From fd2fba0e07ce654c6abeeaaa42b40e576a3d564a Mon Sep 17 00:00:00 2001 From: Roger Cortez Date: Wed, 10 Jul 2024 21:08:09 +0800 Subject: [PATCH] Added session to store temporary auth data --- server/app.js | 37 ++++++++++++- server/package-lock.json | 115 ++++++++++++++++++++++++++++++++++++++- server/package.json | 2 + server/routes/auth.js | 13 ++++- 4 files changed, 159 insertions(+), 8 deletions(-) diff --git a/server/app.js b/server/app.js index a4cf4b7..b251a7c 100644 --- a/server/app.js +++ b/server/app.js @@ -1,22 +1,55 @@ +require('dotenv').config(); // Load environmental variables from .env file var createError = require('http-errors'); var express = require('express'); const path = require('path'); var cookieParser = require('cookie-parser'); var logger = require('morgan'); var cors = require('cors'); + +// Routes var indexRouter = require('./routes/index'); var usersRouter = require('./routes/users'); var authRouter = require('./routes/auth'); +// Session storage +const session = require('express-session'); +const MySQLStore = require('express-mysql-session')(session); + var app = express(); const port = process.env.PORT || 5000; + +// MySQL session store configuration +const sessionStore = new MySQLStore({ + host: process.env.DB_HOST, + port: 3306, + user: process.env.DB_USER, + password: process.env.DB_PASSWORD, + database: process.env.DB_NAME +}); + +// Use session middleware +app.use(session({ + key: 'temp_data', + secret: process.env.SESSION_SECRET, + store: sessionStore, + resave: false, + saveUninitialized: false, + cookie: { + httpOnly: true, + secure: process.env.NODE_ENV === 'production' + } +})); + +// Body parser middleware +app.use(express.json()); +app.use(express.urlencoded({ extended: true })); // Set extended to true to handle complex data structures + // view engine setup changed from jade to pug app.set('views', path.join(__dirname, 'views')); app.set('view engine', 'pug'); app.use(cors()); app.use(logger('dev')); -app.use(express.json()); -app.use(express.urlencoded({ extended: false })); + app.use(cookieParser()); app.use(express.static(path.join(__dirname, 'public'))); diff --git a/server/package-lock.json b/server/package-lock.json index 702e002..52972e1 100644 --- a/server/package-lock.json +++ b/server/package-lock.json @@ -15,6 +15,8 @@ "debug": "~2.6.9", "dotenv": "^16.4.5", "express": "~4.16.1", + "express-mysql-session": "^3.0.3", + "express-session": "^1.18.0", "http-errors": "~1.6.3", "jade": "~1.11.0", "masto": "^6.8.0", @@ -674,6 +676,94 @@ "node": ">= 0.10.0" } }, + "node_modules/express-mysql-session": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/express-mysql-session/-/express-mysql-session-3.0.3.tgz", + "integrity": "sha512-sEYrzFrOs3er+Ie/uk1dt93qz4AQ9SU1mpJJ0HPs0MJ4t4hE9AcDRNq0sZQUwy2F/SbXusBt1E5+FY6KzSqXNg==", + "dependencies": { + "debug": "4.3.4", + "mysql2": "3.10.2" + } + }, + "node_modules/express-mysql-session/node_modules/debug": { + "version": "4.3.4", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz", + "integrity": "sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==", + "dependencies": { + "ms": "2.1.2" + }, + "engines": { + "node": ">=6.0" + }, + "peerDependenciesMeta": { + "supports-color": { + "optional": true + } + } + }, + "node_modules/express-mysql-session/node_modules/ms": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", + "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==" + }, + "node_modules/express-session": { + "version": "1.18.0", + "resolved": "https://registry.npmjs.org/express-session/-/express-session-1.18.0.tgz", + "integrity": "sha512-m93QLWr0ju+rOwApSsyso838LQwgfs44QtOP/WBiwtAgPIo/SAh1a5c6nn2BR6mFNZehTpqKDESzP+fRHVbxwQ==", + "dependencies": { + "cookie": "0.6.0", + "cookie-signature": "1.0.7", + "debug": "2.6.9", + "depd": "~2.0.0", + "on-headers": "~1.0.2", + "parseurl": "~1.3.3", + "safe-buffer": "5.2.1", + "uid-safe": "~2.1.5" + }, + "engines": { + "node": ">= 0.8.0" + } + }, + "node_modules/express-session/node_modules/cookie": { + "version": "0.6.0", + "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.6.0.tgz", + "integrity": "sha512-U71cyTamuh1CRNCfpGY6to28lxvNwPG4Guz/EVjgf3Jmzv0vlDp1atT9eS5dDjMYHucpHbWns6Lwf3BKz6svdw==", + "engines": { + "node": ">= 