Reputation: 1659
how to check user authentication status on the server side
I want to check user authentication before showing a html page
my server.js file is like this
const express = require('express');
var jquery = require('jquery');
var admin = require("firebase");
const app = express();
app.use(express.static(__dirname + '/public'));
var serviceAccount = require("firebasekey.json");
admin.initializeApp({
credential: admin.credential.cert(serviceAccount),
databaseURL: "https://23442344114.firebaseio.com"
});
var ref = admin.app().database().ref();
app.get(['/','/index.html'], function(req, res) {
res.sendFile(__dirname + '/public/index.html');
});
app.get(['/dash' ], function(req, res) {
res.sendFile(__dirname + '/public/dash/index.html');
});
How could I check if a user is authenticated first on the server side before rendering a page; for example,
app.get(['/dash' ], function(req, res) {
//check if the user is authenticated
if auth == true {
res.sendFile(__dirname + '/public/dash/index.html');
} else{
res.sendFile(__dirname + '/public/login.html');
}
});
how do I check the user authentication status on the server side?
Upvotes: 0
Views: 1129
Answers (2)
Reputation: 4481
You should read about Authentication methods like JWT and OAuth. You can use a middleware to check if a particular user is authenticated or not. You can you libraries like passport for this. You can create you own router level middleware like this.
let middleware = function (req, res, next) {
//Do your checking...
next();
};
app.get(['/dash' ],middleware, function(req, res) {
//check if the user is authenticated
if auth == true {
res.sendFile(__dirname + '/public/dash/index.html');
} else {
res.sendFile(__dirname + '/public/login.html');
}
});
Upvotes: 1
Reputation: 946
As suggested, there are countless ways to authenticate your users. But i will help you out with a simple example:
- You should have a persistent list of your users e.g. database. For the simplicity we will go with a constant in your code.
const express = require('express');
var jquery = require('jquery');
var admin = require("firebase");
const USER = {
email: "[email protected]",
password: "12345"
}
- There are several ways to implement the authentication check. I would recommend using a middleware which can be applied to various routes:
const authenticate = (req, res, next) => {
// parse the user out of your request
// e.g with bodyparser -> see npm
if (req.body.email === USER.email && req.body.password === USER.password) {
next()
} else {
res.send({ status: 401 });
}
}
- Apply this middleware to the routes you want to protect or to all routes
// all routes
app.use(authenticate)
// certain route
app.get('/someRoute', authenticate, (req, res)) => {
// only successful authenticated user
// (in this case: [email protected]) will
// have access to this route.
// ... code
}
This pattern can be extended with e.g cookies, jwt and of course a database where you can store your registered users.
Upvotes: 1
Related Questions
- How do I check auth state in a nextjs page
- Trying to get the status of firebase user authentication
- Firebase keep track if is user authenticated
- Check if user logged in from backend Firebase Authentication
- Checking user authentication with Firebase
- How to check if user is authenticated in Firebase and Express/Node.js?
- Firebase Authentication JavaScript get success
- How to check on the server that the client is authenticated?
- Get if a user is authenticated on Firebase initializeApp
- Client-side check if authenticated in firebase