Archived
1
0
Fork 0

Setup login/logout system

This commit is contained in:
Ethanell 2020-05-30 23:01:50 +02:00
parent bad1e38760
commit 1385f6659e
15 changed files with 127 additions and 47 deletions

20
app.js
View file

@ -1,8 +1,10 @@
const createError = require("http-errors"); const createError = require("http-errors");
const express = require("express"); const express = require("express");
const path = require("path"); const path = require("path");
const session = require("express-session");
const cookieParser = require("cookie-parser"); const cookieParser = require("cookie-parser");
const logger = require("morgan"); const logger = require("morgan");
const config = require("./config/config.json");
const indexRouter = require("./routes/index"); const indexRouter = require("./routes/index");
const loginRouter = require("./routes/login") const loginRouter = require("./routes/login")
@ -13,6 +15,18 @@ const serviceRouter = require("./routes/service")
const stocksRouter = require("./routes/stocks") const stocksRouter = require("./routes/stocks")
const app = express(); const app = express();
const sess = {
key: "userSId",
secret: config.secret,
resave: false,
saveUninitialized: false,
cookie: {}
}
if (app.get("env") === "production") {
app.set("trust proxy", 1);
sess.cookie.secure = true;
}
// view engine setup // view engine setup
app.set("views", path.join(__dirname, "views")); app.set("views", path.join(__dirname, "views"));
@ -22,7 +36,13 @@ app.use(logger("dev"));
app.use(express.json()); app.use(express.json());
app.use(express.urlencoded({ extended: false })); app.use(express.urlencoded({ extended: false }));
app.use(cookieParser()); app.use(cookieParser());
app.use(session(sess));
app.use(express.static(path.join(__dirname, "public"))); app.use(express.static(path.join(__dirname, "public")));
app.use((req, res, next) => {
if (req.cookies.userSId && !req.session.user)
res.clearCookie("userSId");
next();
});
app.use("/", indexRouter); app.use("/", indexRouter);
app.use("/login", loginRouter); app.use("/login", loginRouter);

View file

@ -1,26 +1,11 @@
{ {
"development": { "secret": "keyboard cat",
"database": {
"username": "root", "username": "root",
"password": null, "password": null,
"database": "database_development", "database": "database_development",
"host": "127.0.0.1", "host": "127.0.0.1",
"dialect": "mysql", "dialect": "mysql",
"operatorsAliases": false "operatorsAliases": false
},
"test": {
"username": "root",
"password": null,
"database": "database_test",
"host": "127.0.0.1",
"dialect": "mysql",
"operatorsAliases": false
},
"production": {
"username": "root",
"password": null,
"database": "database_production",
"host": "127.0.0.1",
"dialect": "mysql",
"operatorsAliases": false
} }
} }

View file

@ -4,8 +4,7 @@ const fs = require("fs");
const path = require("path"); const path = require("path");
const Sequelize = require("sequelize"); const Sequelize = require("sequelize");
const basename = path.basename(__filename); const basename = path.basename(__filename);
const env = process.env.NODE_ENV || "development"; const config = require(__dirname + "/../config/config.json").database;
const config = require(__dirname + "/../config/config.json")[env];
const db = {}; const db = {};
let sequelize; let sequelize;

View file

@ -10,7 +10,7 @@ module.exports = (sequelize, DataTypes) => {
type: DataTypes.STRING, type: DataTypes.STRING,
set(value) { set(value) {
if (value) if (value)
this.setDataValue("passwordHash", require("crypto").createHash("sha256").update(this.username + value).digest("utf-8")); this.setDataValue("passwordHash", require("crypto").createHash("sha256").update(this.username + value).digest("base64"));
} }
}, },
firstName: { firstName: {

