Fetching API data with active login - javascript

I'm using backend functions on my website to gather data from a separate website.
I can access the data easily with something like...
fetch( DataURL, {"method": "get"} )
.then( httpResponse => httpResponse.json() )
.then( json => { console.log(json); } )
However, there is additional data fields in the json data that aren't visible unless you are logged in.
I'm trying to use a POST fetch to complete the login form, and then send the GET to retrieve the API data afterwards. Have been unsuccessful so far.
fetch( LoginURL, {
"method": "post",
"body": "Username=myusername&Password=mypassword",
"headers": {"Content-Type": "application/x-www-form-urlencoded"}
})
.then( fetch( DataURL, {"method": "get"} )
.then( httpResponse => httpResponse.json() )
.then( json => { console.log(json); })
})
I'm basing the body data on what I see in the form in their source code. Not completely sure if I'm doing that right.
This is a phpBB style website that needs to be logged into.
<form action="./ucp.php?mode=login" method="post" id="navloginform" name="loginform">
<div class="form-group">
<input type="text" placeholder="Username" name="username" size="10" class="form-control" title="Username"/>
</div>
<div class="form-group">
<input type="password" placeholder="Password" name="password" size="10" class="form-control" title="Password"/>
</div>
<div class="form-group">
<div class="checkbox">
<label for="autologin-navbar"><input type="checkbox" name="autologin" id="autologin-navbar" tabindex="4" /> Remember me</label>
</div>
</div>
<input type="hidden" name="redirect" value="./ucp.php?mode=login" />
<button type="submit" name="login" class="btn btn-primary btn-block"><i class="fa fa-sign-in fa-fw" aria-hidden="true"></i> Login</button>
</form>
I'm very clearly doing something wrong.
I think my main issues I'm struggling with are:
Is my guess at how to use their form data correct?
How do I verify the login even worked to begin with?
Do I need to do something special to maintain the login before sending a second fetch?

Just going to share how I got mine working, though may be different for other cases.
--
Go to the website you're trying to login to, and open up your browser development tools.
Select the 'Network' tab, and login.
Find the network entry from your login, and go to the 'Headers' tab. Near the bottom of the entry will show which headers were used. Not all of these are critical. Something like below:
When using your fetch call, create the same headers as needed in the body.
const LoginURL = 'www.ExampleWebpageLogin.com./ucp.php?mode=login';
let form = new FormData();
form.append('username', 'MyUsername');
form.append('password', 'MyPassword');
form.append('login', 'Login');
var headers = { 'method': 'post',
'body': form,
'credentials': 'include'}
await fetch( LoginURL, headers)
.then( loginResponse => {
console.log(loginResponse);
})
In my case, the loginResponse included 2 critical cookies.
user_id - This cookie value remained =1 when not logged in, and was set to my user id once successful.
sid - Most likely session ID, which they use to preserve login session.
For both the login post and future GET requests, 'credentials' are required.

Related

How prevent reload after post request?

I am trying to make a post request to the server and do something with the response. Things seem to work on the server-side. The problem is that the page reloads upon completion of the response and I cannot do anything with the response.
The common suggestions are using button or preventDefault. These suggestions do not solve the problem: as you can see below, the input type is button (not submit) and preventDefault() on the event does not work.
Does anyone have an idea about what I am missing?
<form id="modelCodeForm">
<label for="codehere"></label>
<div id="modelAreaDiv">
<textarea id="modelArea" cols="60" rows="20">
stuff
</textarea>
<br>
<input id="submitUserModel" type="button" value="run on server">
</div>
</form>
function initializeUserModel(){
let model = document.getElementById("modelArea").value;
fetch('http://localhost:8080/', {
method: 'post',
headers: {'Content-Type': 'text/plain'},
body: model
})
.then(response => response.json())
.then(data => {
console.log(data);
}).then(console.log("received!"))
}
I got to the bottom of this. It turns out that the problem was due to VS Live Server which was detecting a change in the folder and hot-loading the app. The change was due to the backend, in the same folder, saving a log. Really silly thing to miss...
If you want to trigger your function when the form is submitted then you can use the "onsubmit" event listener available on HTML forms.
So you would do onsubmit="initializeUserModel(event)". You pass it the event object so you can call event.preventDefault() in the function and stop the page from reloading.
Change your input to type="submit" (or make it a button of type="submit") or the form submission won't be triggered.
<form id="modelCodeForm" onsubmit="initializeUserModel(event)">
<label for="codehere"></label>
<div id="modelAreaDiv">
<textarea id="modelArea" cols="60" rows="20">Stuff</textarea>
<br />
<input id="submitUserModel" type="submit" value="run on server" />
</div>
</form>
function initializeUserModel(event) {
event.preventDefault();
let model = document.getElementById("modelArea").value;
fetch("http://localhost:8080/", {
method: "post",
headers: { "Content-Type": "text/plain" },
body: model,
})
.then((response) => response.json())
.then((data) => {
console.log(data);
})
.then(console.log("received!"));
}