0.6" + } + }, + "node_modules/express-session/node_modules/cookie-signature": { + "version": "1.0.7", + "resolved": "https://registry.npmjs.org/cookie-signature/-/cookie-signature-1.0.7.tgz", + "integrity": "sha512-NXdYc3dLr47pBkpUCHtKSwIOQXLVn8dZEuywboCOJY/osA0wFSLlSawr3KN8qXJEyX66FcONTH8EIlVuK0yyFA==" + }, + "node_modules/express-session/node_modules/depd": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/depd/-/depd-2.0.0.tgz", + "integrity": "sha512-g7nH6P6dyDioJogAAGprGpCtVImJhpPk/roCzdb3fIh61/s/nPsfR6onyMwkCAR/OlC3yBC0lESvUoQEAssIrw==", + "engines": { + "node": ">= 0.8" + } + }, + "node_modules/express-session/node_modules/safe-buffer": { + "version": "5.2.1", + "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz", + "integrity": "sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ==", + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/feross" + }, + { + "type": "patreon", + "url": "https://www.patreon.com/feross" + }, + { + "type": "consulting", + "url": "https://feross.org/support" + } + ] + }, "node_modules/express/node_modules/cookie": { "version": "0.3.1", "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.3.1.tgz", @@ -1190,9 +1280,9 @@ "integrity": "sha512-Tpp60P6IUJDTuOq/5Z8cdskzJujfwqfOTkrwIwj7IRISpnkJnT6SyJ4PCPnGMoFjC9ddhal5KVIYtAt97ix05A==" }, "node_modules/mysql2": { - "version": "3.10.1", - "resolved": "https://registry.npmjs.org/mysql2/-/mysql2-3.10.1.tgz", - "integrity": "sha512-6zo1T3GILsXMCex3YEu7hCz2OXLUarxFsxvFcUHWMpkPtmZLeTTWgRdc1gWyNJiYt6AxITmIf9bZDRy/jAfWew==", + "version": "3.10.2", + "resolved": "https://registry.npmjs.org/mysql2/-/mysql2-3.10.2.tgz", + "integrity": "sha512-KCXPEvAkO0RcHPr362O5N8tFY2fXvbjfkPvRY/wGumh4EOemo9Hm5FjQZqv/pCmrnuxGu5OxnSENG0gTXqKMgQ==", "dependencies": { "denque": "^2.1.0", "generate-function": "^2.3.1", @@ -1613,6 +1703,14 @@ "node": ">=0.6" } }, + "node_modules/random-bytes": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/random-bytes/-/random-bytes-1.0.0.tgz", + "integrity": "sha512-iv7LhNVO047HzYR3InF6pUcUsPQiHTM1Qal51DcGSuZFBil1aBBWG5eHPNek7bvILMaYJ/8RU1e8w1AMdHmLQQ==", + "engines": { + "node": ">= 0.8" + } + }, "node_modules/range-parser": { "version": "1.2.1", "resolved": "https://registry.npmjs.org/range-parser/-/range-parser-1.2.1.tgz", @@ -1925,6 +2023,17 @@ "integrity": "sha512-vb2s1lYx2xBtUgy+ta+b2J/GLVUR+wmpINwHePmPRhOsIVCG2wDzKJ0n14GslH1BifsqVzSOwQhRaCAsZ/nI4Q==", "optional": true }, + "node_modules/uid-safe": { + "version": "2.1.5", + "resolved": "https://registry.npmjs.org/uid-safe/-/uid-safe-2.1.5.tgz", + "integrity": "sha512-KPHm4VL5dDXKz01UuEd88Df+KzynaohSL9fBh096KWAxSKZQDI2uBrVqtvRM4rwrIrRRKsdLNML/lnaaVSRioA==", + "dependencies": { + "random-bytes": "~1.0.0" + }, + "engines": { + "node": ">= 0.8" + } + }, "node_modules/undici-types": { "version": "5.26.5", "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz", diff --git a/server/package.json b/server/package.json index 7e2485c..7d7832f 100644 --- a/server/package.json +++ b/server/package.json @@ -13,6 +13,8 @@ "debug": "~2.6.9", "dotenv": "^16.4.5", "express": "~4.16.1", + "express-mysql-session": "^3.0.3", + "express-session": "^1.18.0", "http-errors": "~1.6.3", "jade": "~1.11.0", "masto": "^6.8.0", diff --git a/server/routes/auth.js b/server/routes/auth.js index 3e94dd0..cf192fd 100644 --- a/server/routes/auth.js +++ b/server/routes/auth.js @@ -2,6 +2,7 @@ const express = require('express'); const axios = require('axios'); const router = express.Router(); require('dotenv').config(); +const pool = require('../db.js'); // Import the MySQL connection pool const GITHUB_CLIENT_ID = process.env.GITHUB_CLIENT_ID; @@ -32,20 +33,24 @@ router.get('/github/callback', async (req, res) => { Accept: 'application/json' }, }); - + // Extract the access token const accessToken = tokenResponse.data.access_token; - // Fetch user information from GitHub + // Fetch user information from GitHub using the fetched access token const githubResponse = await axios.get('https://api.github.com/user', { headers: { Authorization: `token ${accessToken}` } }); - + // Extract the user's GitHub username const githubUsername = githubResponse.data.login; console.log(githubResponse.data); console.log(githubUsername); + // Store Github username and access token in session for later use with LinkedIn OAuth + req.session.githubUsername = githubUsername; + req.session.githubAccessToken = accessToken; + // Redirect to the registration page with the GitHub username res.redirect(`/users/register?githubUsername=${githubUsername}`); } catch (error) { @@ -56,4 +61,6 @@ router.get('/github/callback', async (req, res) => { }); + + module.exports = router; \ No newline at end of file