I'm using NodeJS and passport to let users create an account before they can see results of a quiz they've just taken. My challenge is I need to confirm the username is available before the page refreshes because the user will lose their results if this happens.
Again: I need to verify the username is not taken prior to refreshing.
I think I'm close but it is not working. How would I change my code to handle this challenge?
Currently if the user name is taken it returns an error on trying to create an account and the user ends up on the /failpage as shown below.
app.post('/quiz', usernameToLowerCase, emailToLowerCase, function(req, res) {
User.findOne({
username: req.body.username
}, function(err, user) {
if (err) {
alert(err)
if (user) {
alert('this username is already taken. Please choose another.')
console.log('there was a user');
return false;
}
}
});
var user = new User({
username: req.body.username,
email: req.body.email,
password: req.body.password,
})
user.save(function(err) {
console.log('this is the problem' + ' ' + err)
if (err) {
return res.redirect('/failpage')
}
req.logIn(user, function(err) {
if (err) {
console.log(err);
}
console.log('all looks good')
res.redirect('/results');
});
});
});
Solved it with this if anyone else is trying to do the same thing:
in app.js
app.get('/usercheck', function(req, res) {
User.findOne({username: req.query.username}, function(err, user){
if(err) {
console.log(err);
}
var message;
if(user) {
console.log(user)
message = "user exists";
console.log(message)
} else {
message= "user doesn't exist";
console.log(message)
}
res.json({message: message});
});
});
In js
$('#usercheck').on('change', function() {
$.get('/usercheck?username='+$('#usernameValue').val().toLowerCase(), function(response) {
$('#usernameResponseHidden').text(response.message)
if ($('#usernameResponseHidden').html() === "user exists"){
$('#usernameResponse').text('That username is taken. Please pick another')
}
To solve your problem I think you need to routes. At least a app.get('/quiz') which returns a boolean on if the user exists or not. The section User.findOne can be sent in that route instead. You just need to make a request using ajax when he looses focus of the username field of your form, and display a notification if the name is available or not.
Related
Having an error where a logged in user will try to update their account username but run into an error. For the life of me I cannot figure out why it is sometimes (maybe 1/20 users run into this) unable to find the current user. User's can only access this page if logged in. The errors are:
throw er; // Unhandled 'error' event
TypeError: Cannot set property 'username' of null
The error seems to be happening here: user.username = req.body.username;
router.post("/updateAccount", function (req, res) {
if (req.user) {
User.findOne({username: req.body.currentUser}, function (err, user) {
if (err) {
return done(err);
}
user.username = req.body.username;
user.save(function (err) {
if (err) {
req.flash("error", "It looks like that email address is taken.");
res.redirect('back')
} else {
req.logout();
req.login(user, function (err) {
if (err) console.log('There was an account error' + err)
req.flash("success", "Your account has been created! Your username is " + user.username);
res.redirect('/results')
});
}
});
});
} else {
res.redirect('/results')
}
});
user will be null if no matching user can be found by the User.findOne({username: req.body.currentUser} query (as mentioned in the docs).
So you should add another check if that's the case and handle this appropriately:
User.findOne({username: req.body.currentUser}, function (err, user) {
if (err) {
return done(err);
}
if (!user) {
// handle this case as user.username = req.body.username will fail
}
// ... rest of the code
I'm creating a web application that requires a user to register/login, and once they've done that, they're taken to their "account page" where their account information is available for them to see.
I'm using MongoDB, Mongoose, and Passport.
I have my post route:
app.post("/", function(req, res){
User.findOne({username: req.body.username}, function(err, foundUser){
if(foundUser){
//found user in database
const user = new User({
username: req.body.username,
password: req.body.password
});
req.login(user, function(err){
if(err){
console.log(err);
} else {
passport.authenticate("local", function(err, user){
if(err){
console.log(err);
} else {
if(user){
res.redirect("/user");
} else {
res.render("home", {failedAttempt: true});
}
}
})(req, res);
}
});
} else {
//user does not exist
console.log("the user does not exist here");
res.render("home", {failedAttempt: true})
}
});
});
I would like to be able to pass the database info for that particular user to the "/user" route, but I don't know how. How can I make it so that once the user is redirected to root/user, I can then pull up the info on their database?
You may want to look into Express Middleware. This allows you to do some processing first to pull out the user info and then pass the resulting data to your route.
