Replit auth in nodejs?

totallygoogledrive · April 20, 2023, 5:35pm

I am trying to recreate this, but in nodejs, and so far I cannot get past the IF statement part. I only seem to get as far as logging in and getting the users id, and username.

nodejs auth

bigminiboss · April 20, 2023, 5:37pm

that already exists lol. https://docs.replit.com/hosting/repl-auth-sidebar

totallygoogledrive · April 20, 2023, 5:40pm

I understand that exists, but I am trying to only allow specific users into the website if their replit user id is in the list. That is the part I am trying to get into the nodejs repl, but i cannot seem to figure it out.

bigminiboss · April 20, 2023, 5:41pm

oh I see sorry I never read, well you can just have a repl db entry called like ids and check the headers for X-Replit-User-Id you probably already know this srry I’m not a help

totallygoogledrive · April 20, 2023, 5:48pm

Is that even possible with replit db? If so, how do you even check for headers? (sorry im dumb)

bigminiboss · April 20, 2023, 5:50pm

ummm I think you can do with express:

...
req.headers["X-Replit-User-Id"]

it’s just json so

bigminiboss · April 20, 2023, 5:51pm

oh BTW follow up, you are not dumb

totallygoogledrive · April 20, 2023, 5:56pm

Just a quick question, do I have to make a key for each userid, or just one that includes all of them?

bigminiboss · April 20, 2023, 5:57pm

try doing:

db.set("user_ids", ["userid1"...]);

MattDESTROYER · April 20, 2023, 10:45pm

On line 17 you have this: if (user && userids.includes('X-Replit-User-Id')) {, I think you meant to do this: if (user && userids.includes(req.headers['X-Replit-User-Id'])) {

totallygoogledrive · April 20, 2023, 11:55pm

Sorry for asking so many questions, but how would i check if the userid is in user_ids? kinda like

if (userid in "user_ids") {
     res.sendFile('index.html');
  else {
     res.sendFile('login.html');
}
}

IroncladDev · April 21, 2023, 12:41am

"user_ids" is a string so the if statement will always return false. Please ensure that you have a basic understanding of Javascript before attempting to tackle this.

doxr · April 21, 2023, 1:12am

If I understand correctly, I did that in node.js at https://replit.com/@doxr/SchoolHub

so maybe this is the code you’re looking for:

const HTTPS = process.env['html']; // The HTML is in a secret so nobody can get it
const users = require('./users.json');

app.get('/', (req, res) => {
  const user = getUserInfo(req); // Repl Auth
  if (users.allowedUsers.includes(user.name)) {
    // User is allowed, send HTTPS content
    res.send(HTTPS);
  } else {
    // User is not allowed, send 403 rickroll page
    res.sendFile('/403.html', {
      root: path.join(__dirname, './')
    });
  }
});

for example, this is what users.json looked like

{
  "allowedUsers": [
    "doxr",
    "amasad",
    "totallygoogledrive"
  ]
}

the HTML part is optional (it’s what i used to secure index.html) but if you’ll send a file I’m pretty sure you have to change res.send(); because HTTPS variable looked like this:

<html>
<head>
<title>no</title>
</head>
</html>

The main idea is that it’s just HTML, not a way to send a file

system · April 28, 2023, 1:13am

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.