Skip to content

not-soo-techie/session-based-authentication

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
src
src
 
 
test
test
 
 
.gitignore
.gitignore
 
 
AUTH.md
AUTH.md
 
 
README.md
README.md
 
 
package-lock.json
package-lock.json
 
 
package.json
package.json
 
 

Repository files navigation

🔐 Session-Based Authentication Challenge

Welcome to your mini-project challenge! 🚀
In this exercise, you’ll implement basic session-based authentication in Express.js and test it using Mocha, Chai, and Supertest.

📌 What You Need to DoYou only need to implement the following routes inside server.js:

  1. POST /login

    • Accepts { username, password }
    • If username = admin and password = secret
      • ✅ Save the user in the session
      • ✅ Respond with 200 → { message: "Login successful" }
    • Else
      • ❌ Respond with 401 → { message: "Invalid credentials" }

  2. GET /profile

    • If user is logged in (session exists)
      • ✅ Respond with 200 → { message: "Welcome, " }
    • Else
      • ❌ Respond with 401 → { message: "Unauthorized" }

  3. POST /logout

    • Destroy the session
    • ✅ Respond with 200 → { message: "Logout successful" }

🛠️ Setup Instructions

1️⃣ Install Dependencies

npm install

2️⃣ To start the server

npm run dev

3️⃣ To test code

npm test

⚡ Express-session syntax :

1️⃣ Creating Session

req.session.user = { username };

2️⃣ Destroying Session

req.session.destroy(err => {
    if (err) {
      return res.status(500).json({ message: "Logout failed" });
    }
    res.clearCookie("connect.sid");
})

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

1 star

Watchers

0 watching

Forks

36 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages