Auth middleware & dashboard stories

app.js

@@ -24,10 +24,16 @@ if (process.env.NODE_ENV === 'development') {
  app.use(morgan('dev'))
 }
 
+// Handlebars Helpers
+const { formatDate } = require('./helpers/hbs')
+
 // Handlebars
 app.engine(
  '.hbs',
  exphbs({
+ helpers: {
+ formatDate,
+ },
  defaultLayout: 'main',
  extname: '.hbs',
  })
@@ -48,6 +54,12 @@ app.use(
 app.use(passport.initialize())
 app.use(passport.session())
 
+// Set global var
+app.use(function (req, res, next) {
+ res.locals.user = req.user || null
+ next()
+})
+
 // Static folder
 app.use(express.static(path.join(__dirname, 'public')))
 

helpers/hbs.js

@@ -0,0 +1,7 @@
+const moment = require('moment')
+
+module.exports = {
+ formatDate: function (date, format) {
+ return moment(date).utc().format(format)
+ },
+}

middleware/auth.js

@@ -0,0 +1,16 @@
+module.exports = {
+ ensureAuth: function (req, res, next) {
+ if (req.isAuthenticated()) {
+ return next()
+ } else {
+ res.redirect('/')
+ }
+ },
+ ensureGuest: function (req, res, next) {
+ if (req.isAuthenticated()) {
+ res.redirect('/dashboard')
+ } else {
+ return next()
+ }
+ },
+}

models/Story.js

@@ -0,0 +1,28 @@
+const mongoose = require('mongoose')
+
+const StorySchema = new mongoose.Schema({
+ title: {
+ type: String,
+ required: true,
+ trim: true,
+ },
+ body: {
+ type: String,
+ required: true,
+ },
+ status: {
+ type: String,
+ default: 'public',
+ enum: ['public', 'private'],
+ },
+ user: {
+ type: mongoose.Schema.Types.ObjectId,
+ ref: 'User',
+ },
+ createdAt: {
+ type: Date,
+ default: Date.now,
+ },
+})
+
+module.exports = mongoose.model('Story', StorySchema)

routes/index.js

@@ -1,18 +1,30 @@
 const express = require('express')
 const router = express.Router()
+const { ensureAuth, ensureGuest } = require('../middleware/auth')
+
+const Story = require('../models/Story')
 
 // @desc Login/Landing page
 // @route GET /
-router.get('/', (req, res) => {
+router.get('/', ensureGuest, (req, res) => {
  res.render('login', {
  layout: 'login',
  })
 })
 
 // @desc Dashboard
 // @route GET /dashboard
-router.get('/dashboard', (req, res) => {
- res.render('dashboard')
+router.get('/dashboard', ensureAuth, async (req, res) => {
+ try {
+ const stories = await Story.find({ user: req.user.id }).lean()
+ res.render('dashboard', {
+ name: req.user.firstName,
+ stories,
+ })
+ } catch (err) {
+ console.error(err)
+ res.render('error/500')
+ }
 })
 
 module.exports = router

views/dashboard.hbs

@@ -1 +1,38 @@
-<h1>Dashboard</h1>
+<h6>Dashboard</h6>
+<h3>Welcome {{name}}</h3>
+<p>Here are your stories</p>
+{{#if stories}}
+<table class="striped">
+ <thead>
+ <tr>
+ <th>Title</th>
+ <th>Date</th>
+ <th>Status</th>
+ <th></th>
+ </tr>
+ </thead>
+ <tbody>
+ {{#each stories}}
+ <tr>
+ <td><a href="/stories/{{_id}}">{{title}}</a></td>
+ <td>{{formatDate createdAt 'MMMM Do YYYY, h:mm:ss a'}}</td>
+ <td><span class="dash-status">{{status}}</span></td>
+ <td>
+ <a href="/stories/edit/{{_id}}" class="btn btn-float">
+ <i class="fas fa-edit"></i>
+ </a>
+
+ <form action="/stories/{{_id}}" method="POST" id="delete-form">
+ <input type="hidden" name="_method" value="DELETE">
+ <button type="submit" class="btn red">
+ <i class="fas fa-trash"></i>
+ </button>
+ </form>
+ </td>
+ </tr>
+ {{/each}}
+ </tbody>
+</table>
+{{else}}
+<p>You have not created any stories</p>
+{{/if}}