https://github.com/sarpongabasimi/rest-api-with-express

This is a mini project to learn how to user Passport.js. Passport is Express-compatible authentication middleware for Node.js. Its sole purpose is to authenticate requests, which it does through an extensible set of plugins known as strategies.
https://github.com/sarpongabasimi/rest-api-with-express

Last synced: 28 days ago
JSON representation

This is a mini project to learn how to user Passport.js. Passport is Express-compatible authentication middleware for Node.js. Its sole purpose is to authenticate requests, which it does through an extensible set of plugins known as strategies.

• Host: GitHub
• URL: https://github.com/sarpongabasimi/rest-api-with-express
• Owner: SarpongAbasimi
• Created: 2019-05-07T22:50:53.000Z (over 5 years ago)
• Default Branch: master
• Last Pushed: 2022-12-30T17:37:12.000Z (about 2 years ago)
• Last Synced: 2023-03-07T22:39:07.564Z (almost 2 years ago)
• Language: JavaScript
• Homepage:
• Size: 5.5 MB
• Stars: 0
• Watchers: 0
• Forks: 0
• Open Issues: 5
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

        


Building Restful API with Node & Express.





To Use application.



- ``Fork`` and ``clone this repo``.

- In your terminal cd into ``Express``.

- To run ``feature test`` type ``npm test``.

- To run application type ``npm dev run ``.



File Structure.







What App Can Curretly Do.



- A user can register at ``localhost:3000/registration/signup``.

- When there is an error during registration, the app is able to tell the user the errors.

> This is possible because of express validators.



- The application tells ``users`` when their registration email is ``taken``.





Update



> 17th May 2019 ( Used passportjs Local strategy to handle user Login ).

- ``npm install passport-local``.

- Inside app.js ``passport = require('passport')``.

- Add  this ``app.use(passport.initialize())`` & ``app.use(passport.session())``.

- You will need to ``require('./config/passportSetup')(passport)`` if you setup passport in a config folder.

```javascript

var passport = require('passport')

  , LocalStrategy = require('passport-local').Strategy;

 passport.use(new LocalStrategy(

  function(username, password, done) {

    User.findOne({ username: username }, function (err, user) {

      if (err) { return done(err); }

      if (!user) {

        return done(null, false, { message: 'Incorrect username.' });

      }

      if (!user.validPassword(password)) {

        return done(null, false, { message: 'Incorrect password.' });

      }

      return done(null, user);

    });

  }

));

```

- Running the code at the point will cause this error ``Error: failed to serialize user into session``.

- To avoid the error make sure to add this code.

```javascript

var passport = require('passport')

  , LocalStrategy = require('passport-local').Strategy;

 passport.use(new LocalStrategy(

  function(username, password, done) {

    User.findOne({ username: username }, function (err, user) {

      if (err) { return done(err); }

      if (!user) {

        return done(null, false, { message: 'Incorrect username.' });

      }

      if (!user.validPassword(password)) {

        return done(null, false, { message: 'Incorrect password.' });

      }

      return done(null, user);

    });

  }

  passport.serializeUser(function(user, done) {

    done(null, user.id);

  });

  

  passport.deserializeUser(function(id, done) {

    User.findById(id, function(err, user) {

      done(err, user);

    });

  });

));

```

- what does ``passport.serializeUser`` and ``passport.deserializeUser`` actually do ?

```

serializeUser determines which data of the user object should be stored in the session.

The result of the serializeUser method is attached to the session as req.session.passport.user = {}.

deserializeUser corresponds to the key of the user object that was given to the done function.

So that the whole object is retrieved with help of that key.

In my application the key is the user id.

```

- When a user tries to login in to the application, the user submits a post request to ``\registration\login``.

- We need to allow ``passportjs`` to handle this process.

- To do this add this to the ``post route``.

```javascript

exports.postLogin = (req, res, next)=> {

  passport.authenticate('local',{

    successRedirect: '/dashbord',

    failureRedirect: '/registration/login'

  })(req, res, next);

};

```

- Note

- To find out if ``login`` worked, you can ``console.log`` the user being returned.

- This is what I get.



> 22nd May 2019 ( Used passportjs Local strategy to handle user access restriction ).

- Added the ability to not allow users to access certain endpoints if not logged in.



To Do



- Add the ability for users to log in.(Done)

- Render ``error`` messages using flash if error occurs during login.

- Make the ability for a user to ``log out``.

- Restrict users form goind to certain endpoints of the app if they have not logged in.(Done)

> This will be done using Passport.js