extremexr / apiauthenticationwithnode Goto Github PK
View Code? Open in Web Editor NEWProject files for "API Authentication with Node" course
Project files for "API Authentication with Node" course
When you log in for the first time it works. But once you update some user information, it returns unauthorized on each request.
Hi,
I followed your YouTube series and it is great. However i am facing problem in the signin
part. I have working signup
and secret
api.
My signin
end point is not working. Even if i give the right password passport
still returns false
.
Then, i put some console.log statements in there and found out that the pre
is running twice somehow. I don't know why. And because it is running twice what it does that, first it takes plaintext-password
then hashes it and then again take to hashed password and re-hashes it again.
userSchema.pre("save", async function(next) {
try {
console.log('Normal Pass: ', this.password);
// Generate a salt
const salt = await bcrypt.genSalt(10);
console.log('Salt: ', salt);
// Generate a password hash (salt + hash)
const passwordHash = await bcrypt.hash(this.password, salt);
console.log('HashedPass: ', passwordHash);
// Re-assign hashed version over original, plain text password
this.password = passwordHash;
next();
} catch (error) {
next(error);
}
});
That is why i am getting false eveytime. Now i don't know how to solve this can anyone help me out here..
If I sign up with Google OAuth and then after signing out, if I create another account with google's email and password. So there are two docs in database with same email.
Ok,
I have setup Travis and it looks like it works, however, there is a small problem as I am not the owner or I do not have the repo right I can't set Travis to work on this repo. I think I need to be a part of the organization in the settings of the repo so I can setup Travis working here as well.
I will try to add MongoDB in memory package for a local test or we can come up with some kind of DB seed before each test.
also, I think there is an issue with mongoose
(node:4392) DeprecationWarning: `open()` is deprecated in mongoose >= 4.11.0, use `openUri()` instead, or set the `useMongoClient` option if using `connect()` or `createConnection()`. See http://mongoosejs.com/docs/connections.html#use-mongo-client
You can see the Travis build here on my forked repo: Link
During the server side validation of the user data input...it return the response::
` const result = Joi.validate(req.body, schema);
if (result.error) {
return res.status(400).json(result.error);
}
if (!req.value) { req.value = {}; }
req.value['body'] = result.value;
next();
`
response is received but the user is saved in the DB with corrupted data.
would like to contribute. :-)
when i cloned the repo, installed everything , app is running fine , google authentication is working fine
but when i click login with facebook , its showing
NodeOAuth needs to update the security settings and you wont be able to use it until nodeoauth updates its setttings, please fix this
There is no
app.use(bodyParser.urlencoded({
extended: true
}));
statement in app.js
when testing for the login password is correct or not
in your code in passport.js file
when using local strategy
you wrote :
const users = await user.findOne({email })
so when you enter wrong password , it generate normally token
i added password and it solved this issue to be like that
const users = await user.findOne({email ,password})
I have tried all the solutions offered in this site and GitHub but it didn't work for me because my routes/user.js is structured differently. Also, I am new in Nodejs. I need help to change const result = Joi.validate(req.body, schema); in the routeHelper.js and
const {validateBody, schemas} = require('../helpers/routehelpers');
router.route('/signup')
.post(validateBody(schemas.authSchema),userController.signup);
in the routes/user.js
//===Here is my Code ===
//== helpers/routeHelper.js ==
const Joi = require('joi');
module.exports = {
validateBody: (schema) => {
return (req, res, next) => {
const result = Joi.validate(req.body, schema);
if (result.error) {
return res.status(400).json(result.error);
}
if (!req.value) { req.value = {}; }
req.value['body'] = result.value;
next();
}
},
schemas: {
authSchema: Joi.object().keys({
email: Joi.string().email().required(),
password: Joi.string().required()
})
}
}
//== routes/user.js ====
const express = require('express'),
router = require('express-promise-router')();
const userController = require('../controller/user');
const {validateBody, schemas} = require('../helpers/routehelpers');
const passport = require('passport')
const passportConfig = require('../passport')
router.route('/signup')
.post(validateBody(schemas.authSchema),userController.signup);
router.route('/signin')
.post(userController.signin);
router.route('/secret')
.get(passport.authenticate('jwt',{session:false}),userController.secret);
module.exports = router;
A lot of the tests do not throw an error.
it('should return status 401', async () => { try { await chai.request(server).get(secret); } catch (error) { expect(error.status).to.equal(401); expect(error.response.text).to.equal('Unauthorized'); } });
should be:
it('Should return 401 without token in request', async () => { try { const result = await chai.request(server).get(secret); expect(result.status).to.equal(401); expect(result.response.text).to.equal('Unauthorized'); } catch (e) { throw new Error(e); } });
Because the error in the first example isn't thrown, it causes the assertion to fail, but the test still passes. Remember, try/catch causes the error to not be thrown unless you explicitly tell it to.
I had a problem that the google-plus-token-strategy is using old people's API which was made unavailable for new projects on March 7, 2019. So when you will add you clientID and client secret in the code and run it. So if you try to login it will give error.
Install the passport-token-google
and replace the require statement of GooglePlusTokenStrategy with:
const GoogleStrategy = require("passport-token-google").Strategy;
After this replace GooglePlusTokenStrategy with GoogleStrategy.
Now everything will work fine.
Hello, I am having a problem. I watched your youtube series and it was simply awesome. The problem I have is that passport.js file has not been imported anywhere so how did the passport come to know about the strategies?
I am having trouble solving it. Please help me.
to get this issue you must
Should we merge part 8 to master?
@eXtremeXR
The link points to the correct video on youtube now.
@eXtremeX Should I fork the repo or can you add me as a contributor to it?
Also, I would suggest refactor the code into branches and not commit. it would be easy for us to push the master and users still can view the video specific branch.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.