Read all about it:
https://expressjs.com/en/guide/using-middleware.html
I've used a soft delete feature in mongodB to disable a user and not delete it permanently. Now, only enabled users can log in to the site while the disabled users can not log in to the site.
// Soft delete feature
exports.getDisabledUsers = function(req,res, next) {
User.find({active: false}, function(err, users) {
if (err) {
res.send(err);
}
res.json(users);
});
}
// Log In
exports.login = function (req, res, next) {
var userInfo = setUserInfo(req.user);
res.status(200).json({
token: 'JWT ' + generateToken(userInfo),
user: userInfo
});
};
// Passport.js
var localLogin = new LocalStrategy(localOptions, function (email, password, done) {
User.findOne({
email: email
}, function (err, user) {
if (err) {
return done(err);
}
if (!user) {
return done(null, false, {
error: 'Login failed. Please try again.'
});
}
user.comparePassword(password, function (err, isMatch) {
if (err) {
return done(err);
}
if (!isMatch) {
return done(null, false, {
error: 'Login failed. Please try again.'
});
}
return done(null, user);
});
});
});
Disabled users shouldn't be able to log in. Right now, they are able to log in.
While Disabling the user you can move that data to another collection, that way your disabled user cannot be able to login to your system
exports.disableUser = function (req, res, next) {
User.findByIdAndUpdate({_id:req.params._id}, {active: false}, function (err, users) {
if (err) {
res.send(err);
}
User.findByIdAndRemove(
{_id:req.params._id},
function(err, doc) {
if (doc) {
DisableUser.insertMany(doc, function(err, doc){
// your response
});
} else {
// your response
}
)
});
}
You have not checked user status is active or not. This can be done by adding a condition in code, or modifying mongo query and adding one more condition in findOne.
//CODE
if(!user.active) {
//RETURN USER IS NOT ACTIVE
}
//MONGO QUERY
User.findOne({
email: email,
active: true
}, function (err, user) {
//YOUR CODE
}
Role based login may create some complexity but this can be achieved simply by adding one more collection named disabledUsers
when admin disable any user then the click function do two things at the same time
1)add the email into disabledUser collection
2)delete the user from user collection
Then in your login function just check this way
disabledUser.findOne({email :email },
function (err ,user){
if(err) return done(err)
else{
if(!user){
user.findOne({email : email }
write your login stuff here the wau you r doing
}
else{return alert('user is disabled')}
}
})
I am using express.js with mongoose for signup. I use crypto for saving the user's password and am now working on the login section. However, when I post values via postman, I am getting the error "not exist" over and over again.
Here is my code:
app.post('/login', (req, res) => {
var User = require('./user.js');
User.findOne({ username: req.body.email }, function(err, user) {
if (err) {
console.log("error");
} else if (!user) {
console.log("not exist");
} else if(!user.validPassword(req.body.password)) {
console.log("not valid");
} else {
console.log("valid");
}
});
res.send("XYZ");
});
I check whether or not an email or username is taken. I then use then use flash to send a message to the client using req.flash('messages', 'That username is taken.'); The only problem is I can't call a request command within a function. I can send the message when I put it right after app.post('/signup', function(req, res) { How could I check if a username is taken and then send the req.flash command once it has been determined. I tried to create an if statement but because node is run asynchronously by the time the username is found and the variable is set to true, the if statement has been called. How could I use req.flash to send a message to the client within this post request.
app.post('/signup', function(req, res) {
var userDetails = User({
firstname: req.body.firstname,
username: req.body.username,
email: req.body.email,
password: bcrypt.hashSync(req.body.password1, bcrypt.genSaltSync(10))
});
User.findOne({
$or: [ { 'username': req.body.username}, {'email': req.body.email}]
}, function(err, user) {
if (user) {
if(user.username === req.body.username){
console.log('that username is taken');
req.flash('messages', 'that username is taken');
} else {
}
if(user.email === req.body.email){
console.log('that email is already in use');
req.flash('messages', 'that email is already in use');
} else {
}
} else {
userDetails.save(function(err) {
if (err) throw err;
});
console.log('change to login')
}
if (err) {
return done(err);
}
});
res.redirect('/');
});
It should be no problem to call req in a other function if req is defined in a higher level. I am not sure if your flash is session stored, if it not, the reasen why the messages is not flash is your redirection to route.
You redirect to root without waiting to the end of database request. I think you will only redirect if user is found? Include your redirect to the callback function.