waveringana/embedder
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

Move middlewear to seperate file, Files can expire

Browse source
This commit is contained in:
anarch3 2022-11-19 07:53:47 -05:00
parent da127b3118
commit 521390fde7
10 changed files with 2044 additions and 375 deletions
Download patch file Download diff file Expand all files Collapse all files

33
routes/auth.js
View file

@ -1,29 +1,30 @@
let express = require('express');
let passport = require('passport');
let LocalStrategy = require('passport-local');
let crypto = require('crypto');
let db = require('../db');
let crypto = require("crypto");
let express = require("express");
let passport = require("passport");
let LocalStrategy = require("passport-local");
let db = require("../db");
let router = express.Router();
passport.use(new LocalStrategy(function verify(username, password, cb) {
db.get('SELECT * FROM users WHERE username = ?', [username], function(err, row) {
db.get("SELECT * FROM users WHERE username = ?", [username], function(err, row) {
if (err) {
return cb(err);
}
if (!row) {
return cb(null, false, {
message: 'Incorrect username or password.'
message: "Incorrect username or password."
});
}
crypto.pbkdf2(password, row.salt, 310000, 32, 'sha256', function(err, hashedPassword) {
crypto.pbkdf2(password, row.salt, 310000, 32, "sha256", function(err, hashedPassword) {
if (err) {
return cb(err);
}
if (!crypto.timingSafeEqual(row.hashed_password, hashedPassword)) {
return cb(null, false, {
message: 'Incorrect username or password.'
message: "Incorrect username or password."
});
}
return cb(null, row);
@ -46,21 +47,21 @@ passport.deserializeUser(function(user, cb) {
});
});
router.get('/login', function(req, res, next) {
res.render('login');
router.get("/login", function(req, res) {
res.render("login");
});
router.post('/login/password', passport.authenticate('local', {
successRedirect: '/',
failureRedirect: '/login'
router.post("/login/password", passport.authenticate("local", {
successRedirect: "/",
failureRedirect: "/login"
}));
router.post('/logout', function(req, res, next) {
router.post("/logout", function(req, res, next) {
req.logout(function(err) {
if (err) {
return next(err);
}
res.redirect('/');
res.redirect("/");
});
});