Dognation: Password Authentication Project

I am stuck with the Dognation: Password Authentication and I am hoping I could find some help here.
The registration and login are console.logging fine, but when I try to login I am getting redirected to the login screen instead of home with logged in user.
here is the code :

  1. app.js
// Import packages
const express = require("express");
const app = express();
const session = require("express-session");
const passport = require("passport");

// App config
app.set("trust proxy", 1);
const PORT = process.env.PORT || 4001;
app.use(express.json());
app.use(express.urlencoded({ extended: true }));
app.use(express.static(__dirname + '/public'));
app.set("view engine", "ejs");
// Import Passport config
require("./config/passport");

// Session Config
app.use(
  session({
    secret: "1234567890",
    cookie: {maxAge: 600000000, secure: true, sameSite: 'none'},
    saveUninitialized: false,
    resave: false,
  })
);

// Passport Config
app.use(passport.initialize());
app.use(passport.session());

// Routes
app.use(require("./routes/index.routes"));

app.get("/", (req, res) => {
  const user = req.user || "Guest";
  res.render("home", {  user: user });
});


app.listen(PORT, () => {
  console.log(`Server is listening on port: ${PORT}`);
});

2.users.routes.js

const express = require("express");
const router = express.Router();
const helper = require("../helpers/helper");
const passport = require("passport");
const filename = "./data/users.json";
const bcrypt = require("bcrypt");
let users = require("../data/users.json");

// Register New User:
router.post("/register", async (req, res) => {
  const { username, password } = req.body;
  const id = { id: helper.getNewId(users) };
  try {
    const user = await helper.userExists(username);
    if (user) {
      console.log("User already exists!");
      return res.redirect("login");
    }
    // Hash password before storing in local DB:
    const salt = await bcrypt.genSalt(10);
    const hashedPawword = await bcrypt.hash(password, salt);
    const newUser = { ...id, username, password: hashedPawword };

    // Store new user in local DB
    await users.push(newUser);
    await helper.writeJSONFile(filename, users);

    res.redirect("login");
  } catch (err) {
    res.status(500).json({ message: err.message });
  }
});

// Log In User:
router.post("/login", passport.authenticate("local", {failureRedirect: "login"}),  (req, res) => {
  res.redirect("../");
});

// Log out user:
router.get("/logout", (req, res) => {
  req.logout();
  res.redirect("../");
});

router.get("/register", (req, res) => {
  res.render("register");
});

router.get("/login", (req, res) => {
  res.render("login");
});

module.exports = router;

  1. passport.js
const passport = require("passport");
const LocalStrategy = require("passport-local").Strategy;
const bcrypt = require("bcrypt");
const helper = require("../helpers/helper");

// Set up the Passport strategy:
passport.use(new LocalStrategy(function(username, password, cb) {
  helper.findByUsername(username, async function(err, user) {
    const matchedPassword = await bcrypt.compare(password, user.password);
    if (err) {
      return cb(err);
    }
    if (!user) {
      return cb(null, false);
    }
    if (user.password != matchedPassword) {
      return cb(null, false);
    }
    return cb(null, user);
  });
}));


// Serialize a user
passport.serializeUser((user, done) => {
  done(null, user.id);
});

// Deserialize a user
passport.deserializeUser((id, done) => {
  helper.findById( id, function (err, user) {
    if (err) {
      return done(err);
    }
    done (null, user);
  });
});

I have found the issue . in passport.js instead of

if (user.password != matchedPassword) {
      return cb(null, false);
    }

it should be

if (!matchedPassword) {
      return cb(null, false);
    }

This topic was automatically closed 41 days after the last reply. New replies are no longer allowed.