Samantha Thomas Samantha Thomas - 1 month ago 8
Node.js Question

Logging in users after they register using passport

After a user signs up, I'd like them to automatically be logged in. I read online to use req.login(), but it doesn't seem to be working. The user is added to the database, but aren't logged in. Can someone point me the right direction?

var express = require('express');
var router = express.Router();
var passport = require('passport');
var LocalStrategy = require('passport-local').Strategy;

var User = require('../models/user');
var Student = require('../models/student');
var Instructor= require('../models/instructor');

router.get('/signup', function(req, res, next) {
if (!req.user){
res.render('users/signup');
} else {
res.redirect('/classes');
}
});

router.post('/signup', function(req, res, next){

var first_name = req.body.first_name;
var last_name = req.body.last_name;
var email = req.body.email;
var password = req.body.password;
var password2 = req.body.password2;
var type = req.body.type;

req.checkBody('first_name', 'First name is required.').notEmpty();
req.checkBody('first_name', 'Please enter a shorter first name.').len(0, 40);
req.checkBody('last_name', 'Last name is required.').notEmpty();
req.checkBody('last_name', 'Please enter a shorter last name.').len(0, 40);
req.checkBody('email', 'Email is required.').notEmpty();
req.checkBody('email', 'Email must be valid.').isEmail();
req.checkBody('email', 'Please enter a shorter email.').len(0, 40);
req.checkBody('password', 'Password is required.').notEmpty();
req.checkBody('password2', 'Passwords must match.').equals(req.body.password);
req.checkBody('password', 'Please choose a password between 6 to 50 characters.').len(6, 50);

var errors = req.validationErrors();

if(errors){
res.render('users/signup', {
errors: errors,
first_name: first_name,
last_name: last_name,
email: email,
password: password,
password2: password2,
});
} else {
var newUser = new User({
email: email,
password: password,
type: type
});

var newStudent = new Student({
first_name: first_name,
last_name: last_name,
email: email,
});

var newInstructor = new Instructor({
first_name: first_name,
last_name: last_name,
email: email,
});

if(type == 'student'){
User.saveStudent(newUser, newStudent, function(err, user){
console.log('Student saved');
req.login(newUser, function(err) {
if (err) {
console.log(err);
}
})
})
} else {
User.saveInstructor(newUser, newInstructor, function(err, user){
console.log('Instructor saved');
req.login(newUser, function(err) {
if (err) {
console.log(err);
}
});
})
}

res.redirect('/classes');
}
});

router.get('/login', function(req, res, next){
if (!req.user){
res.render('users/login', {message: req.flash('error'), title: "Login"});
} else {
res.redirect('/classes');
}
});

passport.serializeUser(function(user, done) {
done(null, user._id);
});


passport.deserializeUser(function(id, done) {
User.getUserById(id, function (err, user) {
done(err, user);
});
});


router.post('/login',passport.authenticate('local-login', {
failureRedirect:'/users/login',
failureFlash: "Incorrect email or password."
}), function(req, res){
var usertype = req.user.type;
res.redirect('/students/classes');
});


//Check credentials for login
passport.use('local-login', new LocalStrategy({
usernameField: 'email'
},
function(email, password, done) {

User.getUserByEmail(email, function(err, user){
if (err) throw err;
if(!user){
return done(null, false);
}

User.comparePassword(password, user.password, function(err, isMatch) {
if (err) return done(err);
if(isMatch) {
return done(null, user);
} else {
return done(null, false);
}
});
});
}
));

//Logout user
router.get('/logout', function(req, res){
req.session.destroy(function (err) {
console.log(err);
res.redirect('/');
});
});

//Protect routes against users that aren't logged in.
function ensureAuthenticated(req, res, next){
if (req.isAuthenticated()){
return next;
} else {
res.redirect('/users/login');
}
};

module.exports = router;


app.js

var express = require('express');
var path = require('path');
var favicon = require('serve-favicon');
var logger = require('morgan');
var cookieParser = require('cookie-parser');
var bodyParser = require('body-parser');
var exphbs = require('express-handlebars');
var expressValidator = require('express-validator');
var flash = require('connect-flash');
var session = require('express-session');
var passport = require('passport');
var LocalStrategy = require('passport-local'),Strategy;
var mongo = require('mongodb');
var mongoose = require('mongoose');
mongoose.connect('mongodb://localhost/eTeacher');
var db = mongoose.connection;
async = require('async');

var routes = require('./routes/index');
var users = require('./routes/users');
var classes = require('./routes/classes');
var students = require('./routes/students');

var app = express();

// view engine setup
app.set('views', path.join(__dirname, 'views'));
app.engine('handlebars', exphbs({defaultLayout: 'layout'}));
app.set('view engine', 'handlebars');



// uncomment after placing your favicon in /public
//app.use(favicon(__dirname + '/public/favicon.ico'));
app.use(logger('dev'));
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: false }));
app.use(cookieParser());
app.use(express.static(path.join(__dirname, 'public')));

app.use(session({
secret: 'secret',
saveUninitialized: true,
resave: true
}));

app.use(passport.initialize());
app.use(passport.session());

app.use(expressValidator({
errorFormatter: function(param, msg, value) {
var namespace = param.split('.')
, root = namespace.shift()
, formParam = root;

while(namespace.length) {
formParam += '[' + namespace.shift() + ']';
}
return {
param : formParam,
msg : msg,
value : value
};
}
}));

app.use(flash());

app.use(function (req, res, next) {
res.locals.messages = require('express-messages')(req, res);

if(req.url == '/'){
res.locals.isHome = true;
}
next();
});


//Get user type if they are logged in
app.get('*', function(req, res, next) {
res.locals.user = req.user || null;
if(req.user){
res.locals.type = req.user.type;

if(req.user.type == 'instructor'){
res.locals.isInstructor = true;
} else if (req.user.type = 'student'){
res.locals.isStudent = true;
} else {
res.locals.isInstructor = false;
res.locals.isStudent = false;
}
}
next();
});


app.use('/', routes);
app.use('/users', users);
app.use('/classes', classes);
app.use('/students', students)

// catch 404 and forward to error handler
app.use(function(req, res, next) {
var err = new Error('Not Found');
err.status = 404;
next(err);
});

// error handlers

// development error handler
// will print stacktrace
if (app.get('env') === 'development') {
app.use(function(err, req, res, next) {
res.status(err.status || 500);
res.render('error', {
message: err.message,
error: err
});
});
}

// production error handler
// no stacktraces leaked to user
app.use(function(err, req, res, next) {
res.status(err.status || 500);
res.render('error', {
message: err.message,
error: {}
});
});


module.exports = app;

Answer

OH, I see what's happening. You're doing a res.redirect() outside the callback where you save the user. It's probably redirecting prior to the login cookie being set.

Move the res.redirect() into the res.login() callback and you should be good.

Comments