Initial Commit

Backend focused

Author: cybachpunk

README.md

@@ -0,0 +1,24 @@
+{
+  "name": "full-stack-mfa",
+  "version": "1.0.0",
+  "description": "",
+  "main": "src/index.js",
+  "type": "module",
+  "dependencies": {
+    "passport-local": "^1.0.0",
+    "passport-strategy": "^1.0.0"
+  },
+  "devDependencies": {
+    "autoprefixer": "^10.4.21",
+    "postcss": "^8.5.6",
+    "tailwindcss": "^4.1.11"
+  },
+  "scripts": {
+    "start": "node .",
+    "dev": "nodemon src/index.js",
+    "test": "echo \"Error: no test specified\" && exit 1"
+  },
+  "keywords": [],
+  "author": "",
+  "license": "ISC"
+}

package-lock.json

@@ -0,0 +1,12 @@
+import { connect } from "mongoose";
+const dbConnect = async () => {
+  try {
+    await connect(process.env.MONGODB_URI);
+    console.log("MongoDB connected successfully");
+  } catch (error) {
+    console.error("MongoDB connection error:", error);
+    process.exit(1); // You want to "Fail Fast" on connection error to signal process managers like Docker or PM2 that there is a critical error
+  }
+}
+
+export default dbConnect;

package.json

@@ -0,0 +1,50 @@
+import passport from "passport";
+import { Strategy as LocalStrategy } from "passport-local";
+import User from "../models/User.js";
+import bcrypt from "bcryptjs";
+
+passport.use(
+    new LocalStrategy(async (username, password, done) => {
+        try {
+            // Find the user by username
+            const user = await User.findOne({ username });
+
+            // If no user is found with that username, fail authentication
+            if (!user) {
+                return done(null, false, { message: 'User not found' });
+            }
+
+            // Compare the submitted password with the hashed password in the database
+            const isMatch = await bcrypt.compare(password, user.password);
+
+            if (isMatch) {
+                // Passwords match. Authentication is successful.
+                // Pass the user object to the next middleware.
+                return done(null, user); // CORRECT: Return the user object on a successful match.
+            } else {
+                // Passwords do not match. Authentication fails.
+                return done(null, false, { message: 'Incorrect password.' }); // CORRECT: Return false on a mismatch.
+            }
+        } catch (error) {
+            // If any other error occurs (e.g., database connection issue), pass it along.
+            return done(error);
+        }
+    })
+);
+
+passport.serializeUser((user, done) => {
+    // Serialize the user ID to store in the session
+    console.log("Serializing user:", user._id);
+    done(null, user._id);
+});
+
+passport.deserializeUser(async (_id, done) => {
+    try {
+        // Find the user by ID and return the user object
+        const user = await User.findById(_id);
+        done(null, user);
+    } catch (error) {
+        // If an error occurs while finding the user, pass it along
+        done(error);
+    }
+});