node.js - Authenticating users on mongo, node, passport, and heroku. Stops working after a few days -
i'm creating first full stack web app mongo, express, angular, , node. come front end background, , i'm struggling little authentication implementation.
my (incomplete) app working days, today broke, , magically fixed it. i'm pretty sure didn't change drastic in code. error causing authenticated users see "guest users" account. allow them login, user come mongo guestuser. see i'm missing in code?
var express = require('express'), routes = require('./routes'), api = require('./routes/api'), http = require('http'), path = require('path'), mongoose = require('mongoose'), passport = require('passport'), localstrategy = require('passport-local').strategy; var app = module.exports = express(); var uristring = process.env.mongolab_uri || process.env.mongohq_url || 'mongodb://localhost/hellomongoose'; mongoose.connect(uristring, function (err, res) { if (err) { console.log ('error connecting to: ' + uristring + '. ' + err); } else { console.log ('succeeded connected to: ' + uristring); } }); var schema = mongoose.schema, objectid = schema.objectid; var tasks = new schema({ "title": string, "description": string, "difficulty": number, "completed": boolean }); var project = new schema({ "title": string, "tasks": [ tasks ] }); var user = new schema({ // update data model here "first_name": string, "last_name": string, "email": {type: string, unique: true}, "username": {type: string, unique: true}, "password": string, "projects": [ project ] }); var user = mongoose.model('user', user); user.prototype.validpassword = function(pass) { return (this.password === pass); } /** * configuration */ // environments app.set('port', process.env.port || 3000); app.set('views', __dirname + '/views'); app.set('view engine', 'jade'); app.use(express.logger('dev')); app.use(express.bodyparser()); app.use(express.methodoverride()); app.use(express.static(path.join(__dirname, 'public'))); app.use(express.cookieparser()); app.use(express.session({ secret: 'keyboardcat' })); app.use(passport.initialize()); app.use(passport.session()); app.use(app.router); // development if (app.get('env') === 'development') { app.use(express.errorhandler()); } // production if (app.get('env') === 'production') { // todo }; passport.use(new localstrategy( function(username, password, done) { mongoose.model('user').findone({ username: username }, function (err, user) { if (err) { console.log('there error'); return done(err); } if (!user) { console.log('username invalid'); return done(null, false, { message: 'incorrect username.' }); } if (!user.validpassword(password)) { console.log('password incorrect'); return done(null, false, { message: 'incorrect password.' }); } return done(null, user); }); } )); passport.serializeuser(function(user, done) { done(null, user.id); }); passport.deserializeuser(function(id, done) { user.findone(id, function (err, user) { done(err, user); }); }); /** * routes */ // serve index , view partials app.get('/', routes.index); app.get('/login', function(req, res) { console.log(req.session.user); if (!req.session.user) { res.render('login'); } else { res.redirect('/'); } }); app.post('/login', passport.authenticate('local', { failureredirect: '/login' }), function(req, res) { req.session.user = req.body.username; res.redirect('/'); }); app.get('/signup', function(req, res) { if (!req.session.user) { res.render('signup'); } else { res.redirect('/'); } }); app.get('/logout', function(req, res) { req.session.user = undefined; res.redirect('/login'); }); app.post('/signup', function(req,res) { if (req.body.username && req.body.password) { var user = new user({ first_name: req.body.first_name, last_name: req.body.last_name, email: req.body.email, username: req.body.username, password: req.body.password }); user.save(function(err) { if (!err) { console.log(user.username); req.session.user = req.body.username; res.redirect('/'); } else { console.log(err); res.redirect('/signup'); } }); } else { res.redirect('/signup'); } }); app.get('/person', function(req,res) { if (!req.session.user) { res.redirect('/login'); } else { mongoose.model('user').findone({username: new regexp('^'+req.session.user+'$', "i")}, function(err, user) { if (!err) { console.log(json.stringify(user)); res.send(user); } else { console.log(err); } }); } }); app.put('/person', function(req,res) { if (!req.session.user) { res.redirect('/login'); } else { console.log('updating user'); console.log(req.body.projects); mongoose.model('user').findone({username: new regexp('^'+req.session.user+'$', "i")}, function(err, user) { console.log(user); user.projects = req.body.projects; console.log(user.first_name + ' here'); user.save(function(err) { if (!err) { console.log('user updated'); } else { console.log(err); } }); }); } }); app.get('/:user', function(req, res) { if (!req.session.user) { res.redirect('/login'); } else if (req.params.user != req.session.user) { res.redirect('/' + req.session.user); } else { res.render('index'); } }); app.get('/partials/:name', routes.partials); // json api app.get('/api/name', api.name); // redirect others index (html5 history) app.get('*', function(req, res) { if (!req.session.user) { res.render('login'); } else { res.redirect('/'); } }); /** * start server */ http.createserver(app).listen(app.get('port'), function () { console.log('express server listening on port ' + app.get('port')); });
assuming got of code here, can see made change might have caused failure.
passport.use(new localstrategy( function(username, password, done) { mongoose.model('user').findone({ username: username }, function (err, user) {
you have added validpassword
user
, should be
passport.use(new localstrategy( function(username, password, done) { user.findone({ username: username }, function (err, user) {
Comments
Post a Comment