Skip to content

Instantly share code, notes, and snippets.

@aaronksaunders

aaronksaunders/app.js

Created September 18, 2012 21:07
Show Gist options
  • Save aaronksaunders/3745900 to your computer and use it in GitHub Desktop.
Save aaronksaunders/3745900 to your computer and use it in GitHub Desktop.
Download ZIP
Integrating ACS with NODE JS - This works, BUT I want to migrate it to using the new Node.ACS platform
Raw
app.js
// SEE QUESTION IN QA FORUM
// http://developer.appcelerator.com/question/142378/integrating-nodeacs-with-expressjs-not-working
// @aaronksaunders
//
/**
* Module dependencies.
*/
var express = require('express');
var querystring = require('querystring');
var https = require('https');
var app = module.exports = express();
var appKey = '--APP KEY HERE--'; //APP Key
// config
app.set('view engine', 'ejs');
app.set('views', __dirname + '/views');
// middleware
app.use(express.bodyParser());
app.use(express.cookieParser('shhhh, very secret'));
app.use(express.session());
// Session-persisted message middleware
app.use(function(req, res, next){
var err = req.session.error
, msg = req.session.success;
delete req.session.error;
delete req.session.success;
res.locals.message = '';
if (err) res.locals.message = '<p class="msg error">' + err + '</p>';
if (msg) res.locals.message = '<p class="msg success">' + msg + '</p>';
next();
});
// Authenticate using our plain-object database of doom!
function authenticate(name, pass, fn) {
if (!module.parent) {
console.log('authenticating %s:%s', name, pass);
}
var data = querystring.stringify({
login: name,
password: pass
});
var options = {
host: 'api.cloud.appcelerator.com',
port: 443,
path: '/v1/users/login.json?key=' + appKey,
method: 'POST',
headers: {'Content-Length': data.length}
};
var req = https.request(options, function(res) {
res.on('data', function(d) {
process.stdout.write(d);
var json = JSON.parse(d);
var session_id = json.meta.session_id;
var user = session_id ? json.response.users[0] : undefined;
if (!session_id) {
return fn(json.message);
} else if ( session_id ) {
return fn(null, user, session_id);
} else {
fn(new Error('invalid password'));
}
});
});
req.write(data);
req.end();
}
function restrict(req, res, next) {
if (req.session.user) {
next();
} else {
req.session.error = 'Access denied!';
res.redirect('/login');
}
}
app.get('/', function(req, res){
res.redirect('login');
});
app.get('/restricted', restrict, function(req, res){
res.send('Wahoo! restricted area');
});
app.get('/logout', function(req, res){
// destroy the user's session to log them out
// will be re-created next request
req.session.destroy(function(){
res.redirect('/');
});
});
app.get('/login', function(req, res){
if (req.session.user) {
req.session.success = 'Authenticated as <strong>' + req.session.user.username + " " + req.session.user_session_id
+ '</strong> click to <a href="/logout">logout</a>. '
+ ' You may now access <a href="/restricted">/restricted</a>.';
}
res.render('login');
});
app.post('/login', function(req, res){
authenticate(req.body.username, req.body.password, function(err, user, session_id){
if (user) {
// Regenerate session when signing in
// to prevent fixation
req.session.regenerate(function(){
// Store the user's primary key
// in the session store to be retrieved,
// or in this case the entire user object
console.log('session '+JSON.stringify(req.session));
console.log('user '+JSON.stringify(user));
req.session.user = user;
req.session.user_session_id = session_id;
console.log(JSON.stringify(req.session));
res.redirect('back');
});
} else {
req.session.error = 'Authentication failed, please check your '
+ ' username and password.'
+ ' (use "tj" and "foobar")';
res.redirect('login');
}
});
});
if (!module.parent) {
app.listen(3000);
console.log('Express started on port 3000');
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment