I am trying to redirect to the original page after a login redirect. I have some middleware which checks if the user is logged in and if not redirects to the login page. code below
middlewareObj.isLoggedIn = function(req, res, next){
if(req.isAuthenticated()){
return next();
}
res.redirect("/login");
};
I am trying to get the full url from the request and tack it on the the end of the login URL so that after the login, I can redirect. According to the nodejs. docs I should be able to pull this info using req.host + req.originalURL. However, when I do that, it just pulls the hostname without pulling the port. in other words, it just returns localhost/pathname instead of localhost:3000/pathname. node js docs say that req.host should return the port while req.hostname should return just the hostname, but I'm getting the same output either way.
Thanks so much for any help!
req.header('Host') should get the HTTP Host header which will contain the port.
Related
I got a situation where I need to redirect an HTTP request made to server X to another server Y,
with all of the requests' headers, params, body etc.
I tried:
app.post('/redirect-source', (req, res, next) => {
res.redirect(301, 'http://localhost:4000/redirect-target');
});
But the response I get when reaching this route is:
{"message":"Not Found"}
Although the server and route i'm redirecting to are live and I get an ok response when reaching it directly.
What am I missing?
edit:
I noticed that the target route works on Postman and not from the browser, my guess is because it's a POST request.
How can I configure the redirect to pass as POST/specific type?
Try to change the statusCode to 308.
Take a look at this https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/301
Use the 301 code only as a response for GET or HEAD methods and use the 308 Permanent Redirect for POST methods instead, as the method change is explicitly prohibited with this status.
https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/308
It turned out that status code 307 is the one that works for POST requests too. Like so:
app.post('/redirect-source', (req, res, next) => {
res.redirect(307, 'http://localhost:4000/redirect-target');
});
I want to handle all my cookies and session stuff in a function then redirect to the destination path. I use this function in Express:
app.all('*', function(req, res, next){
if('_id' in req.session)
next()
else if('userInfo' in req.cookies){
req.session._id = req.cookies.userInfo._id
next()
} else {
res.redirect('../login')
}
res.end()
})
but browser print this error:
net::ERR_TOO_MANY_REDIRECTS
what's the problem?
This error occurs when a web browser is redirecting you to another web page which then that web page redirects you back to the same browser again. Your configurations are wrong. app.all('*', ..) runs again and again whenever a request is made, which causing repetition.
You need to have better configurations than app.all(*..) //all. You need to specify it more so that it doesn't repeat itself.
I would say limit it down to some urls and not all of them. You could do
app.get('/cookieCheckerPage', function(req, res){
//code here
});
Also please see Error 310 (net::ERR_TOO_MANY_REDIRECTS):
There is something I have trouble with when serving pages (in my case, nodejs).
Let's say I have the following url : http://localhost:80 which serves a simple html page, but you must be logged in, either way you are redirected to a login page (http://localhost:80/login).
That's easy, and everything works fine.
Now let's say I have another url http://otherdoamin.com/internal/back that redirects to my server listening on the port 80.
I am having trouble to find what's the best way to manage my server to work on both url.
Here's a code sample just to show the logic :
function checkAuth(req, res, next) {
//if user isn't logged, redirect to login
}
app.get('/login', function(req, res) {
//if user is logged, redirect to base path (/) which serves an html page
//else
//display login.html page
})
app.get('/', checkAuth, function (req, res) {
res.sendFile(__dirname + '/views/index.html');
});
Let's say now that I have the following case :
I go to http://localhost:80, but I am not logged, I am redirected to the login page (http://localhost:80/login). Then after logging in, I am redirected back to http://localhost:80.
But if I do the following case with my other url (http://otherdoamin.com/internal/back), I'll have problems with the paths : if I have absolute paths, the redirection to login will work, but after logging in, I'll have a redirection to http://otherdoamin.com/ instead of http://otherdoamin.com/internal/back/, which is obvious.
Option 1:
Set otherdomain.com/internal/back as the base url in the Reverse Proxy Path definition.
Option 2:
Store the fully qualified original request url:
var fullUrl = req.protocol + '://' + req.get('host') + req.originalUrl;
And then use that to redirect;
I am trying to redirect to a login page after successfully logging a user out, but am having an issue when calling res.redirect() from my logout route handler in express.
I have the following middleware to redirect a user to a login page (note I am using express-session too)
//A request to '/login' will serve the login page
app.use('/login', function(req, res){
res.sendFile(path.join(__dirname+'/public/login.html'))
});
//This will listen for all requests
app.use(function(req, res, next) {
//Here we only want to redirect to the logic route (above) if the request is not
//a login action and there is no access token present on the session object
if (req.url!== '/auth/login' && !req.session.accessToken) {
res.redirect('/login');
} else {
next();
}
});
This redirect above works as expected.
When a user performs a logout, I handle like so:
app.post('/auth/logout', function(req, res){
req.session.destroy();
res.redirect('/login');
});
I can see in Chrome debugger, the network tab shows my login view is being served back to the browser, but the browser window does not change. I notice the login.html is being returned with a 304 code too if that has any relevance. I'm feeling a bit dumb but am failing to see what's different here, can someone shed some light please?
Thanks
I have a node.js (sail.js) project as server side, with backbone.marionette as client.
I'm using passport to determine if the user is authenticated.
module.exports = function(req, res, next)
{
if (req.isAuthenticated())
return next();
else
res.redirect('/login');
}
My problem is:
if the current url is: http://localhost:1337/#users (with #users from client), and the server session is timeout, the res.redirect('/login'); redirects the page with the client url, like this: http://localhost:1337/login#users
Is there a way to redirect without the #url ?
Found a solusion:
We can workaround this problem by redirecting to /login#. This should do the trick and remove the hash from the URL.
the # part is not send to the server, # is added by marionette. marionette received 302 status and redirect to login and smartly trying to resume the #users state. so in this case you don't do redirect in server just do res.render("login").