From ac5965498297aa4bf0371008687918a95b309d49 Mon Sep 17 00:00:00 2001 From: Artlfmj <73163159+Artlfmj@users.noreply.github.com> Date: Sun, 1 Oct 2023 14:49:52 +0200 Subject: [PATCH 1/4] feat(user) : adds auth + profile --- package-lock.json | 722 ++++++++++++++++++++++++++++- package.json | 28 +- src/app.js | 223 +++++++-- src/css/login.css | 58 +++ src/css/profile.css | 91 ++++ src/css/register.css | 93 ++++ src/db/User.js | 63 +++ src/middlewares/isAuthenticated.js | 9 + src/views/login.ejs | 36 ++ src/views/profile.ejs | 131 ++++++ src/views/register.ejs | 48 ++ 11 files changed, 1461 insertions(+), 41 deletions(-) create mode 100644 src/css/login.css create mode 100644 src/css/profile.css create mode 100644 src/css/register.css create mode 100644 src/db/User.js create mode 100644 src/middlewares/isAuthenticated.js create mode 100644 src/views/login.ejs create mode 100644 src/views/profile.ejs create mode 100644 src/views/register.ejs diff --git a/package-lock.json b/package-lock.json index 37ea326..670b4d1 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,14 +1,44 @@ { "name": "course-manager", + "version": "0.0.1", "lockfileVersion": 3, "requires": true, "packages": { "": { + "name": "course-manager", + "version": "0.0.1", + "license": "ISC", "dependencies": { + "bcrypt": "^5.1.1", + "connect-flash": "^0.1.1", "ejs": "^3.1.9", "express": "^4.18.2", + "express-session": "^1.17.3", "mongodb": "^6.1.0", - "mongoose": "^7.5.3" + "mongoose": "^7.5.3", + "morgan": "^1.10.0", + "passport": "^0.6.0", + "passport-local": "^1.0.0", + "passport-local-mongoose": "^8.0.0" + } + }, + "node_modules/@mapbox/node-pre-gyp": { + "version": "1.0.11", + "resolved": "https://registry.npmjs.org/@mapbox/node-pre-gyp/-/node-pre-gyp-1.0.11.tgz", + "integrity": "sha512-Yhlar6v9WQgUp/He7BdgzOz8lqMQ8sU+jkCq7Wx8Myc5YFJLbEe7lgui/V7G1qB1DJykHSGwreceSaD60Y0PUQ==", + "dependencies": { + "detect-libc": "^2.0.0", + "https-proxy-agent": "^5.0.0", + "make-dir": "^3.1.0", + "node-fetch": "^2.6.7", + "nopt": "^5.0.0", + "npmlog": "^5.0.1", + "rimraf": "^3.0.2", + "semver": "^7.3.5", + "tar": "^6.1.11" + }, + "bin": { + "node-pre-gyp": "bin/node-pre-gyp" } }, "node_modules/@mongodb-js/saslprep": { @@ -38,6 +68,11 @@ "@types/webidl-conversions": "*" } }, + "node_modules/abbrev": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/abbrev/-/abbrev-1.1.1.tgz", + "integrity": "sha512-nne9/IiQ/hzIhY6pdDnbBtz7DjPTKrY00P/zvPSm5pOFkl6xuGrGnXn/VtTNNfNtAfZ9/1RtehkszU9qcTii0Q==" + }, "node_modules/accepts": { "version": "1.3.8", "resolved": "https://registry.npmjs.org/accepts/-/accepts-1.3.8.tgz", @@ -50,6 +85,46 @@ "node": ">= 0.6" } }, + "node_modules/agent-base": { + "version": "6.0.2", + "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-6.0.2.tgz", + "integrity": "sha512-RZNwNclF7+MS/8bDg70amg32dyeZGZxiDuQmZxKLAlQjr3jGyLx+4Kkk58UO7D2QdgFIQCovuSuZESne6RG6XQ==", + "dependencies": { + "debug": "4" + }, + "engines": { + "node": ">= 6.0.0" + } + }, + "node_modules/agent-base/node_modules/debug": { + "version": "4.3.4", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz", + "integrity": "sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==", + "dependencies": { + "ms": "2.1.2" + }, + "engines": { + "node": ">=6.0" + }, + "peerDependenciesMeta": { + "supports-color": { + "optional": true + } + } + }, + "node_modules/agent-base/node_modules/ms": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", + "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==" + }, + "node_modules/ansi-regex": { + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", + "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", + "engines": { + "node": ">=8" + } + }, "node_modules/ansi-styles": { "version": "4.3.0", "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", @@ -64,6 +139,23 @@ "url": "https://github.com/chalk/ansi-styles?sponsor=1" } }, + "node_modules/aproba": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/aproba/-/aproba-2.0.0.tgz", + "integrity": "sha512-lYe4Gx7QT+MKGbDsA+Z+he/Wtef0BiwDOlK/XkBrdfsh9J/jPPXbX0tE9x9cl27Tmu5gg3QUbUrQYa/y+KOHPQ==" + }, + "node_modules/are-we-there-yet": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/are-we-there-yet/-/are-we-there-yet-2.0.0.tgz", + "integrity": "sha512-Ci/qENmwHnsYo9xKIcUJN5LeDKdJ6R1Z1j9V/J5wyq8nh/mYPEpIKJbBZXtZjG04HiK7zV/p6Vs9952MrMeUIw==", + "dependencies": { + "delegates": "^1.0.0", + "readable-stream": "^3.6.0" + }, + "engines": { + "node": ">=10" + } + }, "node_modules/array-flatten": { "version": "1.1.1", "resolved": "https://registry.npmjs.org/array-flatten/-/array-flatten-1.1.1.tgz", @@ -79,6 +171,35 @@ "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==" }, + "node_modules/basic-auth": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/basic-auth/-/basic-auth-2.0.1.tgz", + "integrity": "sha512-NF+epuEdnUYVlGuhaxbbq+dvJttwLnGY+YixlXlME5KpQ5W3CnXA5cVTneY3SPbPDRkcjMbifrwmFYcClgOZeg==", + "dependencies": { + "safe-buffer": "5.1.2" + }, + "engines": { + "node": ">= 0.8" + } + }, + "node_modules/basic-auth/node_modules/safe-buffer": { + "version": "5.1.2", + "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz", + "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==" + }, + "node_modules/bcrypt": { + "version": "5.1.1", + "resolved": "https://registry.npmjs.org/bcrypt/-/bcrypt-5.1.1.tgz", + "integrity": "sha512-AGBHOG5hPYZ5Xl9KXzU5iKq9516yEmvCKDg3ecP5kX2aB6UqTeXZxk2ELnDgDm6BQSMlLt9rDB4LoSMx0rYwww==", + "hasInstallScript": true, + "dependencies": { + "@mapbox/node-pre-gyp": "^1.0.11", + "node-addon-api": "^5.0.0" + }, + "engines": { + "node": ">= 10.0.0" + } + }, "node_modules/body-parser": { "version": "1.20.1", "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.20.1.tgz", @@ -154,6 +275,14 @@ "url": "https://github.com/chalk/chalk?sponsor=1" } }, + "node_modules/chownr": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/chownr/-/chownr-2.0.0.tgz", + "integrity": "sha512-bIomtDF5KGpdogkLd9VspvFzk9KfpyyGlS8YFVZl7TGPBHL5snIOnxeshwVgPteQ9b4Eydl+pVbIyE1DcvCWgQ==", + "engines": { + "node": ">=10" + } + }, "node_modules/color-convert": { "version": "2.0.1", "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", @@ -170,11 +299,32 @@ "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==" }, + "node_modules/color-support": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/color-support/-/color-support-1.1.3.tgz", + "integrity": "sha512-qiBjkpbMLO/HL68y+lh4q0/O1MZFj2RX6X/KmMa3+gJD3z+WwI1ZzDHysvqHGS3mP6mznPckpXmw1nI9cJjyRg==", + "bin": { + "color-support": "bin.js" + } + }, "node_modules/concat-map": { "version": "0.0.1", "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", "integrity": "sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==" }, + "node_modules/connect-flash": { + "version": "0.1.1", + "resolved": "https://registry.npmjs.org/connect-flash/-/connect-flash-0.1.1.tgz", + "integrity": "sha512-2rcfELQt/ZMP+SM/pG8PyhJRaLKp+6Hk2IUBNkEit09X+vwn3QsAL3ZbYtxUn7NVPzbMTSLRDhqe0B/eh30RYA==", + "engines": { + "node": ">= 0.4.0" + } + }, + "node_modules/console-control-strings": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/console-control-strings/-/console-control-strings-1.1.0.tgz", + "integrity": "sha512-ty/fTekppD2fIwRvnZAVdeOiGd1c7YXEixbgJTNzqcxJWKQnjJ/V1bNEEE6hygpM3WjwHFUVK6HTjWSzV4a8sQ==" + }, "node_modules/content-disposition": { "version": "0.5.4", "resolved": "https://registry.npmjs.org/content-disposition/-/content-disposition-0.5.4.tgz", @@ -215,6 +365,11 @@ "ms": "2.0.0" } }, + "node_modules/delegates": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/delegates/-/delegates-1.0.0.tgz", + "integrity": "sha512-bd2L678uiWATM6m5Z1VzNCErI3jiGzt6HGY8OVICs40JQq/HALfbyNJmp0UDakEY4pMMaN0Ly5om/B1VI/+xfQ==" + }, "node_modules/depd": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/depd/-/depd-2.0.0.tgz", @@ -232,6 +387,14 @@ "npm": "1.2.8000 || >= 1.4.16" } }, + "node_modules/detect-libc": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/detect-libc/-/detect-libc-2.0.2.tgz", + "integrity": "sha512-UX6sGumvvqSaXgdKGUsgZWqcUyIXZ/vZTrlRT/iobiKhGL0zL4d3osHj3uqllWJK+i+sixDS/3COVEOFbupFyw==", + "engines": { + "node": ">=8" + } + }, "node_modules/ee-first": { "version": "1.1.1", "resolved": "https://registry.npmjs.org/ee-first/-/ee-first-1.1.1.tgz", @@ -251,6 +414,11 @@ "node": ">=0.10.0" } }, + "node_modules/emoji-regex": { + "version": "8.0.0", + "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", + "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==" + }, "node_modules/encodeurl": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/encodeurl/-/encodeurl-1.0.2.tgz", @@ -313,6 +481,32 @@ "node": ">= 0.10.0" } }, + "node_modules/express-session": { + "version": "1.17.3", + "resolved": "https://registry.npmjs.org/express-session/-/express-session-1.17.3.tgz", + "integrity": "sha512-4+otWXlShYlG1Ma+2Jnn+xgKUZTMJ5QD3YvfilX3AcocOAbIkVylSWEklzALe/+Pu4qV6TYBj5GwOBFfdKqLBw==", + "dependencies": { + "cookie": "0.4.2", + "cookie-signature": "1.0.6", + "debug": "2.6.9", + "depd": "~2.0.0", + "on-headers": "~1.0.2", + "parseurl": "~1.3.3", + "safe-buffer": "5.2.1", + "uid-safe": "~2.1.5" + }, + "engines": { + "node": ">= 0.8.0" + } + }, + "node_modules/express-session/node_modules/cookie": { + "version": "0.4.2", + "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.4.2.tgz", + "integrity": "sha512-aSWTXFzaKWkvHO1Ny/s+ePFpvKsPnjc551iI41v3ny/ow6tBG5Vd+FuqGNhh1LxOmVzOlGUriIlOaokOvhaStA==", + "engines": { + "node": ">= 0.6" + } + }, "node_modules/filelist": { "version": "1.0.4", "resolved": "https://registry.npmjs.org/filelist/-/filelist-1.0.4.tgz", @@ -373,11 +567,62 @@ "node": ">= 0.6" } }, + "node_modules/fs-minipass": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/fs-minipass/-/fs-minipass-2.1.0.tgz", + "integrity": "sha512-V/JgOLFCS+R6Vcq0slCuaeWEdNC3ouDlJMNIsacH2VtALiu9mV4LPrHc5cDl8k5aw6J8jwgWWpiTo5RYhmIzvg==", + "dependencies": { + "minipass": "^3.0.0" + }, + "engines": { + "node": ">= 8" + } + }, + "node_modules/fs-minipass/node_modules/minipass": { + "version": "3.3.6", + "resolved": "https://registry.npmjs.org/minipass/-/minipass-3.3.6.tgz", + "integrity": "sha512-DxiNidxSEK+tHG6zOIklvNOwm3hvCrbUrdtzY74U6HKTJxvIDfOUL5W5P2Ghd3DTkhhKPYGqeNUIh5qcM4YBfw==", + "dependencies": { + "yallist": "^4.0.0" + }, + "engines": { + "node": ">=8" + } + }, + "node_modules/fs.realpath": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", + "integrity": "sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==" + }, "node_modules/function-bind": { "version": "1.1.1", "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.1.tgz", "integrity": "sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A==" }, + "node_modules/gauge": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/gauge/-/gauge-3.0.2.tgz", + "integrity": "sha512-+5J6MS/5XksCuXq++uFRsnUd7Ovu1XenbeuIuNRJxYWjgQbPuFhT14lAvsWfqfAmnwluf1OwMjz39HjfLPci0Q==", + "dependencies": { + "aproba": "^1.0.3 || ^2.0.0", + "color-support": "^1.1.2", + "console-control-strings": "^1.0.0", + "has-unicode": "^2.0.1", + "object-assign": "^4.1.1", + "signal-exit": "^3.0.0", + "string-width": "^4.2.3", + "strip-ansi": "^6.0.1", + "wide-align": "^1.1.2" + }, + "engines": { + "node": ">=10" + } + }, + "node_modules/generaterr": { + "version": "1.5.0", + "resolved": "https://registry.npmjs.org/generaterr/-/generaterr-1.5.0.tgz", + "integrity": "sha512-JgcGRv2yUKeboLvvNrq9Bm90P4iJBu7/vd5wSLYqMG5GJ6SxZT46LAAkMfNhQ+EK3jzC+cRBm7P8aUWYyphgcQ==" + }, "node_modules/get-intrinsic": { "version": "1.2.1", "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.2.1.tgz", @@ -392,6 +637,25 @@ "url": "https://github.com/sponsors/ljharb" } }, + "node_modules/glob": { + "version": "7.2.3", + "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz", + "integrity": "sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==", + "dependencies": { + "fs.realpath": "^1.0.0", + "inflight": "^1.0.4", + "inherits": "2", + "minimatch": "^3.1.1", + "once": "^1.3.0", + "path-is-absolute": "^1.0.0" + }, + "engines": { + "node": "*" + }, + "funding": { + "url": "https://github.com/sponsors/isaacs" + } + }, "node_modules/has": { "version": "1.0.3", "resolved": "https://registry.npmjs.org/has/-/has-1.0.3.tgz", @@ -433,6 +697,11 @@ "url": "https://github.com/sponsors/ljharb" } }, + "node_modules/has-unicode": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/has-unicode/-/has-unicode-2.0.1.tgz", + "integrity": "sha512-8Rf9Y83NBReMnx0gFzA8JImQACstCYWUplepDa9xprwwtmgEZUF0h/i5xSA625zB/I37EtrswSST6OXxwaaIJQ==" + }, "node_modules/http-errors": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/http-errors/-/http-errors-2.0.0.tgz", @@ -448,6 +717,39 @@ "node": ">= 0.8" } }, + "node_modules/https-proxy-agent": { + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/https-proxy-agent/-/https-proxy-agent-5.0.1.tgz", + "integrity": "sha512-dFcAjpTQFgoLMzC2VwU+C/CbS7uRL0lWmxDITmqm7C+7F0Odmj6s9l6alZc6AELXhrnggM2CeWSXHGOdX2YtwA==", + "dependencies": { + "agent-base": "6", + "debug": "4" + }, + "engines": { + "node": ">= 6" + } + }, + "node_modules/https-proxy-agent/node_modules/debug": { + "version": "4.3.4", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz", + "integrity": "sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==", + "dependencies": { + "ms": "2.1.2" + }, + "engines": { + "node": ">=6.0" + }, + "peerDependenciesMeta": { + "supports-color": { + "optional": true + } + } + }, + "node_modules/https-proxy-agent/node_modules/ms": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", + "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==" + }, "node_modules/iconv-lite": { "version": "0.4.24", "resolved": "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.4.24.tgz", @@ -459,6 +761,15 @@ "node": ">=0.10.0" } }, + "node_modules/inflight": { + "version": "1.0.6", + "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", + "integrity": "sha512-k92I/b08q4wvFscXCLvqfsHCrjrF7yiXsQuIVvVE7N82W3+aqpzuUdBbfhWcy/FZR3/4IgflMgKLOsvPDrGCJA==", + "dependencies": { + "once": "^1.3.0", + "wrappy": "1" + } + }, "node_modules/inherits": { "version": "2.0.4", "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", @@ -477,6 +788,14 @@ "node": ">= 0.10" } }, + "node_modules/is-fullwidth-code-point": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", + "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==", + "engines": { + "node": ">=8" + } + }, "node_modules/jake": { "version": "10.8.7", "resolved": "https://registry.npmjs.org/jake/-/jake-10.8.7.tgz", @@ -502,6 +821,39 @@ "node": ">=12.0.0" } }, + "node_modules/lru-cache": { + "version": "6.0.0", + "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", + "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", + "dependencies": { + "yallist": "^4.0.0" + }, + "engines": { + "node": ">=10" + } + }, + "node_modules/make-dir": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-3.1.0.tgz", + "integrity": "sha512-g3FeP20LNwhALb/6Cz6Dd4F2ngze0jz7tbzrD2wAV+o9FeNHe4rL+yK2md0J/fiSf1sa1ADhXqi5+oVwOM/eGw==", + "dependencies": { + "semver": "^6.0.0" + }, + "engines": { + "node": ">=8" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" + } + }, + "node_modules/make-dir/node_modules/semver": { + "version": "6.3.1", + "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", + "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==", + "bin": { + "semver": "bin/semver.js" + } + }, "node_modules/media-typer": { "version": "0.3.0", "resolved": "https://registry.npmjs.org/media-typer/-/media-typer-0.3.0.tgz", @@ -569,6 +921,48 @@ "node": "*" } }, + "node_modules/minipass": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/minipass/-/minipass-5.0.0.tgz", + "integrity": "sha512-3FnjYuehv9k6ovOEbyOswadCDPX1piCfhV8ncmYtHOjuPwylVWsghTLo7rabjC3Rx5xD4HDx8Wm1xnMF7S5qFQ==", + "engines": { + "node": ">=8" + } + }, + "node_modules/minizlib": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/minizlib/-/minizlib-2.1.2.tgz", + "integrity": "sha512-bAxsR8BVfj60DWXHE3u30oHzfl4G7khkSuPW+qvpd7jFRHm7dLxOjUk1EHACJ/hxLY8phGJ0YhYHZo7jil7Qdg==", + "dependencies": { + "minipass": "^3.0.0", + "yallist": "^4.0.0" + }, + "engines": { + "node": ">= 8" + } + }, + "node_modules/minizlib/node_modules/minipass": { + "version": "3.3.6", + "resolved": "https://registry.npmjs.org/minipass/-/minipass-3.3.6.tgz", + "integrity": "sha512-DxiNidxSEK+tHG6zOIklvNOwm3hvCrbUrdtzY74U6HKTJxvIDfOUL5W5P2Ghd3DTkhhKPYGqeNUIh5qcM4YBfw==", + "dependencies": { + "yallist": "^4.0.0" + }, + "engines": { + "node": ">=8" + } + }, + "node_modules/mkdirp": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-1.0.4.tgz", + "integrity": "sha512-vVqVZQyf3WLx2Shd0qJ9xuvqgAyKPLAiqITEtqW0oIUjzo3PePDd6fW9iFz30ef7Ysp/oiWqbhszeGWW2T6Gzw==", + "bin": { + "mkdirp": "bin/cmd.js" + }, + "engines": { + "node": ">=10" + } + }, "node_modules/mongodb": { "version": "6.1.0", "resolved": "https://registry.npmjs.org/mongodb/-/mongodb-6.1.0.tgz", @@ -697,6 +1091,32 @@ "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.3.tgz", "integrity": "sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==" }, + "node_modules/morgan": { + "version": "1.10.0", + "resolved": "https://registry.npmjs.org/morgan/-/morgan-1.10.0.tgz", + "integrity": "sha512-AbegBVI4sh6El+1gNwvD5YIck7nSA36weD7xvIxG4in80j/UoK8AEGaWnnz8v1GxonMCltmlNs5ZKbGvl9b1XQ==", + "dependencies": { + "basic-auth": "~2.0.1", + "debug": "2.6.9", + "depd": "~2.0.0", + "on-finished": "~2.3.0", + "on-headers": "~1.0.2" + }, + "engines": { + "node": ">= 0.8.0" + } + }, + "node_modules/morgan/node_modules/on-finished": { + "version": "2.3.0", + "resolved": "https://registry.npmjs.org/on-finished/-/on-finished-2.3.0.tgz", + "integrity": "sha512-ikqdkGAAyf/X/gPhXGvfgAytDZtDbr+bkNUJ0N9h5MI/dmdgCs3l6hoHrcUv41sRKew3jIwrp4qQDXiK99Utww==", + "dependencies": { + "ee-first": "1.1.1" + }, + "engines": { + "node": ">= 0.8" + } + }, "node_modules/mpath": { "version": "0.9.0", "resolved": "https://registry.npmjs.org/mpath/-/mpath-0.9.0.tgz", @@ -750,6 +1170,82 @@ "node": ">= 0.6" } }, + "node_modules/node-addon-api": { + "version": "5.1.0", + "resolved": "https://registry.npmjs.org/node-addon-api/-/node-addon-api-5.1.0.tgz", + "integrity": "sha512-eh0GgfEkpnoWDq+VY8OyvYhFEzBk6jIYbRKdIlyTiAXIVJ8PyBaKb0rp7oDtoddbdoHWhq8wwr+XZ81F1rpNdA==" + }, + "node_modules/node-fetch": { + "version": "2.7.0", + "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.7.0.tgz", + "integrity": "sha512-c4FRfUm/dbcWZ7U+1Wq0AwCyFL+3nt2bEw05wfxSz+DWpWsitgmSgYmy2dQdWyKC1694ELPqMs/YzUSNozLt8A==", + "dependencies": { + "whatwg-url": "^5.0.0" + }, + "engines": { + "node": "4.x || >=6.0.0" + }, + "peerDependencies": { + "encoding": "^0.1.0" + }, + "peerDependenciesMeta": { + "encoding": { + "optional": true + } + } + }, + "node_modules/node-fetch/node_modules/tr46": { + "version": "0.0.3", + "resolved": "https://registry.npmjs.org/tr46/-/tr46-0.0.3.tgz", + "integrity": "sha512-N3WMsuqV66lT30CrXNbEjx4GEwlow3v6rr4mCcv6prnfwhS01rkgyFdjPNBYd9br7LpXV1+Emh01fHnq2Gdgrw==" + }, + "node_modules/node-fetch/node_modules/webidl-conversions": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-3.0.1.tgz", + "integrity": "sha512-2JAn3z8AR6rjK8Sm8orRC0h/bcl/DqL7tRPdGZ4I1CjdF+EaMLmYxBHyXuKL849eucPFhvBoxMsflfOb8kxaeQ==" + }, + "node_modules/node-fetch/node_modules/whatwg-url": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-5.0.0.tgz", + "integrity": "sha512-saE57nupxk6v3HY35+jzBwYa0rKSy0XR8JSxZPwgLr7ys0IBzhGviA1/TUGJLmSVqs8pb9AnvICXEuOHLprYTw==", + "dependencies": { + "tr46": "~0.0.3", + "webidl-conversions": "^3.0.0" + } + }, + "node_modules/nopt": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/nopt/-/nopt-5.0.0.tgz", + "integrity": "sha512-Tbj67rffqceeLpcRXrT7vKAN8CwfPeIBgM7E6iBkmKLV7bEMwpGgYLGv0jACUsECaa/vuxP0IjEont6umdMgtQ==", + "dependencies": { + "abbrev": "1" + }, + "bin": { + "nopt": "bin/nopt.js" + }, + "engines": { + "node": ">=6" + } + }, + "node_modules/npmlog": { + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/npmlog/-/npmlog-5.0.1.tgz", + "integrity": "sha512-AqZtDUWOMKs1G/8lwylVjrdYgqA4d9nu8hc+0gzRxlDb1I10+FHBGMXs6aiQHFdCUUlqH99MUMuLfzWDNDtfxw==", + "dependencies": { + "are-we-there-yet": "^2.0.0", + "console-control-strings": "^1.1.0", + "gauge": "^3.0.0", + "set-blocking": "^2.0.0" + } + }, + "node_modules/object-assign": { + "version": "4.1.1", + "resolved": "https://registry.npmjs.org/object-assign/-/object-assign-4.1.1.tgz", + "integrity": "sha512-rJgTQnkUnH1sFw8yT6VSU3zD3sWmu6sZhIseY8VX+GRu3P6F7Fu+JNDoXfklElbLJSnc3FUQHVe4cU5hj+BcUg==", + "engines": { + "node": ">=0.10.0" + } + }, "node_modules/object-inspect": { "version": "1.12.3", "resolved": "https://registry.npmjs.org/object-inspect/-/object-inspect-1.12.3.tgz", @@ -769,6 +1265,22 @@ "node": ">= 0.8" } }, + "node_modules/on-headers": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/on-headers/-/on-headers-1.0.2.tgz", + "integrity": "sha512-pZAE+FJLoyITytdqK0U5s+FIpjN0JP3OzFi/u8Rx+EV5/W+JTWGXG8xFzevE7AjBfDqHv/8vL8qQsIhHnqRkrA==", + "engines": { + "node": ">= 0.8" + } + }, + "node_modules/once": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", + "integrity": "sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==", + "dependencies": { + "wrappy": "1" + } + }, "node_modules/parseurl": { "version": "1.3.3", "resolved": "https://registry.npmjs.org/parseurl/-/parseurl-1.3.3.tgz", @@ -777,11 +1289,73 @@ "node": ">= 0.8" } }, + "node_modules/passport": { + "version": "0.6.0", + "resolved": "https://registry.npmjs.org/passport/-/passport-0.6.0.tgz", + "integrity": "sha512-0fe+p3ZnrWRW74fe8+SvCyf4a3Pb2/h7gFkQ8yTJpAO50gDzlfjZUZTO1k5Eg9kUct22OxHLqDZoKUWRHOh9ug==", + "dependencies": { + "passport-strategy": "1.x.x", + "pause": "0.0.1", + "utils-merge": "^1.0.1" + }, + "engines": { + "node": ">= 0.4.0" + }, + "funding": { + "type": "github", + "url": "https://github.com/sponsors/jaredhanson" + } + }, + "node_modules/passport-local": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/passport-local/-/passport-local-1.0.0.tgz", + "integrity": "sha512-9wCE6qKznvf9mQYYbgJ3sVOHmCWoUNMVFoZzNoznmISbhnNNPhN9xfY3sLmScHMetEJeoY7CXwfhCe7argfQow==", + "dependencies": { + "passport-strategy": "1.x.x" + }, + "engines": { + "node": ">= 