@amps1819/Auth

Almost copypaste of @ull-esit-pl/auth for DSI #08 assignment.

• Code modified to avoid duplicate route naming and thus typing errors through router.route() method.

1. [merge(#71 & #80)]
2. [merge(#103 & #112)]

About this module

This module exports a function that returns an express middleware.

It defines the routes

1. /login and /register via GET and POST methods,
2. /logout via the GET method only
3. /content via the GET method.
   • This is the route that will be protected and users must be logged in before accessing this route
   • Otherwise a 401 message will be sent with an unauthorized view.

Student

• Original version: Carlos Domínguez García (alu0100966589@ull.edu.es)
• Modified by the lecturer (crguezl@ull.edu.es)
• Modified by the student amps1819 (amps.dsi.sytw@gmail.com)

API

The function that exports the module needs an object. The properties of that object are the following:

• passwordFile: location of the file to store the users credentials.

• pathToProtect: the files that will be accessible only when users are logged in.

• registerView: view containing the form to register. It will be served at '/register' via the HTTP GET method.

  • The names of the fields must be username and password

• successRegisterView: view with the message to render when the user registers successfully.

• errorRegisterView: view to render when there is an error in the registration.

• loginView: view containing the form to log in. It will be served at '/login' via the HTTP GET method.

  • The names of the fields must be username and password

• successLoginView: view with the message to render when the user logs in successfully.

• errorLoginView: view to render when there is an error in the login.

• logoutView: view to render when they log out.

• unauthorizedView: view to render when a user tries to access '/content' without being logged in