Good day,
Can anyone help me with this question, I send email to user with link which have token and email in it:
<p>To reset your password, please click the link link</p>
So with following code I'm trying to set new password for user:
router.post('/reset-password', authController.resetPassword);
exports.resetPassword = async (req, res, next) => {
let token = req.query.token;
let email = req.query.email;
console.log(token);
console.log(email);
...
Page form:
<form action="/auth/reset-password" method="POST">
<div class="form-group">
<input type="password1" id="newPassword" name="password" class="form-control" placeholder="Naujas slaptažodis" required>
</div>
<div class="form-group">
<input type="password2" id="newPasswordConfirm" name="passwordConfirm" class="form-control" placeholder="Pakartoti nauja slaptažodį" required>
</div>
<button type="submit" name="submit" class="btn btn-theme btn-block btn-form">Patvirtinti</button>
</form>
So my problem is that req.query.token return for me undefined.
Probably problem is that when user press submit, it send to new link (http://localhost:5000/auth/reset-password) which don't have token and email in new url.
How should I transfer it from my email url to new url, or maybe there is something else what I can do?
Thank you
I managed today to fix it, so if any one have familiar problem do as robertklep told me.
Related
The OTP function is being implemented using the package.
Current environments include: Express.js, SQL, MariaDB, EJS
When logging in using speakeasy, I will receive the OTP number together, and if there is no problem, I will log in and redirect it to the main page.
It is impossible to change in that technology because it only adds new functions of existing services.
The point where the current problem occurs is that the OTP code changes every certain time, but when you click login, it does not proceed by outputting otp is not defined.
ReferenceError: /Users/Desktop/otpsql/views/otp.ejs:17
15| <input type="password" id="password" name="password" required><br>
16| <label for="otp">OTP</label>
>> 17| <p><%= otp %></p>
18| <input type="text" id="otp" name="otp" required><br>
19| <button type="submit">Login</button>
20| </form>
otp is not defined
If the otp number is not printed at all, I understand that I wrote the wrong code, but if I enter username, password, and otp and click the submit button, that error occurs, so I don't know what the problem is.
Among the files I wrote, the part of the file that displays the error message is as follows.
at eval ("/Users/Desktop/otpsql/views/otp.ejs":12:26)
<form action="/otp" method="post">
<label for="username">username</label> <<< line 12
<input type="text" id="username" name="username" required><br>
<label for="password">Password</label>
<input type="password" id="password" name="password" required><br>
<label for="otp">OTP</label>
<p><%= otp %></p>
<input type="text" id="otp" name="otp" required><br>
<button type="submit">Login</button>
</form>
at /Users/Desktop/otpsql/Router/otp.js:66:9
router.post('/', async (req, res, next) => {
const user = await query('SELECT * FROM users WHERE username = ?', [req.params.username]);
if (user.length > 0) {
const isPasswordValid = user[0].password === req.body.password;
const otpSecret = await query('SELECT otp_secret FROM otp_secrets WHERE user_id = ?', [user[0].id]);
if (isPasswordValid && speakeasy.totp.verify({
secret: otpSecret[0].otp_secret,
encoding: 'base32',
token: req.body.otpCode,
window: 1
})) {
req.session.userId = user[0].id;
res.redirect('/');
} else {
res.render('otp', { error: 'Invalid username, password, or OTP' });
}
} else {
res.render('otp', { error: 'Invalid username, password, or OTP' });
} <<< line 66
});
What code should I modify in that part?
Okay so once the user logs in, i am storing their details in req.user. The user should then be able to edit their details (fistname, lastname, email) in a form rendered with the /profile route as seen below:
app.get('/profile', checkAuthenticated, (req, res) => {
res.render('profile.ejs', req.user);
})
Here is the form:
<form class="form__inputs" action="/update-profile" method="post">
<div class="form__input">
<input id="firstname" name="firstname" type="text" value="<%=firstname%>" required />
<label for="firstname">Firstname</label>
</div>
<div class="form__input">
<input id="lastname" name="lastname" type="text" value="<%=lastname%>" required />
<label for="lastname">Lastname</label>
</div>
<div class="form__input form__email">
<input id="email" name="email" type="email" value="<%=email%>" required />
<label for="email">Email</label>
</div>
<button class="form__button" type="submit">Update</button>
</form>
After submitting the form the i want the user to be redirected to the /update-profile route, where i can perform an update to the database (MySQL).
app.put('/update-profile', (req, res) => {
console.log(req.params)
console.log(req.body)
res.redirect('/')
})
However I'm recieving a "Cannot POST /update-profile" error.
I was just going to use the user_id stored in req.user, and new user data (firstname, lastname, email) stored in req.body.params to update the database, but i've clearly gotten a bit mixed up with my routes.
Any help would be greatly appreciated, thanks so much for your time!
It seems you are listening to a PUT request in your express app, but sending a POST.
app.post('/update-profile', (req, res) => {
console.log(req.params)
console.log(req.body)
res.redirect('/')
});
If you change your code to this, it should work.
I have a route which posts in /verify/:token, where :token is a jwt, but in my view the form sends a post request to /verify/:token and then in my route logic I get a invalid jwt because :token is being send, how can I fix this?
