Implementing your own authentication system is not a good ideal.
For NodeJS authentication, you should take a look at PassportJS
Authentication then turn out to be very simple:
app.post('/login', passport.authenticate('local', { successRedirect: '/',
failureRedirect: '/login' }));
then
app.get('/logged', function (req, res, next) {
if (req.isAuthenticated()) {
return res.redirect('/login');
}
return res.render('login');
});