Guys I can make user register and login. But I want to make a admin login. This admin will be a user too. So that I tried to make a ensureAdmin function. But it doesnt work. İt always redirects to login page.
passport.use(new LocalStrategy({
usernameField: 'username',
passwordField: 'password'
},
function(username, password, done) {
User.findOne({ username: username }, function (err, user) {
if (err) { return done(err); }
if (!user) {
return done(null, false, { message: 'Incorrect username.' });
}
bcrypt.compare(password, user.password, function(err, isMatch){
if(err) throw err;
if(isMatch){
return done(null, user);
} else {
return done(null, false, {message: 'Wrong password'});
}
});
});
}
));
function ensureAdmin(req, res, next){
User.find({"username":"Alp"}
).exec(function(user){
if(req.user = user){
req.isAuthenticated()
return next();
} else {
req.flash('danger', 'Please Login');
res.redirect('/login');
}
});
}
Can someone please help me to solve this?
In ensureAdmin function I see an error in if statement.
if(req.user = user) ...
Other than that, you are complecating the flow.
User.find({"username":"Alp"}) query would always return the user with username Alp. So, you can rewrite the function like this:
function ensureAdmin(req, res, next){
if(req.user.username === 'Alp'){
req.isAuthenticated()
return next();
} else {
req.flash('danger', 'Please Login');
res.redirect('/login');
}
}