I'm new to node so bear with me!
I am working on my auth system. I have login, register and logout done so far. Now I want to update my user in the settings page. How would I go about updating the already added User items such as username, password and email? And most importantly adding new ones such as API Key, and API Secret.
Here is my code:
var UserSchema = mongoose.Schema({
username: {
type: String,
index:true
},
email: {
type: String
},
password: {
type: String
},
apiKey: {
type: String
},
apiSecret: {
type: String
}
});
My user schema, the api key info is not added on registration. Should it be in the schema or will it be added automatically later?
var newUser = new User({
username: username,
email:email,
password: password
});
User.createUser(newUser, function(err, user){
if(err) throw err;
console.log(user);
req.flash('success_msg', 'You are registered and can now login');
res.redirect('/users/login');
});
How I create the new user after verification.
router.post('/settings', function(req, res){
var apiKey = req.body.apiKey;
var apiSecret = req.body.apiSecret;
//INSERT api info into DB here
});
Where I get the API keys from a form and then want to insert them into the User that is currently logged in. This is where my problem is.
Thank you in advance for any help!
Assuming you've access to the logged in user in req like req.user
router.post('/settings', function(req, res) {
var updateFields = {
apiKey: req.body.apiKey,
apiSecret: req.body.apiSecret
}
User.findOneAndUpdate({"_id": req.user._id}, {"$set": updateFields}, {"new": true}})
.exec(function(err, user) {
if (err) {
//handle err
} else {
//user contains updated user document
}
});
});
And yes you should keep all the fields you want to insert even in future in the schema. Else they won't insert into database.
Related
here I'm using mean stack.this is my database model
var datas = mongoose.model('datas',{
username: string,
password: string,
email: string
});
this is my retriving code.
app.use('/api/datas',function(req,res) {
console.log('fetching reviews');
});
how can i retrive only username and password for given username feild.
If I understand your question, you want to find in your database one user with username and password sent by your client side ?
You can do that with this way :
app.use('/api/datas',function(req,res) {
var model = mongoose.model('datas');
model.find(
{username: req.body.username, password: req.body.password}, // Search request
{username:1, password:1, email:0}, // You only want to get in return username and password, no email
function(err, reponse) {
if (err) {
console.log(err); // On error
}
else {
console.log(response); // Data found
}
});
});
Hope it helps.
When registering a new user, I want to check email for uniqueness. I am using body parser to make sure all fields are not empty, but how am I to check that the input email is not used by anyone else and to immediately output the message for a user?
The technology stack is Node.js, mongoose, body-parser module, mongodb
Here's the route file:
router.post('/register', function(req, res){
let name = req.body.name;
let email = req.body.email;
req.checkBody('name', 'Name field is empty!').notEmpty();
req.checkBody('email', 'Email field is empty!').notEmpty();
req.checkBody('email', 'Invalid email format').isEmail();
var errors = req.validationErrors();
if(errors){
res.render('register', {
errors:errors
});
} else {
let newUser = new User({
name: name,
email: email
});
After looking through similar questions, I found a way to use a pre save in my model file, but I don't know how to sisplay the error to the user as a part of the errors array (see above)
Any help will be highly appreciated!
You can achieve both from the Mongoose model and the Register() method.
The user model should be like this:
var mongoose = require('mongoose');
var UserSchema = new mongoose.Schema({
email: {
type: String,
lowercase: true,
unique: true,
sparse: true
},
password: {
type: String,
required: true
},
},
{
timestamps: true
});
module.exports = mongoose.model('User', UserSchema);
This will ensure that emails are unique. Then at the register method, you do this:
exports.register = function(req, res, next){
let name = req.body.name;
let email = req.body.email;
User.findOne({email: email}, function(err, existingUser){
if(err){
return res.status(500).json(err);
}
if(existingUser){
return res.status(422).json('Email address is already registered.');
}
else {
var user = new User({
username : username,
email: email,
password: password
});
user.save(function(err, user){
if(err){
return next(err);
}
var userInfo = setUserInfo(user);
res.status(201).json({
token: 'JWT ' + generateToken(userInfo),
user: userInfo
})
});
}
});
}
}
}
Hope this helps.
I'm having a trouble to write a simple User and Tweet Schemas relation.
I created a middleware that will check a user token once he logged in. This is a token based authentication. The problem lies in the '/tweet' route section of how to save a tweet to a Logged in user.
schema.js
var mongoose = require('mongoose');
var Schema = mongoose.Schema;
var UserSchema = new Schema({
name: String,
username: { type: String, required: true, index: { unique: true }},
password: { type: String, required: true, select: false },
level: String,
tweet: [{
type: Schema.Types.ObjectId, ref: 'Tweet'
}],
});
var TweetSchema = new Schema({
_creator: { type: Number, ref: 'User'},
title: String,
content: String
});
module.exports = mongoose.model('User', UserSchema);
module.exports = mongoose.model('Tweet', TweetSchema);
api.js
let just assume that I have written '/login' route for log in a user and create a token above this middleware.