40
package-lock.json generated
View file

@ -663,6 +663,33 @@
} }
} }
}, },
"express-session": {
"version": "1.17.1",
"resolved": "https://registry.npmjs.org/express-session/-/express-session-1.17.1.tgz",
"integrity": "sha512-UbHwgqjxQZJiWRTMyhvWGvjBQduGCSBDhhZXYenziMFjxst5rMV+aJZ6hKPHZnPyHGsrqRICxtX8jtEbm/z36Q==",
"requires": {
"cookie": "0.4.0",
"cookie-signature": "1.0.6",
"debug": "2.6.9",
"depd": "~2.0.0",
"on-headers": "~1.0.2",
"parseurl": "~1.3.3",
"safe-buffer": "5.2.0",
"uid-safe": "~2.1.5"
},
"dependencies": {
"depd": {
"version": "2.0.0",
"resolved": "https://registry.npmjs.org/depd/-/depd-2.0.0.tgz",
"integrity": "sha512-g7nH6P6dyDioJogAAGprGpCtVImJhpPk/roCzdb3fIh61/s/nPsfR6onyMwkCAR/OlC3yBC0lESvUoQEAssIrw=="
},
"safe-buffer": {
"version": "5.2.0",
"resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.0.tgz",
"integrity": "sha512-fZEwUGbVl7kouZs1jCdMLdt95hdIv0ZeHg6L7qPeciMZhZ+/gdesW4wgTARkrFWEpspjEATAzUGPG8N2jJiwbg=="
}
}
},
"ext": { "ext": {
"version": "1.4.0", "version": "1.4.0",
"resolved": "https://registry.npmjs.org/ext/-/ext-1.4.0.tgz", "resolved": "https://registry.npmjs.org/ext/-/ext-1.4.0.tgz",
@ -1430,6 +1457,11 @@
"resolved": "https://registry.npmjs.org/qs/-/qs-6.5.2.tgz", "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.2.tgz",
"integrity": "sha512-N5ZAX4/LxJmF+7wN74pUD6qAh9/wnvdQcjq9TZjevvXzSUo7bfmw91saqMjzGS2xq91/odN2dW/WOl7qQHNDGA==" "integrity": "sha512-N5ZAX4/LxJmF+7wN74pUD6qAh9/wnvdQcjq9TZjevvXzSUo7bfmw91saqMjzGS2xq91/odN2dW/WOl7qQHNDGA=="
}, },
"random-bytes": {
"version": "1.0.0",
"resolved": "https://registry.npmjs.org/random-bytes/-/random-bytes-1.0.0.tgz",
"integrity": "sha1-T2ih3Arli9P7lYSMMDJNt11kNgs="
},
"range-parser": { "range-parser": {
"version": "1.2.1", "version": "1.2.1",
"resolved": "https://registry.npmjs.org/range-parser/-/range-parser-1.2.1.tgz", "resolved": "https://registry.npmjs.org/range-parser/-/range-parser-1.2.1.tgz",
@ -1878,6 +1910,14 @@
"integrity": "sha1-bgkk1r2mta/jSeOabWMoUKD4grc=", "integrity": "sha1-bgkk1r2mta/jSeOabWMoUKD4grc=",
"optional": true "optional": true
}, },
"uid-safe": {
"version": "2.1.5",
"resolved": "https://registry.npmjs.org/uid-safe/-/uid-safe-2.1.5.tgz",
"integrity": "sha512-KPHm4VL5dDXKz01UuEd88Df+KzynaohSL9fBh096KWAxSKZQDI2uBrVqtvRM4rwrIrRRKsdLNML/lnaaVSRioA==",
"requires": {
"random-bytes": "~1.0.0"
}
},
"umzug": { "umzug": {
"version": "2.3.0", "version": "2.3.0",
"resolved": "https://registry.npmjs.org/umzug/-/umzug-2.3.0.tgz", "resolved": "https://registry.npmjs.org/umzug/-/umzug-2.3.0.tgz",

View file

@ -9,6 +9,7 @@
"cookie-parser": "~1.4.4", "cookie-parser": "~1.4.4",
"debug": "~2.6.9", "debug": "~2.6.9",
"express": "~4.16.1", "express": "~4.16.1",
"express-session": "^1.17.1",
"http-errors": "~1.6.3", "http-errors": "~1.6.3",
"morgan": "~1.9.1", "morgan": "~1.9.1",
"pg": "^8.2.1", "pg": "^8.2.1",

View file

@ -1,8 +1,9 @@
const express = require("express"); const express = require("express");
const router = express.Router(); const router = express.Router();
const middleware = require("./middleware");
/* GET home page. */ /* GET home page. */
router.get("/", function(req, res) { router.get("/", middleware.sessionCheck, (req, res) => {
res.render("commands", { title: "Kfet - Commands" }); res.render("commands", { title: "Kfet - Commands" });
}); });

