Permalink
Browse files

Authentication on UserController: auth, login and logout actions.

New template: /view/user/auth.js
  • Loading branch information...
jorgecasar committed Jan 19, 2014
1 parent 21bb38e commit 01e14ef420a8d238c08f9ee4ece91f3df8b08737
Showing with 74 additions and 4 deletions.
  1. +39 −3 api/controllers/UserController.js
  2. +18 −1 views/layout.ejs
  3. +17 −0 views/user/auth.ejs
@@ -125,16 +125,52 @@ module.exports = {
/*
* Actions to render a view.
*/
- new: function(req, res, next) {
+ new: function(req, res) {
// Response the view with the action's name.
return res.view();
},
- edit: function(req, res, next) {
+ edit: function(req, res) {
User.findOne(req.param('id')).done(function foundUser(err, user){
if ( err ) return next(err);
// Response the view with the action's name.
else return res.view({ user: user });
});
- }
+ },
+ // This accion will render the view with the login form
+ auth: function(req, res) {
+ return res.view();
+ },
+ /*
+ * Actions that proccess info.
+ */
+ login: function(req, res) {
+ // Get the unique user with this email.
+ User.findOne({email: req.param('email')}).done(function(err, user){
+ // If there are an error,
+ // or the user doesn't exist,
+ // return to auth page.
+ // TODO: Error handler.
+ if ( err || !user ) return res.redirect('/user/auth');
+ require('bcrypt').compare(req.param('password'), user.password, function(err, valid){
+ // If there are an error,
+ // or the pass doesn't match,
+ // return to auth page.
+ // TODO: Error handler.
+ if(err || !valid ) return res.redirect('/user/auth');
+ // Set autenticated to true.
+ req.session.authenticated = true;
+ // save the user data in the session.
+ req.session.user = user;
+ // Redirect to the user page.
+ return res.redirect('/user/' + user.id);
+ });
+ });
+ },
+ logout: function(req, res){
+ // Destroy the session.
+ req.session.destroy();
+ // Redirect to home page.
+ return res.redirect('/');
+ }
};
View
@@ -49,8 +49,25 @@
</div>
<div class="collapse navbar-collapse">
<ul class="nav navbar-nav">
- <li<% if( req.url.indexOf('user') != -1) { %> class="active"<% } %>><a href="/user"><%= __('Users') %></a></li>
+ <li<% if( req.url.indexOf('user') != -1) { %> class="active"<% } %>><a href="/user"><%= __('Users') %></a></li>
</ul>
+ <% if( session.authenticated ) { %>
+ <ul class="nav navbar-nav navbar-right">
+ <li><a href="/user/<%= session.user.id %>"><%= session.user.email %></a>
+ </li>
+ <li>
+ <form class="navbar-form" action="/user/logout">
+ <button type="submit" class="btn btn-danger" title="<%= __('Sign out')%>"><%= __('Sign out')%> <span class="glyphicon glyphicon-log-out"></span></button>
+ </form>
+ </li>
+ </ul>
+ <% } else { %>
+ <ul class="nav navbar-nav navbar-right">
+ <li>
+ <li><a href="/user/new"><span class="glyphicon glyphicon-edit"></span> Sign up</a></li>
+ <li><a href="/user/auth"><span class="glyphicon glyphicon-log-in"></span> Log in</a></li>
+ </ul>
+ <% } %>
</div><!--/.nav-collapse -->
</div>
</div>
View
@@ -0,0 +1,17 @@
+<ol class="breadcrumb">
+ <li><a href="/"><%= __('Home') %></a></li>
+ <li><a href="/user/"><%= __('Users') %></a></li>
+ <li class="active"><%= __('Auth user') %></li>
+</ol>
+<form role="form" action="/user/login" method="POST" class="form-center" id="sign-up-form">
+ <h2 class="form-signin-heading"><%= __('Auth user') %></h2>
+ <div class="form-group">
+ <label for="email"><%= __('Email') %></label>
+ <input type="email" class="form-control" placeholder="<%= __('someone@somewhere.com') %>" name="email" id="email" required />
+ </div>
+ <div class="form-group">
+ <label for="password"><%= __('Password') %></label>
+ <input type="password" class="form-control" placeholder="<%= __('Password') %>" name="password" id="password" required minlength="6" />
+ </div>
+ <input type="submit" class="btn btn-primary btn-block" value="<%= __('Auth user') %>" />
+</form>

0 comments on commit 01e14ef

Please sign in to comment.