Created
May 8, 2023 12:30
-
-
Save edwilliams/d62a5881590d3359850ab9b605ebaf31 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!DOCTYPE html> | |
| <html lang="en"> | |
| <head> | |
| <meta charset="UTF-8" /> | |
| <meta http-equiv="X-UA-Compatible" content="IE=edge" /> | |
| <meta name="viewport" content="width=device-width, initial-scale=1.0" /> | |
| <title>HTMX Demo</title> | |
| </head> | |
| <body> | |
| <button hx-get="/unauthed" hx-swap="outerHTML">unauthed test</button> | |
| <button hx-get="/authed" hx-swap="outerHTML">authed test</button> | |
| <button hx-get="/logout" hx-swap="outerHTML">logout</button> | |
| <form hx-post="/login"> | |
| <input name="username" type="text" placeholder="username" /> | |
| <input name="password" type="text" placeholder="password" /> | |
| <input type="submit" value="Submit" /> | |
| </form> | |
| <script src="htmx-1.8.2.min.js"></script> | |
| </body> | |
| </html> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import jwt from 'jsonwebtoken' | |
| export const checkToken = (req, res, next) => { | |
| const token = req.cookies.auth | |
| if (token) { | |
| jwt.verify(token, process.env.JWT_secret, (err, decoded) => { | |
| if (err) { | |
| return res.send('Token is not valid') | |
| } else { | |
| req.decoded = decoded | |
| next() | |
| } | |
| }) | |
| } else { | |
| return res.send('Auth token is not supplied') | |
| } | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import dot from 'dotenv' | |
| import express from 'express' | |
| import bodyParser from 'body-parser' | |
| import cors from 'cors' | |
| import jwt from 'jsonwebtoken' | |
| import cookieParser from 'cookie-parser' | |
| import { checkToken } from './middleware-auth.mjs' | |
| dot.config() | |
| const app = express() | |
| const port = process.env.PORT || 8000 | |
| app.use(cookieParser()) | |
| app.use(bodyParser.urlencoded({ extended: true })) | |
| app.use(bodyParser.json()) | |
| app.use(cors()) | |
| app.use(express.static(`${process.cwd()}/public`)) | |
| app.post('/login', async (req, res) => { | |
| const { username, password } = req.body | |
| if (username && password) { | |
| if (username === 'admin' && password === 'pass123') { | |
| const token = jwt.sign({ username }, process.env.JWT_secret, { | |
| expiresIn: '24h', | |
| }) | |
| res | |
| .cookie('auth', token, { expire: Date.now() }) | |
| .send('Authentication successful') | |
| } else { | |
| res.status(403).send('Incorrect username or password') | |
| } | |
| } else { | |
| res.status(400).send('Authentication failed') | |
| } | |
| }) | |
| app.get('/unauthed', (req, res) => res.send('<p>hello</p>')) | |
| app.get('/authed', checkToken, (req, res) => res.send('<p>authed!</p>')) | |
| app.get('/logout', (req, res) => { | |
| res.clearCookie('auth') | |
| res.send('auth cookie cleared') | |
| }) | |
| app.listen(port, () => console.log(`Server is listening on port: ${port}`)) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment