package.json
{ "name": "user-auth-example", "version": "0.0.1", "dependencies": { "express": "2.5.9", "ejs": "0.4.2", "superagent": "0.3.0", "mongodb": "*", "jade": "0.20.3" } }
server.js
var express = require('express') var mongodb = require('mongodb') var ObjectId = mongodb.ObjectID var app = express.createServer() app.use(express.bodyParser()) app.use(express.cookieParser()) app.use(express.session({secret: 'my secret'})) app.use(function(req, res, next) { if (req.session.loggedIn) { res.local('authenticated', true) app.users.findOne({"_id": ObjectId(req.session.loggedIn)}, function(err, doc) { if (err) return next(err) res.local('me', doc) next() }) } else { res.local('authenticated', false) next() } }) app.set('view engine', 'jade') app.set('view options', {layout: false}) app.get('/', function(req, res) { res.render('index') }) app.get('/login', function(req, res) { if (req.session.loggedIn) { res.redirect('/') } else { res.render('login', {signupEmail: ''}) } }) app.get('/login/:signupEmail', function(req, res) { res.render('login', {signupEmail: req.params.signupEmail}) }) app.post('/login', function(req, res) { app.users.findOne({email: req.body.user.email, password: req.body.user.password}, function(err, doc) { if (err) return next(err) if (!doc) return res.send('User not found. Go back and try again') req.session.loggedIn = doc._id.toString() res.redirect('/') }) }) app.get('/logout', function(req, res) { req.session.loggedIn = null res.redirect('/') }) app.get('/signup', function(req, res) { res.render('signup') }) app.post('/signup', function(req, res, next) { app.users.insert(req.body.user, function(err, doc) { if (err) { return next(err) } res.redirect('/login/' + doc[0].email) }) }) var server = new mongodb.Server('127.0.0.1', 27017) new mongodb.Db('my-website', server, {w: 1}).open(function(err, client) { if (err) { throw err } console.log(' 33[96m + 33[39m connected to mongodb') app.users = new mongodb.Collection(client, 'users') client.ensureIndex('users', 'email', function(err) { // 不管索引是否存在,都可以调用这个命令来确保在查询前建立了索引 if (err) throw err client.ensureIndex('users', 'password', function() { if (err) throw err }) console.log(' 33[96m + 33[39m ensured indexes') app.listen(3000, function() { console.log(' 33[96m + 33[39m app listening on *:3000') }) }) })
views/layout.jade
doctype 5
html
head
title MongoDB example
body
h1 My first MongoDB app
hr
block body
views/index.jade
extends layout
block body
if (authenticated)
p Welcome back, #{me.email}
a(href="/logout") Logout
else
p Welcome new visitor!
ul
li: a(href="/login") Login
li: a(href="/signup") Signup
views/login.jade
extends layout
block body
#要缩进 模板引进来 模板body放这个
form(action="/login", method="POST")
fieldset
legend Log in
if (signupEmail)
#{signupEmail}
p Congratulations on signing up! Please login below
p
label Email
input(name="user[email]", type="text", value=signupEmail)
p
label Password
input(name="user[password]", type="password")
p
button submit
p
a(href="/") Go back
views/signup.jade
extends layout
block body
form(action="/signup", method="POST")
fieldset
legend Sign up
p
label First
input(name="user[first]", type="text")
p
label Last
input(name="user[last]", type="text")
p
label Email
input(name="user[email]", type="text")
p
label Password
input(name="user[password]", type="password")
p
button Submit
p
a(href="/") Go back
var ObjectId = require('mongodb').ObjectID db.products.find('_id': ObjectId('51d151c6b918a71d170000c7'), function(err, doc) {})