Auth
This module was made for education purpose. The goal was to do a basic authorization middleware to know how it works.
About this module
This module exports a function that returns an express middleware.
It defines the routes
-
/login
and/register
via GET and POST methods, -
/logout
via the GET method only -
/content
via the GET method.- This is the route that will be protected and users must be logged in before accessing this route
- Otherwise a
401
message will be sent with anunauthorized view
.
Student
- Original version: Carlos Domínguez García (alu0100966589@ull.edu.es)
- Modified by the lecturer (crguezl@ull.edu.es)
API
The function that exports the module needs an object. The properties of that object are the following:
-
passwordFile
: location of the file to store the users credentials. -
pathToProtect
: the files that will be accessible only when users are logged in. -
registerView
: view containing the form to register. It will be served at '/register' via the HTTP GET method.- The names of the fields must be
username
andpassword
- The names of the fields must be
-
successRegisterView
: view with the message to render when the user registers successfully. -
errorRegisterView
: view to render when there is an error in the registration. -
loginView
: view containing the form to log in. It will be served at '/login' via the HTTP GET method.- The names of the fields must be
username
andpassword
- The names of the fields must be
-
successLoginView
: view with the message to render when the user logs in successfully. -
errorLoginView
: view to render when there is an error in the login. -
logoutView
: view to render when they log out. -
unauthorizedView
: view to render when a user tries to access '/content' without being logged in