diff --git a/app.js b/app.js index 2ecc9f2220..27ead90f6c 100644 --- a/app.js +++ b/app.js @@ -14,7 +14,7 @@ const express = require('express'); const hbs = require('hbs'); const app = express(); - +const {sessionConfig, loggedUser} = require("./config/sessions.config"); // ℹ️ This function is getting exported from the config folder. It runs most middlewares require('./config')(app); @@ -24,6 +24,8 @@ const capitalized = string => string[0].toUpperCase() + string.slice(1).toLowerC app.locals.title = `${capitalized(projectName)}- Generated with Ironlauncher`; +app.use(sessionConfig); +app.use(loggedUser); // 👇 Start handling routes here const index = require('./routes/index'); app.use('/', index); diff --git a/config/sessions.config.js b/config/sessions.config.js new file mode 100644 index 0000000000..563ece69c7 --- /dev/null +++ b/config/sessions.config.js @@ -0,0 +1,45 @@ +const User = require("../models/User.model"); +const expressSession = require("express-session"); +const MongoStore = require("connect-mongo"); + +//Periodo de vida +const MAX_AGE = 7; +module.exports.sessionConfig = expressSession({ + //la clave que identifica con la cookie + secret: "super secret", + //Si quieres renocar la session y la coockiee + resave: false, + saveUninitialized: false, + cookie:{ + secure: false, + httpOnly: true, + //Aqui esta en milisegundos + maxAge: 4 * 3600 * 1000 * MAX_AGE, + }, + store: new MongoStore({ + mongoUrl: "mongodb://127.0.0.1:27017/lab-express-basic-auth", + //Aqui esta en segundos + ttl: 4 * 3600 * MAX_AGE, + }), +}); +module.exports.loggedUser = (req, res, next) =>{ + const userId = req.session.userId; + + if(userId){ + User.findById(userId) + .then((user)=>{ + console.log(user); + if (user) { + req.currentUser = user; + res.locals.currentUser = user; + console.log(user); + next(); + }else{ + next(); + } + }) + .catch((err)=>next(err)) + }else{ + next(); + } +} \ No newline at end of file diff --git a/controllers/misc.controller.js b/controllers/misc.controller.js new file mode 100644 index 0000000000..0f21aadc29 --- /dev/null +++ b/controllers/misc.controller.js @@ -0,0 +1,3 @@ +module.exports.getHome = (req, res, next) => { + res.render("index"); + } \ No newline at end of file diff --git a/controllers/user.controller.js b/controllers/user.controller.js new file mode 100644 index 0000000000..6bf427703b --- /dev/null +++ b/controllers/user.controller.js @@ -0,0 +1,57 @@ +const User = require("../models/User.model"); +module.exports.signUp = (req, res, next) => { + res.render("user/sign-up"); +}; +module.exports.doSignUp = (req, res, next) => { + User.create(req.body) + .then(() => { + res.render("user/login"); + }) + .catch((error) => { + res.render("user/sign-up", { errors: error.errors, user: req.body }); + }); +}; +module.exports.login = (req, res, next) => { + res.render("user/login"); +}; +module.exports.doLogin = (req, res, next) => { + //deconstrir el body + const { username, password } = req.body; + //crear una función de errores + const renderWithErrors = () => { + res.render("user/login", { + errors: { + message: "Email or password wrong", + }, + }); + }; + + //Ahora buscamos si existe el usuario por su email + User.findOne({ username: username }) + .then((user) => { + //si existe user será truty + if (user) { + return user.checkPassword(password).then((match) => { + if (match) { + //Aquí se pasa el id del usuario a la session + req.session.userId = user.id; + res.redirect("/user/profile"); + } else { + renderWithErrors(); + } + }); + } else { + renderWithErrors(); + } + }) + .catch((err) => { + next(err); + }); +}; +module.exports.userProfile = (req, res, next) => { + res.render("user/profile"); +}; +module.exports.logout = (req, res, next) => { + req.session.destroy(); + res.redirect("/login"); +}; diff --git a/middlewares/auth.middleware.js b/middlewares/auth.middleware.js new file mode 100644 index 0000000000..254557b4ac --- /dev/null +++ b/middlewares/auth.middleware.js @@ -0,0 +1,15 @@ +//isAuthenticated = si estas en sesión te daja pasar al siguiente middleware +module.exports.isAuthenticated = (req, res, next) => { + if (req.currentUser) { + next(); + } else { + res.redirect("/login"); + } +} +module.exports.isNotAuthenticated = (req, res, next) => { + if (!req.currentUser) { + next(); + } else{ + res.redirect("/user/profile"); + } +} \ No newline at end of file diff --git a/models/User.model.js b/models/User.model.js index 9cdd3a3ce4..207144db26 100644 --- a/models/User.model.js +++ b/models/User.model.js @@ -1,14 +1,38 @@ const { Schema, model } = require("mongoose"); +const bcrypt = require("bcrypt"); +const SALT_ROUNDS = 10; // TODO: Please make sure you edit the user model to whatever makes sense in this case const userSchema = new Schema({ username: { type: String, - unique: true + unique: true, + required: [true, "Username is required"], + }, + password: { + type: String, + required: [true, "Password is required"], }, - password: String }); +userSchema.pre("save", function (next) { + if (this.isModified("password")) { + bcrypt + .hash(this.password, SALT_ROUNDS) + .then((hash) => { + this.password = hash; + next(); + }) + .catch((error) => next(error)); + } else{ + next(); + } +}); + +userSchema.methods.checkPassword = function (paswwordToCheck) { + return bcrypt.compare(paswwordToCheck, this.password); +}; + const User = model("User", userSchema); module.exports = User; diff --git a/package.json b/package.json index 19489d9695..d86da07c94 100644 --- a/package.json +++ b/package.json @@ -7,9 +7,12 @@ "dev": "nodemon server.js" }, "dependencies": { + "bcrypt": "^5.1.1", + "connect-mongo": "^5.1.0", "cookie-parser": "^1.4.5", "dotenv": "^8.2.0", "express": "^4.17.1", + "express-session": "^1.18.0", "hbs": "^4.1.1", "mongoose": "^6.1.2", "morgan": "^1.10.0", diff --git a/routes/index.js b/routes/index.js index 81c2396ceb..1cfb506a15 100644 --- a/routes/index.js +++ b/routes/index.js @@ -1,8 +1,28 @@ const router = require("express").Router(); +const { getHome } = require("../controllers/misc.controller"); +const { + signUp, + doSignUp, + login, + doLogin, + userProfile, + logout +} = require("../controllers/user.controller"); +const { + isAuthenticated, + isNotAuthenticated +} = require("../middlewares/auth.middleware"); /* GET home page */ -router.get("/", (req, res, next) => { - res.render("index"); -}); +router.get("/", getHome); + +//Sign up +router.get("/signUp", isNotAuthenticated, signUp); +router.post("/signUp", isNotAuthenticated, doSignUp); +router.get("/login", isNotAuthenticated, login); +router.post("/login", isNotAuthenticated, doLogin); +router.get("/user/profile", isAuthenticated, userProfile) +router.get("/logout",isAuthenticated, logout); + module.exports = router; diff --git a/views/index.hbs b/views/index.hbs index 1f308fdb35..1858f05952 100644 --- a/views/index.hbs +++ b/views/index.hbs @@ -1,2 +1,9 @@