View file

@ -1,8 +1,9 @@
const express = require("express"); const express = require("express");
const router = express.Router(); const router = express.Router();
const middleware = require("./middleware");
/* GET home page. */ /* GET home page. */
router.get("/", function(req, res) { router.get("/", middleware.sessionCheck, (req, res) => {
res.render("index", { title: "Kfet" }); res.render("index", { title: "Kfet" });
}); });

View file

@ -1,8 +1,9 @@
const express = require("express"); const express = require("express");
const router = express.Router(); const router = express.Router();
const middleware = require("./middleware");
/* GET home page. */ /* GET home page. */
router.get("/", function(req, res) { router.get("/", middleware.sessionCheck, (req, res) => {
res.render("kitchen", { title: "Kfet - Kitchen" }); res.render("kitchen", { title: "Kfet - Kitchen" });
}); });

View file

@ -1,9 +1,26 @@
const express = require("express"); const express = require("express");
const router = express.Router(); const router = express.Router();
const models = require("../models");
/* GET home page. */ /* GET home page. */
router.get("/", function(req, res) { router.get("/", async (req, res) => {
if (req.session.user && req.cookies.userSId)
res.redirect("/")
else
res.render("login", { title: "Kfet - Login" }); res.render("login", { title: "Kfet - Login" });
}); })
.post("/", async (req, res) => {
if (!req.body.username || !req.body.password)
res.redirect("/login");
else {
let u = await models.User.findByPk(req.body.username);
if (!u || !u.passwordHash || require("crypto").createHash("sha256").update(u.username + req.body.password).digest("base64") !== u.passwordHash)
res.redirect("/login?err=true");
else {
req.session.user = u;
res.redirect("/");
}
}
});
module.exports = router; module.exports = router;

View file

@ -2,8 +2,12 @@ const express = require("express");
const router = express.Router(); const router = express.Router();
/* GET home page. */ /* GET home page. */
router.get("/", function(req, res) { router.get("/", (req, res) => {
res.send("Ok"); if (req.session.user && req.cookies.userSId) {
req.session.user = null;
res.clearCookie("userSId");
}
res.redirect("/login");
}); });
module.exports = router; module.exports = router;

8
routes/middleware.js Normal file
View file

@ -0,0 +1,8 @@
function sessionCheck(req, res, next) {
if (!req.session.user || !req.cookies.userSId)
res.redirect("/login");
else
next();
}
module.exports.sessionCheck = sessionCheck;

View file

@ -1,8 +1,9 @@
const express = require("express"); const express = require("express");
const router = express.Router(); const router = express.Router();
const middleware = require("./middleware");
/* GET home page. */ /* GET home page. */
router.get("/", function(req, res) { router.get("/", middleware.sessionCheck, (req, res) => {
res.render("service", { title: "Kfet - Service" }); res.render("service", { title: "Kfet - Service" });
}); });

View file

@ -1,8 +1,9 @@
const express = require("express"); const express = require("express");
const router = express.Router(); const router = express.Router();
const middleware = require("./middleware");
/* GET home page. */ /* GET home page. */
router.get("/", function(req, res) { router.get("/", middleware.sessionCheck, (req, res) => {
res.render("stocks", { title: "Kfet - Stocks" }); res.render("stocks", { title: "Kfet - Stocks" });
}); });

View file

@ -5,8 +5,9 @@ block content
div.container-contact2 div.container-contact2
div.wrap-contact2 div.wrap-contact2
span.contact2-form-title Login span.contact2-form-title Login
form(action="/login" method="POST")
div.wrap-input2.validate-input(data-validate="Username is required") div.wrap-input2.validate-input(data-validate="Username is required")
input.input2(type="text" name="name") input.input2(type="text" name="username")
span.focus-input2(data-placeholder="Username") span.focus-input2(data-placeholder="Username")
div.wrap-input2.validate-input(data-validate="Password invalid") div.wrap-input2.validate-input(data-validate="Password invalid")
input.input2(type="password" name="password") input.input2(type="password" name="password")