here I'm using mean stack.this is my database model
var datas = mongoose.model('datas',{
username: string,
password: string,
email: string
});
this is my retriving code.
app.use('/api/datas',function(req,res) {
console.log('fetching reviews');
});
how can i retrive only username and password for given username feild.
If I understand your question, you want to find in your database one user with username and password sent by your client side ?
You can do that with this way :
app.use('/api/datas',function(req,res) {
var model = mongoose.model('datas');
model.find(
{username: req.body.username, password: req.body.password}, // Search request
{username:1, password:1, email:0}, // You only want to get in return username and password, no email
function(err, reponse) {
if (err) {
console.log(err); // On error
}
else {
console.log(response); // Data found
}
});
});
Hope it helps.
Related
So i've spent a while trying to solve this. Basically I have a user profile update page, when the user inputs the new credentials I want to update my mongo db. When I update it everything does through normally and my mongo server gets updated but when I log in, I use bcrypt to match the hashed password and unhashed password and this is what is giving me my error because the updated password isn't hashed.
Update mongo:
const { email, password, password2 } = req.body;
const _id = ObjectID(req.user);
User.updateOne(
{ _id },
{ $set: { email: email, password: password } },
(err) => {
if (err) {
throw err;
} else {
req.flash('success_msg', 'profile updated');
res.redirect('profile');
}
}
);
This is my try at hashing the password. It gives an error in the console(Error: Argument passed in must be a single String of 12 bytes or a string of 24 hex characters). I tried to solve this by making the object id .toString but it still gave an error:
const { email, password, password2 } = req.body;
const _id = ObjectID(req.user);
User.updateOne(
{ _id },
{ $set: { email: email, password: password } },
(err, user) => {
const updatedPassword = password;
if (err) {
throw err;
} else {
bcrypt.genSalt(10, (err, salt) => {
bcrypt.hash(updatedPassword.password, salt, (err, hash) => {
if (err) {
throw err;
}
updatedPassword.password = hash;
updatedPassword.save();
});
});
}
req.flash('success_msg', 'profile updated');
res.redirect('profile');
}
);
I'm a kinda new to express so sorry if this is messy. Also if you find a solution please explain it and if you need more code I'll post it.
You likely deserialize the user in a middleware not shown and so the following line should change from:
const _id = ObjectID(req.user);
to
const _id = new ObjectID(req.user._id);
I'm building a REST API in Express JS and Mongo DB. I'm utilising the Mongoose package to interface with the database and am trying to implement a robust endpoint for allowing a user to update details about their account, for instance, their name.
My endpoint is setup, and I can send a request, however, it only seems to work if I don't pass through the email and password of the user I want to update (bearing in mind I need to check that the email they're changing it to doesn't already exist)
router.patch('/update', verify, async (req, res) => {
// validate incoming data
const { error } = registerValidation(req.body)
if (error) return res.status(400).send(error.details[0].message)
// check if user already exists
const emailExists = await User.findOne({ email: req.body.email })
if (emailExists) return res.status(400).send('Email already exists')
// hash password
const salt = await bcrypt.genSalt(10)
const hashPassword = await bcrypt.hash(req.body.password, salt)
// update user
const user = new User({
name: req.body.name,
email: req.body.email,
password: hashPassword
})
User.findOneAndUpdate({ _id: req.user.id }, user, { runValidators: true, useFindAndModify: false, new: true }, (error, result) => {
if (error) {
console.log('error')
return res.status(400).send(error)
}
res.status(200).send(result)
});
})
For a starters, I'm getting a returned 1 instead of an object, but earlier I was getting a Mongo DB error with the code of 66 for some reason...
What's going on here?
UPDATE
When sending my body to update a user, I get a response of: {"operationTime":"6845592053464694785","ok":0,"code":66,"codeName":"ImmutableField","$clusterTime":{"clusterTime":"6845592053464694785","signature":{"hash":"+uHFhNsV5B60qR/Yhd2qg8Cd6jA=","keyId":"6843771360993345539"}},"name":"MongoError"}, even though I've only edited the name out of the three fields
First, you should get a field to make a query. You should know the _id or you should know the previous email or any unique field value.
You created a new user by the following code. But this created user also will have a unique id.
const user = new User({
name: req.body.name,
email: req.body.email,
password: hashPassword
})
But if you need to update, you should not create a new user.
A user never knows his id. So you should query your data by using any other field like email. You may be in need of this code
await User.findByIdAndUpdate({email:req.body.existingemail},{
name: req.body.name,
email: req.body.email,
password: hashPassword
})
So the code which will help you may be like this,
router.patch('/update', verify, async (req, res) => {
// validate incoming data
const { error } = registerValidation(req.body)
if (error) return res.status(400).send(error.details[0].message)
// check if user already exists
const emailExists = await User.findOne({ email: req.body.email })
if (emailExists) return res.status(400).send('Email already exists')
// hash password
const salt = await bcrypt.genSalt(10)
const hashPassword = await bcrypt.hash(req.body.password, salt)
// update user
const user ={
name: req.body.name,
email: req.body.email,
password: hashPassword
}
//make sure you pass existingemail in postman
User.findOneAndUpdate({ email:req.body.existingemail }, user, { runValidators: true, useFindAndModify: false, new: true }, (error, result) => {
if (error) {
console.log('error')
return res.status(400).send(error)
}
res.status(200).send(result)
});
})
I'm making post request on registration,But I want error to pop up if username is already taken.
Any suggestions?
Here is my post route:
app.post('/addUser', (req,res) => {
const addUser = new User({username: req.body.username, password: req.body.password})
addUser.save().then(result => res.status(200).json(result)).catch((err) => console.log(err))
})
Alternate method, depending on the error style you want.
const users = new mongoose.Schema(
{
username: {type: String, unique: 'That username is already taken'}
},
{ timestamps: true }
)
Now mongo will index usernames and check it before the insertion. An error will be thrown if it's not unique.
You can use findOne method of mongoose
app.post('/addUser', async (req,res) => {
//validation
var { username, password } = req.body;
//checking username exists
const existUsername = await User.findOne({ username: req.body.username});
if (existUsername) {
console.log('username taken');
}
});
I'm new to node so bear with me!
I am working on my auth system. I have login, register and logout done so far. Now I want to update my user in the settings page. How would I go about updating the already added User items such as username, password and email? And most importantly adding new ones such as API Key, and API Secret.
Here is my code:
var UserSchema = mongoose.Schema({
username: {
type: String,
index:true
},
email: {
type: String
},
password: {
type: String
},
apiKey: {
type: String
},
apiSecret: {
type: String
}
});
My user schema, the api key info is not added on registration. Should it be in the schema or will it be added automatically later?
var newUser = new User({
username: username,
email:email,
password: password
});
User.createUser(newUser, function(err, user){
if(err) throw err;
console.log(user);
req.flash('success_msg', 'You are registered and can now login');
res.redirect('/users/login');
});
How I create the new user after verification.
router.post('/settings', function(req, res){
var apiKey = req.body.apiKey;
var apiSecret = req.body.apiSecret;
//INSERT api info into DB here
});
Where I get the API keys from a form and then want to insert them into the User that is currently logged in. This is where my problem is.
Thank you in advance for any help!
Assuming you've access to the logged in user in req like req.user
router.post('/settings', function(req, res) {
var updateFields = {
apiKey: req.body.apiKey,
apiSecret: req.body.apiSecret
}
User.findOneAndUpdate({"_id": req.user._id}, {"$set": updateFields}, {"new": true}})
.exec(function(err, user) {
if (err) {
//handle err
} else {
//user contains updated user document
}
});
});
And yes you should keep all the fields you want to insert even in future in the schema. Else they won't insert into database.
Need to knoe why I'mgetting this error? is my approach for validating the user thorugh login form correct here? I'm just new to node.js need your help.
var mongo = require('mongodb');
var mongoose = require('mongoose');
var db = mongoose.connect('mongodb://localhost/subscribe');
var mySchema = new mongoose.Schema({
_id : String,
name : String,
phone : String,
age : Number,
password : String
});
var User = mongoose.model('signups', mySchema);
Signup form , to save the registered user in the mongodb collection.
router.post('/signup', function(req, res) {
var user = new User({
_id : req.body.email,
phone : req.body.phone,
age : req.body.age,
password : req.body.password
});
user.save(function (err, doc) {
if (err) {
res.send("There was a problem adding the information to the database.");
}
else {
res.redirect('/');
}
});
});
trying to validate the user credentials
router.post('/adduser',function(req, res){
db.signups.findOne({ $and: [{_id: req.body.useremail}, {password: req.body.password }]}, function(err, item) {
if (err) return res.send("Please provide valid credentials.");
else {
res.redirect('/home');
}
});
});
How to validate the user credentials here?