/
index.js
150 lines (132 loc) · 3.79 KB
/
index.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
const Koa = require('koa');
const Router = require('koa-router');
const route = require('koa-route');
const path = require('path');
const bodyParser = require('koa-bodyparser');
const convert = require('koa-convert');
const views = require('koa-views');
const helmet = require('koa-helmet');
const session = require('koa-generic-session');
const passport = require('koa-passport');
const Sequelize = require('sequelize');
const randomstring = require('randomstring');
const app = new Koa();
const router = new Router();
app.proxy = true;
passport.serializeUser(function(user, done) {
done(null, user.id)
});
passport.deserializeUser(function(id, done) {
User.findOne({id :id}).then((user) => {
done(null, user)
});
});
const LocalStrategy = require('passport-local').Strategy;
passport.use(new LocalStrategy(function(username, password, done) {
User.findOne({username: username}).then((user) => {
if (user === null) {
done(null, false, {message: 'invalid credentials'});
}
const hashed = 'huyzalupasir'+password;
if (hashed === user.password_hash) {
done(null, user);
}
else {
done(null, false, {message: 'invalid credentials'});
}
});
}))
app.keys = ['secret', 'key'];
app
.use(convert(views(path.join(__dirname,'/views'), { extension: 'jade' })))
.use(bodyParser())
.use(convert(require('koa-static')(__dirname + '/public')))
.use(convert(helmet()))
.use(convert(session(app)))
.use(passport.initialize())
.use(passport.session());
app.use(route.get('/', async (ctx) => {
ctx.state = {
title: 'koa2 title'
};
await ctx.render('login', {});
}));
app.use(route.get('/success', async (ctx) => {
if (ctx.isAuthenticated()) {
ctx.state = {
title: 'koa2 success',
success: true
};
}
else {
ctx.state = {
title: 'koa2 failure',
success: false
};
}
await ctx.render('success', {});
}));
app.use(route.get('/logout', async (ctx) => {
await ctx.logout();
await ctx.redirect('/');
}))
// POST /login
app.use(route.post('/login',
passport.authenticate('local', {
successRedirect: '/success',
failureRedirect: '/failure'
})
))
app.use(route.get('/failrure', (ctx) => {
ctx.body = ctx.render({ // Use your render method
error: 'Invalid credentials' ,
});
}));
app.on('error', function(err, ctx){
console.log(err)
log.error('server error', err, ctx);
});
// Or you can simply use a connection uri
// without password and options
var sequelize = new Sequelize('postgres://yan@localhost:5432/crystal');
var User = sequelize.define('user', {
username: {
type: Sequelize.STRING
},
password_hash: Sequelize.STRING,
password: {
type: Sequelize.VIRTUAL,
set: function (val) {
this.salt = "huyzalupasir"; //I am extremely sorry for this but Win is piece of shit cannot handle with installing bcrypt
this.setDataValue('password', val); // Remember to set the data value, otherwise it won't be validated
this.setDataValue('password_hash', this.salt + val);
},
// set: function(password, done) {
// return bcrypt.genSalt(10, function(err, salt) {
// return bcrypt.hash(password, salt, function(error, encrypted) {
// this.password = encrypted;
// this.salt = salt;
// return done();
// });
// }
// },
validate: {
isLongEnough: function (val) {
if (val.length < 7) {
throw new Error("Please choose a longer password")
}
}
}
}
});
// force: true will drop the table if it already exists
User.sync({force: true}).then(function () {
// Table created
return User.create({
username: 'John',
password: '1234567'
});
});
// start server
const port = process.env.PORT || 3000
app.listen(port, () => console.log('Server listening on', port))