【session】

users.json

{

    "tobi": {

        "password": "ferret",

        "name": "Tobi Holowaychuk"

    }

}

session.js

var connect = require('connect')

var users = require('./users')



var server = connect(

    connect.logger('dev'),

    connect.bodyParser(),

    connect.cookieParser(),

    connect.session({secret: 'my app secret'}),

    function(req, res, next) {

        if ('/' == req.url && req.session.logged_in) {

            res.writeHead(200, {'Content-Type': 'text/html'})

            res.end('Welcome back, ' + req.session.name + '<a href="/logout">Logout</a>')

        } else {

            next()

        }

    },

    function(req, res, next) {

        if ('/' == req.url && 'GET' == req.method) {

            res.writeHead(200, {'Content-Type': 'text/html'})

            res.end([

                '<form action="/login" method="POST">',

                    '<input type="text" name="user">',

                    '<input type="password" name="password">',

                    '<button>Submit</button>',

                '</form>'

            ].join(''))

        } else {

            next()

        }

    },

    function(req, res, next) {

        if ('/login' == req.url && 'POST' == req.method) {

            res.writeHead(200)

            if (!users[req.body.user] || req.body.password != users[req.body.user].password) {

                res.end('Bad username/password')

            } else {

                req.session.logged_in = true

                req.session.name = users[req.body.user].name

                res.end('Authenticated!')

            }

        } else {

            next()

        }

    }, 

    function(req, res, next) {

        if ('/logout' == req.url) {

            req.session.logged_in = false

            res.writeHead(200)

            res.end('Logged out')

        } else {

            next()

        }

    }

)



server.listen(3000)