@ull-esit-pl/auth v1.0.6

Auth

This module was made for education purpose. The goal was to do a basic authorization middleware to know how it works.

About this module

This module exports a function that returns an express middleware.

It defines the routes 1. /login and /register via GET and POST methods, 2. /logout via the GET method only 3. /content via the GET method. This is the route that will be protected and users must be logged in before accessing this route Otherwise a 401 message will be sent with an unauthorized view.

Student

• Original version: Carlos Domínguez García (alu0100966589@ull.edu.es)
• Modified by the lecturer (crguezl@ull.edu.es)

API

The function that exports the module needs an object. The properties of that object are the following:

• passwordFile: location of the file to store the users credentials.

• pathToProtect: the files that will be accessible only when users are logged in.

• registerView: view containing the form to register. It will be served at '/register' via the HTTP GET method.

  • The names of the fields must be username and password

• successRegisterView: view with the message to render when the user registers successfully.

• errorRegisterView: view to render when there is an error in the registration.

• loginView: view containing the form to log in. It will be served at '/login' via the HTTP GET method.

  • The names of the fields must be username and password

• successLoginView: view with the message to render when the user logs in successfully.

• errorLoginView: view to render when there is an error in the login.

• logoutView: view to render when they log out.

• unauthorizedView: view to render when a user tries to access '/content' without being logged in