7 files changed, 54 insertions, 15 deletions
diff --git a/app/client/api/crud.fetch.js b/app/client/api/crud.fetch.js
index a160175..716ab3e 100644
--- a/app/client/api/crud.fetch.js
+++ b/app/client/api/crud.fetch.js
@@ -10,7 +10,7 @@ export function crud_fetch(type, tag) {
     },
     
     show: id => {
-      return fetch(uri + id)
+      return fetch(uri + id, _get_headers(), _get_headers())
         .then(req => req.json())
         .catch(error)
     },
@@ -45,6 +45,7 @@ function _get_url(_url, data) {
 function _get_headers() {
   return {
     method: 'GET',
+    credentials: 'same-origin',
     headers: {
       'Accept': 'application/json',
     },
@@ -54,6 +55,7 @@ export function post(data) {
   return {
     method: 'POST',
     body: JSON.stringify(data),
+    credentials: 'same-origin',
     headers: {
       'Accept': 'application/json',
       'Content-Type': 'application/json'
@@ -64,6 +66,7 @@ export function postBody(data) {
   return {
     method: 'POST',
     body: data,
+    credentials: 'same-origin',
     headers: {
       'Accept': 'application/json',
     },
@@ -73,6 +76,7 @@ export function put(data) {
   return {
     method: 'PUT',
     body: JSON.stringify(data),
+    credentials: 'same-origin',
     headers: {
       'Accept': 'application/json',
       'Content-Type': 'application/json'
@@ -83,6 +87,7 @@ export function destroy(data) {
   return {
     method: 'DELETE',
     body: JSON.stringify(data),
+    credentials: 'same-origin',
     headers: {
       'Accept': 'application/json',
       'Content-Type': 'application/json'
diff --git a/app/client/auth/auth.actions.js b/app/client/auth/auth.actions.js
index 8d9a819..33af206 100644
--- a/app/client/auth/auth.actions.js
+++ b/app/client/auth/auth.actions.js
@@ -45,9 +45,8 @@ export function login(username, password) {
     .then(req => req.json())
     .then(data => {
       console.log(data)
-      dispatch(setCurrentUser(data))
+      dispatch(setCurrentUser(data.user))
       // dispatch(setToken(data.token))
-      dispatch(checkin())
     })
     .catch(error => {
       console.log(error)
@@ -78,13 +77,11 @@ export function checkin() {
     fetch(api.checkin, put({}))
     .then(req => req.json())
     .then(data => {
-      console.log(data)
-      dispatch(setCurrentUser(data))
-      console.log('set current user')
+      dispatch(setCurrentUser(data.user))
     })
     .catch(error => {
       console.log(error)
-      dispatch(initialized(true))
+      dispatch(initialized())
     })
   }
 }
diff --git a/app/client/auth/auth.gate.js b/app/client/auth/auth.gate.js
index 4890864..087dfc6 100644
--- a/app/client/auth/auth.gate.js
+++ b/app/client/auth/auth.gate.js
@@ -44,11 +44,11 @@ class AuthGate extends Component {
     if (!this.props.auth.initialized) {
       return <div className='loading'>Loading</div>
     }
-    if (this.props.auth.isAuthenticated) return children
+    if (this.props.auth.isAuthenticated) return <div>{this.props.children}</div>
     return <AuthRouter {...this.props} />
   }
   componentDidMount(){
-    this.props.actions.checkin(history)
+    this.props.actions.checkin()
   }
 }
 
diff --git a/app/client/auth/auth.reducer.js b/app/client/auth/auth.reducer.js
index 7b3193a..80b1ec5 100644
--- a/app/client/auth/auth.reducer.js
+++ b/app/client/auth/auth.reducer.js
@@ -39,6 +39,9 @@ const auth = (state = authInitialState, action) => {
     case types.auth.set_current_user:
       return {
         ...state,
+        loading: false,
+        initialized: true,
+        isAuthenticated: true,
         user: action.data,
         error: null,
       }
diff --git a/app/client/auth/login.component.js b/app/client/auth/login.component.js
index 3cfcb78..2ef01a6 100644
--- a/app/client/auth/login.component.js
+++ b/app/client/auth/login.component.js
@@ -31,7 +31,11 @@ class Login extends Component {
   }
   render(){
     if (this.props.auth.isAuthenticated) {
-      return <Redirect to={this.props.auth.returnTo || '/'} />
+      let { returnTo } = this.props.auth
+      if (!returnTo || returnTo.match(/(login|logout|signup)/i)) {
+        returnTo = '/'
+      }
+      return <Redirect to={returnTo} />
     }
     return (
       <form onSubmit={this.handleSubmit}>
diff --git a/app/server/site.js b/app/server/site.js
index d07c07b..717e42b 100644
--- a/app/server/site.js
+++ b/app/server/site.js
@@ -2,7 +2,11 @@ const express = require('express')
 const http = require('http')
 const path = require('path')
 const multer = require('multer')()
+const sessionstore = require('sessionstore')
+const session = require('express-session')
 const bodyParser = require('body-parser')
+const cookieParser = require('cookie-parser')
+const MongoStore = require('connect-mongo')(session);
 const compression = require('compression')
 // const multer = require('multer')
 // const upload = multer({ dest: 'uploads/' })
@@ -19,6 +23,31 @@ app.use(bodyParser.urlencoded({ extended: false, limit: '100mb', }))
 app.use(express.query())
 app.use(express.static(path.join(__dirname, '../../public')))
 app.use(compression())
+app.use(cookieParser())
+var sessionSettings = {
+  secret: 'argonauts',
+  proxy: true,
+  key: 'cortex.sid',
+  cookie: {
+    secure: process.env.NODE_ENV === 'production',
+    domain: '.' + process.env.HOST_NAME,
+    maxAge: 43200000000,
+  },
+  resave: true,
+  saveUninitialized: false,
+}
+if (!process.env.SESSIONS_IN_MEMORY) {
+  sessionSettings.store = new MongoStore({
+    url: 'mongodb://127.0.0.1:28108/cortexSessionDb'
+    // type: 'mongodb',
+    // host: 'localhost',
+    // port: 27017,
+    // dbName: 'buckySessionDb',
+    // collectionName: 'sessions',
+    // timeout: 10000,
+  })
+}
+app.use(session(sessionSettings))
 auth.route(app, serve_index)
 
 export const io = require('socket.io').listen(server)
diff --git a/app/server/util/auth.js b/app/server/util/auth.js
index b2faf2a..0d7dbd8 100644
--- a/app/server/util/auth.js
+++ b/app/server/util/auth.js
@@ -92,7 +92,7 @@ export function login(req, res) {
     return res.json({
       status: "OK",
       user: sanitizeUser(req.user),
-      returnTo: returnTo || "/index",
+      returnTo: returnTo || "/",
     })
   }
   res.json({
@@ -105,9 +105,9 @@ export function serializeUser(user, done) {
 }
 
 export function deserializeUser(id, done) {
-  db.getUser(id).then(function(user){
-    done(! user, user)
-  })
+  userModel.show(id).then(user => {
+    done(!user, user)
+  }).catch(done)
 }
 
 export function makePassword(password) {
@@ -143,7 +143,7 @@ export function verifyLocalUser(username, password, done) {
     console.log(user)
     // if (err) { return done(err) }
     if (! user) { return done("no user") }
-    if (! user || ! validPassword(user, password)) {
+    if (! user || !validPassword(user, password)) {
       return done(null, false, { error: { message: 'Bad username/password.' } })
     }
     return done(null, user)
@@ -151,6 +151,7 @@ export function verifyLocalUser(username, password, done) {
 }
 
 export function checkin(req, res) {
+  console.log(req.user)
   res.json({ user: sanitizeUser(req.user) })
 }