Skip to content

Instantly share code, notes, and snippets.

@nakaz

nakaz/passport-livecode.js

Created May 3, 2017 01:43
Show Gist options
  • Save nakaz/155dc9ce034365a42f6f3cfa5f02b8ed to your computer and use it in GitHub Desktop.
Save nakaz/155dc9ce034365a42f6f3cfa5f02b8ed to your computer and use it in GitHub Desktop.
Download ZIP
Raw
passport-livecode.js
const express = require('express');
const path = require('path');
const bodyparser = require('body-parser');
const passport = require('passport');
const LocalStrategy = require('passport-local').Strategy;
// const cookieParser = require('cookie-parser');
const session = require('express-session')
const RedisStore = require('connect-redis')(session);
const bcrypt = require('bcrypt');
const db = require('./models');
const { User } = require('./models');
const saltRounds = 10;
const app = express();
app.use(bodyparser.urlencoded({extended: false}));
// app.use(cookieParser());
app.use(session({
store: new RedisStore(),
secret: 'something_super-weird',
resave: false,
saveUninitialized: true
}))
app.use(passport.initialize())
app.use(passport.session());
passport.use(new LocalStrategy (
function(username, password, done) {
console.log('runs before serializing')
User.findOne({
where: {
username: username
}
}).then ( user => {
if (user === null) {
console.log('user failed')
return done(null, false, {message: 'bad username'})
}else {
bcrypt.compare(password, user.password).then(res => {
if (res) {
return done(null, user);
}else {
return done(null, false, {message: 'bad password'})
}
})
}
}).catch(err => {
console.log('error: ', err)
})
}
))
passport.serializeUser(function(user, done) {
console.log('serializing')
// ^ ---------- given from authentication strategy
// building the object to serialize to save
return done(null, {
id: user.id,
username: user.username
})
});
passport.deserializeUser(function(user, done) {
console.log('deserializing')
// ^ ---------- given from serializeUser
User.findOne({
where: {
id: user.id
}
}).then(user => {
return done(null, user) // <------- inserts into the request object
})
});
// app.use((req, res, next) => {
// if (req.method.toUpperCase() !== "GET") {
// isAuthenticated(req, res, next);
// }else {
// next();
// }
// })
app.post('/createuser', (req, res) => {
User.create({
username: req.body.username,
password: req.body.password
}).then( _ => {
res.redirect('/login')
})
})
app.get('/', (req, res) => {
res.send('hello')
})
app.get('/login', (req, res) => {
res.sendFile(path.join(__dirname + '/views/login.html'));
})
app.post('/user/new', (req, res) => {
bcrypt.genSalt(saltRounds, function(err, salt) {
bcrypt.hash(req.body.password, salt, function(err, hash) {
User.create({
username: req.body.username,
password: hash
}).then( _ => {
res.redirect('/login')
})
});
});
})
app.get('/secret', isAuthenticated, (req, res) => {
// console.log('req.user: ', req.user);
console.log('req.user id', req.user.id)
console.log('req.username', req.user.username)
console.log('req.user.password: ', req.user.password);
console.log('pinging the secret')
res.send('you found the secret!')
})
app.post('/login', passport.authenticate('local', {
successRedirect: '/secret',
failureRedirect: '/login'
}))
function isAuthenticated (req, res, next) {
console.log('checking')
if(req.isAuthenticated()) {
console.log('you good')
next();
}else {
console.log('you bad!!!!')
res.redirect('/login')
}
}
app.listen(9000, () => {
console.log('starting server');
db.sequelize.sync();
})
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment