Now that we have completed the implementation of user authentication, we need to configure the application routes to handle the validation and creation of users.
Let's make some changes in the index.js file inside the routes folder:
- Add the following highlighted code to the
index.jsfile:var express = require('express'), var router = express.Router(); var passport = require('passport'), /* GET home page. */ router.get('/', function(req, res) { res.render('index.ejs'), }); module.exports = router;Note that we set up the default router to render a page called
index.ejs. We have not created this page yet, but we will do so soon; for now, we will continue setting the necessary routes to handle authentication. - Let's create the route for a
profile.ejspage; place the following code after thehome pageroute function:/* GET profile page. */ router.get('/profile', isLoggedIn, function(req, res) { res.render('profile.ejs', { user : req.user }); });Here, we passed an
isLoggedInfunction as a parameter of therouter.get()function and a user object as the second parameter for theres.render()function. This indicates that the user must be logged in to see this page. - So, the next step is to create the
isLoggedIn()function. Add the following lines of code after theprofileroute:// function to check if user is logged in function isLoggedIn(req, res, next) { if (req.isAuthenticated()) { return next(); } // if not logged go to default route res.redirect('/'), }Now, we need to deal with logging out of the application; instead of creating a function, we will create a route to perform this action. So, any time we access the
/logoutroute, we end the user session. - Add the following code right after the profile route:
/* GET logout route. */ router.get('/logout', function(req, res) { req.logout(); res.redirect('/'), });We still need two more routes: one for the login page and another for the signup page; these routes will have two routes functions: one for the GET method and the other for the POST method.
- Add the following code after the
profileroute:/* GET login page. */ router.get('/login', function(req, res) { res.render('login.ejs', { message:req.flash('loginMessage') }); }); /* POST login data. */ router.post('/login', passport.authenticate('local-login', { //Success go to Profile Page / Fail go to login page successRedirect : '/profile', failureRedirect : '/login', failureFlash : true })); - Add the following code after the
loginroute:/* GET signup page. */ router.get('/signup', function(req, res) { res.render('signup.ejs', { message: req.flash('signupMessage') }); }); /* POST signup data. */ router.post('/signup', passport.authenticate('local-signup', { //Success go to Profile Page / Fail go to Signup page successRedirect : '/profile', failureRedirect : '/signup', failureFlash : true }));
Note that we are passing a flash message as the second parameter of the res.render() function with a warning message from the passport.js file. Also, we use the Passport methods successRedirect, failureRedirect, and failureFlash to deal with success and fail, redirecting to a specific page and sending warning messages if the session fails.
Now, we need to create the pages for each previous function, so we will use templates.