From 92c3f1eb632291f187693429fa7869dc1619b028 Mon Sep 17 00:00:00 2001
From: Yutsuo <yutsuo@gmail.com>
Date: Wed, 2 Jan 2019 13:12:58 -0200
Subject: [PATCH] Phase III Task 4

---
 nginx2/html/index.html |  2 +-
 node/app.js            | 36 +++++++++++++++++++++++++++++++-----
 2 files changed, 32 insertions(+), 6 deletions(-)

diff --git a/nginx2/html/index.html b/nginx2/html/index.html
index 8a98278..15fbb2c 100644
--- a/nginx2/html/index.html
+++ b/nginx2/html/index.html
@@ -1,6 +1,6 @@
 <body>
     <div>
-        <h1>WELCOME, MAGUILA</h1>
+        <h1>WELCOME</h1>
     </div>
     <div class="form-header" style="background-color:black; color:white; padding:20px; left:50%; ">
             <h2>Authenticate thyself</h2>
diff --git a/node/app.js b/node/app.js
index 86769aa..9c092f9 100755
--- a/node/app.js
+++ b/node/app.js
@@ -91,14 +91,36 @@ app.get('/', (req, res, next)=>{
   console.log('HTTP headers below:');
   console.log(req.headers);
   console.log('Cookies: ', req.cookies);
+  console.log('Cookies: ', res.cookies);
   next();
 });
 
+// cookie experiments endpoint
 app.get('/cookie', function(req, res, next) {
-  res.cookie('some_cross_domain_cookie', 'http://mysubdomain.example.com',{domain:'example.com'});
-  res.send('I am inside endpoint /cookie');
-  console.log('Cookies: ', req.cookies);
-  console.log('Cookies: ', res.cookies);
+  // res.cookie('cookiename', 'cookievalue');
+  res.setHeader('Set-Cookie', 'cookiename=cookievalue; HttpOnly');
+  // res.json({message: 'I am inside endpoint /cookie'});
+  res.json(JSON.stringify(req.headers));
+  res.end();
+  console.log('Learned that cookies when set will not appear immediatly but they will on the next request.');
+  console.log('\x1b[35m', 'Cookies: ', req.cookies);
+  console.log('\x1b[35m', 'Cookies: ', res.cookies);
+  console.log('\x1b[35m', 'Headers:');
+  console.log(req.headers); 
+  console.log('\x1b[35m', 'req.headers[\'cookie\']:');
+  console.log(req.headers['cookie']);
+  let headerToken = req.headers['cookie'];
+  let cookieArray = headerToken.split(" ");
+  console.log('\x1b[35m', 'cookieArray variable below:');
+  console.log(cookieArray);
+  console.log('\x1b[35m', 'cookieArray[0] below:');
+  console.log(cookieArray[0]);
+  console.log('\x1b[35m', 'cookieArray[1] below:');
+  console.log(cookieArray[1]);
+  console.log('\x1b[35m', 'cookieArray[2] below:');
+  console.log(cookieArray[2]);
+  console.log('\x1b[35m', 'cookieArray.token below:');
+  console.log(cookieArray.token);
 });
 
 // Test endpoint for md files rendering
@@ -155,6 +177,8 @@ app.post('/token', function(req, res) {
       case 'user1':
       if (req.body.password === 'pass1') {
           token = jwt.sign(claims_user, secret);
+          // res.cookie('token',token);
+          res.setHeader('Set-Cookie', 'token=' + token + '; HttpOnly');
           console.log('JWT Token: ' + token);
           console.log(jwt.decode(token));
           res.redirect('http://localhost/yay.html');
@@ -165,6 +189,8 @@ app.post('/token', function(req, res) {
       case 'power':
       if (req.body.password === 'weak') {
           token = jwt.sign(claims_power, secret);
+          // res.cookie('token',token);
+          res.setHeader('Set-Cookie', 'token=' + token + '; HttpOnly');
           console.log('JWT Token: ' + token);
           console.log(jwt.decode(token));
           res.redirect('http://localhost/yay.html');
@@ -175,7 +201,7 @@ app.post('/token', function(req, res) {
       default:
       res.status(500).send('User not found');
   } 
-  console.log('http headers below:')
+  console.log('http headers below:');
   console.log(req.headers);
 });