Using `passport.js` for login system.

6 files changed, 83 insertions, 11 deletions

diff --git a/config/passport.js b/config/passport.js
new file mode 100644
index 0000000..c4368cb
--- /dev/null
+++ b/config/passport.js
@@ -0,0 +1,33 @@
+const passport = require('passport');
+const LocalStrategy = require('passport-local').Strategy;
+const bcrypt = require('bcryptjs');
+
+const User = require('../models/user');
+
+const strategyCallback = (email, password, done) => {
+  // Try to find user
+  User.findOne({email}, (err, user) => {
+    // Database error
+    if (err)
+      return done(err);
+
+    // No user found
+    if (!user)
+      return done(null, false);
+
+    // Wrong password
+    if (!bcrypt.compareSync(password, user.password))
+      return done(null, false);
+
+    // Successful login
+    return done(null, user);
+  })
+};
+
+passport.use(new LocalStrategy({usernameField: 'email'}, strategyCallback));
+
+passport.serializeUser((user, done) => done(null, user._id));
+
+passport.deserializeUser((id, done) => {
+  User.findById(id, (err, user) => done(err, user));
+});
diff --git a/controllers/user.js b/controllers/user.js
index 980fc12..3f7b4a1 100644
--- a/controllers/user.js
+++ b/controllers/user.js
@@ -22,12 +22,8 @@ module.exports = {
     }
   },
 
-  login(req, res) {
-    console.log(req.body);
-    res.redirect('/login');
-  },
-
   logout(req, res) {
+    req.logout();
     res.redirect('/');
   },
 
diff --git a/index.js b/index.js
index a49a176..743a85e 100644
--- a/index.js
+++ b/index.js
@@ -4,6 +4,7 @@ const mongoose = require('mongoose');
 const session = require('express-session');
 const MongoSessionStore = require('connect-mongo');
 const flash = require('connect-flash');
+const passport = require('passport');
 require('dotenv').config();
 
 const webRoutes = require('./routes/web');
@@ -37,6 +38,10 @@ app.use(express.static('public'));
 
 app.use(express.urlencoded({extended: false}));
 
+require('./config/passport');
+app.use(passport.initialize());
+app.use(passport.session());
+
 app.use('/', webRoutes);
 
 app.listen(process.env.PORT, () => console.log(`Server started on port ${process.env.PORT}.`));
diff --git a/package-lock.json b/package-lock.json
index e0c9b29..63ce440 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1226,6 +1226,28 @@
       "resolved": "https://registry.npmjs.org/parseurl/-/parseurl-1.3.3.tgz",
       "integrity": "sha512-CiyeOxFT/JZyN5m0z9PfXw4SCBJ6Sygz1Dpl0wqjlhDEGGBP1GnsUVEL0p63hoG1fcj3fHynXi9NYO4nWOL+qQ=="
     },
+    "passport": {
+      "version": "0.4.1",
+      "resolved": "https://registry.npmjs.org/passport/-/passport-0.4.1.tgz",
+      "integrity": "sha512-IxXgZZs8d7uFSt3eqNjM9NQ3g3uQCW5avD8mRNoXV99Yig50vjuaez6dQK2qC0kVWPRTujxY0dWgGfT09adjYg==",
+      "requires": {
+        "passport-strategy": "1.x.x",
+        "pause": "0.0.1"
+      }
+    },
+    "passport-local": {
+      "version": "1.0.0",
+      "resolved": "https://registry.npmjs.org/passport-local/-/passport-local-1.0.0.tgz",
+      "integrity": "sha1-H+YyaMkudWBmJkN+O5BmYsFbpu4=",
+      "requires": {
+        "passport-strategy": "1.x.x"
+      }
+    },
+    "passport-strategy": {
+      "version": "1.0.0",
+      "resolved": "https://registry.npmjs.org/passport-strategy/-/passport-strategy-1.0.0.tgz",
+      "integrity": "sha1-tVOaqPwiWj0a0XlHbd8ja0QPUuQ="
+    },
     "path-is-absolute": {
       "version": "1.0.1",
       "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz",
@@ -1236,6 +1258,11 @@
       "resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-0.1.7.tgz",
       "integrity": "sha1-32BBeABfUi8V60SQ5yR6G/qmf4w="
     },
+    "pause": {
+      "version": "0.0.1",
+      "resolved": "https://registry.npmjs.org/pause/-/pause-0.0.1.tgz",
+      "integrity": "sha1-HUCLP9t2kjuVQ9lvtMnf1TXZy10="
+    },
     "picomatch": {
       "version": "2.2.3",
       "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.2.3.tgz",
diff --git a/package.json b/package.json
index 9a9ea45..69b6f84 100644
--- a/package.json
+++ b/package.json
@@ -17,7 +17,9 @@
     "express": "^4.17.1",
     "express-handlebars": "^5.3.0",
     "express-session": "^1.17.1",
-    "mongoose": "^5.12.7"
+    "mongoose": "^5.12.7",
+    "passport": "^0.4.1",
+    "passport-local": "^1.0.0"
   },
   "devDependencies": {
     "nodemon": "^2.0.7"
diff --git a/routes/web.js b/routes/web.js
index 8960bb3..b6a85fe 100644
--- a/routes/web.js
+++ b/routes/web.js
@@ -1,19 +1,28 @@
 const express = require('express');
+const passport = require('passport');
 const router = express.Router();
+
 const postController = require('../controllers/post');
 const userController = require('../controllers/user');
 
+const isAuth = (req, res, next) => {
+  if (req.isAuthenticated()) next();
+  else res.redirect('/login');
+};
+
 router.get('/', postController.index);
-router.get('/new-post', postController.create);
-router.post('/new-post', postController.store);
-router.get('/remove-post/:id', postController.destroy);
+router.get('/new-post', isAuth, postController.create);
+router.post('/new-post', isAuth, postController.store);
+router.get('/remove-post/:id', isAuth, postController.destroy);
 
 router.get('/register', userController.registerView);
 router.get('/login', userController.loginView);
 
 router.post('/register', userController.register);
-router.post('/login', userController.login);
-
+router.post('/login', passport.authenticate('local', {
+  failureRedirect: '/login',
+  successRedirect: '/new-post'
+}));
 router.get('/logout', userController.logout);
 
 module.exports = router;