change authentication to cookies

This commit is contained in:
catarak 2016-06-13 19:29:33 -04:00
parent 9e366fdc17
commit 4908dc1e0b
4 changed files with 18 additions and 34 deletions

View file

@ -1,17 +1,9 @@
const passport = require('passport'); const passport = require('passport');
const JwtStrategy = require('passport-jwt').Strategy;
const ExtractJwt = require('passport-jwt').ExtractJwt;
const GitHubStrategy = require('passport-github').Strategy; const GitHubStrategy = require('passport-github').Strategy;
const LocalStrategy = require('passport-local').Strategy; const LocalStrategy = require('passport-local').Strategy;
const User = require('../models/user'); const User = require('../models/user');
// Setup options for JWT Strategy
const jwtOptions = {
jwtFromRequest: ExtractJwt.fromHeader('authorization'),
secretOrKey: "steve brule"
};
passport.serializeUser((user, done) => { passport.serializeUser((user, done) => {
done(null, user.id); done(null, user.id);
}); });
@ -39,22 +31,6 @@ passport.use(new LocalStrategy({ usernameField: 'email' }, (email, password, don
}); });
})); }));
// Create JWT strategy
passport.use(new JwtStrategy(jwtOptions, function(payload, done) {
// See if the user ID in the payload exists in our database
// If it does, call 'done' with that other
// otherwise, call done without a user object
User.findById(payload.sub, function(err, user) {
if (err) { return done(err, false); }
if (user) {
done(null, user);
} else {
done(null, false);
}
});
}));
/** /**
* Sign in with GitHub. * Sign in with GitHub.
*/ */

View file

@ -1,7 +1,6 @@
import User from '../models/user' import User from '../models/user'
import passport from 'passport' import passport from 'passport'
import path from 'path' import path from 'path'
import { generateToken } from '../utils/jwt'
export function newUser(req, res) { export function newUser(req, res) {
//eventually, it would be cool to have some isomorphic rendering //eventually, it would be cool to have some isomorphic rendering
@ -25,7 +24,7 @@ export function createUser(req, res, next) {
if (err) { if (err) {
return next(err); return next(err);
} }
res.json({ token: generateToken(user) }); res.json({success: true});
}); });
}); });
}); });

View file

@ -3,6 +3,7 @@ import mongoose from 'mongoose';
import bodyParser from 'body-parser'; import bodyParser from 'body-parser';
import cookieParser from 'cookie-parser'; import cookieParser from 'cookie-parser';
import session from 'express-session'; import session from 'express-session';
const MongoStore = require('connect-mongo')(session);
import passport from 'passport'; import passport from 'passport';
import path from 'path'; import path from 'path';
@ -29,12 +30,21 @@ app.use(Express.static(path.resolve(__dirname, '../static')));
app.use(bodyParser.urlencoded({extended: true})); app.use(bodyParser.urlencoded({extended: true}));
app.use(bodyParser.json()); app.use(bodyParser.json());
app.use(cookieParser()); app.use(cookieParser());
app.use(passport.initialize()); app.use(session({
app.use(passport.session()); resave: true,
app.use(Express.static(path.resolve(__dirname, '../static'))); saveUninitialized: false,
app.use(bodyParser.urlencoded({extended: true})); secret: process.env.SESSION_SECRET,
app.use(bodyParser.json()); proxy: true,
app.use(cookieParser()); name: 'sessionId',
cookie: {
httpOnly: true,
secure: false,
},
store: new MongoStore({
url: process.env.MONGO_URL,
autoReconnect: true
})
}));
app.use(passport.initialize()); app.use(passport.initialize());
app.use(passport.session()); app.use(passport.session());
app.use('/', users); app.use('/', users);

View file

@ -7,10 +7,9 @@ const ROOT_URL = location.href.indexOf('localhost') > 0 ? 'http://localhost:8000
export function signUpUser(formValues) { export function signUpUser(formValues) {
return function(dispatch) { return function(dispatch) {
axios.post(`${ROOT_URL}/signup`, formValues) axios.post(`${ROOT_URL}/signup`, formValues, {withCredentials: true})
.then(response => { .then(response => {
dispatch({ type: ActionTypes.AUTH_USER }); dispatch({ type: ActionTypes.AUTH_USER });
localStorage.setItem('token', response.data.token);
browserHistory.push('/'); browserHistory.push('/');
}) })
.catch(response => dispatch(authError(response.data.error))); .catch(response => dispatch(authError(response.data.error)));