | |
options.error = "Password do not match."; | |
res.render('guest', options); | |
// Cleanly close Redis' connection | |
client.end(); | |
} | |
}); | |
} | |
else { | |
options.error = "Username does not exist."; | |
res.render('guest', options); | |
// Cleanly close Redis' connection | |
client.end(); | |
} | |
}); | |
}); | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
module.exports = function(app) { | |
/* | |
* Home page for non-guests | |
*/ | |
app.get('/', [app.requireLogin], function (req, res, next) { | |
res.redirect('/home', 301); | |
}); | |
/** | |
* Home page for non-guests | |
*/ | |
app.get('/home', [app.requireLogin], function(req, res, next) { | |
res.render('home', { | |
page_language: 'fr', | |
page_title: "Page d'accueil", | |
meta_description: "Page d'accueil de ce site de test.", | |
error: null, | |
message: null | |
}); | |
}); | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
module.exports = function(app) { | |
/** | |
* Middleware for limited access | |
*/ | |
app.requireLogin = function(req, res, next) { | |
console.log(req.session); | |
if (req.session.username) { | |
// User is authenticated, let him in | |
next(); | |
} | |
else { | |
// Otherwise, we redirect him to login form | |
res.redirect('/guest'); | |
} | |
} | |
/** | |
* Middleware for limited access | |
*/ | |
app.requireGuest = function(req, res, next) { | |
if (req.session.username) { | |
// If the user is authenticated, redirect him to the home page | |
res.redirect('/home'); | |
} | |
else { | |
// Otherwise, let him in | |
next(); | |
} | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment