Skip to content

Instantly share code, notes, and snippets.

@simon1400

simon1400/authorization_node.js

Created March 22, 2017 00:22
Show Gist options
  • Save simon1400/e58a284515917247ffe1cf5866be3ace to your computer and use it in GitHub Desktop.
Save simon1400/e58a284515917247ffe1cf5866be3ace to your computer and use it in GitHub Desktop.
Download ZIP
Desctiption strategy passport and using. Passport is authentication middleware for Node.
Raw
authorization_node.js
var mongoose = require('mongoose');
var User = mongoose.model('User');
var LocalStrategy = require('passport-local').Strategy;
var bCrypt = require('bcrypt-nodejs');
var express = require('express');
var router = express.Router();
module.exports = function(passport){
// Passport musi mit moznost serializovat a deserializovat uzivatelu
passport.serializeUser(function(user, done) {
console.log('serializing user:', user.username);
done(null, user._id);
});
passport.deserializeUser(function(id, done) {
User.findById(id, function(err, user) {
console.log('deserializing user:', user.username);
done(err, user);
});
});
passport.use('login', new LocalStrategy({
passReqToCallback: true
},function(req, username, password, done){
//kontrolujeme v mongo, pokud existuje user s takovym jmenem
User.findOne({'username':username}, function(err, user) {
//V pripade chyby se vraci pres metodu done
if(err){
return done(err);
}
if(!user) {
console.log('User Not Found with username ' + username);
return done(null, false);
}
//user existuje, ale zadano spatne heslo
if(!isValidPassword(user, password)){
console.log('Invalid Password');
return done(null, false); //presmerovan spet na prihlasovaci stranku
}
// jmeno usera a heslo spravni, vrati usera pomoci metody done
// to bude povazovat za uspech
return done(null, user);
}
);
}));
passport.use('signup', new LocalStrategy({
passReqToCallback: true //dovoluje predat request v callback
},function(req, username, password, done, email, role){
//najdeme uzivatele v mongo
User.findOne({'username':username}, function(err, user) {
//chybu vrtaime pomoci funkce done
if(err){
console.log('Error in SignUp: ' + err);
return done(err);
}
//uz existuje
if (user) {
console.log('User already exists with username: ' + username);
return done(null, false);
}else{
//jestli uzivatel neni vytvorime ho
var newUser = new User();
//defenujeme uzivatelska data
newUser.username = username;
newUser.password = createHash(password);
newUser.email = req.body.email;
newUser.role = req.body.role;
// ulozime uzivatele
newUser.save(function(err) {
if(err){
console.log('Error in Saving user: ' + err);
throw err;
}
console.log(newUser.username + ' Registration succesful');
return done(null, newUser);
});
};
});
}));
var isValidPassword = function(user, password){
return bCrypt.compareSync(password, user.password);
};
// Generovat hash s použitím bCrypt
var createHash = function(password) {
return bCrypt.hashSync(password, bCrypt.genSaltSync(10), null);
};
};
/////////////////////////////////////////////////////////////////////////////////////////////////////////////////
module.exports = function(passport) {
//posleme stav uspesneho prihlaseni spatky
router.get('/success', function(req, res) {
res.send({state: 'success', user: req.user ? req.user: null});
});
//posleme stav neuspesneho prihlaseni
router.get('/failure', function (req, res){
res.send({state: 'failure', user: null, message: "Invalid username or password"});
});
//login user
router.post('/login', passport.authenticate('login', {
successRedirect: '/auth/success',
failureRedirect: '/auth/failure'
}));
//Signing-up new user
router.post('/signup', passport.authenticate('signup', {
successRedirect: '/auth/success',
failureRedirect: '/auth/failure'
}));
//Singin-out user
router.get('/signout', function(req, res) {
req.session.user = null;
req.logout();
res.redirect('/');
});
return router;
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment