How to use User Authentication with node.js

Question

I try to practice using User Authentication.

But it cannot work as I expected.

I expected that it can show the login interface to me.

STEPS:

1.use localhost:12345/login_page to connect the server

2.then show the login interface to me

3.key in the username and password

var express = require('express');
var cookieSession = require('cookie-session');
var app = express();

app.use(cookieSession({
    secret: 'session',
    keys: 'node'
}));

app.get('/login_page', function(req, res){
    if(!req.session.logined){
        res.send('<a href="http://127.0.0.1:12345/logout">Logout Now</a>');
        res.end();
        return;
    }
    res.send('<form action="http://localhost:12345/login" method="POST">');
    res.send('<input type="text" name="username">');
    res.send('<br/>');
    res.send('<input type="password" name="password">');
    res.send('<br/>');
    res.send('<input type="submit" value="login">');
    res.send('</form>');
    res.end();
});

app.post('/login', function(req, res){
    if(res.body.username != 'user' || 
       req.body.password != '12345678'){

        res.send('Account or password error, please login again');
        res.end();
        return;
    }
    res.session.logined = true;
    res.redirect('/login_page');
    res.end();
});

app.post('/logout', function(req, res){
    req.session.logined = false;
    res.redirect('/login');
    res.end();
});

app.listen(12345);

You can't use `res.send` twice. you should send the login page as a `html` file. — Shimon Brandsdorfer, Mar 21 '17 at 17:29

score 1 · Accepted Answer · edited May 23 '17 at 12:17

You may need to change:

res.session.logined = true;

to:

req.session.logined = true;

Also, change res.send() to res.write().

Use the body parser.

Change res.body to req.body.

And change content type to text/html.

Those may not even be all of the bugs in that program but those are the most obvious ones. Considering that you have problems implementing that yourself, you might be better off using Passport, in particular using the passport-local strategy in your case, as it would handle a lot of that logic for you. Here is a good tutorial:

http://www.codexpedia.com/node-js/node-js-authentication-using-passport-local-strategy/

And for hosting static files, like HTML, see this answer:

How to serve an image using nodejs

Sorry, I made a very serious mistake. The information you shared gave me great help. Now I solve the problem. Thank u very much. — Wen Yuan Chen, Mar 22 '17 at 07:39

score 0 · Answer 2 · answered Mar 21 '17 at 17:37

You have several mistakes here. First of all, you cannot use the res.send() function more than once per request, and you don't have to use res.end in the end.

So, your code shall look similar to this:

var express = require('express');
var cookieSession = require('cookie-session');
var app = express();

app.use(cookieSession({
    secret: 'session',
    keys: 'node'
}));

app.get('/login_page', function(req, res){
    if(!req.session.logined){
        res.send('<a href="/logout">Logout Now</a>');
    }
    res.send('<form action="/login" method="POST">  <input type="text" name="username"><br/><input type="password" name="password"><br/><input type="submit" value="login"></form>');
});

app.post('/login', function(req, res){
    if(res.body.username != 'user' || 
       req.body.password != '12345678'){

        res.send('Account or password error, please login again');
    }
    req.session.logined = true;
    res.redirect('/login_page');
});

app.post('/logout', function(req, res){
    req.session.logined = false;
    res.redirect('/login');
});

app.listen(12345);

And obviously, for better practice, you should send your responses with html files, using 'res.renderor 'res.sendFile.

It can't solve my problem. But you tell me where is wrong. Very thanks to you. — Wen Yuan Chen, Mar 22 '17 at 07:42

How to use User Authentication with node.js

2 Answers2