preventDefault in JS not working when fetch API upload files

I have been trying to create a simple web app where you can post images and a little description. It is for an Instagram Clone project. I am using multer and express on the backend to parse the body and the file, and it works perfectly fine. The problem is on the frontend. I provide a form where you put name, description and the image to upload, then with the Fetch API I send the body to my api on the backend.
I noticed that the page reloads every time I submit the form despite the use of event.preventDefault() and event.stopPropagation() for the form sumbit event.
In addition, I have realised that it does so only when also uploading the file, in fact, if I leave the name and description alone, it doesn't reload the page, whereas if I live the file upload in there it just reloads it.
Is this a bug of the fetch API or am I not considering something?
Here's the code on the frontend that handles the fetch request to my api:
const instaForm = document.getElementById("post-pic");
instaForm.addEventListener("submit", (event) => {
event.preventDefault();
event.stopPropagation();
let instaFormData = new FormData(instaForm);
let url = `${baseUrl}/create-insta`;
fetch(url, {
method: "POST",
body: instaFormData,
})
.then((data) => data.json())
.then((response) => {
instaForm.reset();
console.log(response);
})
.catch((err) => console.error(err));
});
Consider that if I leave the input for the file blank, the page doesn't reload so it is definitely a problem with the file upload.
For now, for debugging my API is sending back a simple "Received" response and nothing else.
HTML Form
<form method="POST" id="post-pic" enctype="multipart/form-data">
<input
type="text"
id="name"
name="name"
placeholder="Enter a name..."
/>
<textarea
name="description"
id="description"
rows="10"
placeholder="A short description..."
></textarea>
<input type="file" id="picture" name="insta" />
<button id="publish" type="submit">Publish</button>
</form>
You should catch the event when clicking on the form button.
Try this:
<form method="POST" id="post-pic" enctype="multipart/form-data">
<input
type="text"
id="name"
name="name"
placeholder="Enter a name..."
/>
<textarea
name="description"
id="description"
rows="10"
placeholder="A short description..."
></textarea>
<input type="file" id="picture" name="insta" />
<button id="publish" type="button">Publish</button>
</form>
JS Script:
const instaForm = document.getElementById("post-pic");
const buttonForm = document.getElementById("publish");
buttonForm.addEventListener("click",(event) => {
event.preventDefault();
let instaFormData = new FormData(instaForm);
let url = `${baseUrl}/create-insta`;
fetch(url, {
method: "POST",
body: instaFormData,
})
.then((data) => data.json())
.then((response) => {
instaForm.reset();
console.log(response);
})
.catch((err) => console.error(err));
});
}
I hope it could help you.
Regards.

Proper error handling with Svelte from API (Rails)

