Building Web Applications Using Node.js - Part Seven

Before reading this article, I would recommend that you read my previous articles.
In my previous articles in the series, I explained the following:
  • How to start working with a Node.js Web application.
  • How to initialize a Node.js project.
  • About Package.JSON.
  • Express Framework.
  • How to use "npm start" command.
  • Using HTML Templates.
  • Bower.
  • Templating Engine.
  • Navigation.
  • Routing.
  • Rendering.
  • Fetching data from MongoDB
  • User Registration
  • User Login
Introduction

In this article, I will explain about authorization -- how an authorized user or a registered user can grant permission to access a particular resource.
 
Let's start step by step.
 
In my last article (Building Web Application Using Node.js - part 6), I explained how to log into a system. After successful login, we were redirected to the articles page but today, I will create a new profile page and the profile page will open if a user logs in, otherwise we will redirect the user to the login page. 
 
Step 1 
 
First of all, I am going to create a new page, that is the profile page. For that, I am adding two lines in app.js file.
  1. var profileRouter=require('./src/routes/profileRoute')(navMenu);  
  2. app.use('/myprofile',profileRouter);  
 
 
Step 2

If you look into my above code, I have given path "./src/routes/profileRoute". So, I am going to create a file with the name "profileRoute.js", inside the src/routes directory.
 
 
 
Now, write the following code inside profileRoute.js file.
  1. var express=require('express');  
  2.   
  3. var profileRouter=express.Router();  
  4. var p_router=function(navMenu){  
  5.     profileRouter.route("/")  
  6.         .get(function(req,res){  
  7.             res.json(req.user);  
  8.         });  
  9.         return profileRouter;  
  10. }  
  11.       
  12. module.exports=p_router;  
In the above code, you can see that I am sending response as JSON, as requested by user.
 
Step 3

Now, I am starting my project and if I go to /myprofile page, I will get the output as follows.
 
 
Step 4

If you see the above output, you will find that I am getting nothing but a blank page. Since I am sending the data as a JSON and that too is user data, and I am not logged in , hence I am getting the blank data. So before I login, I change the code in my loginRoute.js file. What we are adding is that if logged in successfully, then redirect to the profile page.
 
 
 
Step 5

So, if you run the project again and go to the login page, you will be redirected to the  "My profile" page and get the data, if logged in.
 
 
 
 
If you refresh this page again and again, you will get the data because you are logged in. Now, if you restart the Server and go to "My profile" page, then you will get the blank page again because the session has expired.
 
Step 6

To overcome this issue, we need to write something so that when users request the profile page, they will be redirected to the login page. This is what we call authorization. For authorization purposes, I am writing the following code in profileRoute.js file.
 
 
 
So now, if you request the myprofile again, you will be redirected to the login page and after login, you will reach the My profile page.
 
Conclusion

In this article, we learned about authorization in node.js. In the next article, we will learn CRUD operations in node.js and we will complete this project. 

<<Previous Article