0.4.0" + } + }, + "node_modules/passport-local-mongoose": { + "version": "8.0.0", + "resolved": "https://registry.npmjs.org/passport-local-mongoose/-/passport-local-mongoose-8.0.0.tgz", + "integrity": "sha512-jgfN/B0j11WT5f96QlL5EBvxbIwmzd+tbwPzG1Vk8hzDOF68jrch5M+NFvrHjWjb3lfAU0DkxKmNRT9BjFZysQ==", + "dependencies": { + "generaterr": "^1.5.0", + "passport-local": "^1.0.0", + "scmp": "^2.1.0" + }, + "engines": { + "node": ">= 8.0.0" + } + }, + "node_modules/passport-strategy": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/passport-strategy/-/passport-strategy-1.0.0.tgz", + "integrity": "sha512-CB97UUvDKJde2V0KDWWB3lyf6PC3FaZP7YxZ2G8OAtn9p4HI9j9JLP9qjOGZFvyl8uwNT8qM+hGnz/n16NI7oA==", + "engines": { + "node": ">= 0.4.0" + } + }, + "node_modules/path-is-absolute": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", + "integrity": "sha512-AVbw3UJ2e9bq64vSaS9Am0fje1Pa8pbGqTTsmXfaIiMpnr5DlDhfJOuLj9Sf95ZPVDAUerDfEk88MPmPe7UCQg==", + "engines": { + "node": ">=0.10.0" + } + }, "node_modules/path-to-regexp": { "version": "0.1.7", "resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-0.1.7.tgz", "integrity": "sha512-5DFkuoqlv1uYQKxy8omFBeJPQcdoE07Kv2sferDCrAq1ohOU+MSDswDIbnx3YAM60qIOnYa53wBhXW0EbMonrQ==" }, + "node_modules/pause": { + "version": "0.0.1", + "resolved": "https://registry.npmjs.org/pause/-/pause-0.0.1.tgz", + "integrity": "sha512-KG8UEiEVkR3wGEb4m5yZkVCzigAD+cVEJck2CzYZO37ZGJfctvVptVO192MwrtPhzONn6go8ylnOdMhKqi4nfg==" + }, "node_modules/proxy-addr": { "version": "2.0.7", "resolved": "https://registry.npmjs.org/proxy-addr/-/proxy-addr-2.0.7.tgz", @@ -816,6 +1390,14 @@ "url": "https://github.com/sponsors/ljharb" } }, + "node_modules/random-bytes": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/random-bytes/-/random-bytes-1.0.0.tgz", + "integrity": "sha512-iv7LhNVO047HzYR3InF6pUcUsPQiHTM1Qal51DcGSuZFBil1aBBWG5eHPNek7bvILMaYJ/8RU1e8w1AMdHmLQQ==", + "engines": { + "node": ">= 0.8" + } + }, "node_modules/range-parser": { "version": "1.2.1", "resolved": "https://registry.npmjs.org/range-parser/-/range-parser-1.2.1.tgz", @@ -838,6 +1420,33 @@ "node": ">= 0.8" } }, + "node_modules/readable-stream": { + "version": "3.6.2", + "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-3.6.2.tgz", + "integrity": "sha512-9u/sniCrY3D5WdsERHzHE4G2YCXqoG5FTHUiCC4SIbr6XcLZBY05ya9EKjYek9O5xOAwjGq+1JdGBAS7Q9ScoA==", + "dependencies": { + "inherits": "^2.0.3", + "string_decoder": "^1.1.1", + "util-deprecate": "^1.0.1" + }, + "engines": { + "node": ">= 6" + } + }, + "node_modules/rimraf": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-3.0.2.tgz", + "integrity": "sha512-JZkJMZkAGFFPP2YqXZXPbMlMBgsxzE8ILs4lMIX/2o0L9UBw9O/Y3o6wFw/i9YLapcUJWwqbi3kdxIPdC62TIA==", + "dependencies": { + "glob": "^7.1.3" + }, + "bin": { + "rimraf": "bin.js" + }, + "funding": { + "url": "https://github.com/sponsors/isaacs" + } + }, "node_modules/safe-buffer": { "version": "5.2.1", "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz", @@ -862,6 +1471,25 @@ "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==" }, + "node_modules/scmp": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/scmp/-/scmp-2.1.0.tgz", + "integrity": "sha512-o/mRQGk9Rcer/jEEw/yw4mwo3EU/NvYvp577/Btqrym9Qy5/MdWGBqipbALgd2lrdWTJ5/gqDusxfnQBxOxT2Q==" + }, + "node_modules/semver": { + "version": "7.5.4", + "resolved": "https://registry.npmjs.org/semver/-/semver-7.5.4.tgz", + "integrity": "sha512-1bCSESV6Pv+i21Hvpxp3Dx+pSD8lIPt8uVjRrxAUt/nbswYc+tK6Y2btiULjd4+fnq15PX+nqQDC7Oft7WkwcA==", + "dependencies": { + "lru-cache": "^6.0.0" + }, + "bin": { + "semver": "bin/semver.js" + }, + "engines": { + "node": ">=10" + } + }, "node_modules/send": { "version": "0.18.0", "resolved": "https://registry.npmjs.org/send/-/send-0.18.0.tgz", @@ -904,6 +1532,11 @@ "node": ">= 0.8.0" } }, + "node_modules/set-blocking": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/set-blocking/-/set-blocking-2.0.0.tgz", + "integrity": "sha512-KiKBS8AnWGEyLzofFfmvKwpdPzqiy16LvQfK3yv/fVH7Bj13/wl3JSR1J+rfgRE9q7xUJK4qvgS8raSOeLUehw==" + }, "node_modules/setprototypeof": { "version": "1.2.0", "resolved": "https://registry.npmjs.org/setprototypeof/-/setprototypeof-1.2.0.tgz", @@ -927,6 +1560,11 @@ "resolved": "https://registry.npmjs.org/sift/-/sift-16.0.1.tgz", "integrity": "sha512-Wv6BjQ5zbhW7VFefWusVP33T/EM0vYikCaQ2qR8yULbsilAT8/wQaXvuQ3ptGLpoKx+lihJE3y2UTgKDyyNHZQ==" }, + "node_modules/signal-exit": { + "version": "3.0.7", + "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", + "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==" + }, "node_modules/smart-buffer": { "version": "4.2.0", "resolved": "https://registry.npmjs.org/smart-buffer/-/smart-buffer-4.2.0.tgz", @@ -965,6 +1603,38 @@ "node": ">= 0.8" } }, + "node_modules/string_decoder": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.3.0.tgz", + "integrity": "sha512-hkRX8U1WjJFd8LsDJ2yQ/wWWxaopEsABU1XfkM8A+j0+85JAGppt16cr1Whg6KIbb4okU6Mql6BOj+uup/wKeA==", + "dependencies": { + "safe-buffer": "~5.2.0" + } + }, + "node_modules/string-width": { + "version": "4.2.3", + "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", + "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", + "dependencies": { + "emoji-regex": "^8.0.0", + "is-fullwidth-code-point": "^3.0.0", + "strip-ansi": "^6.0.1" + }, + "engines": { + "node": ">=8" + } + }, + "node_modules/strip-ansi": { + "version": "6.0.1", + "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", + "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", + "dependencies": { + "ansi-regex": "^5.0.1" + }, + "engines": { + "node": ">=8" + } + }, "node_modules/supports-color": { "version": "7.2.0", "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", @@ -976,6 +1646,22 @@ "node": ">=8" } }, + "node_modules/tar": { + "version": "6.2.0", + "resolved": "https://registry.npmjs.org/tar/-/tar-6.2.0.tgz", + "integrity": "sha512-/Wo7DcT0u5HUV486xg675HtjNd3BXZ6xDbzsCUZPt5iw8bTQ63bP0Raut3mvro9u+CUyq7YQd8Cx55fsZXxqLQ==", + "dependencies": { + "chownr": "^2.0.0", + "fs-minipass": "^2.0.0", + "minipass": "^5.0.0", + "minizlib": "^2.1.1", + "mkdirp": "^1.0.3", + "yallist": "^4.0.0" + }, + "engines": { + "node": ">=10" + } + }, "node_modules/toidentifier": { "version": "1.0.1", "resolved": "https://registry.npmjs.org/toidentifier/-/toidentifier-1.0.1.tgz", @@ -1007,6 +1693,17 @@ "node": ">= 0.6" } }, + "node_modules/uid-safe": { + "version": "2.1.5", + "resolved": "https://registry.npmjs.org/uid-safe/-/uid-safe-2.1.5.tgz", + "integrity": "sha512-KPHm4VL5dDXKz01UuEd88Df+KzynaohSL9fBh096KWAxSKZQDI2uBrVqtvRM4rwrIrRRKsdLNML/lnaaVSRioA==", + "dependencies": { + "random-bytes": "~1.0.0" + }, + "engines": { + "node": ">= 0.8" + } + }, "node_modules/unpipe": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/unpipe/-/unpipe-1.0.0.tgz", @@ -1015,6 +1712,11 @@ "node": ">= 0.8" } }, + "node_modules/util-deprecate": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/util-deprecate/-/util-deprecate-1.0.2.tgz", + "integrity": "sha512-EPD5q1uXyFxJpCrLnCc1nHnq3gOa6DZBocAIiI2TaSCA7VCJ1UJDMagCzIkXNsUYfD1daK//LTEQ8xiIbrHtcw==" + }, "node_modules/utils-merge": { "version": "1.0.1", "resolved": "https://registry.npmjs.org/utils-merge/-/utils-merge-1.0.1.tgz", @@ -1050,6 +1752,24 @@ "engines": { "node": ">=12" } + }, + "node_modules/wide-align": { + "version": "1.1.5", + "resolved": "https://registry.npmjs.org/wide-align/-/wide-align-1.1.5.tgz", + "integrity": "sha512-eDMORYaPNZ4sQIuuYPDHdQvf4gyCF9rEEV/yPxGfwPkRodwEgiMUUXTx/dex+Me0wxx53S+NgUHaP7y3MGlDmg==", + "dependencies": { + "string-width": "^1.0.2 || 2 || 3 || 4" + } + }, + "node_modules/wrappy": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", + "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==" + }, + "node_modules/yallist": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", + "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==" } } } diff --git a/package.json b/package.json index 72250c0..96e83db 100644 --- a/package.json +++ b/package.json @@ -1,8 +1,32 @@ { "dependencies": { + "bcrypt": "^5.1.1", + "connect-flash": "^0.1.1", "ejs": "^3.1.9", "express": "^4.18.2", + "express-session": "^1.17.3", "mongodb": "^6.1.0", - "mongoose": "^7.5.3" - } + "mongoose": "^7.5.3", + "morgan": "^1.10.0", + "passport": "^0.6.0", + "passport-local": "^1.0.0", + "passport-local-mongoose": "^8.0.0" + }, + "name": "course-manager", + "description": " ", + "version": "0.0.1", + "main": "src/app.js", + "scripts": { + "test": "echo \"Error: no test specified\" && exit 1" + }, + "repository": { + "type": "git", + "url": "git+https://github.com/Artlfmj/course-manager.git" + }, + "author": "Artlfmj", + "license": "ISC", + "bugs": { + "url": "https://github.com/Artlfmj/course-manager/issues" + }, + "homepage": "https://github.com/Artlfmj/course-manager#readme" } diff --git a/src/app.js b/src/app.js index dc153b1..de26524 100644 --- a/src/app.js +++ b/src/app.js @@ -1,57 +1,204 @@ -const express = require('express'); -const mongoose = require('mongoose'); -const fs = require('fs'); +const express = require("express"); +const mongoose = require("mongoose"); +const fs = require("fs"); +const passport = require("passport"); +const LocalStrategy = require("passport-local").Strategy; +const session = require("express-session"); +const flash = require("connect-flash"); +const morgan = require("morgan"); +const bcrypt = require("bcrypt"); // Import bcrypt for password hashing + +const User = require("./db/User"); +const isAuthenticated = require("./middlewares/isAuthenticated"); const app = express(); -// Read configuration from config.json -let config; -try { - const configData = fs.readFileSync('config.json'); - config = JSON.parse(configData); -} catch (err) { - console.error('Error reading config file:', err); - process.exit(1); -} +app.set("view engine", "ejs"); +app.set("views", "src/views"); +app.use(express.urlencoded({ extended: true })); +app.use(morgan("dev")); + +const config = require("../config.json"); // Connect to MongoDB using the configuration -mongoose.connect(config.mongodb_uri, { - useNewUrlParser: true, - useUnifiedTopology: true, -}) +mongoose + .connect(config.mongodb_uri, { + useNewUrlParser: true, + useUnifiedTopology: true, + }) .then(() => { - console.log('Connected to MongoDB'); + console.log("Connected to MongoDB"); // Start your application logic here }) .catch((err) => { - console.error('Error connecting to MongoDB:', err); + console.error("Error connecting to MongoDB:", err); process.exit(1); }); -// Simulated user data (replace with actual user data from your database) -const users = [ - { username: 'user1', password: 'password1' }, - { username: 'user2', password: 'password2' }, -]; - -// Define your login function here -function login(username, password) { - const user = users.find((u) => u.username === username && u.password === password); - return !!user; // Return true if the user exists, false otherwise -} - -// Example usage of the login function -app.get('/login', (req, res) => { - const username = req.query.username; - const password = req.query.password; - - if (login(username, password)) { - res.send('Login successful'); + passport.use( + new LocalStrategy(async (username, password, done) => { + try { + const user = await User.findOne({ username: username }); + if (!user) return done(null, false, { message: "Incorrect username." }); + const passwordMatch = await bcrypt.compare(password, user.password); + if (!passwordMatch) + return done(null, false, { message: "Incorrect password." }); + + return done(null, user); + } catch (err) { + return done(err); + } + }) + ); + +passport.serializeUser((user, done) => { + done(null, user.id); +}); + +passport.deserializeUser((id, done) => { + User.findById(id) + .then((user) => { + done(null, user); + }) + .catch((err) => { + done(err); + }); +}); + +app.use( + session({ secret: config.secret_key, resave: false, saveUninitialized: true }) +); +app.use(flash()); +app.use(passport.initialize()); +app.use(passport.session()); + +app.get("/login", (req, res) => { + if (req.isAuthenticated()) { + return res.redirect("/"); } else { - res.status(401).send('Login failed'); + res.render("login", { messages: req.flash("error") }); // Pass flash messages to the template + } +}); + +app.post("/login", (req, res, next) => { + passport.authenticate("local", (err, user, info) => { + if (err) { + return next(err); + } + if (!user) { + req.flash("error", "Incorrect username or password."); // Set flash message + return res.redirect("/login"); // Redirect with flash message + } + req.logIn(user, (err) => { + if (err) { + return next(err); + } + return res.redirect("/"); + }); + })(req, res, next); +}); + +app.get("/logout", (req, res) => { + req.logout((err) => { + if (err) { + console.error("Error during logout:", err); + } + res.redirect("/login"); + }); + }); + +app.get("/", isAuthenticated, (req, res) => { + // This route is protected and can only be accessed by authenticated users + res.render("home"); +}); + +app.get("/register", (req, res) => { + if (req.isAuthenticated()) return res.redirect("/"); + res.render("register", { messages: req.flash("error") }); +}); + +app.post("/register", async (req, res) => { + const { username, email, password, confirmPassword, fullName } = req.body; + + try { + // Check if the username or email already exists in the database + const existingUser = await User.findOne({ + $or: [{ username: username }, { email: email }], + }); + + if (existingUser) { + req.flash("error", "Username or email already in use."); + return res.redirect("/register"); + } + + // Check if the password and confirmPassword match + if (password !== confirmPassword) { + req.flash("error", "Passwords do not match."); + return res.redirect("/register"); + } + + // Hash the password before saving it + const salt = await bcrypt.genSalt(10); + const hashedPassword = await bcrypt.hash(password, salt); + + // Create a new user document and save it to the database + const newUser = new User({ + username: username, + email: email, + password: hashedPassword, + fullName + // Additional user profile fields can be added here + }); + + await newUser.save(); + + // Redirect to the login page after successful registration + res.redirect("/login"); + } catch (error) { + console.error("Error during registration:", error); + req.flash("error", "Registration failed. Please try again."); + res.redirect("/register"); } }); +app.get('/profile', isAuthenticated, async (req, res) => { + res.render('profile', { user: req.user, messages: req.flash() }); + }); + +app.post('/profile', isAuthenticated, async (req, res) => { + const { fullName, avatarUrl, bio, location, website } = req.body; + + try { + // Find the user by their ID (you need to have the user ID stored in