so when I log into my website and navigate within the same url (ex: localhost/private/xxxx), the res.locals.user returns an object.
When I go out of the range (ex: localhost/xxxx), res.locals.user is empty.
/ app.js
...
app.use(passport.session());
app.use(require('./controllers'));
...
/ controllers / index.js
router.use('/private', require('./member.js'));
router.use('/admin', require('./admin.js'));
/* Some basic routes. */
router.get('/', function(req, res, next) {
res.render('index', { ... });
});
After loggin in res.locals.user is still empty here
/ controllers / member.js
router.use(function isMember(req, res, next) {
if(req.isAuthenticated()) {
res.locals.user = req.user;
return next();
}
req.flash('error', 'WHY YOU LITTLE!');
res.redirect('/login');
});
router.get('/', function(req, res, next) {
res.redirect('/private/index');
});
router.get('/something', function(req, res, next) {
res.redirect('/private/somehting');
});
router.get('/darkside', function(req, res, next) {
res.redirect('/private/darkside');
});
res.locals.user correctly returns the user, whether I navigate to /private, /private/something or /private/darkside
Is it cause I use a middleware route when using router.use('/private', require('./member.js')); ? How do I fix this?
res.locals is an object passed to the rendering engine of your app. You can set the user details by req.session.user = user in passport authentication strategy.So that you can access the user from any of your route.
At the end I simply had to add
router.use(function (req, res, next) {
if(req.isAuthenticated()) {
res.locals.user = req.user;
}
return next();
});
before all my routes and remove res.locals.user = req.user; from the member.js file
So it would give me this:
/ controllers / index.js
router.use(function (req, res, next) {
if(req.isAuthenticated()) {
res.locals.user = req.user;
}
return next();
});
router.use('/private', require('./member.js'));
router.use('/admin', require('./admin.js'));
/* Some basic routes. */
router.get('/', function(req, res, next) {
res.render('index', { ... });
});
Related
I am learning Express.js, MongoDB and Mongoose, and i am creating a small app that lets me store items to a list.
I am trying to Create a GET /list/search route which allows to search for items in the list, but i haven't gotten it to work.
Here is my code
Routes
const express = require('express');
router = express.Router();
const db = require("../models");
router.get('/', function(req, res, next){
db.List.find().then(function(list){
res.render('index', {list});
});
});
router.get('/new', function(req, res, next){
res.render('new');
});
router.get('/:id', function(req, res, next){
db.List.findById(req.params.id).then(function(list){
res.render('show', {list});
});
});
router.get('/:id/edit', function(req, res, next){
db.List.findById(req.params.id).then(function(list){
res.render('edit', {list});
});
});
router.get('/search', function(req, res, next){
db.List.findOne(req.query.search).then(function(list){
console.log(list);
res.render('show', {list});
});
});
router.post('/', function(req, res, next){
db.List.create(req.body).then(function(list){
res.redirect('/');
});
});
router.patch('/:id', function(req, res, next){
db.List.findByIdAndUpdate(req.params.id, req.body).then(function(list){
res.redirect('/');
});
});
router.delete('/:id', function(req, res, next){
db.List.findByIdAndRemove(req.params.id).then(function(list){
res.redirect('/');
});
});
module.exports = router;
Index.pug
extends base.pug
block content
h1 My List
form(action="/list/search" method="GET")
input(type="text" name="search")
input(type="submit", value="search")
a(href="/list/new") Add New Item!
each item in list
p ITEM: #{item.name} QUANTITY: #{item.quantity}
a(href=`/list/${item.id}/edit`) Edit
my main problem is the GET /search, i want to pass in a search query to the search box and return the result to the render file
router.get('/search', function(req, res, next){
db.List.findOne(req.query.search).then(function(list){
console.log(list);
res.render('show', {list});
});
});
Thanks in advance
You need to specify the parameters as attributes in the query. list will be null, if no matching record was found.
router.get('/search', function (req, res, next) {
db.List.findOne({
name: req.query.name,
age: req.query.age
}).then(function (list) {
console.log(list);
if (list === null) {
return res.render('show', {
list: []
});
}
return res.render('show', {
list: list
});
}).catch((err) => {
console.log('err', err);
return res.render('show', {
list: []
});
});
});
Here is the example:
var app = require('express')();
function validateToken(req, res, next) {
// Do something with request here
next();
};
app.get('/user/login', function(req, res) {
//code
});
app.post('/user/register', function(req, res) {
//code
})
app.put('/user/register', validateToken, function(req, res) {
//code
})
app.delete('/user/delete', validateToken, function(req, res) {
//code
})
If I have 10 api that need validToken, I should add validToken middleware 10 times, like:
app.method('......', validateToken, function(req, res) {
//code
})
app.method('......', validateToken, function(req, res) {
//code
})
....
app.method('......', validateToken, function(req, res) {
//code
})
app.method('......', validateToken, function(req, res) {
//code
})
How can I group api by using the same middleware?
Here's how to re-use the same callback function for multiple routes (like middleware):
var app = require('express')();
function validateToken(req, res, next) {
// Do something with request here
next();
};
app.get('/user/login', function(req, res) {
// code
});
app.post('/user/register', function(req, res) {
// code
});
// Be sure to specify the 'next' object when using more than one callback function.
app.put('/user/register', validateToken, function(req, res, next) {
// code
next();
});
app.delete('/user/delete', validateToken, function(req, res, next) {
// code
next();
});
Also, you can replace app.METHOD (e.g. .post, .get, .put, etc.) with app.all and your callback will be executed for any request type.
Just wrong, so do not put into mass participation of the (Google translated from: 刚才看错了,改成这样就不用放进传参了)
var group = {url:true,url:true,url:true};
app.use(function(req,res,next){
if(group[req.url]){
// Do something with request here
next();
} else {
next();
}
})
What should I use:
express.Router().route()
or
express.route()
?
Is it true express.Router().route() is someway deprecated?
For the current version of Express, you should use express.Router().route(). See the express documentation for confirmation. express.Router().route() is not depreciated.
For example:
var router = express.Router();
router.param('user_id', function(req, res, next, id) {
// sample user, would actually fetch from DB, etc...
req.user = {
id: id,
name: 'TJ'
};
next();
});
router.route('/users/:user_id')
.all(function(req, res, next) {
// runs for all HTTP verbs first
// think of it as route specific middleware!
next();
})
.get(function(req, res, next) {
res.json(req.user);
})
.put(function(req, res, next) {
// just an example of maybe updating the user
req.user.name = req.params.name;
// save user ... etc
res.json(req.user);
})
.post(function(req, res, next) {
next(new Error('not implemented'));
})
.delete(function(req, res, next) {
next(new Error('not implemented'));
})
Router.route() can use for chainable routes.
Meaning: You have one API for all the METHODS, you can write that in .route().
var app = express.Router();
app.route('/test')
.get(function (req, res) {
//code
})
.post(function (req, res) {
//code
})
.put(function (req, res) {
//code
})
this is my app.js
function requireLogin(req, res, next) {
if (req.isAuthenticated()) {
next();
} else {
res.redirect("/");
}
}
/**
* Routes
*/
var index = require('./routes/index');
var dashboard = require('./routes/dashboard');
app.use('/', index);
app.use('/dashboard', requireLogin, dashboard);
routes/dashboard.js
var express = require('express');
var router = express.Router();
router.route('/')
.get(function (req, res, next) {
res.render('dashboard/index', {});
});
module.exports = router;
After doing the login I am directed to the route /dashboard, but I get a status 404.
If I try to remove the function requireLogin, the route /dashboard is visible and working.
Why?
I did some tests, and I saw that the problem is next().
For the login I used passport is working well.
If you still haven't figured out you can put return next() instead of next().
So this:
function requireLogin(req, res, next) {
if (req.isAuthenticated()) {
next();
} else {
res.redirect("/");
}
}
Should become this:
function requireLogin(req, res, next) {
if (req.isAuthenticated()) {
return next();
} else {
res.redirect("/");
}
}
Hope I helped!
Actually I had a very similar issue, for me it wasn't anything to do with the middleware that was handling authentication, it was the way my routes were set up.
I think you are trying to receive GET requests on a route you want to POST credentials to in dashboard.js:
router.route('/')
.get(function (req, res, next) {
res.render('dashboard/index', {});
});
should be:
router.route('/')
.post(function (req, res, next) {
res.render('dashboard/index', {});
});
since you are posting credentials to that route.
I have a express route like this:
app.get('/', auth.authOrDie, function(req, res) {
res.send();
});
where authOrDie function is defined like that (in my auth.js module):
exports.authOrDie = function(req, res, next) {
if (req.isAuthenticated()) {
return next();
} else {
res.send(403);
}
});
Now, when the user is not authenticated, I would like to verify if the http request has a Authorization (Basic) header. To do that, I would like to use the great connect middleware basicAuth().
As you know, Express is built on top of Connect, so I can use express.basicAuth.
The basicAuth is generally used like that:
app.get('/', express.basicAuth(function(username, password) {
// username && password verification...
}), function(req, res) {
res.send();
});
But, I would like to use it in my authOrDie function like that:
exports.authOrDie = function(req, res, next) {
if (req.isAuthenticated()) {
return next();
} else if {
// express.basicAuth ??? ******
} else {
res.send(403);
}
});
****** How can I call the basicAuth function with the good parameters (req ? res ? next ? ...).
Thanks.
Calling the express.basicAuth function returns the middleware function to call, so you'd invoke it directly like this:
exports.authOrDie = function(req, res, next) {
if (req.isAuthenticated()) {
return next();
} else {
return express.basicAuth(function(username, password) {
// username && password verification...
})(req, res, next);
}
});