I want a Node.js service to authenticate the user of my website. How can I do this?
I want to implement Everyauth authentication using the simple password method, not OpenID.
I tried https://github.com/jimpick/everyauth-example-password and it works.
I want to use the database to store. This script does not use a database. I have used MySQL in past so I prefer that but I am ok with anything else as well such as MongoDB.
I just want to add database to my script. Please help.
You only need to modify .authenticate method. Since connecting to database is (or should be) an asynchronous operation, then you need to add promise object (see everyauth documentation).
Assuming you have some ORM with user data corresponding to user object with username and password attributes (in my example I'll use mongoose engine), this is how it may look:
.authenticate( function (login, password) {
var promise = this.Promise(); /* setup promise object */
/* asynchrnously connect to DB and retrieve the data for authentication */
db.find({ username:login }, function(err, user) {
if (err)
return promise.fulfill([err]);
if ((!user) || (user.password != password))
return promise.fulfill(['Incorrect username or password!']);
promise.fulfill(user);
});
return promise; /* return promise object */
})
I didn't test it, but according to the documentation it should work. Remember that errors are supposed to be held in array.
By the way: if you are using only the password method, then there is no need to, you know, use a cannon against a fly. :) Writing your own (not necessarly perfect, but working) authentication mechanism is really simple and if you don't know how to do this you should learn it. It will benefit in the future, because authentication and security in general are very important in every web app.