I used the same code in local, it worked fine but when I used it on a remote server it did not work
this is the code of index.js
var express = require('express');
var router = express.Router();
var auth = function(req, res, next) {
console.log(req.session.admin);
if (req.session && req.session.admin)
return next();
else
return res.redirect('/');
};
router.get('/qwerty',auth, function(req, res) {
console.log('Welcome '+req.session.user);
res.render('data');
});
router.get('/', function(req, res) {
res.render('login');
});
module.exports = router;
and this is the one used for authentification
router.post('/loginweb',function(req, res) {
Users.findOne({userName:req.body.username,password:req.body.password},function(err, data){
if (err)
console.log(err);
else{
if (!data)
//console.log('Not found');
res.json({'success':'false'})
else{
console.log(data);
var name=data.firstName + ' ' + data.lastName;
req.session.user = name;
req.session.admin = true;
console.log(req.session);
res.json({'success':'true','id':data._id,'name':name});
}
}
})
});
app.js
var express = require('express');
var path = require('path');
var favicon = require('serve-favicon');
var logger = require('morgan');
var cookieParser = require('cookie-parser');
var bodyParser = require('body-parser');
var hbs = require("express-handlebars");
var cors = require('cors');
var index = require('./routes/index');
var users = require('./routes/users');
var api = require('./routes/api');
var session = require('express-session');
var FileStore = require('session-file-store')(session);
var app = express();
app.use(cors());
app.options('*', cors());
// view engine setup
app.engine('.html',require('ejs').__express);
app.set('views', path.join(__dirname, 'views/webpage'));
app.set('view engine', 'html');
app.use("/css", express.static(__dirname + '/views/webpage/css'));
app.use("/js", express.static(__dirname + '/views/webpage/js'));
app.use("/img", express.static(__dirname + '/views/webpage/img'));
// uncomment after placing your favicon in /public
//app.use(favicon(path.join(__dirname, 'public', 'favicon.ico')));
app.use(logger('dev'));
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: false }));
app.use(cookieParser());
app.use(express.static(path.join(__dirname, 'public')));
//app.use(express.cookieParser);
app.use(session({secret: 'maxa',cookie: { maxAge: 60000, httpOnly: false, path: '/' },saveUninitialized:false,resave:false}));
app.use('/', index);
app.use('/users', users);
app.use('/api', api);
// catch 404 and forward to error handler
app.use(function(req, res, next) {
var err = new Error('Not Found');
err.status = 404;
next(err);
});
// error handler
app.use(function(err, req, res, next) {
// set locals, only providing error in development
res.locals.message = err.message;
res.locals.error = req.app.get('env') === 'development' ? err : {};
// render the error page
res.status(err.status || 500);
res.render('error');
});
module.exports = app;
client side :
$(document).ready(function () {
$("#btn-login").click(function(){
jQuery.support.cors=true;
event.preventDefault();
var username = $("#username").val();
var password = $("#password").val();
$.post("http://www.example.com/api/loginweb",
{
'username': username,
'password': password
},
function(data){
console.log(data);
if(data.success=='false'){
alert('Wrong username or password');
}else{
self.location.href = '/qwerty';//'http://www.example.com/qwerty';
}
});
});
});
the session is undefined in the /qwerty method but defined in the /loginweb method
via khadhraoui Firas
No comments:
Post a Comment