{{title}}

Welcome to {{title}}

+{{#if currentUser}} +

You´re in Session

+{{else}} +

Go + login + to start your Session

+{{/if}} \ No newline at end of file diff --git a/views/layout.hbs b/views/layout.hbs index 73199c166b..8d94ec1b52 100644 --- a/views/layout.hbs +++ b/views/layout.hbs @@ -6,14 +6,52 @@ {{title}} + + + {{#if currentUser}} + {{else}} + + {{/if}} + {{{body}}} + \ No newline at end of file diff --git a/views/user/login.hbs b/views/user/login.hbs new file mode 100644 index 0000000000..254f717517 --- /dev/null +++ b/views/user/login.hbs @@ -0,0 +1,33 @@ +
+

Login

+
+
+ +
+ +
+
+
+ +
+ +
+
+ + {{#if errors.message}} + + {{/if}} +
+
\ No newline at end of file diff --git a/views/user/profile.hbs b/views/user/profile.hbs new file mode 100644 index 0000000000..bc9897c634 --- /dev/null +++ b/views/user/profile.hbs @@ -0,0 +1,2 @@ +

Profile

+{{currentUser.username}} \ No newline at end of file diff --git a/views/user/sign-up.hbs b/views/user/sign-up.hbs new file mode 100644 index 0000000000..8ea25445ef --- /dev/null +++ b/views/user/sign-up.hbs @@ -0,0 +1,27 @@ +
+

Sign Up

+
+
+ +
+ + {{#if errors.username}} +
{{errors.username}}
+ {{/if}} +
+
+
+ +
+ + {{#if errors.password}} +
{{errors.password}}
+ {{/if}} +
+
+ +
+
\ No newline at end of file