aboutsummaryrefslogtreecommitdiff
path: root/src/server.js
diff options
context:
space:
mode:
authorMark Powers <markppowers0@gmail.com>2019-02-02 12:33:51 -0500
committerMark Powers <markppowers0@gmail.com>2019-02-02 12:33:51 -0500
commit833e47cfea08c999392358c4e36216156401497e (patch)
treef258d5a1215e0e601f2c975384367f844d9a5c3c /src/server.js
parentc21eba4246be5c9831705a86592b45c70648c167 (diff)
Add set cookie to response
Diffstat (limited to 'src/server.js')
-rw-r--r--src/server.js11
1 files changed, 7 insertions, 4 deletions
diff --git a/src/server.js b/src/server.js
index c6630e8..368a101 100644
--- a/src/server.js
+++ b/src/server.js
@@ -41,7 +41,9 @@ function setUpRoutes(models, jwtFunctions){
if(req.path.startsWith("/admin")){
let cookie = req.cookies.authorization
if (!cookie) {
+ console.debug("Redirecting to login - no cookie")
res.redirect('/login');
+ return;
}
try {
const decryptedUserId = jwtFunctions.verify(cookie);
@@ -49,7 +51,9 @@ function setUpRoutes(models, jwtFunctions){
if (user) {
res.locals.user = user.get({ plain: true });
} else {
+ console.debug("Redirecting to login - invalid cookie")
res.redirect('/login');
+ return;
}
});
} catch (e){
@@ -87,7 +91,6 @@ function setUpRoutes(models, jwtFunctions){
})
server.post('/posts', upload.array('images'), async (req, res, next) => {
try {
- console.log(req.body);
const type = req.body.type
const newPost = await models.posts.create(req.body);
req.files.forEach(async (file) => {
@@ -102,17 +105,17 @@ function setUpRoutes(models, jwtFunctions){
}
})
server.post('/login', async (req, res, next) => {
- console.log(req.body);
const hash = crypto.createHash("sha512").update(req.body.password, "binary").digest("base64");
- console.log(hash);
const user = await models.users.findOne({where: { username: req.body.username, password: hash }})
if(user){
const token = jwtFunctions.sign(user.username);
+ res.cookie('authorization',token);
+ console.debug("Redirecting to admin - logged in")
res.redirect('/admin');
} else {
+ console.debug("Redirecting to login - invalid login")
res.redirect('/login');
}
- next();
})