Code Monkey home page Code Monkey logo

connect-ensure-login's Introduction

connect-ensure-login

This middleware ensures that a user is logged in. If a request is received that is unauthenticated, the request will be redirected to a login page. The URL will be saved in the session, so the user can be conveniently returned to the page that was originally requested.

Install

$ npm install connect-ensure-login

Usage

Ensure Authentication

In this example, an application has a settings page where preferences can be configured. A user must be logged in before accessing this page.

app.get('/settings',
  ensureLoggedIn('/login'),
  function(req, res) {
    res.render('settings', { user: req.user });
  });

If a user is not logged in when attempting to access this page, the request will be redirected to /login and the original request URL (/settings) will be saved to the session at req.session.returnTo.

Log In and Return To

This middleware integrates seamlessly with Passport. Simply mount Passport's authenticate() middleware at the login route.

app.get('/login', function(req, res) {
  res.render('login');
});

app.post('/login', passport.authenticate('local', { successReturnToOrRedirect: '/', failureRedirect: '/login' }));

Upon log in, Passport will notice the returnTo URL saved in the session and redirect the user back to /settings.

Step By Step

If the user is not logged in, the sequence of requests and responses that take place during this process can be confusing. Here is a step-by-step overview of what happens:

  1. User navigates to GET /settings
    • Middleware sets session.returnTo to /settings
    • Middleware redirects to /login
  2. User's browser follows redirect to GET /login
    • Application renders a login form (or, alternatively, offers SSO)
  3. User submits credentials to POST /login
    • Application verifies credentials
    • Passport reads session.returnTo and redirects to /settings
  4. User's browser follows redirect to GET /settings
    • Now authenticated, application renders settings page

Tests

$ npm install --dev
$ make test

Build Status

Credits

License

The MIT License

Copyright (c) 2012-2013 Jared Hanson <http://jaredhanson.net/>

connect-ensure-login's People

Contributors

jaredhanson avatar leider avatar

Watchers

avatar avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.