Write the login function that will take the username and password and confirm that the password matches.
**Commit 8** <br>
////////////////////////////////////////////
<hr>
"Commit 8: Hashed the password using bcrypt. "
<hr>
<hr>
## # Authentication with Express & Bcrypt & PG
Write the code necessary to reder a form for logging in `/new`
Write the login function that will take the username and password and confirm that the password matches.
## Authentication & Authorization
1. *Middleware:* Install and require `bcrypt`: for handling incoming form data
## Challenges: Part 1
4. Update the users schema so that it has an email and a password_digest (both strings)
6. Add a home route to `server.js` which renders `home.html.ejs` which has an anchor tag, signup that links to `/users/new` with text of `Signup`.
7. in the routes directory with a file users.js
Add the corresponding code in your server.js
**Commit 9** <br>
<hr>
"Commit 9: Compared the username and password with the encrypted password. Redirected accordingly. "
<hr>
- define a route in this file. A get route `/users/new`
```
Create a login controller and session (so that you can delete it)
users.get('/new', (req,res) => {
res.render('users/new.html.ejs')
})
```
- the new route will render a file from `views/users` called `new.html.ejs` which will have a form with two input fields
The form will make a post request to `/users`
Again, it's up to you how this is accomplished.
They need to log in
## Challenges: Part 2
So we now have the beginning of our signup flow but nothing his happening yet. Remember when we installed bcrypt earlier? We're going to now use that to save our users data to the db and "sign them up" for our application.
So we now have the beginning of our signup flow but nothing his happening yet. Remember when we installed bcrypt earlier? We're going to now use that to save our users data to the db and "sign them up" for our application.
@ -126,124 +110,25 @@ So we now have the beginning of our signup flow but nothing his happening yet. R
1. Create a function called createUser that takes req, res, and next as arguments. Inside of that function create a function saveUser that takes two arguments, email and hash. Build the saveUser function as a standard pg function, It will insert an email and a password_digest into users.
1. Create a function called createUser that takes req, res, and next as arguments. Inside of that function create a function saveUser that takes two arguments, email and hash. Build the saveUser function as a standard pg function, It will insert an email and a password_digest into users.
2. TOGETHER: build the createSecure function, explain how we call it as a callback.
2. TOGETHER: build the createSecure function, explain how we call it as a callback.
- add this line to the top
- add this line to the top
```
var salt = bcrypt.genSaltSync(10);
```
```
function createSecure(email, password, callback) {
// hash password user enters at sign up
bcrypt.genSalt(function (err, salt) {
bcrypt.hash(password, salt, function (err, hash) {
// this callback saves the user to our database with the hashed password
callback(email, hash)
});
});
};
```
now call that function in the first line of create user, pass in the body, and a reference to saveUser as the callback
now call that function in the first line of create user, pass in the body, and a reference to saveUser as the callback
3. so let's go line by line and see what happens. We can now save users to our database and the password that is saved is encrypted.
3. so let's go line by line and see what happens. We can now save users to our database and the password that is saved is encrypted.
4. make the corresponding post route in users.js that calls createUser and authenticates them it should redirect to the home page.
4. make the corresponding post route in users.js that calls createUser and authenticates them it should redirect to the home page.
```
users.route('/')
.post(db.createUser, (req, res) => {
res.redirect('/');
})
```
## Challenges: Part 3 Log in
## Challenges: Part 3 Log in
1. Create a log in anchor tag on our home page that links to `users/login` it should render `users/login.html.ejs` which has a form that makes a post request with email and password.
1. Create a log in anchor tag on our home page that links to `users/login` it should render `users/login.html.ejs` which has a form that makes a post request with email and password.
```
users.get('/login', (req,res) => {
res.render('users/login.html.ejs')
})
```
```
<!DOCTYPE html>
<htmllang="en">
<head>
<metacharset="UTF-8">
<title>Document</title>
</head>
<body>
<formaction="/users/login"method="post">
<labelfor="email">email</label>
<inputtype="text"name="email">
<labelfor="password">password</label>
<inputtype="text"name="password">
<inputtype="submit"value="Submit">
</form>
</body>
</html>
```
2. Cool so this post request goes no where let's build this part out together.
2. Cool so this post request goes no where let's build this part out together.
Kristyn Bryan
10 years ago
committed by
GitHub