|
|
|
|
@ -91,14 +91,36 @@ app.get('/', (req, res, next)=>{
|
|
|
|
|
console.log('HTTP headers below:'); |
|
|
|
|
console.log(req.headers); |
|
|
|
|
console.log('Cookies: ', req.cookies); |
|
|
|
|
console.log('Cookies: ', res.cookies); |
|
|
|
|
next(); |
|
|
|
|
}); |
|
|
|
|
|
|
|
|
|
// cookie experiments endpoint
|
|
|
|
|
app.get('/cookie', function(req, res, next) { |
|
|
|
|
res.cookie('some_cross_domain_cookie', 'http://mysubdomain.example.com',{domain:'example.com'}); |
|
|
|
|
res.send('I am inside endpoint /cookie'); |
|
|
|
|
console.log('Cookies: ', req.cookies); |
|
|
|
|
console.log('Cookies: ', res.cookies); |
|
|
|
|
// res.cookie('cookiename', 'cookievalue');
|
|
|
|
|
res.setHeader('Set-Cookie', 'cookiename=cookievalue; HttpOnly'); |
|
|
|
|
// res.json({message: 'I am inside endpoint /cookie'});
|
|
|
|
|
res.json(JSON.stringify(req.headers)); |
|
|
|
|
res.end(); |
|
|
|
|
console.log('Learned that cookies when set will not appear immediatly but they will on the next request.'); |
|
|
|
|
console.log('\x1b[35m', 'Cookies: ', req.cookies); |
|
|
|
|
console.log('\x1b[35m', 'Cookies: ', res.cookies); |
|
|
|
|
console.log('\x1b[35m', 'Headers:'); |
|
|
|
|
console.log(req.headers);
|
|
|
|
|
console.log('\x1b[35m', 'req.headers[\'cookie\']:'); |
|
|
|
|
console.log(req.headers['cookie']); |
|
|
|
|
let headerToken = req.headers['cookie']; |
|
|
|
|
let cookieArray = headerToken.split(" "); |
|
|
|
|
console.log('\x1b[35m', 'cookieArray variable below:'); |
|
|
|
|
console.log(cookieArray); |
|
|
|
|
console.log('\x1b[35m', 'cookieArray[0] below:'); |
|
|
|
|
console.log(cookieArray[0]); |
|
|
|
|
console.log('\x1b[35m', 'cookieArray[1] below:'); |
|
|
|
|
console.log(cookieArray[1]); |
|
|
|
|
console.log('\x1b[35m', 'cookieArray[2] below:'); |
|
|
|
|
console.log(cookieArray[2]); |
|
|
|
|
console.log('\x1b[35m', 'cookieArray.token below:'); |
|
|
|
|
console.log(cookieArray.token); |
|
|
|
|
}); |
|
|
|
|
|
|
|
|
|
// Test endpoint for md files rendering
|
|
|
|
|
@ -155,6 +177,8 @@ app.post('/token', function(req, res) {
|
|
|
|
|
case 'user1': |
|
|
|
|
if (req.body.password === 'pass1') { |
|
|
|
|
token = jwt.sign(claims_user, secret); |
|
|
|
|
// res.cookie('token',token);
|
|
|
|
|
res.setHeader('Set-Cookie', 'token=' + token + '; HttpOnly'); |
|
|
|
|
console.log('JWT Token: ' + token); |
|
|
|
|
console.log(jwt.decode(token)); |
|
|
|
|
res.redirect('http://localhost/yay.html'); |
|
|
|
|
@ -165,6 +189,8 @@ app.post('/token', function(req, res) {
|
|
|
|
|
case 'power': |
|
|
|
|
if (req.body.password === 'weak') { |
|
|
|
|
token = jwt.sign(claims_power, secret); |
|
|
|
|
// res.cookie('token',token);
|
|
|
|
|
res.setHeader('Set-Cookie', 'token=' + token + '; HttpOnly'); |
|
|
|
|
console.log('JWT Token: ' + token); |
|
|
|
|
console.log(jwt.decode(token)); |
|
|
|
|
res.redirect('http://localhost/yay.html'); |
|
|
|
|
@ -175,7 +201,7 @@ app.post('/token', function(req, res) {
|
|
|
|
|
default: |
|
|
|
|
res.status(500).send('User not found'); |
|
|
|
|
}
|
|
|
|
|
console.log('http headers below:') |
|
|
|
|
console.log('http headers below:'); |
|
|
|
|
console.log(req.headers); |
|
|
|
|
}); |
|
|
|
|
|
|
|
|
|
|
