eneller/fakemoney
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

begin auth cookie

Browse Source
This commit is contained in:
eneller
2026-03-08 19:02:08 +01:00
parent f5ae9ac9e6
commit cd568f0a63
6 changed files with 56 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
server/package.json
View File

@@ -30,6 +30,7 @@
"winston": "^3.19.0"
},
"devDependencies": {
"@types/cookie-parser": "^1.4.10",
"@types/cors": "^2.8.19",
"@types/express": "^5.0.6",
"@types/node": "^25.3.5",

4
server/src/index.ts
View File

@@ -1,12 +1,14 @@
import express, { Express, Request, Response } from "express";
import cors from "cors";
import cookieParser from "cookie-parser";
import transactionsRouter from './routes/transactions';
import authRouter from './routes/auth';
import { db, testConnection } from "./util/db";
import { logger } from "./util/logging";
const app: Express = express();
app.use(cors());
app.use(cors({ origin: 'http://localhost:4200', credentials: true}));
app.use(cookieParser());
app.use(express.json());
app.get("/api/health", (req: Request, res: Response) => {

26
server/src/routes/auth.ts
View File

@@ -1,4 +1,4 @@
import express from 'express';
import express, { Request } from 'express';
import { logger } from '../util/logging';
import User from '../model/user';
@@ -13,6 +13,16 @@ router.post('/login', async (req, res) => {
//TODO hash passwords
//const isMatch = await bcrypt.compare(password, user.passwordHash);
if (!isMatch) return res.status(401).json({ message: 'Invalid credentials' });
// successfully authenticated
res.cookie('jwt', 'toekn', {
/*
httpOnly: true, // Prevent XSS
secure: true, // HTTPS only
sameSite: 'strict', // CSRF protection
*/
maxAge: 86400000, // 1 day
});
res.json({ message: 'Logged in successfully' });
}catch (err) {
logger.error('Failed to authenticate:', err);
@@ -25,4 +35,18 @@ router.post('/logout', (req, res) => {
res.json({ message: 'Logged out successfully' });
});
router.get('/status', (req, res) => {
console.log(req.cookies);
if (isAuthenticated(req)){
return res.status(200).json({authenticated: true});
}
return res.status(401).json({authenticated: false});
})
function isAuthenticated(req: Request){
// TODO check JWT
return req.cookies.jwt
}
export default router;