// The middleware for verifying user's token ( The user already login )
apiRouter.use(function(req, res, next) {
// do logging
console.log("Somebody just came to our app!");
var token = req.body.token || req.param('token') || req.headers['x-access-token'];
// check if token exist
if(token) {
jwt.verify(token, superSecret, function(err, decoded) {
if(err) {
res.status(403).send({ success: false, message: 'Failed to authenticate user' });
} else {
// if everything is good save request for use in other routes
req.decoded = decoded;
next();
}
});
} else {
res.status(403).send({ success: false, message: 'No token provided' });
}
});
// another route for creating a tweet, in order to use this route, user's token must be verified.
apiRouter.route('/tweet')
.post(function(req, res) {
// The problem is I dont know how to get a user that just Login to create a tweet that will save in his user_tweet Schema.
var tweet = new Tweet({
_creator: ???,
title: req.body.title,
content: req.body.content
});
tweet.save(function(err) {
if(err) res.send(err);
res.json({ message: "New tweet has been added" });
});
});
Currently I'm having a trouble to create a tweet and saves it to a User that already log in and token has been verified. What should I write in '/tweet' route section to achieve my goal.
I'm trying to emulate a Twitter app for you guys information.
I don't know what you're using to generate your tokens, but the standard practice is to encode the user id as part of the token. So when you decode the token, like you've done here:
req.decoded = decoded;
req.decoded it should contain the user id, which you can then use to look up the user and check their permissions, or in your case, you'd use it to create your tweet object.
So something like this:
// create a json webtoken
var token = jwt.sign({
id = user._id,
name: user.name,
username: user.username
}, superSecret, {
expiresInMinute: 1440
});
Then do:
var tweet = new Tweet({
_creator: req.decoded.id,
title: req.body.title,
content: req.body.content
});
I'm trying to set up a verification step in Mongoose, Express Node application based on this blog post ... http://danielstudds.com/adding-verify-urls-to-an-express-js-app-to-confirm-user-emails-secure-spa-part-6/ that post is over a year old so it kind of surprises me that its the first google result for 'node email verification'. I'm very new to node so I'm reliant on examples. Based on that post I did not see a download so I pieced it together to suit my scenario and here is what my code looks like.
Verification Model
var mongoose = require('mongoose'),
uuid = require('node-uuid'),
User = require('mongoose').model('User');
var verificationTokenSchema = new mongoose.Schema({
_userid : { type: mongoose.Schema.Types.ObjectId, ref: 'User' },
token: {type: String, required: true},
createdAt: {type: Date, required: true, default: Date.now, expires: '4h'}
});
verificationTokenSchema.methods = {
createVerificationToken : function (done) {
var verificationToken = this;
var token = uuid.v4();
verificationToken.set('token', token);
verificationToken.save( function (err) {
if (err) return done(err);
return done(null, token);
});
}
};
exports.verifyUser = function(token, done) {
verificationTokenModel.findOne({token: token}, function (err, doc){
if (err) return done(err);
User.findOne({_id: doc._userId}, function (err, user) {
if (err) return done(err);
user["verified"] = true;
user.save(function(err) {
done(err);
});
});
});
};
var verificationTokenModel = mongoose.model('VerificationToken', verificationTokenSchema);
exports.verificationTokenModel = verificationTokenModel;
Then in my User model I call create like so..
User Model
exports.createUser = function(req, res, next) {
// Do all the stuff that creates the user save it and get the id back
var verificationToken = new verificationTokenModel({_userId: user._id});
verificationToken.createVerificationToken(function (err, token) {
if (err){
err = new Error("Couldn't create verification token");
res.status(400);
return res.send({reason:err.toString()});
}
// Do stuff with the token here and email
This works 'partially' in my db 'verificationtokens' collection the objects don't contain a _userid they contain the _userid (user._id) stored in _id
My first issue is I don't really understand how this works when there isn't a 'constructor'
var verificationToken = new verificationTokenModel({_userId: user._id});
and how do I get this to store the user._id as _userid in the verification collection
I don't use Mongoose, but here is what it happened:
For your first question:
when you run:
var verificationTokenModel = mongoose.model('VerificationToken', verificationTokenSchema);
it creates the constructor.
For the second question:
MongoDB always create documents with a field called "_id", so, the "_id" field in your verification collection is not the "_id" field from your User collection. The reason that _userid is not inserted is because you have a typo:
var verificationToken = new verificationTokenModel({_userId: user._id});
where "_userId" should be "userid"
Need to knoe why I'mgetting this error? is my approach for validating the user thorugh login form correct here? I'm just new to node.js need your help.
var mongo = require('mongodb');
var mongoose = require('mongoose');
var db = mongoose.connect('mongodb://localhost/subscribe');
var mySchema = new mongoose.Schema({
_id : String,
name : String,
phone : String,
age : Number,
password : String
});
var User = mongoose.model('signups', mySchema);
Signup form , to save the registered user in the mongodb collection.
router.post('/signup', function(req, res) {
var user = new User({
_id : req.body.email,
phone : req.body.phone,
age : req.body.age,
password : req.body.password
});
user.save(function (err, doc) {
if (err) {
res.send("There was a problem adding the information to the database.");
}
else {
res.redirect('/');
}
});
});
trying to validate the user credentials
router.post('/adduser',function(req, res){
db.signups.findOne({ $and: [{_id: req.body.useremail}, {password: req.body.password }]}, function(err, item) {
if (err) return res.send("Please provide valid credentials.");
else {
res.redirect('/home');
}
});
});
How to validate the user credentials here?