change authentication to cookies
This commit is contained in:
catarak
parent
9e366fdc17
commit
4908dc1e0b
|
|
@ -1,17 +1,9 @@
|
|||
const passport = require('passport');
|
||||
const JwtStrategy = require('passport-jwt').Strategy;
|
||||
const ExtractJwt = require('passport-jwt').ExtractJwt;
|
||||
const GitHubStrategy = require('passport-github').Strategy;
|
||||
const LocalStrategy = require('passport-local').Strategy;
|
||||
|
||||
const User = require('../models/user');
|
||||
|
||||
// Setup options for JWT Strategy
|
||||
const jwtOptions = {
|
||||
jwtFromRequest: ExtractJwt.fromHeader('authorization'),
|
||||
secretOrKey: "steve brule"
|
||||
};
|
||||
|
||||
passport.serializeUser((user, done) => {
|
||||
done(null, user.id);
|
||||
});
|
||||
|
|
@ -39,22 +31,6 @@ passport.use(new LocalStrategy({ usernameField: 'email' }, (email, password, don
|
|||
});
|
||||
}));
|
||||
|
||||
// Create JWT strategy
|
||||
passport.use(new JwtStrategy(jwtOptions, function(payload, done) {
|
||||
// See if the user ID in the payload exists in our database
|
||||
// If it does, call 'done' with that other
|
||||
// otherwise, call done without a user object
|
||||
User.findById(payload.sub, function(err, user) {
|
||||
if (err) { return done(err, false); }
|
||||
|
||||
if (user) {
|
||||
done(null, user);
|
||||
} else {
|
||||
done(null, false);
|
||||
}
|
||||
});
|
||||
}));
|
||||
|
||||
/**
|
||||
* Sign in with GitHub.
|
||||
*/
|
||||
|
|
|
|||
|
|
@ -1,7 +1,6 @@
|
|||
import User from '../models/user'
|
||||
import passport from 'passport'
|
||||
import path from 'path'
|
||||
import { generateToken } from '../utils/jwt'
|
||||
|
||||
export function newUser(req, res) {
|
||||
//eventually, it would be cool to have some isomorphic rendering
|
||||
|
|
@ -25,7 +24,7 @@ export function createUser(req, res, next) {
|
|||
if (err) {
|
||||
return next(err);
|
||||
}
|
||||
res.json({ token: generateToken(user) });
|
||||
res.json({success: true});
|
||||
});
|
||||
});
|
||||
});
|
||||
|
|
|
|||
|
|
@ -3,6 +3,7 @@ import mongoose from 'mongoose';
|
|||
import bodyParser from 'body-parser';
|
||||
import cookieParser from 'cookie-parser';
|
||||
import session from 'express-session';
|
||||
const MongoStore = require('connect-mongo')(session);
|
||||
import passport from 'passport';
|
||||
import path from 'path';
|
||||
|
||||
|
|
@ -29,12 +30,21 @@ app.use(Express.static(path.resolve(__dirname, '../static')));
|
|||
app.use(bodyParser.urlencoded({extended: true}));
|
||||
app.use(bodyParser.json());
|
||||
app.use(cookieParser());
|
||||
app.use(passport.initialize());
|
||||
app.use(passport.session());
|
||||
app.use(Express.static(path.resolve(__dirname, '../static')));
|
||||
app.use(bodyParser.urlencoded({extended: true}));
|
||||
app.use(bodyParser.json());
|
||||
app.use(cookieParser());
|
||||
app.use(session({
|
||||
resave: true,
|
||||
saveUninitialized: false,
|
||||
secret: process.env.SESSION_SECRET,
|
||||
proxy: true,
|
||||
name: 'sessionId',
|
||||
cookie: {
|
||||
httpOnly: true,
|
||||
secure: false,
|
||||
},
|
||||
store: new MongoStore({
|
||||
url: process.env.MONGO_URL,
|
||||
autoReconnect: true
|
||||
})
|
||||
}));
|
||||
app.use(passport.initialize());
|
||||
app.use(passport.session());
|
||||
app.use('/', users);
|
||||
|
|
|
|||
|
|
@ -7,10 +7,9 @@ const ROOT_URL = location.href.indexOf('localhost') > 0 ? 'http://localhost:8000
|
|||
|
||||
export function signUpUser(formValues) {
|
||||
return function(dispatch) {
|
||||
axios.post(`${ROOT_URL}/signup`, formValues)
|
||||
axios.post(`${ROOT_URL}/signup`, formValues, {withCredentials: true})
|
||||
.then(response => {
|
||||
dispatch({ type: ActionTypes.AUTH_USER });
|
||||
localStorage.setItem('token', response.data.token);
|
||||
browserHistory.push('/');
|
||||
})
|
||||
.catch(response => dispatch(authError(response.data.error)));
|
||||
|
|
|
|||
Loading…
Reference in New Issue