[TODO]《Add feat》 Add protected route

gbowne1 / RadioLogger

A Radio Logging application build with NodeJS and ExpressJS

GNU General Public License v3.0

6 stars 6 forks source link

[TODO]《Add feat》 Add protected route #52

Open gbowne1 opened 1 year ago

gbowne1 commented 1 year ago

Add /dashboard as protected route

jzunigarce commented 1 year ago

How to send token?

gbowne1 commented 1 year ago

@gbowne1 My idea for this is I think we should add a ensureAuthenticated.middlware.js function

function ensureAuthenticated(req, res, next) {
  if (req.isAuthenticated()) {
    return next();
  } else {
    res.redirect('/login');
  }
}

Then send a 302 Found to the user.

Then we just add to the GET for dashboard app.get('/dashboard', ensureAuthenticated, (req, res) => { // Render the dashboard page or handle the request as needed });

jzunigarce commented 1 year ago

We currently have a middleware to validate if it is authenticated through the api, however we could implement one for web pages, we just need to define the way in which you will send me the token to validate it

gbowne1 commented 1 year ago

I think we only have authorized which is separate from authenticated. A whole different level of security. This particular one does redirect.

gbowne1 commented 1 year ago

app.post('/login', (req, res) => {
  // Perform authentication and authorization checks
  // If successful, redirect the user to the desired page
  if (authenticationSuccessful && authorizationSuccessful) {
    res.redirect('/dashboard');
  } else {
    // Handle authentication or authorization failure
    res.redirect('/login');
  }
});