Phase III Task 4

nginx2/html/index.html

@@ -1,6 +1,6 @@
 <body>
     <div>
-        <h1>WELCOME, MAGUILA</h1>
+        <h1>WELCOME</h1>
     </div>
     <div class="form-header" style="background-color:black; color:white; padding:20px; left:50%; ">
             <h2>Authenticate thyself</h2>

node/app.js

@@ -91,14 +91,36 @@ app.get('/', (req, res, next)=>{
   console.log('HTTP headers below:');
   console.log(req.headers);
   console.log('Cookies: ', req.cookies);
+  console.log('Cookies: ', res.cookies);
   next();
 });
 
+// cookie experiments endpoint
 app.get('/cookie', function(req, res, next) {
-  res.cookie('some_cross_domain_cookie', 'http://mysubdomain.example.com',{domain:'example.com'});
+  // res.cookie('cookiename', 'cookievalue');
-  res.send('I am inside endpoint /cookie');
+  res.setHeader('Set-Cookie', 'cookiename=cookievalue; HttpOnly');
-  console.log('Cookies: ', req.cookies);
+  // res.json({message: 'I am inside endpoint /cookie'});
-  console.log('Cookies: ', res.cookies);
+  res.json(JSON.stringify(req.headers));
+  res.end();
+  console.log('Learned that cookies when set will not appear immediatly but they will on the next request.');
+  console.log('\x1b[35m', 'Cookies: ', req.cookies);
+  console.log('\x1b[35m', 'Cookies: ', res.cookies);
+  console.log('\x1b[35m', 'Headers:');
+  console.log(req.headers); 
+  console.log('\x1b[35m', 'req.headers[\'cookie\']:');
+  console.log(req.headers['cookie']);
+  let headerToken = req.headers['cookie'];
+  let cookieArray = headerToken.split(" ");
+  console.log('\x1b[35m', 'cookieArray variable below:');
+  console.log(cookieArray);
+  console.log('\x1b[35m', 'cookieArray[0] below:');
+  console.log(cookieArray[0]);
+  console.log('\x1b[35m', 'cookieArray[1] below:');
+  console.log(cookieArray[1]);
+  console.log('\x1b[35m', 'cookieArray[2] below:');
+  console.log(cookieArray[2]);
+  console.log('\x1b[35m', 'cookieArray.token below:');
+  console.log(cookieArray.token);
 });
 
 // Test endpoint for md files rendering
@@ -155,6 +177,8 @@ app.post('/token', function(req, res) {
       case 'user1':
       if (req.body.password === 'pass1') {
           token = jwt.sign(claims_user, secret);
+          // res.cookie('token',token);
+          res.setHeader('Set-Cookie', 'token=' + token + '; HttpOnly');
           console.log('JWT Token: ' + token);
           console.log(jwt.decode(token));
           res.redirect('http://localhost/yay.html');
@@ -165,6 +189,8 @@ app.post('/token', function(req, res) {
       case 'power':
       if (req.body.password === 'weak') {
           token = jwt.sign(claims_power, secret);
+          // res.cookie('token',token);
+          res.setHeader('Set-Cookie', 'token=' + token + '; HttpOnly');
           console.log('JWT Token: ' + token);
           console.log(jwt.decode(token));
           res.redirect('http://localhost/yay.html');
@@ -175,7 +201,7 @@ app.post('/token', function(req, res) {
       default:
       res.status(500).send('User not found');
   } 
-  console.log('http headers below:')
+  console.log('http headers below:');
   console.log(req.headers);
 });