Gwug 2

index.js

@@ -39,25 +39,33 @@ app.set('views', './views');
 app.use(express.static('static'));
 
 function auth(req, res, next) {
-	// Temporary auth function. See if the user provided correct basic auth (process.env.USER and PASS)
-	const authHeader = req.headers['authorization'];
-	if (!authHeader) {
-		res.setHeader('WWW-Authenticate', 'Basic realm="Restricted Area"');
-		return res.status(401).send('Authentication required.');
-	}
-	const base64Credentials = authHeader.split(' ')[1];
-	const credentials = Buffer.from(base64Credentials, 'base64').toString('ascii');
-	const [username, password] = credentials.split(':');
-	if (username === process.env.USER && password === process.env.PASS) {
-		next();
-	} else {
-		return res.status(403).send('Forbidden');
+	if (!req.session || !req.session.authenticated) {
+		return res.redirect('/login');
 	}
+	next();
 }
 
 app.get('/', auth, (req, res) => {
-	res.render('index', { user: process.env.USER });
+	res.render('index', { session: req.session });
 });
+
+app.get('/login', (req, res) => {
+	if (req.session && req.session.authenticated) {
+		return res.redirect('/');
+	}
+	res.render('login');
+});
+
+app.post('/login', (req, res) => {
+	const { username, password } = req.body;
+	if (username === process.env.USER && password === process.env.PASS) {
+		req.session.authenticated = true;
+		req.session.username = username;
+		return res.redirect('/');
+	}
+	res.redirect('/login');
+});
+
 app.listen(PORT, HOST, () => {
 	console.log(`Server running on http://${HOST}:${PORT}`);
 });

views/index.ejs

@@ -7,7 +7,7 @@
 	<title>Funny goofy test page!!!!!1!</title>
 </head>
 <body>
-	<h1>Welcome to the Funny Goofy Test Page <%= user %>!</h1>
+	<h1>Welcome to the Funny Goofy Test Page <%= session.username %>!</h1>
 	<p>This is a simple web page to demonstrate EJS templating with Bootstrap styling.</p>
 
 	<script src="/assets/js/bootstrap.min.js"></script>