the session) + const userId = req.user._id; // Assuming you have a user object in the session + const user = await User.findById(userId); + + if (!user) { + // Handle the case where the user is not found + return res.status(404).send('User not found.'); + } + + // Update the user's profile fields + user.fullName = fullName; + user.avatarUrl = avatarUrl; + user.bio = bio; + user.location = location; + user.website = website; + + // Save the updated user profile + await user.save(); + + // Redirect to the user's profile page or any other desired page + return res.redirect('/profile'); + } catch (error) { + console.error('Error updating profile:', error); + // Handle the error, display an error message, or redirect to an error page + return res.status(500).send('Error updating profile.'); + } + }); + +app.use("/css", express.static("src/css")); + // Start the server const PORT = process.env.PORT || 3000; app.listen(PORT, () => { diff --git a/src/css/login.css b/src/css/login.css new file mode 100644 index 0000000..9183b7f --- /dev/null +++ b/src/css/login.css @@ -0,0 +1,58 @@ +body { + font-family: Arial, sans-serif; + background-color: #f0f0f0; + margin: 0; + padding: 0; + display: flex; + justify-content: center; + align-items: center; + height: 100vh; +} + +.login-container { + background-color: #ffffff; + padding: 20px; + border-radius: 5px; + box-shadow: 0 2px 5px rgba(0, 0, 0, 0.1); + text-align: center; +} + +h1 { + font-size: 24px; + margin-bottom: 20px; +} + +.form-group { + margin-bottom: 15px; +} + +label { + display: block; + font-weight: bold; + margin-bottom: 5px; +} + +input[type="text"], +input[type="password"] { + width: 100%; + padding: 10px; + border: 1px solid #ccc; + border-radius: 3px; +} + +button { + background-color: #007bff; + color: #fff; + border: none; + padding: 10px 20px; + border-radius: 3px; + cursor: pointer; +} + +button:hover { + background-color: #0056b3; +} + +p { + margin-top: 10px; +} diff --git a/src/css/profile.css b/src/css/profile.css new file mode 100644 index 0000000..f0acb7c --- /dev/null +++ b/src/css/profile.css @@ -0,0 +1,91 @@ +/* Reset some default styles */ +body { + margin: 0; + padding: 0; + font-family: Arial, sans-serif; + } + + /* Header styles */ + header { + background-color: #333; + color: white; + padding: 10px; + text-align: center; + } + + /* Profile container */ + .profile-container { + max-width: 800px; + margin: 0 auto; + padding: 20px; + } + + /* Profile section */ + .profile-section { + background-color: #f9f9f9; + border: 1px solid #ddd; + border-radius: 5px; + padding: 20px; + margin-bottom: 20px; + } + + /* Profile section title */ + .profile-section h2 { + margin-top: 0; + font-size: 24px; + } + + /* Profile form */ + .profile-form { + display: flex; + flex-wrap: wrap; + } + + /* Profile form fields */ + .profile-form .form-group { + width: 100%; + margin-bottom: 15px; + } + + /* Profile form labels */ + .profile-form label { + display: block; + font-weight: bold; + } + + /* Profile form input fields */ + .profile-form input[type="text"], + .profile-form input[type="email"] { + width: 100%; + padding: 10px; + border: 1px solid #ddd; + border-radius: 5px; + } + + /* Profile form submit button */ + .profile-form .submit-btn { + background-color: #333; + color: white; + border: none; + border-radius: 5px; + padding: 10px 20px; + cursor: pointer; + } + + /* Profile form submit button on hover */ + .profile-form .submit-btn:hover { + background-color: #555; + } + + /* Error message styles */ + .error-message { + color: red; + margin-top: 5px; + } + + /* Success message styles */ + .success-message { + color: green; + margin-top: 5px; + } + \ No newline at end of file diff --git a/src/css/register.css b/src/css/register.css new file mode 100644 index 0000000..6fa4951 --- /dev/null +++ b/src/css/register.css @@ -0,0 +1,93 @@ +/* register.css */ + +/* Container styling */ +.registration-container { + max-width: 400px; + margin: 0 auto; + padding: 40px; + background-color: #ffffff; + border-radius: 8px; + box-shadow: 0px 0px 10px rgba(0, 0, 0, 0.1); + } + + /* Form styling */ + .form-group { + margin-bottom: 20px; + } + + label { + display: block; + font-weight: bold; + margin-bottom: 8px; + color: #333; + } + + input[type="text"], + input[type="email"], + input[type="password"] { + width: 100%; + padding: 12px; + border: 1px solid #ccc; + border-radius: 4px; + font-size: 16px; + transition: border-color 0.3s ease-in-out; + } + + input[type="text"]:focus, + input[type="email"]:focus, + input[type="password"]:focus { + border-color: #007bff; + } + + button[type="submit"] { + background-color: #007bff; + color: #fff; + border: none; + border-radius: 4px; + padding: 12px 20px; + cursor: pointer; + font-size: 18px; + transition: background-color 0.3s ease-in-out; + } + + button[type="submit"]:hover { + background-color: #0056b3; + } + + /* Error message styling */ + .alert { + padding: 10px; + margin-bottom: 20px; + border-radius: 4px; + color: #721c24; + background-color: #f8d7da; + border: 1px solid #f5c6cb; + } + + /* Link styling */ + a { + color: #007bff; + text-decoration: none; + } + + a:hover { + text-decoration: underline; + } + + /* Responsive styling */ + @media screen and (max-width: 600px) { + .registration-container { + padding: 20px; + } + + input[type="text"], + input[type="email"], + input[type="password"] { + font-size: 14px; + } + + button[type="submit"] { + font-size: 16px; + } + } + \ No newline at end of file diff --git a/src/db/User.js b/src/db/User.js new file mode 100644 index 0000000..4472380 --- /dev/null +++ b/src/db/User.js @@ -0,0 +1,63 @@ +const mongoose = require('mongoose'); +const bcrypt = require('bcrypt'); + +// Define the user schema +const userSchema = new mongoose.Schema({ + // Basic user information + username: { + type: String, + required: true, + unique: true, + trim: true, + }, + email: { + type: String, + required: true, + unique: true, + trim: true, + lowercase: true, + }, + password: { + type: String, + required: true, + }, + fullName: { + type: String, + required: true, + }, + avatarUrl: { + type: String, + }, + bio: { + type: String, + }, + location: { + type: String, + }, + website: { + type: String, + }, + + // User roles or permissions (if needed) + roles: [ + { + type: String, + enum: ['user', 'admin'], // Customize roles as needed + default: 'user', + }, + ], + + // Timestamps for user creation and updates + createdAt: { + type: Date, + default: Date.now, + }, + updatedAt: { + type: Date, + default: Date.now, + }, +}); + +const User = mongoose.model('User', userSchema); + +module.exports = User; diff --git a/src/middlewares/isAuthenticated.js b/src/middlewares/isAuthenticated.js new file mode 100644 index 0000000..84f42e8 --- /dev/null +++ b/src/middlewares/isAuthenticated.js @@ -0,0 +1,9 @@ +// Middleware function to check if the user is authenticated +function isAuthenticated(req, res, next) { + if (req.isAuthenticated()) { + return next(); // Continue to the next middleware if the user is authenticated + } + res.redirect('/login'); // Redirect to the login page if not authenticated + } + + module.exports = isAuthenticated; \ No newline at end of file diff --git a/src/views/login.ejs b/src/views/login.ejs new file mode 100644 index 0000000..8a602b5 --- /dev/null +++ b/src/views/login.ejs @@ -0,0 +1,36 @@ + + + + + + + Login + + +
+

