e3cfe80f88
* fix: add tests and steps * add necessary changes * edit for new boilerplate * fix: adjust content for boilerplate merge * add 4 passing 1 failing socketio * fix: add socketio changes * fix: update wording and http test Co-authored-by: Kristofer Koishigawa <scissorsneedfoodtoo@gmail.com> * fix: replace glitch remix urls with repl.it urls * integrate steps between lessons 4 and 5 * add mongodb altas link * edit test to not require db deletion * correct register routing and formatting * fix typos and formatting * fix: typos, standardize spacing, and remove unnecessary hr elements * fix: add/update links Add or update Gist solution links at the bottom of each challenge. Also add a missing link/text to the top of one of the challenges. * fix: remove Repl.it/boilerplate repo links from all but first challenge * fix: add target='_blank' to links in challenges * add note about PIP browser issues * move PIP note to end of instructions Co-authored-by: Kristofer Koishigawa <scissorsneedfoodtoo@gmail.com>
4.0 KiB
id, title, challengeType, forumTopicId
| id | title | challengeType | forumTopicId |
|---|---|---|---|
| 5895f70cf9fc0f352b528e65 | Set up Passport | 2 | 301565 |
Description
It's time to set up Passport so we can finally start allowing a user to register or login to an account! In addition to Passport, we will use Express-session to handle sessions. Using this middleware saves the session id as a cookie in the client and allows us to access the session data using that id on the server. This way we keep personal account information out of the cookie used by the client to verify to our server they are authenticated and just keep the key to access the data stored on the server.
To set up Passport for use in your project, you will need to add it as a dependency first in your package.json. "passport": "^0.3.2"
In addition, add Express-session as a dependency now as well. Express-session has a ton of advanced features you can use but for now we're just going to use the basics! "express-session": "^1.15.0"
You will need to set up the session settings now and initialize Passport. Be sure to first create the variables 'session' and 'passport' to require 'express-session' and 'passport' respectively.
To set up your express app to use the session we'll define just a few basic options. Be sure to add 'SESSION_SECRET' to your .env file and give it a random value. This is used to compute the hash used to encrypt your cookie!
app.use(session({
secret: process.env.SESSION_SECRET,
resave: true,
saveUninitialized: true,
cookie: { secure: false }
}));
As well you can go ahead and tell your express app to use 'passport.initialize()' and 'passport.session()'. (For example, app.use(passport.initialize());)
Submit your page when you think you've got it right. If you're running into errors, you can check out the project completed up to this point here.
Instructions
Tests
tests:
- text: Passport and Express-session should be dependencies.
testString: getUserInput => $.get(getUserInput('url')+ '/_api/package.json') .then(data => { var packJson = JSON.parse(data); assert.property(packJson.dependencies, 'passport', 'Your project should list "passport" as a dependency'); assert.property(packJson.dependencies, 'express-session', 'Your project should list "express-session" as a dependency'); }, xhr => { throw new Error(xhr.statusText); })
- text: Dependencies should be correctly required.
testString: getUserInput => $.get(getUserInput('url')+ '/_api/server.js') .then(data => { assert.match(data, /require.*("|')passport("|')/gi, 'You should have required passport'); assert.match(data, /require.*("|')express-session("|')/gi, 'You should have required express-session'); }, xhr => { throw new Error(xhr.statusText); })
- text: Express app should use new dependencies.
testString: getUserInput => $.get(getUserInput('url')+ '/_api/server.js') .then(data => { assert.match(data, /passport.initialize/gi, 'Your express app should use "passport.initialize()"'); assert.match(data, /passport.session/gi, 'Your express app should use "passport.session()"'); }, xhr => { throw new Error(xhr.statusText); })
- text: Session and session secret should be correctly set up.
testString: getUserInput => $.get(getUserInput('url')+ '/_api/server.js') .then(data => { assert.match(data, /secret:( |)process.env.SESSION_SECRET/gi, 'Your express app should have express-session set up with your secret as process.env.SESSION_SECRET'); }, xhr => { throw new Error(xhr.statusText); })
Challenge Seed
Solution
/**
Backend challenges don't need solutions,
because they would need to be tested against a full working project.
Please check our contributing guidelines to learn more.
*/