-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathauthentication.js
97 lines (78 loc) · 2.31 KB
/
authentication.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
const LocalStrategy = require("passport-local").Strategy;
const bcrypt = require("bcrypt");
const router = require("express").Router();
const User = require("./user.js");
const saltRounds = 10;
function configurePassport(passport, database) {
// configure session persistence
passport.serializeUser(function (user, done) {
done(null, user.id);
});
passport.deserializeUser(function (id, done) {
done(null, database.getById(id));
});
// strategies for login and register
passport.use("login", new LocalStrategy({passReqToCallback: true}, function (req, username, password, done) {
if (req.user) {
// already signed in
return done(null, req.user);
}
var user = database.getByUsername(username);
if (!user) {
// user does not exist
return done(null, false, req.flash("error", "Invalid username or password!"));
}
bcrypt.compare(password, user.password, function (err, res) {
if (err) {
return done(err);
}
if (!res) {
// password is incorrect
return done(null, false, req.flash("error", "Invalid username or password!"));
}
// valid auth
return done(null, user);
});
}));
router.post("/login",
passport.authenticate("login", {
successRedirect: "/",
failureRedirect: "/login",
badRequestMessage: "Invalid username or password!",
failureFlash: true
})
);
router.post("/register", function (req, res) {
var username = req.body.username;
var password = req.body.password;
var email = req.body.email;
if (req.user) {
// already signed in
res.redirect("/");
return;
}
// check if inputs are undefined
if (!username || !password || !email) {
res.redirect("/register");
return;
}
// check if username already exists
if (database.getByUsername(username)) {
console.log("username taken:" + username);
res.redirect("/register");
return;
}
bcrypt.hash(password, saltRounds, function (err, hash) {
var user = new User(database.getNextId(), username, hash, email);
if (err) {
throw err;
}
console.log("registered");
// registered
database.add(user);
res.redirect("/login");
});
});
return router;
}
module.exports = configurePassport;