- Make sure project is not running and open a terminal
- Install the following packages via npm
- passport
- passport-local
- passport-local-mongoose
- express-session
- Install the following packages via npm
- In app.js
- Since our controllers will use passport, all related declarations must be placed before the app = express() instruction
- Import passport and express-session
- Initialize and configure the session object by calling app.use and passing the session object as a method
- Provide the following values: https://github.com/expressjs/session#readme
- secret
- resave
- saveUninitialized
- Provide the following values: https://github.com/expressjs/session#readme
- Configure passport before any custom router/controller declaration (app.use())
- Call app.use and register:
- passport.initialize()
- passport.session();
- Call app.use and register:
- Since our controllers will use passport, all related declarations must be placed before the app = express() instruction
- In the models folder
- Create User.js
- Define schema and model the same way as any other model
- Since this is a special model for user management
- Import passport-local-mongoose
- Call userSchema.plugin(plm) to extend the model functionality and use the password salting/hashing feature
- Create User.js
- In app.js
- Link passport to our model that extends passport-local-mongoose
- Import model
- Call passport.use and specify a strategy
- Set passport to read/write user data to/from session object
- Call passport.serializeUser to write user into to a session variable
- Call passport deserializeUser to get the information from the session variable
- Link passport to our model that extends passport-local-mongoose
- In the Views folder
- Create register.hbs
- Create login.hbs
- Copy the HTML code from the links below (also located in Blackboard) to save time:
- login.hbs > https://pastebin.com/7GUJ9Fp8
- register.hbs > https://pastebin.com/N3MF5yFH
- In routes/index.js
- Add GET handler for '/register' and render register.hbs view with a title
- Add GET handler for '/login' and render login.hbs view with a title
- In views/layout
- Add links to login and register to the right side of your navbar
- Open the site on a browser and try navigating to these pages
- In routes/index.js
- Import passport module
- Import User model
- Add POST handler for '/register' and use the User module to register a new User
- User.register(new User(), password)
- Password gets passed as a separate parameter so that it can be hashed
- If registration is successful
- Call req.login() and pass the newuser object to log the user in
- Redirect to /projects page
- Try creating a new account and view MongoDB collection
- What's hash and salt?
- Add POST handler for '/login'
- Instead of the usual custom middleware callback, call passport.authenticate()
- Specify strategy name
- Specify success and failure redirect
- Add a login failure message
- Instead of the usual custom middleware callback, call passport.authenticate()
- Modify the GET handler for '/login to handle login failure messages
- Get message from req.session.messages
- Clear out messages
- Pass the messages to the view
- In login.hbs
- Make sure messages are rendered
- Danger alert for invalid
- Info alert for prompting the user to enter their credentials
- Make sure messages are rendered