<form action="/verify/:token" method="POST">
<div class="input-group form-group">
<span class="input-group-addon"><i class="glyphicon glyphicon-lock"></i></span>
<input id="passcode" type="text" class="form-control" name="passcode" placeholder="Pass Code" required>
</div>
<button type="submit" class="btn btn-primary" style="display: inline-block;">Verify</button>
</form>
Pass token to your form page router
router.get("/", function (req, res, next) {
jwt.sign({_id: user._id}, jwtSecret, { expiresIn: '5m' }).then((token) => {
res.render("postForm", {
token: token
});
});
});
now you can use token in hidden input field assuming you are using ejs in client
<form action="/verify" method="POST">
<div class="input-group form-group">
<span class="input-group-addon"><i class="glyphicon glyphicon-lock"></i></span>
<input id="token" type="hidden" class="form-control" name="token" value="<%= token %> ">
<input id="passcode" type="text" class="form-control" name="passcode" placeholder="Pass Code" required>
</div>
<button type="submit" class="btn btn-primary" style="display: inline-block;">Verify</button>
</form>
Assuming you have jQuery in the client side, you have to prevent the default action of form when it is submitted. Then you have to send the ajax request by taking the value of the input field
$('form').submit(function(e){
//prevent default
e.preventDefault();
let token = $('#passcode').val();
let url = "/verify/" + token;
$.post( url, function( data ) {
// Do something once the ajax call succeeds
}).fail(function() {
alert( "error" );
});
});
I am using ejs template, expressjs, and mongoose. not able to update existed data through form while click on edit button and as well not able to delete it . I want to delete when user click a button as well when user click on edit button it show form and allow him to edit. I already wrote get route , it is working fine.
**Update route:**
router.put('/success123' , function (req, res) {
// const id = req.params.id;
Campaign.findById(id)
.then(campaign => {
campaign.Title = req.body.title;
campaign.Description = req.body.Description;
campaign.save().then(updatePost => {
res.render('success123');
});
});
});
**Delete route**
router.delete ('/delete/:id' , function (req, res){
Campaign.findByIdAndDelete(req.params.id)
.then(deletedPost => {
res.render('success');
});
});
I am getting error and cant figure it out . Event it is not showing any error message in my console. both deleting and updating parts not working and i am able to success fully get route while user click on edit campaign button.
My ejs template for update : THIS IS MY EJS TEMPALTE WHERE I AM SENDING UPDATE INFORMATION THROUGH FORM
<div class="row p-4">
<div class="col-md-7">
<form action="/success123" method="post" enctype="multipart/form-data">
<div class="form-group">
<label for="title">Title</label>
<input type="text" value="<%=camplist.Title%>" class="form-control" name="title" id="title" placeholder="Enter The Title">
</div>
<div class="form-group">
<label for="description">Description</label>
<textarea value="" name="description" id="description" class="form-control" placeholder="Enter your content here" rows="10"><%=camplist.Description%></textarea>
</div>
<div>
<input class="form-control" name="rules" type="hidden" placeholder="Enter The Title">
<textarea name="rules" id="editor"></textarea>
</textarea>
</div>
<div class="form-group">
<label for="file">Upload Your Banner Image </label>
<input type="file" class="form-control" id="file" name="uploadedFile" accept="image/jpeg, image/jpg, image/png, image/bmp">
</div>
<button class="btn btn-outline-success btn-lg" type="submit">Update Post</button>
</form>
I am getting error and cant figure it out . Event it is not showing any error message in my console. both deleting and updating parts not working and i am able to success fully get route while user click on edit campaign button.
I'm using Node/Express (most recent production versions)
I have a form where I collect new account info. The user can add a username, etc.
In the view handler, I check a mongodb database to see if the username is unique. If it is not, I generate a message and reload the original view. Since the original request was a post, all of the data the user posted is in req.body. I would like to add the data the user submitted on the response. I could do it by specifically adding each value to the response. But isn't there an easier way to add all the request data back to the response? And is there a way to render that in the view (i'm using ejs) I tried res.send(JSON) coupled with ejs variables. Doing so generates errors saying the variables aren't available.
Here's my function (ignore the users.createUser(req) - it's not finished yet):
createAccount: function(req, res, next){
users.createUser(req);
res.render('create_account', {
layout: 'secure_layout',
title: 'Create Account',
givenName: req.body.givenName,
username: req.body.username,
familyName: req.body.familyName
});
},
And here's my view:
<form action="/createAccount" method="post">
<div>
<label>First Name:</label>
<input type="text" name="givenName" value="<%= givenName %>"/><br/>
</div>
<div>
<label>Last Name:</label>
<input type="text" name="familyName" value="<%= familyName %>"/><br/>
</div>
<div>
<label>Username:</label>
<input type="text" name="username" value="<%= username %>"/><br/>
</div>
<div>
<label>Password:</label>
<input type="password" name="password"/>
</div>
<div>
<input type="submit" value="Submit"/>
</div>
</form>
It seems overly complex to have to add each of the values. I tried {body: req.body} but values were never added to the view.
I'm not quite sure what you're after, but if you want to render an ejs view with data that was on the request body, you would do something along these lines:
app.post('/foo', function(req, res, next) {
res.render('view', {body: req.body});
});
view.ejs:
<ul>
<% for(var key in body) { %>
<li><%= key %>: <%= body[key] %></li>
<% } %>
</ul>