This app is an oversimplified example of the Node/React authentication workflow using express-session and has 2 main files in it:
- server.js - server part of the app (using Express) - 23 lines of code
- src/index.js - React part of the app (using create-react-app) - 10 lines of code
Authentication has a few steps:
- user should click
login
button to trigger credentials sending (username/password) to the server/api/login
endpoint using POST method (in this app even credentials are not sent, just an api call is being made) - server endpoint
/api/login
being reached triggers user data saving to a server session (using express-session) AND send success response back to client with success message in response body (for example just OK text) and session cookies (note theconnect.sid
on the screenshot below)
all of things in a section 2 are implemented using the following lines of code:
app.post('/api/login', function (req, res, next) {
req.session.user = "test";
res.send("ok")
});
- after being authenticated client can send POST requests and receive information that was not allowed before (in this example app it is just word "test") but in a real app that could be dashboard data or user profile info
following steps should be done:
npm i
to install all dependenciesnpm run server
to start Nodejs servernpm start
to run the React app
After that the blank page should appear in the browser on port 5000 with only 1 button so far: Login that could be used for authentication