Experiment 8: ExpressJS – Cookies, Sessions, Authentication
Write a program for session management using cookies and sessions.
npm init -y
npm install express cookie-parser express-session
app.js
const express = require("express");
const cookieParser = require("cookie-parser");
const session = require("express-session");
const app = express();
// Middleware
app.use(cookieParser());
app.use(express.urlencoded({ extended: true }));
// Session middleware
app.use(
session({
secret: "mySecretKey",
resave: false,
saveUninitialized: true,
cookie: { maxAge: 60000 } // 1 minute
})
);
// Home page
app.get("/", (req, res) => {
res.send(`
<h2>Session Management Demo</h2>
<a href="/set-cookie">Set Cookie</a><br><br>
<a href="/get-cookie">Get Cookie</a><br><br>
<a href="/set-session">Set Session</a><br><br>
<a href="/get-session">Get Session</a><br><br>
<a href="/destroy-session">Destroy Session</a>
`);
});
// ------------------ COOKIE SECTION ------------------
// Set cookie
app.get("/set-cookie", (req, res) => {
res.cookie("username", "StudentUser", { maxAge: 60000 });
res.send("Cookie has been set");
});
// Get cookie
app.get("/get-cookie", (req, res) => {
const user = req.cookies.username;
res.send("Stored Cookie Value: " + user);
});
// ------------------ SESSION SECTION ------------------
// Set session
app.get("/set-session", (req, res) => {
req.session.user = "SessionUser";
res.send("Session value has been set");
});
// Get session
app.get("/get-session", (req, res) => {
if (req.session.user) {
res.send("Session Value: " + req.session.user);
} else {
res.send("No session found");
}
});
// Destroy session
app.get("/destroy-session", (req, res) => {
req.session.destroy();
res.send("Session destroyed");
});
// Server
app.listen(3000, () => {
console.log("Server running on http://localhost:3000");
});
Output:
Write a program for user authentication
1. Install Required Packages
npm init -y
npm install express express-session
2. Program: User Authentication using Express.js
const express = require("express");
const session = require("express-session");
const app = express();
// Middleware
app.use(express.urlencoded({ extended: true }));
app.use(
session({
secret: "authSecret",
resave: false,
saveUninitialized: true
})
);
// Dummy user credentials
const USER = {
username: "admin",
password: "12345"
};
// Home Page
app.get("/", (req, res) => {
res.send(`
<h2>User Authentication Demo</h2>
<a href="/login">Login</a> |
<a href="/dashboard">Dashboard</a> |
<a href="/logout">Logout</a>
`);
});
// Login Page
app.get("/login", (req, res) => {
res.send(`
<h3>Login</h3>
<form method="POST" action="/login">
Username: <input type="text" name="username" /><br><br>
Password: <input type="password" name="password" /><br><br>
<button type="submit">Login</button>
</form>
`);
});
// Login Logic
app.post("/login", (req, res) => {
const { username, password } = req.body;
if (username === USER.username && password === USER.password) {
req.session.user = username;
res.redirect("/dashboard");
} else {
res.send("Invalid Username or Password");
}
});
// Protected Dashboard
app.get("/dashboard", (req, res) => {
if (req.session.user) {
res.send(`
<h2>Welcome ${req.session.user}</h2>
<p>You are logged in</p>
<a href="/logout">Logout</a>
`);
} else {
res.redirect("/login");
}
});
// Logout
app.get("/logout", (req, res) => {
req.session.destroy();
res.send("You are logged out");
});
// Server
app.listen(3000, () => {
console.log("Server running at http://localhost:3000");
});
3. How Authentication Works (Simple)
-
User enters username & password
-
Server checks credentials
-
If valid → session is created
-
Protected pages check session
-
Logout destroys the session
Comments
Post a Comment