Login

+ + + <% if (messages && messages.length > 0) { %> +
+ <%= messages[0] %> +
+ <% } %> + +
+
+ + +
+
+ + +
+
+ +
+
+

Don't have an account? Register here

+
+ + diff --git a/src/views/profile.ejs b/src/views/profile.ejs new file mode 100644 index 0000000..572a0f3 --- /dev/null +++ b/src/views/profile.ejs @@ -0,0 +1,131 @@ + + + + + + User Profile + + + + +
+
+

Welcome, <%= user.username %>!

+ + +
+

Profile Information

+
+
+ + +
+ +
+ + +
+ +
+ + +
+ +
+ + +
+ +
+ + +
+ +
+ +
+
+
+ + +
+

Change Password

+
+
+ + +
+ +
+ + +
+ +
+ + +
+ +
+ +
+
+
+ + + <% if (messages.error) { %> +
+ <%= messages.error %> +
+ <% } %> + + + <% if (messages.success) { %> +
+ <%= messages.success %> +
+ <% } %> +
+
+ + diff --git a/src/views/register.ejs b/src/views/register.ejs new file mode 100644 index 0000000..a18bed7 --- /dev/null +++ b/src/views/register.ejs @@ -0,0 +1,48 @@ + + + + + + + Registration + + +
+

Registration

+ + + <% if (messages && messages.length > 0) { %> +
+ <%= messages[0] %> +
+ <% } %> + +
+
+ + +
+
+ + +
+
+ + +
+
+ + +
+
+ + +
+
+ +
+
+

