Reputation: 681
How to save a token in a local storage (or cookie)?
I am trying to implement a login function in an app. Currently, I could register a login, generate a jwt token. However, I do not know how to store this token in a cookie (or local storage). I have a middleware that would require a user to send a token in each request which is private. In postman, I could put 'x-auth-token' and a token in a header. Many of the tutorials use passport, cookie-parser which seemed kinda complicated. Are there any other easier ways? I saw in the express document that there were res.cookie('x-auth-token', token); available too, I tried it but it didn't work. I also tried window.localStorage.setItem('x-auth-token', token);, still didn't work.
I have tried something super simple which is to simply put a token in a localStorage. window.localStorage.setItem('x-auth token', token); However, it didn't work.
auth
const jwt = require('jsonwebtoken');
const config = require('config');
// middleware function, next so it moves on to the next middlware
module.exports = function(req, res, next) {
//get the token from header
const token = req.header('x-auth-token');
//Check if not token
if (!token) {
return res.status(401).json({ msg: 'No token, authorization denied' });
}
//Verify token if exist
try {
const decoded = jwt.verify(token, config.get('jwtSecret'));
req.user = decoded.user;
next();
} catch (err) {
res.status(401).json({ msg: 'Token is not valid' });
}
};
posts.js
// @ route POST api/users
// @desc Register User
// @access Public
router.post(
'/',
[
check('name', 'Name is required')
.not()
.isEmpty(),
check('email', 'Please include a valid email').isEmail(),
check(
'password',
' Please enter a password with 6 or more characters'
).isLength({ min: 6 })
],
async (req, res) => {
const errors = validationResult(req);
if (!errors.isEmpty()) {
return res.status(400).json({
errors: errors.array()
});
}
const { name, email, password } = req.body;
try {
// See if user exists, have to be unique
let user = await User.findOne({ email });
if (user) {
return res
.status(400)
.json({ errors: [{ msg: 'User already exists' }] });
}
// Get users gravatar
const avatar = gravatar.url(email, {
s: '200',
r: 'pg',
d: 'mm'
});
user = new User({
name,
email,
avatar,
password
});
//encrypt password
const salt = await bcrypt.genSalt(10);
user.password = await bcrypt.hash(password, salt);
// anything that return a promise, we have to put await !!
await user.save();
//return jsonwebtoken
const payload = {
user: {
id: user.id
}
};
jwt.sign(
payload,
config.get('jwtSecret'),
{ expiresIn: 60 * 60 * 100 },
(err, token) => {
// window.localStorage.setItem('x-auth-token', token);
res.json({ token });
res.cookie('x-auth-token', token);
// req.flash('You seccessfully registered your account');
// res.redirect('/user/login');
}
);
} catch (err) {
console.error(err.message);
res.status(500).send('Server error');
}
}
);
main.handlebars
<!DOCTYPE html>
<html lang="en">
<head>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link rel="stylesheet" href="/css/main.css">
<link rel="stylesheet" href="/css/register.css">
<link href="https://fonts.googleapis.com/css?family=Roboto&display=swap" rel="stylesheet">
<script src="https://use.fontawesome.com/804afe4c6e.js"></script>
{{!-- for auto-reload --}}
<script src="/reload/reload.js"></script>
<script src="/javascript/main.js"></script>
<title>Idea Share</title>
</head>
<body>
<nav class="navbar bg-dark">
<h1><a href="/">Idea Share</a></h1>
<ul>
<a href="/signup">
<li>Sign up</li>
</a>
<a href="/signup">
<li>Log in</li>
</a>
</ul>
</nav>
<div class="container">
{{{body}}}
</div>
</body>
</html>
register.handlebars
<div class="height-container">
<div class="vertical-align">
<div class="register-form">
<h1>Create your account</h1>
<form class="form" action="/api/users" method="post">
<div class="form-group">
<input name="name" type="text" placeholder="Name" requried>
</div>
<div class="form-group">
<input name="email" type="email" placeholder="E-mail">
</div>
<div class="form-group">
<input name="password" type="text" placeholder="Password" minlength="6">
</div>
<input onclick="loginUser()" type="submit" value="Create account" class="button green-button" />
</form>
<p>Already have an account? <a href="/signin">Sign in</a></p>
</div>
</div>
</div>
post.handlebars
<div class="height-container">
<div class="vertical-align">
<div class="idea-form">
<h1>Share your idea</h1>
<form class="form" action="/api/posts" method="post">
<div class="form-group">
<input type="text" placeholder="What is your idea?" name="title" requried>
</div>
<div class="form-group">
<input type="text" placeholder="Let us know more detail. What is the story. How did you come up with it?
Why do you think people would need it etc" name="body">
</div>
<input "type=" submit" value="Post" class="button green-button" />
</form>
</div>
</div>
</div>
Upvotes: 0
Views: 6128
Answers (1)
Reputation: 667
You cannot save item to localstorage in nodejs. First sent your Response to client side and save the the res token to Browser local storage using localStorage.setItem('x-auth-token', token);.
on client side use your token as :-
http.post('/', userCredentials).then(response => {
window.localStorage.setItem('x-auth-token', response.token)
}
);
Upvotes: 1
Related Questions
- How to store jwt token in localStorage and send it back to the server with header in express?
- Save and get express.js token from local storage
- How to set the token to local storage or cookies so that i can allow user to access certain web pages
- Storing JWT server side express.js
- How to store and access tokens for authentication?
- Saving JWT token to local storage
- NodeJs JWT token storing
- Save Token in local Storage using node
- JWT - storing token in cookies
- Storing Tokens in the browser