Authentication (#22)

* Authorization added * added secret to password, md5 hashing, removed promise from verifyToken, deleted links when not authorized * added dbinsert script * turned verifyToken to middleware, added description for dbinsert, added hidden csrf field in auth form * added middlewares, user model and controller * JSDoc fix * wrong password processing fix * added comments to dbinsert script, moved salt and passHash to singe db doc * Moved salt to .env, upgradedscript for generating password was, fixed comments and JSDoc * Deleted using salt (now user is only one), changed verifying password to bcrypt.compare, added httpyOnly property to jwt cookie
2025-07-19 05:09:41 +02:00 · 2019-03-06 13:22:57 +03:00 · 2019-03-06 13:22:57 +03:00 · 58d3892d8f
commit 58d3892d8f
parent 718be6d2f6
33 changed files with 1464 additions and 58 deletions
--- a/src/app.js
+++ b/src/app.js
@ -19,7 +19,7 @@ require('./utils/twig');

 app.use(logger('dev'));
 app.use(express.json());
-app.use(express.urlencoded({extended: true}));
+app.use(express.urlencoded({ extended: true }));
 app.use(cookieParser());
 app.use(express.static(path.join(__dirname, '../public')));