Already have an account? Login here

+
+ + From 12c5cf41128ce87f90e2ec59e36fe46a1231e90e Mon Sep 17 00:00:00 2001 From: Artlfmj <73163159+Artlfmj@users.noreply.github.com> Date: Sun, 1 Oct 2023 14:56:25 +0200 Subject: [PATCH 2/4] feat(rate-limits) --- package-lock.json | 12 ++++++++++++ package.json | 1 + src/app.js | 13 ++++++++++--- 3 files changed, 23 insertions(+), 3 deletions(-) diff --git a/package-lock.json b/package-lock.json index 670b4d1..4f4de42 100644 --- a/package-lock.json +++ b/package-lock.json @@ -13,6 +13,7 @@ "connect-flash": "^0.1.1", "ejs": "^3.1.9", "express": "^4.18.2", + "express-rate-limit": "^7.0.2", "express-session": "^1.17.3", "mongodb": "^6.1.0", "mongoose": "^7.5.3", @@ -481,6 +482,17 @@ "node": ">= 0.10.0" } }, + "node_modules/express-rate-limit": { + "version": "7.0.2", + "resolved": "https://registry.npmjs.org/express-rate-limit/-/express-rate-limit-7.0.2.tgz", + "integrity": "sha512-EZoojG9civtJ6GRR7vE0JErow5q/ltbIl0RGbYhrNJKwBC9/kp2HckpdAvQkkE0sRAAtFDBvILvwZSR2kQroDw==", + "engines": { + "node": ">= 16" + }, + "peerDependencies": { + "express": "^4 || ^5" + } + }, "node_modules/express-session": { "version": "1.17.3", "resolved": "https://registry.npmjs.org/express-session/-/express-session-1.17.3.tgz", diff --git a/package.json b/package.json index 96e83db..d335a58 100644 --- a/package.json +++ b/package.json @@ -4,6 +4,7 @@ "connect-flash": "^0.1.1", "ejs": "^3.1.9", "express": "^4.18.2", + "express-rate-limit": "^7.0.2", "express-session": "^1.17.3", "mongodb": "^6.1.0", "mongoose": "^7.5.3", diff --git a/src/app.js b/src/app.js index de26524..47e7b8f 100644 --- a/src/app.js +++ b/src/app.js @@ -7,12 +7,19 @@ const session = require("express-session"); const flash = require("connect-flash"); const morgan = require("morgan"); const bcrypt = require("bcrypt"); // Import bcrypt for password hashing +const rateLimit = require("express-rate-limit"); const User = require("./db/User"); const isAuthenticated = require("./middlewares/isAuthenticated"); const app = express(); +const limiter = rateLimit({ + windowMs: 15 * 60 * 1000, // 15 minutes + max: 5, // 5 requests per windowMs + message: "Too many requests from this IP, please try again later.", +}); + app.set("view engine", "ejs"); app.set("views", "src/views"); app.use(express.urlencoded({ extended: true })); @@ -72,7 +79,7 @@ app.use(flash()); app.use(passport.initialize()); app.use(passport.session()); -app.get("/login", (req, res) => { +app.get("/login", limiter, (req, res) => { if (req.isAuthenticated()) { return res.redirect("/"); } else { @@ -98,7 +105,7 @@ app.post("/login", (req, res, next) => { })(req, res, next); }); -app.get("/logout", (req, res) => { +app.get("/logout", limiter, (req, res) => { req.logout((err) => { if (err) { console.error("Error during logout:", err); @@ -117,7 +124,7 @@ app.get("/register", (req, res) => { res.render("register", { messages: req.flash("error") }); }); -app.post("/register", async (req, res) => { +app.post("/register", limiter, async (req, res) => { const { username, email, password, confirmPassword, fullName } = req.body; try { From 1bfb52761f11b5ef7c536380af8d87485c1f9c73 Mon Sep 17 00:00:00 2001 From: Artlfmj <73163159+Artlfmj@users.noreply.github.com> Date: Sun, 1 Oct 2023 15:00:32 +0200 Subject: [PATCH 3/4] feat(rate-limit) : adds profile --- src/app.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/app.js b/src/app.js index 47e7b8f..9998aef 100644 --- a/src/app.js +++ b/src/app.js @@ -87,7 +87,7 @@ app.get("/login", limiter, (req, res) => { } }); -app.post("/login", (req, res, next) => { +app.post("/login",limiter, (req, res, next) => { passport.authenticate("local", (err, user, info) => { if (err) { return next(err); @@ -172,7 +172,7 @@ app.get('/profile', isAuthenticated, async (req, res) => { res.render('profile', { user: req.user, messages: req.flash() }); }); -app.post('/profile', isAuthenticated, async (req, res) => { +app.post('/profile', limiter, isAuthenticated, async (req, res) => { const { fullName, avatarUrl, bio, location, website } = req.body; try { From b418ff4440dad60626c8055ac8d392dff92c4004 Mon Sep 17 00:00:00 2001 From: Artlfmj <73163159+Artlfmj@users.noreply.github.com> Date: Sun, 1 Oct 2023 15:03:08 +0200 Subject: [PATCH 4/4] feat(csrf): adds csrf to forms --- package-lock.json | 115 +++++++++++++++++++++++++++++++++++++++++ package.json | 2 + src/app.js | 13 +++++ src/views/login.ejs | 1 + src/views/profile.ejs | 1 + src/views/register.ejs | 1 + 6 files changed, 133 insertions(+) diff --git a/package-lock.json b/package-lock.json index 4f4de42..eef7a32 100644 --- a/package-lock.json +++ b/package-lock.json @@ -11,6 +11,8 @@ "dependencies": { "bcrypt": "^5.1.1", "connect-flash": "^0.1.1", + "cookie-parser": "^1.4.6", + "csurf": "^1.11.0", "ejs": "^3.1.9", "express": "^4.18.2", "express-rate-limit": "^7.0.2", @@ -353,11 +355,111 @@ "node": ">= 0.6" } }, + "node_modules/cookie-parser": { + "version": "1.4.6", + "resolved": "https://registry.npmjs.org/cookie-parser/-/cookie-parser-1.4.6.tgz", + "integrity": "sha512-z3IzaNjdwUC2olLIB5/ITd0/setiaFMLYiZJle7xg5Fe9KWAceil7xszYfHHBtDFYLSgJduS2Ty0P1uJdPDJeA==", + "dependencies": { + "cookie": "0.4.1", + "cookie-signature": "1.0.6" + }, + "engines": { + "node": ">= 0.8.0" + } + }, + "node_modules/cookie-parser/node_modules/cookie": { + "version": "0.4.1", + "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.4.1.tgz", + "integrity": "sha512-ZwrFkGJxUR3EIoXtO+yVE69Eb7KlixbaeAWfBQB9vVsNn/o+Yw69gBWSSDK825hQNdN+wF8zELf3dFNl/kxkUA==", + "engines": { + "node": ">= 0.6" + } + }, "node_modules/cookie-signature": { "version": "1.0.6", "resolved": "https://registry.npmjs.org/cookie-signature/-/cookie-signature-1.0.6.tgz", "integrity": "sha512-QADzlaHc8icV8I7vbaJXJwod9HWYp8uCqf1xa4OfNu1T7JVxQIrUgOWtHdNDtPiywmFbiS12VjotIXLrKM3orQ==" }, + "node_modules/csrf": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/csrf/-/csrf-3.1.0.tgz", + "integrity": "sha512-uTqEnCvWRk042asU6JtapDTcJeeailFy4ydOQS28bj1hcLnYRiqi8SsD2jS412AY1I/4qdOwWZun774iqywf9w==", + "dependencies": { + "rndm": "1.2.0", + "tsscmp": "1.0.6", + "uid-safe": "2.1.5" + }, + "engines": { + "node": ">= 0.8" + } + }, + "node_modules/csurf": { + "version": "1.11.0", + "resolved": "https://registry.npmjs.org/csurf/-/csurf-1.11.0.tgz", + "integrity": "sha512-UCtehyEExKTxgiu8UHdGvHj4tnpE/Qctue03Giq5gPgMQ9cg/ciod5blZQ5a4uCEenNQjxyGuzygLdKUmee/bQ==", + "deprecated": "Please use another csrf package", + "dependencies": { + "cookie": "0.4.0", + "cookie-signature": "1.0.6", + "csrf": "3.1.0", + "http-errors": "~1.7.3" + }, + "engines": { + "node": ">= 0.8.0" + } + }, + "node_modules/csurf/node_modules/cookie": { + "version": "0.4.0", + "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.4.0.tgz", + "integrity": "sha512-+Hp8fLp57wnUSt0tY0tHEXh4voZRDnoIrZPqlo3DPiI4y9lwg/jqx+1Om94/W6ZaPDOUbnjOt/99w66zk+l1Xg==", + "engines": { + "node": ">= 0.6" + } + }, + "node_modules/csurf/node_modules/depd": { + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/depd/-/depd-1.1.2.tgz", + "integrity": "sha512-7emPTl6Dpo6JRXOXjLRxck+FlLRX5847cLKEn00PLAgc3g2hTZZgr+e4c2v6QpSmLeFP3n5yUo7ft6avBK/5jQ==", + "engines": { + "node": ">= 0.6" + } + }, + "node_modules/csurf/node_modules/http-errors": { + "version": "1.7.3", + "resolved": "https://registry.npmjs.org/http-errors/-/http-errors-1.7.3.tgz", + "integrity": "sha512-ZTTX0MWrsQ2ZAhA1cejAwDLycFsd7I7nVtnkT3Ol0aqodaKW+0CTZDQ1uBv5whptCnc8e8HeRRJxRs0kmm/Qfw==", + "dependencies": { + "depd": "~1.1.2", + "inherits": "2.0.4", + "setprototypeof": "1.1.1", + "statuses": ">= 1.5.0 < 2", + "toidentifier": "1.0.0" + }, + "engines": { + "node": ">= 0.6" + } + }, + "node_modules/csurf/node_modules/setprototypeof": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/setprototypeof/-/setprototypeof-1.1.1.tgz", + "integrity": "sha512-JvdAWfbXeIGaZ9cILp38HntZSFSo3mWg6xGcJJsd+d4aRMOqauag1C63dJfDw7OaMYwEbHMOxEZ1lqVRYP2OAw==" + }, + "node_modules/csurf/node_modules/statuses": { + "version": "1.5.0", + "resolved": "https://registry.npmjs.org/statuses/-/statuses-1.5.0.tgz", + "integrity": "sha512-OpZ3zP+jT1PI7I8nemJX4AKmAX070ZkYPVWV/AaKTJl+tXCTGyVdC1a4SL8RUQYEwk/f34ZX8UTykN68FwrqAA==", + "engines": { + "node": ">= 0.6" + } + }, + "node_modules/csurf/node_modules/toidentifier": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/toidentifier/-/toidentifier-1.0.0.tgz", + "integrity": "sha512-yaOH/Pk/VEhBWWTlhI+qXxDFXlejDGcQipMlyxda9nthulaxLZUNcUqFxokp0vcYnvteJln5FNQDRrxj3YcbVw==", + "engines": { + "node": ">=0.6" + } + }, "node_modules/debug": { "version": "2.6.9", "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", @@ -1459,6 +1561,11 @@ "url": "https://github.com/sponsors/isaacs" } }, + "node_modules/rndm": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/rndm/-/rndm-1.2.0.tgz", + "integrity": "sha512-fJhQQI5tLrQvYIYFpOnFinzv9dwmR7hRnUz1XqP3OJ1jIweTNOd6aTO4jwQSgcBSFUB+/KHJxuGneime+FdzOw==" + }, "node_modules/safe-buffer": { "version": "5.2.1", "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz", @@ -1693,6 +1800,14 @@ "node": ">=12" } }, + "node_modules/tsscmp": { + "version": "1.0.6", + "resolved": "https://registry.npmjs.org/tsscmp/-/tsscmp-1.0.6.tgz", + "integrity": "sha512-LxhtAkPDTkVCMQjt2h6eBVY28KCjikZqZfMcC15YBeNjkgUpdCfBu5HoiOTDu86v6smE8yOjyEktJ8hlbANHQA==", + "engines": { + "node": ">=0.6.x" + } + }, "node_modules/type-is": { "version": "1.6.18", "resolved": "https://registry.npmjs.org/type-is/-/type-is-1.6.18.tgz", diff --git a/package.json b/package.json index d335a58..5efcd04 100644 --- a/package.json +++ b/package.json @@ -2,6 +2,8 @@ "dependencies": { "bcrypt": "^5.1.1", "connect-flash": "^0.1.1", + "cookie-parser": "^1.4.6", + "csurf": "^1.11.0", "ejs": "^3.1.9", "express": "^4.18.2", "express-rate-limit": "^7.0.2", diff --git a/src/app.js b/src/app.js index 9998aef..a8f3fd1 100644 --- a/src/app.js +++ b/src/app.js @@ -8,6 +8,8 @@ const flash = require("connect-flash"); const morgan = require("morgan"); const bcrypt = require("bcrypt"); // Import bcrypt for password hashing const rateLimit = require("express-rate-limit"); +const csrf = require("csurf"); +const cookieParser = require("cookie-parser"); const User = require("./db/User"); const isAuthenticated = require("./middlewares/isAuthenticated"); @@ -72,9 +74,11 @@ passport.deserializeUser((id, done) => { }); }); +app.use(cookieParser()); app.use( session({ secret: config.secret_key, resave: false, saveUninitialized: true }) ); +app.use(csrf()); app.use(flash()); app.use(passport.initialize()); app.use(passport.session()); @@ -88,6 +92,9 @@ app.get("/login", limiter, (req, res) => { }); app.post("/login",limiter, (req, res, next) => { + if (!req.body._csrf || req.body._csrf !== req.csrfToken()) { + return res.status(403).send("CSRF token validation failed."); + } passport.authenticate("local", (err, user, info) => { if (err) { return next(err); @@ -125,6 +132,9 @@ app.get("/register", (req, res) => { }); app.post("/register", limiter, async (req, res) => { + if (!req.body._csrf || req.body._csrf !== req.csrfToken()) { + return res.status(403).send("CSRF token validation failed."); + } const { username, email, password, confirmPassword, fullName } = req.body; try { @@ -173,6 +183,9 @@ app.get('/profile', isAuthenticated, async (req, res) => { }); app.post('/profile', limiter, isAuthenticated, async (req, res) => { + if (!req.body._csrf || req.body._csrf !== req.csrfToken()) { + return res.status(403).send("CSRF token validation failed."); + } const { fullName, avatarUrl, bio, location, website } = req.body; try { diff --git a/src/views/login.ejs b/src/views/login.ejs index 8a602b5..a52c738 100644 --- a/src/views/login.ejs +++ b/src/views/login.ejs @@ -18,6 +18,7 @@ <% } %>
+
diff --git a/src/views/profile.ejs b/src/views/profile.ejs index 572a0f3..cbf4dcd 100644 --- a/src/views/profile.ejs +++ b/src/views/profile.ejs @@ -16,6 +16,7 @@

Profile Information

+
+