fredrik/org-todo-pwa
1
0
Fork 0
Code Issues 5 Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: fredrik:reset
Branches Tags
fredrik:main fredrik:reset fredrik:cleanup fredrik:tags fredrik:material-design
...
compare: fredrik:05d6cba8efcb01c8aed609d9af278db3706e6188
Branches Tags
fredrik:main fredrik:reset fredrik:cleanup fredrik:tags fredrik:material-design

6 Commits
reset ... 05d6cba8ef

Author SHA1 Message Date
Fredrik Wahlberg
05d6cba8ef Fix #20 2025-01-25 09:04:25 +01:00
Fredrik Wahlberg
6864cfa14e Tar bort rest av basic auth 2025-01-25 08:38:54 +01:00
Fredrik Wahlberg
6159fc4ee8 .vscode 2025-01-25 08:23:05 +01:00
Fredrik Wahlberg
6520dcb78c Lägger till .vscode för att dölja ikoner etc. 2025-01-25 08:22:55 +01:00
fredrik
c993848278 Merge pull request 'Längre intervall på healthcheck' (#17) from reset into main 
Reviewed-on: #17
 2025-01-24 23:17:55 +01:00
Fredrik Wahlberg
23a39247a1 Implement session-based authentication and add logout functionality 
Fix #15
 2025-01-24 22:02:54 +01:00
9 changed files with 115 additions and 16 deletions
Expand all files Collapse all files

9
.vscode/settings.json vendored Normal file
View File

@@ -0,0 +1,9 @@
{
"files.exclude": {
"**/*.png": true,
"**/*.jpg": true,
"**/*.gif": true,
"**/*.svg": true,
"**/*.ico": true
}
}

BIN
favicon.ico
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 66 KiB

11
middleware/auth.js
View File

@@ -1,15 +1,8 @@
const basicAuth = require('basic-auth');
const auth = (req, res, next) => { const auth = (req, res, next) => {
const user = basicAuth(req); if (req.session && req.session.user) {
const username = process.env.AUTH_USERNAME; // Use environment variables
const password = process.env.AUTH_PASSWORD; // Use environment variables
if (user && user.name === username && user.pass === password) {
return next(); return next();
} else { } else {
res.set('WWW-Authenticate', 'Basic realm="401"'); res.status(401).send('Authentication required.');
return res.status(401).send('Authentication required.');
} }
}; };

72
package-lock.json generated
View File

@@ -14,6 +14,7 @@
"debug": "^4.4.0", "debug": "^4.4.0",
"dotenv": "^16.4.7", "dotenv": "^16.4.7",
"express": "^4.21.2", "express": "^4.21.2",
"express-session": "^1.18.1",
"fs": "^0.0.1-security" "fs": "^0.0.1-security"
} }
}, },
@@ -308,6 +309,50 @@
"url": "https://opencollective.com/express" "url": "https://opencollective.com/express"
} }
}, },
"node_modules/express-session": {
"version": "1.18.1",
"resolved": "https://registry.npmjs.org/express-session/-/express-session-1.18.1.tgz",
"integrity": "sha512-a5mtTqEaZvBCL9A9aqkrtfz+3SMDhOVUnjafjo+s7A9Txkq+SVX2DLvSp1Zrv4uCXa3lMSK3viWnh9Gg07PBUA==",
"dependencies": {
"cookie": "0.7.2",
"cookie-signature": "1.0.7",
"debug": "2.6.9",
"depd": "~2.0.0",
"on-headers": "~1.0.2",
"parseurl": "~1.3.3",
"safe-buffer": "5.2.1",
"uid-safe": "~2.1.5"
},
"engines": {
"node": ">= 0.8.0"
}
},
"node_modules/express-session/node_modules/cookie": {
"version": "0.7.2",
"resolved": "https://registry.npmjs.org/cookie/-/cookie-0.7.2.tgz",
"integrity": "sha512-yki5XnKuf750l50uGTllt6kKILY4nQ1eNIQatoXEByZ5dWgnKqbnqmTrBE5B4N7lrMJKQ2ytWMiTO2o0v6Ew/w==",
"engines": {
"node": ">= 0.6"
}
},
"node_modules/express-session/node_modules/cookie-signature": {
"version": "1.0.7",
"resolved": "https://registry.npmjs.org/cookie-signature/-/cookie-signature-1.0.7.tgz",
"integrity": "sha512-NXdYc3dLr47pBkpUCHtKSwIOQXLVn8dZEuywboCOJY/osA0wFSLlSawr3KN8qXJEyX66FcONTH8EIlVuK0yyFA=="
},
"node_modules/express-session/node_modules/debug": {
"version": "2.6.9",
"resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz",
"integrity": "sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA==",
"dependencies": {
"ms": "2.0.0"
}
},
"node_modules/express-session/node_modules/ms": {
"version": "2.0.0",
"resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz",
"integrity": "sha512-Tpp60P6IUJDTuOq/5Z8cdskzJujfwqfOTkrwIwj7IRISpnkJnT6SyJ4PCPnGMoFjC9ddhal5KVIYtAt97ix05A=="
},
"node_modules/express/node_modules/debug": { "node_modules/express/node_modules/debug": {
"version": "2.6.9", "version": "2.6.9",
"resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz",
@@ -584,6 +629,14 @@
"node": ">= 0.8" "node": ">= 0.8"
} }
}, },
"node_modules/on-headers": {
"version": "1.0.2",
"resolved": "https://registry.npmjs.org/on-headers/-/on-headers-1.0.2.tgz",
"integrity": "sha512-pZAE+FJLoyITytdqK0U5s+FIpjN0JP3OzFi/u8Rx+EV5/W+JTWGXG8xFzevE7AjBfDqHv/8vL8qQsIhHnqRkrA==",
"engines": {
"node": ">= 0.8"
}
},
"node_modules/parseurl": { "node_modules/parseurl": {
"version": "1.3.3", "version": "1.3.3",
"resolved": "https://registry.npmjs.org/parseurl/-/parseurl-1.3.3.tgz", "resolved": "https://registry.npmjs.org/parseurl/-/parseurl-1.3.3.tgz",
@@ -623,6 +676,14 @@
"url": "https://github.com/sponsors/ljharb" "url": "https://github.com/sponsors/ljharb"
} }
}, },
"node_modules/random-bytes": {
"version": "1.0.0",
"resolved": "https://registry.npmjs.org/random-bytes/-/random-bytes-1.0.0.tgz",
"integrity": "sha512-iv7LhNVO047HzYR3InF6pUcUsPQiHTM1Qal51DcGSuZFBil1aBBWG5eHPNek7bvILMaYJ/8RU1e8w1AMdHmLQQ==",
"engines": {
"node": ">= 0.8"
}
},
"node_modules/range-parser": { "node_modules/range-parser": {
"version": "1.2.1", "version": "1.2.1",
"resolved": "https://registry.npmjs.org/range-parser/-/range-parser-1.2.1.tgz", "resolved": "https://registry.npmjs.org/range-parser/-/range-parser-1.2.1.tgz",
@@ -828,6 +889,17 @@
"node": ">= 0.6" "node": ">= 0.6"
} }
}, },
"node_modules/uid-safe": {
"version": "2.1.5",
"resolved": "https://registry.npmjs.org/uid-safe/-/uid-safe-2.1.5.tgz",
"integrity": "sha512-KPHm4VL5dDXKz01UuEd88Df+KzynaohSL9fBh096KWAxSKZQDI2uBrVqtvRM4rwrIrRRKsdLNML/lnaaVSRioA==",
"dependencies": {
"random-bytes": "~1.0.0"
},
"engines": {
"node": ">= 0.8"
}
},
"node_modules/unpipe": { "node_modules/unpipe": {
"version": "1.0.0", "version": "1.0.0",
"resolved": "https://registry.npmjs.org/unpipe/-/unpipe-1.0.0.tgz", "resolved": "https://registry.npmjs.org/unpipe/-/unpipe-1.0.0.tgz",

1
package.json
View File

@@ -15,6 +15,7 @@
"debug": "^4.4.0", "debug": "^4.4.0",
"dotenv": "^16.4.7", "dotenv": "^16.4.7",
"express": "^4.21.2", "express": "^4.21.2",
"express-session": "^1.18.1",
"fs": "^0.0.1-security" "fs": "^0.0.1-security"
} }
} }

14
public/app.js
View File

@@ -17,11 +17,15 @@ document.addEventListener('DOMContentLoaded', function() {
const loginMessage = document.getElementById('loginMessage'); const loginMessage = document.getElementById('loginMessage');
// Check if user is already logged in // Check if user is already logged in
if (sessionStorage.getItem('loggedIn') === 'true') { fetch('/check-session')
loginContainer.style.display = 'none'; .then(response => response.json())
appContainer.style.display = 'block'; .then(data => {
loadTags(); if (data.loggedIn) {
} loginContainer.style.display = 'none';
appContainer.style.display = 'block';
loadTags();
}
});
loginForm.addEventListener('submit', function(e) { loginForm.addEventListener('submit', function(e) {
e.preventDefault(); e.preventDefault();

4
public/index.html
View File

@@ -34,7 +34,7 @@
<form id="taskForm"> <form id="taskForm">
<div class="input-field"> <div class="input-field">
<label for="subject">Uppgift:</label> <label for="subject">Uppgift:</label>
<input type="text" id="subject" required> <input type="text" id="subject" required autocomplete="off">
</div> </div>
<div class="input-field"> <div class="input-field">
@@ -49,7 +49,7 @@
<div class="input-field"> <div class="input-field">
<label for="tags">Taggar (separera med komma):</label> <label for="tags">Taggar (separera med komma):</label>
<input type="text" id="tags" class="autocomplete"> <input type="text" id="tags" class="autocomplete" autocomplete="off">
</div> </div>
<button class="btn waves-effect waves-light" type="submit">Spara</button> <button class="btn waves-effect waves-light" type="submit">Spara</button>

10
routes/auth.js
View File

@@ -8,10 +8,20 @@ router.post('/login', (req, res) => {
const password = process.env.AUTH_PASSWORD; const password = process.env.AUTH_PASSWORD;
if (user && user.name === username && user.pass === password) { if (user && user.name === username && user.pass === password) {
req.session.user = user.name;
res.status(200).send('Login successful'); res.status(200).send('Login successful');
} else { } else {
res.status(401).send('Authentication required'); res.status(401).send('Authentication required');
} }
}); });
router.post('/logout', (req, res) => {
req.session.destroy((err) => {
if (err) {
return res.status(500).send('Error logging out');
}
res.status(200).send('Logout successful');
});
});
module.exports = router; module.exports = router;

10
server.js
View File

@@ -1,6 +1,7 @@
require('dotenv').config(); require('dotenv').config();
const express = require('express'); const express = require('express');
const bodyParser = require('body-parser'); const bodyParser = require('body-parser');
const session = require('express-session');
const debug = require('debug')('app'); const debug = require('debug')('app');
const tasksRouter = require('./routes/tasks'); const tasksRouter = require('./routes/tasks');
const authRouter = require('./routes/auth'); const authRouter = require('./routes/auth');
@@ -10,6 +11,15 @@ const port = 3044;
app.use(bodyParser.json()); app.use(bodyParser.json());
app.use(express.static('public')); app.use(express.static('public'));
// Configure session middleware
app.use(session({
secret: process.env.SESSION_SECRET || 'default_secret', // Use a strong secret in production
resave: false,
saveUninitialized: true,
cookie: { secure: false } // Set to true if using HTTPS
}));
app.use('/', tasksRouter); app.use('/', tasksRouter);
app.use('/', authRouter); app.use('/', authRouter);