Databases
StackOverflow2013
Postsdbo
PO
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    text
    copied!<h2>Session + If</h2> <p>I guess the reason that you haven't found many good libraries is that using a library for authentication is mostly over engineered.</p> <p>What you are looking for is just a session-binder :) A session with:</p> <pre><code>if login and user == xxx and pwd == xxx then store an authenticated=true into the session if logout destroy session </code></pre> <p>thats it.</p> <hr> <h2>I disagree with your conclusion that the connect-auth plugin is the way to go.</h2> <p>I'm using also <a href="http://senchalabs.github.com/connect">connect</a> but I do not use connect-auth for two reasons:</p> <ol> <li><p>IMHO breaks connect-auth the very powerful and easy to read onion-ring architecture of connect. A no-go - my opinion :). You can find a very good and short article about how connect works and the onion ring idea <a href="http://howtonode.org/connect-it">here</a>.</p></li> <li><p>If you - as written - just want to use a basic or http login with database or file. Connect-auth is way too big. It's more for stuff like OAuth 1.0, OAuth 2.0 &amp; Co</p></li> </ol> <hr> <h2>A very simple authentication with connect</h2> <p>(It's complete. Just execute it for testing but if you want to use it in production, make sure to use https) (And to be REST-Principle-Compliant you should use a POST-Request instead of a GET-Request b/c you change a state :)</p> <pre class="lang-js prettyprint-override"><code>var connect = require('connect'); var urlparser = require('url'); var authCheck = function (req, res, next) { url = req.urlp = urlparser.parse(req.url, true); // #### // Logout if ( url.pathname == "/logout" ) { req.session.destroy(); } // #### // Is User already validated? if (req.session &amp;&amp; req.session.auth == true) { next(); // stop here and pass to the next onion ring of connect return; } // ######## // Auth - Replace this example with your Database, Auth-File or other things // If Database, you need a Async callback... if ( url.pathname == "/login" &amp;&amp; url.query.name == "max" &amp;&amp; url.query.pwd == "herewego" ) { req.session.auth = true; next(); return; } // #### // This user is not authorized. Stop talking to him. res.writeHead(403); res.end('Sorry you are not authorized.\n\nFor a login use: /login?name=max&amp;pwd=herewego'); return; } var helloWorldContent = function (req, res, next) { res.writeHead(200, { 'Content-Type': 'text/plain' }); res.end('authorized. Walk around :) or use /logout to leave\n\nYou are currently at '+req.urlp.pathname); } var server = connect.createServer( connect.logger({ format: ':method :url' }), connect.cookieParser(), connect.session({ secret: 'foobar' }), connect.bodyParser(), authCheck, helloWorldContent ); server.listen(3000); </code></pre> <h2>NOTE</h2> <p>I wrote this statement over a year ago and have currently no active node projects. So there are may be API-Changes in Express. Please add a comment if I should change anything.</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload