scq000 · May 18, 2017 06:26 · Jan 11, 2012 · Jan 9, 2012 · Jan 9, 2012 · Jan 9, 2012
diff --git a/app.js b/app.js
@@ -8,6 +8,7 @@ function checkAuth (req, res, next) {
 	console.log('checkAuth ' + req.url);
 
 	// don't serve /secure to those not logged in
+	// you should add to this list, for each and every secure url
 	if (req.url === '/secure' && (!req.session || !req.session.authenticated)) {
 		res.render('unauthorised', { status: 403 });
 		return;

diff --git a/lib/routes.js b/lib/routes.js
@@ -14,4 +14,26 @@ module.exports = function (app) {
 		res.render('secure');
 	});
 
+	app.get('/login', function (req, res, next) {
+		res.render('login', { flash: req.flash() } );
+	});
+
+	app.post('/login', function (req, res, next) {
+
+		// you might like to do a database look-up or something more scalable here
+		if (req.body.username && req.body.username === 'user' && req.body.password && req.body.password === 'pass') {
+			req.session.authenticated = true;
+			res.redirect('/secure');
+		} else {
+			req.flash('error', 'Username and password are incorrect');
+			res.redirect('/login');
+		}
+
+	});
+
+	app.get('/logout', function (req, res, next) {
+		delete req.session.authenticated;
+		res.redirect('/');
+	});
+
 };
diff --git a/views/index.jade b/views/index.jade
@@ -4,3 +4,8 @@ html(lang='en')
 		title Express authentication example
 	body
 		h1 Express authentication example
+		p Navigate to
+			ul
+				li: a(href="/secure") Secure content
+				li: a(href="/welcome") Welcome page
+				li: a(href="/logout") Logout
diff --git a/views/login.jade b/views/login.jade
@@ -0,0 +1,17 @@
+!!! 5
+html(lang='en')
+	head
+		title Express authentication example
+	body
+		h1 Sign-in to this Express authentication example
+		p Use <i>user</i> for the username and <i>pass</i> for the password.
+		form(method='post')
+			p
+				label(for='username') Username
+				input(type='text', name='username')
+			p
+				label(for='password') Password
+				input(type='password', name='password')
+			input(type='submit')
+		- each message in flash
+			h4(style="color: red;") #{message}
diff --git a/views/secure.jade b/views/secure.jade
@@ -4,3 +4,8 @@ html(lang='en')
 		title Express authentication example
 	body
 		h1 Hi, secure user.
+		p Navigate to
+			ul
+				li: a(href="/secure") Secure content
+				li: a(href="/welcome") Welcome page
+				li: a(href="/logout") Logout
diff --git a/views/unauthorised.jade b/views/unauthorised.jade
@@ -3,5 +3,6 @@ html(lang='en')
 	head
 		title Express authentication example
 	body
-		h1 You're unathorised to view this page.
-		p Please login to continue
+		h1 Unathorised
+		p You're unathorised to view this page.
+		p Please <a href="/login">login</a> to continue
diff --git a/app.js b/app.js
@@ -4,9 +4,31 @@ var port = 8999;
 
 var app = express.createServer();
 
-app.get('/', function (req, res, next) {
-	res.send('Welcome');
+function checkAuth (req, res, next) {
+	console.log('checkAuth ' + req.url);
+
+	// don't serve /secure to those not logged in
+	if (req.url === '/secure' && (!req.session || !req.session.authenticated)) {
+		res.render('unauthorised', { status: 403 });
+		return;
+	}
+
+	next();
+}
+
+app.configure(function () {
+
+	app.use(express.cookieParser());
+	app.use(express.session({ secret: 'example' }));
+	app.use(express.bodyParser());
+	app.use(checkAuth);
+	app.use(app.router);
+	app.set('view engine', 'jade');
+	app.set('view options', { layout: false });
+
 });
 
+require('./lib/routes.js')(app);
+
 app.listen(port);
 console.log('Node listening on port %s', port);
diff --git a/lib/routes.js b/lib/routes.js
@@ -0,0 +1,17 @@
+var util = require('util');
+
+module.exports = function (app) {
+
+	app.get('/', function (req, res, next) {
+		res.render('index');
+	}); 
+
+	app.get('/welcome', function (req, res, next) {
+		res.render('welcome');
+	});
+
+	app.get('/secure', function (req, res, next) {
+		res.render('secure');
+	});
+
+};
diff --git a/package.json b/package.json
@@ -15,7 +15,8 @@
     "node": "~0.4.12"
   },
   "dependencies": {
-	"express": "2.2.x"
+	"express": "2.2.x",
+	"jade": "0.20.x"
   },
   "devDependencies": {}
 }
diff --git a/views/index.jade b/views/index.jade
@@ -0,0 +1,6 @@
+!!! 5
+html(lang='en')
+	head
+		title Express authentication example
+	body
+		h1 Express authentication example
diff --git a/views/secure.jade b/views/secure.jade
@@ -0,0 +1,6 @@
+!!! 5
+html(lang='en')
+	head
+		title Express authentication example
+	body
+		h1 Hi, secure user.
diff --git a/views/unauthorised.jade b/views/unauthorised.jade
@@ -0,0 +1,7 @@
+!!! 5
+html(lang='en')
+	head
+		title Express authentication example
+	body
+		h1 You're unathorised to view this page.
+		p Please login to continue
diff --git a/views/welcome.jade b/views/welcome.jade
@@ -0,0 +1,6 @@
+!!! 5
+html(lang='en')
+	head
+		title Express authentication example
+	body
+		h1 Welcome 
diff --git a/.gitignore b/.gitignore
@@ -0,0 +1,2 @@
+node_modules
+*.swp
diff --git a/app.js b/app.js
@@ -5,9 +5,8 @@ var port = 8999;
 var app = express.createServer();
 
 app.get('/', function (req, res, next) {
-
-res.send('Welcome');
-
+	res.send('Welcome');
 });
 
-app.listen(port);
+app.listen(port);
+console.log('Node listening on port %s', port);
diff --git a/package.json b/package.json
@@ -0,0 +1,21 @@
+{
+  "author": "Scott Mebberson (http://www.scottmebberson.com/)",
+  "name": "gist-expressauthentication",
+  "description": "Simple Express authentication example",
+  "version": "0.0.0",
+  "homepage": "https://gist.github.com/1581536",
+  "repository": {
+    "type": "git",
+    "url": "[email protected]:1581536.git"
+  },
+  "scripts": {
+	"start": "node app.js"
+  },
+  "engines": {
+    "node": "~0.4.12"
+  },
+  "dependencies": {
+	"express": "2.2.x"
+  },
+  "devDependencies": {}
+}
diff --git a/app.js b/app.js
@@ -0,0 +1,13 @@
+var express = require('express');
+
+var port = 8999;
+
+var app = express.createServer();
+
+app.get('/', function (req, res, next) {
+
+res.send('Welcome');
+
+});
+
+app.listen(port);
No results found