I have an authentication system setup in my express node application, but I’ve been experiencing some errors with the passport authentication that I setup. For example, the registration system works fine, as does my validation system (which basically checks whether the user/pass combo is valid for my school’s grade book login). However, the actual passport login (which checks if the user/pass combo is a registered user in my mongoose database) is not functioning correctly.
Relavent part of app.js
//passport setup
app.use(passport.initialize());
app.use(passport.session());
passport.use(new LocalStrategy(function (username, password, done) {
User.findOne({username: username}, function (err, user) {
user.checkLogin(password, function (error, userIsValid) {
if (error) {
console.log('Error:');
return done(error);
}
if (userIsValid) {
console.log('Valid:');
areCredentialsValid(username, password, function (status) {
if (status === true) {
return done(null, user);
} else {
done(null, false, {message: 'Invalid login credentials'})
}
});
}
});
});
}));
user.js
var mongoose = require('mongoose');
var passportLocalMongoose = require('passport-local-mongoose');
var Schema = mongoose.Schema;
var bcrypt = require('bcrypt');
var User = new Schema({
username: String,
password: String,
studentID: {type: Number}
});
User.methods.checkLogin = function (password, callback) {
bcrypt.compare(password, this.password, function (error, same) {
if (error){
callback(error);
}
callback(same);
})
};
User.plugin(passportLocalMongoose);
module.exports = mongoose.model('User', User);
and finally, index.js
var express = require('express');
var router = express.Router();
var passport = require('passport');
var User = require('../models/user');
var request = require('request');
var cheerio = require('cheerio');
//register
router.post('/register', function(req, res){
var username = req.body.username;
var password = req.body.password;
var studentID = req.body.studentID;
areCredentialsValid(username, password, function (statusBoolean) {
if (statusBoolean === true){
User.register(new User({
username: username,
password: password,
studentID: studentID
}), password, function (){
console.log('Registered:');
res.redirect('./');
res.end()
})
}else{
console.log('Invalid Credentials:');
res.redirect('./');
res.end()
}
});
});
function areCredentialsValid(username, password, callback){
if (typeof username !== 'undefined' && username !== null && username !== '' &&
typeof password !== 'undefined' && password !== null && password !== ''){
var cookie = {};
var responseBoolean = false;
var config = {
method: 'GET',
url: 'https://parents.mtsd.k12.nj.us/genesis/j_security_check',
headers: {
'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8',
'User-Agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36'
}
};
request(config, function (error, response, body) {
cookie = response.headers['set-cookie'];
console.log(cookie);
var config = {
method: 'POST',
url: 'https://parents.mtsd.k12.nj.us/genesis/j_security_check',
form: {
'j_username': username,
'j_password': password
},
headers: {
'Cookie': cookie,
'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8',
'User-Agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36'
}
};
request(config, function (error, response2, body) {
//console.log(response);
console.log(response2.headers);
if (response2.headers['location'] === '/genesis/parents?gohome=true'){
responseBoolean = true;
}else{
responseBoolean = false;
}
callback(responseBoolean);
return responseBoolean;
})
})
}
}
//login
router.post('/login', function(req, res) {
passport.authenticate('local', function (error, user, info){
if (user === false) {
// handle login error ...
} else {
// handle successful login ...
}
});
});
module.exports = router;
All help is appreciated. If its easier to deal with, the source code can be found here.
via Steve
No comments:
Post a Comment