-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathpassport.js
119 lines (86 loc) · 4.72 KB
/
passport.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
var LocalStrategy = require('passport-local').Strategy;
var mysql = require('mysql');
var connection = mysql.createConnection({
host: 'localhost',
user: 'root',
password: 'Gabie748.',
database: "pillars"
});
// ------ Used manjeshpv on githubs code: https://gist.github.com/manjeshpv/84446e6aa5b3689e8b84 ------
// expose this function to our app using module.exports
module.exports = function(passport) {
// =========================================================================
// passport session setup ==================================================
// =========================================================================
// required for persistent login sessions
// passport needs ability to serialize and unserialize users out of session
// used to serialize the user for the session
passport.serializeUser(function(userName, done) {
done(null, userName);
});
// used to deserialize the user
passport.deserializeUser(function(obj, done) {
done(null, obj);
});
// =========================================================================
// LOCAL SIGNUP ============================================================
// =========================================================================
// we are using named strategies since we have one for login and one for signup
// by default, if there was no name, it would just be called 'local'
passport.use('local-signup', new LocalStrategy({
// by default, local strategy uses username and password, we will override with email
usernameField: 'userName',
passwordField: 'password',
passReqToCallback: true // allows us to pass back the entire request to the callback
},
function(req, userName, password, done) {
// find a user whose email is the same as the forms email
// we are checking to see if the user trying to login already exists
connection.query("SELECT * from userTable where userName = '" + userName + "'", function(err, rows) {
console.log(rows);
console.log("above row object");
if (err)
return done(err);
if (rows.length) {
return done(null, false, req.flash('signupMessage', 'That username is already taken.'));
} else {
// if there is no user with that email
// create the user
var newUserMysql = new Object();
newUserMysql.userName = userName;
newUserMysql.password = password; // use the generateHash function in our user model
var insertQuery = "INSERT INTO userTable ( userName, password ) values ('" + userName + "','" + password + "')";
console.log(insertQuery);
connection.query(insertQuery, function(err, rows) {
//newUserMysql.id = rows.insertId;
return done(null, newUserMysql);
});
}
});
}));
// =========================================================================
// LOCAL LOGIN =============================================================
// =========================================================================
// we are using named strategies since we have one for login and one for signup
// by default, if there was no name, it would just be called 'local'
passport.use('local-login', new LocalStrategy({
// by default, local strategy uses username and password, we will override with email
usernameField: 'userName',
passwordField: 'password',
passReqToCallback: true // allows us to pass back the entire request to the callback
},
function(req, userName, password, done) { // callback with email and password from our form
connection.query("SELECT * FROM `userTable` WHERE `userName` = '" + userName + "'", function(err, rows) {
if (err)
return done(err);
if (!rows.length) {
return done(null, false, req.flash('loginMessage', 'No user found.')); // req.flash is the way to set flashdata using connect-flash
}
// if the user is found but the password is wrong
if (!(rows[0].password == password))
return done(null, false, req.flash('loginMessage', 'Oops! Wrong password.')); // create the loginMessage and save it to session as flashdata
// all is well, return successful user
return done(null, rows[0]);
});
}));
};