I am wondering how to implement the logout function in nodejs using express and express section, the code I wrote is following:
app.get('/logout',function(req, res){
req.session.destroy(function(){
res.redirect('/');
});
});
However, when multiple user login, if one of the user logout, everyone else that login will be log out. Can anyone please tell me how to implement this correctly? thanks :)
NVM, I found out that the problem can be resolve by using the destroy(sid, fn) method in session-memory module
Related
I am have been struggling with this problem for days now. I change my code every now and then but nothing works so this time i deleted my code for passport.use (i couldn't use it in the right way i don't know how to do it) but left the router.post() to see if i get any errors and yes the same error that appeared while i have the passport config still shows so i guess it's from here the problem anyone can hep and tell me why im getting this error with and without the passport config (btw i use postgresql for database).
router.post('/login', passport.authenticate('local', {
failureRedirect: '/users/login',
},console.log("tessst"),),
function(req, res) {
console.log('Authentication successful');
res.redirect('/login');
});
is the problem with this part? what should i do?
You have to define and use a passport strategy with the name 'local' first. Only then you can use the strategy with the same name.
There is a passport strategy named passport-local which you can use.
Beginner NodeJs here.
I have created a registration and login page using nodejs and mysql.
It is just a basic setup wherein:
I have a form which submit to nodejs to register (will add a row in mysql database with email and password) and login/authenticate (which will just do a lookup in mysql and search for equivalent email and password).
I can register and login no problem.
The steps I followed are from here:
http://www.expertphp.in/article/user-login-and-registration-using-nodejs-and-mysql-with-example
I have also edited the code a little that if It login successfully, it will redirect to a page via this code..
if (password==results[0].password){
// res.json({
// status:true,
// message: 'successfully authenticated'
// });
var sample = req.body.email;
var newsample = sample.split('#')[0];
return res.redirect('/users/1/?username=' + newsample);
and I also have this route in my users.js
router.get('/1/*', function(req, res, next) {
var q = url.parse(req.url, true).query;
var txt = "Welcome" + q.username;
res.send(txt);
});
it works fine.
What I want to accomplish is that, I can only access the link
http://localhost:3000/users/1/?username=*
if I came from the login page and have authenticated.
Hope you can guide me on how to do about it or a hint on how it is done.
I have search but only found links which uses a different library or authentication which i find hard to understand. Pardon my being noob.
A working example would be very helpful for me.
Thank you.
I think you handle user authentication in a hard way, you can use passport.js it will help you a lot
but you can use the session to save what is necessary to check if the user is logged in like user id and check this session in a custom middleware
I finished my CRUD blog using nodejs + express.js but the only thing I need is everytime I go to 'post/:id/edit' or 'post/new' the browser ask for an admin user to continue with that request. This is to prevent that any user can create post in my blog.
How can I achieve that? I couldn't find anything about this. And I don't really need a CRUD for users because I will be the only one creating/editing post.
Thanks
As mentioned in the comment above, use passport.js to create the authentication part.
Once you do that, you will have to create a middleware to make sure the user have authorization do handle particular case. Since you are using Node.js and Express.js this part will be super easy.
Suppose user wants to create a post
router.get('/post/create',authenticate.ensureUser, function (req,
res) {}
authenticate.ensureUser: is middleware. Which will look like this :
> ensureUser: function(req,res,next){
> if(req.isAuthenticated()){
> return next() ;
> }else{
> req.flash('danger','Please login.');
> res.redirect('/login');
> }
> },
I am currently using node.js, express, and mongodb for an instagram app. I have found that many times I would like to know whether or not a user is already logged into instagram (be it through my app via the instagram-node authentication or through instagram's actual website).
Is there an easy way to do this?
I ended up using passport to solve this problem. Passport conveniently takes care of handling instagram authorization and they even include an example app to see how it all works. https://github.com/jaredhanson/passport-instagram/blob/master/examples/login/app.js
function ensureAuthenticated(req, res, next) {
if (req.isAuthenticated()) { return next(); }
res.redirect('/login')
}
Is especially useful since it can be placed at the top of your routing file and all the routes underneath it will first check to see if the user is authenticated.
Using express.js and everyauth with mongoose-auth, how can I create an external authentication route for an API I'm creating? I want to do this to authenticate a native iOS app against the user records in my MongoDB.
So for example, here's some semi-faux code:
app.post('/api/auth', function(req, res){
if(everyauth.authenticate(req.username, req.password)){
res.json({success:true});
}
});
So my question is, How do I utilize everyauth/mongoose-auth's authentication from outside of everyauth's typical methods and views?
Answering my own question after doing some more digging.
The following seems to work for my needs. It returns the user record if the authentication is successful. I'm just responding with a basic success true/false message for testing purposes. This assumes that User is the model that you used for mongoose-auth.
User.authenticate(req.body.email, req.body.password, function(err, userdoc){
if (userdoc){
res.json({success:true});
}
else {
res.json({success:false});
}
});