auth-local

.gitignore

@@ -1,2 +1,5 @@
 node_modules
-.vscode/*
+.env
+config/.env
+.vscode
+.history

controllers/auth.js

@@ -15,6 +15,7 @@ const User = require('../models/User')
     const validationErrors = []
     if (!validator.isEmail(req.body.email)) validationErrors.push({ msg: 'Please enter a valid email address.' })
     if (validator.isEmpty(req.body.password)) validationErrors.push({ msg: 'Password cannot be blank.' })
+    // if (validator.isEmpty(req.body.qAnswer)) validationErrors.push({ msg: 'Security answer cannot be blank.' })--- Wrong section, maybe used for secQ sign-in
 
     if (validationErrors.length) {
       req.flash('errors', validationErrors)
@@ -36,15 +37,17 @@ const User = require('../models/User')
     })(req, res, next)
   }
 
-  exports.logout = (req, res) => {
-    req.logout(() => {
-      console.log('User has logged out.')
-    })
-    req.session.destroy((err) => {
-      if (err) console.log('Error : Failed to destroy the session during logout.', err)
-      req.user = null
-      res.redirect('/')
+  exports.logout = (req, res, next) => {
+    // req.logout() --- Passport update, this is now async
+    req.logout(function(err) {
+      if (err) { return next(err); }
+      res.redirect('/') //--- causes error later with the session destroy
     })
+    // req.session.destroy((err) => {
+    //   if (err) console.log('Error : Failed to destroy the session during logout.', err)
+    //   req.user = null
+    //   res.redirect('/')
+    // })
   }
 
   exports.getSignup = (req, res) => {
@@ -61,6 +64,8 @@ const User = require('../models/User')
     if (!validator.isEmail(req.body.email)) validationErrors.push({ msg: 'Please enter a valid email address.' })
     if (!validator.isLength(req.body.password, { min: 8 })) validationErrors.push({ msg: 'Password must be at least 8 characters long' })
     if (req.body.password !== req.body.confirmPassword) validationErrors.push({ msg: 'Passwords do not match' })
+    // if (validator.isEmpty(req.body.secQuestion)) validationErrors.push({ msg: 'Must select a security question.' })
+    // if (validator.isEmpty(req.body.qAnswer)) validationErrors.push({ msg: 'Security answer cannot be blank.' })
 
     if (validationErrors.length) {
       req.flash('errors', validationErrors)
@@ -69,9 +74,13 @@ const User = require('../models/User')
     req.body.email = validator.normalizeEmail(req.body.email, { gmail_remove_dots: false })
 
     const user = new User({
+      // firstName: req.body.firstName,
+      // lastName: req.body.lastName,
       userName: req.body.userName,
       email: req.body.email,
-      password: req.body.password
+      password: req.body.password,
+      // secQuestion: req.body.secQuestion,
+      // qAnswer: req.body.qAnswer
     })
 
     User.findOne({$or: [

controllers/todos.js

@@ -51,5 +51,30 @@ module.exports = {
         }catch(err){
             console.log(err)
         }
+    },
+
+    editTodo: async(req, res) => {
+        try {
+            let todoId = req.params.id
+            let todoById = await Todo.findById({_id: todoId})
+            res.render('editTodo.ejs', {title: 'Todo Manager', todoById})
+            console.log(todoById)
+        } catch (error) {
+            console.log(error)
+        }
+    },
+
+    editTodoOnPost: async(req,res) =>{
+        try {
+            req.body.user = req.body._id
+            let todoId = req.params.id
+            let todoById = await Todo.findByIdAndUpdate({_id: todoId}, {$set: {
+                todo: req.body.todo
+            }})
+            res.redirect('/todos')
+            console.log(todoById)
+        } catch (error) {
+            res.status(500).send({message:error.message || 'error occurred'})
+        }
     }
 }    

middleware/auth.js

@@ -5,6 +5,13 @@ module.exports = {
       } else {
         res.redirect('/')
       }
-    }
+    },
+    ensureGuest: function (req, res, next) {
+      if (!req.isAuthenticated()) {
+        return next()
+      } else {
+        res.redirect('/dashboard')
+      }
+    },
   }
 

models/User.js

@@ -1,10 +1,19 @@
 const bcrypt = require('bcrypt')
 const mongoose = require('mongoose')
 
+// const UserSchema = new mongoose.Schema({
+//   userName: { type: String, unique: true },
+//   email: { type: String, unique: true },
+//   password: String
+// })
 const UserSchema = new mongoose.Schema({
+  // firstName: { type: String, unique: true },
+  // lastName: { type: String, unique: true },
   userName: { type: String, unique: true },
   email: { type: String, unique: true },
-  password: String
+  password: String,
+  // secQuestion: { type: String },
+  // qAnswer: {type: String}
 })
 
 
@@ -23,6 +32,21 @@ const UserSchema = new mongoose.Schema({
   })
 })
 
+// Attempt at sec pass hash
+
+UserSchema.pre('save', function save(next) {
+  const user = this
+  if (!user.isModified('qAnswer')) { return next() }
+  bcrypt.genSalt(10, (err, salt) => {
+    if (err) { return next(err) }
+    bcrypt.hash(user.qAnswer, salt, (err, hash) => {
+      if (err) { return next(err) }
+      user.qAnswer = hash
+      next()
+    })
+  })
+})
+
 
 // Helper method for validating user's password.
 

package.json

@@ -1,7 +1,7 @@
 {
   "name": "todo-mvc-auth-local",
   "version": "1.0.0",
-  "description": "",
+  "description": "A Simple ToDo App is built using the MVC Architecture, we have also implemented \"authorization\" so folx can sign up, customize & personalize the app",
   "main": "server.js",
   "scripts": {
     "start": "nodemon server.js",
@@ -24,5 +24,14 @@
     "passport": "^0.6.0",
     "passport-local": "^1.0.0",
     "validator": "^13.6.0"
-  }
+  },
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/April-Yuen/todoAuth.git"
+  },
+  "bugs": {
+    "url": "https://github.com/April-Yuen/todoAuth/issues"
+  },
+  "homepage": "https://github.com/April-Yuen/todoAuth#readme",
+  "devDependencies": {}
 }