Auth
This module was made for education purpose. The goal was to do a basic authorization middleware to know how it works.
About this module
This module exports a function that returns an express middleware.
It defines the routes
-
/loginand/registervia GET and POST methods, -
/logoutvia the GET method only -
/contentvia the GET method.- This is the route that will be protected and users must be logged in before accessing this route
- Otherwise a
401message will be sent with anunauthorized view.
Student
- Original version: Carlos Domínguez García (alu0100966589@ull.edu.es)
- Modified by the lecturer (crguezl@ull.edu.es)
API
The function that exports the module needs an object. The properties of that object are the following:
-
passwordFile: location of the file to store the users credentials. -
pathToProtect: the files that will be accessible only when users are logged in. -
registerView: view containing the form to register. It will be served at '/register' via the HTTP GET method.- The names of the fields must be
usernameandpassword
- The names of the fields must be
-
successRegisterView: view with the message to render when the user registers successfully. -
errorRegisterView: view to render when there is an error in the registration. -
loginView: view containing the form to log in. It will be served at '/login' via the HTTP GET method.- The names of the fields must be
usernameandpassword
- The names of the fields must be
-
successLoginView: view with the message to render when the user logs in successfully. -
errorLoginView: view to render when there is an error in the login. -
logoutView: view to render when they log out. -
unauthorizedView: view to render when a user tries to access '/content' without being logged in