I'm developing a Svelte frontend app which communicates with rails API server.
I like the rails way of abstraction (esp. with simple_form gem) and I'd like to bring some ideas to Svelte. The particular problem I met is how to associate errors from the rails server with inputs on the svelte side
First, I tuned up error responses from the server; in general, they look like this:
{ errors:
{ generic: [<messages without association with particular field>],
email: ["Already taken", <msg_2>, ...],
password: ["Too short", ...],
field_N: [...]
}
}
generic errors can be "Invalid Login Credentials", "Your account is locked", "Internal Server Error", etc.
Other errors must be related to the form fields and must be displayed next to them.
Here is my current approach signup.svelte:
<script>
let email;
let password;
function registerRequest() {
let regURL = baseURL+'/api/users/';
let data = {"user": {"email": email, "password": password}};
fetch(regURL, {
method: 'POST',
body: JSON.stringify(data),
headers: {
'Content-Type': 'application/json'
}
})
.then(function(response) {
if (!response.ok) {
return response.json()
}
})
// if errors present then iterate through errors object
.then(function(error) {
// find id of the message field and insert actual messages
for (let [key, value] of Object.entries(error.errors)) {
document.getElementById(key).insertAdjacentHTML('beforeend',value);
}
});
}
</script>
<style> .errormessage { color: red; } </style>
<form class="col-sm-12 col-lg-6" on:submit|preventDefault={registerRequest}>
<!-- here I need to create errormessage container for each field. -->
<!-- first one is generic to display generic errors -->
<div class="errormessage" id="generic"></div>
<label for="UserEmail">Email address</label>
<input type="email" class="form-control" id="UserEmail" aria-describedby="emailHelp" placeholder="Enter your email here..." bind:value={email}>
<div class="errormessage" id="email"></div>
<label for="UserPassword">Password</label>
<input type="password" class="form-control" id="UserPassword" placeholder="...and your password here" bind:value={password}>
<div class="errormessage" id="password"></div>
<button type="submit" class="btn btn-primary">Register</button>
</form>
I want to unify the code above with frontend validation. If the errors object is presented - show messages next to the fields with errors. It seems to me that using getElementById is overkill. Why should I use it if my DOM never reloading? Every time on input it will search for ids. Maybe it should be listener that listens changes of the errors object? I tried to bind the custom event with Svelte
import { createEventDispatcher } from 'svelte';, but with no luck.
Please help and share your thoughts.
Your intuition is right that using getElementById in a Svelte component feels off - generally Svelte wants you to make you code declarative, where the DOM is a function of the state, rather than imperative where you're manually changing the DOM.
For the error messages, I'd suggest having an errors variable in your component. When server errors come back, you can assign them to errors, which will cause a reactive update and re-render the component. Then the markup can know to render errors when they exist, without you having to explicitly change the DOM. Something like this:
<script>
let email;
let password;
// New `errors` variable.
let errors = {};
function registerRequest() {
// Reset the errors when the user submits a new request.
errors = {};
let regURL = baseURL+'/api/users/';
let data = {"user": {"email": email, "password": password}};
fetch(regURL, {
method: 'POST',
body: JSON.stringify(data),
headers: {
'Content-Type': 'application/json'
}
})
.then(function(response) {
if (!response.ok) {
return response.json()
}
})
.then(function(error) {
// Just save the errors
errors = e.errors;
});
}
</script>
<style> .errormessage { color: red; } </style>
<form class="col-sm-12 col-lg-6" on:submit|preventDefault={registerRequest}>
<!-- first one is generic to display generic errors -->
<!-- note the `|| []` part, which makes sure that
`#each` won't throw an error when `errors.generic` doesn't exist -->
{#each (errors.generic || []) as error}
<div class="errormessage" id="generic">{error}</div>
{/each}
<label for="UserEmail">Email address</label>
<input type="email" class="form-control" id="UserEmail" aria-describedby="emailHelp" placeholder="Enter your email here..." bind:value={email}>
<!-- email errors -->
{#each (errors.email || []) as error}
<div class="errormessage" id="email">{error}</div>
{/each}
<label for="UserPassword">Password</label>
<input type="password" class="form-control" id="UserPassword" placeholder="...and your password here" bind:value={password}>
<!-- password errors -->
{#each (errors.password || []) as error}
<div class="errormessage" id="password">{error}</div>
{/each}
<button type="submit" class="btn btn-primary">Register</button>
</form>
Here's a Svelte REPL with that code working. Hope that helps!

I want to submit a form and update the values from the form (Mysql result) without refreshing the whole page

as the title says, I want to submit a form and update the values from the form (Mysql result) without refreshing the whole page.
See Image 1, I want if I press the blue button that the values updated.
Can someone help me?
Thanks.
If you are willing to use newer apis like Promise and fetch, it's super easy and neat.
foo.submit.addEventListener("click", (e) => {
e.preventDefault();
fetch("YOUR_URL", {
method: 'POST',
body: new URLSearchParams({
name: foo.user_name_value,
email: foo.user_mail.value
})
}).then(response => {
return response.json() // assume returning data is in json format, otherwise .text() could be used
}).then(data => {
// deal with return data
}).catch(err => {
// deals with errors
})
})
<form name="foo">
<div>
<label for="name">Name:</label>
<input type="text" id="name" name="user_name">
</div>
<div>
<label for="mail">E-mail:</label>
<input type="email" id="mail" name="user_mail">
</div>
<div>
<button name="submit" type="submit">Send your message</button>
</div>
</form>
Older method XHR shares same idea, but requires a bit more code. You may use axios or so to simplify the process.

Login components in vuejs

I've built a login component with the below code for users to log in the backend is flask and is using flask_login.
const LoginScreen = {
template: `
<div>
<h1>Sign In</h1>
<form id="loginform" class="pure-form">
<fieldset>
<input type="text" name="email" placeholder="email" v-model="logindetails.email"/>
<input type="password" name="password" placeholder="password" v-model="logindetails.password"/>
<button class="pure-button pure-button-primary" v-on:click="login">Login</button>
</fieldset>
</form>
</div>
`,
data: function () {
return {
logindetails:{}
}
},
methods: {
login: function(){
axios.post('/login/',
this.logindetails,
{
headers: {
'Content-type': 'application/json',
'Accept': 'application/json',
'X-CSRF-TOKEN': document.querySelector('#csrftoken').getAttribute('content')
}
}
).then(response => { this.logindetails = {};
this.$router.push({path: '/'});
}
)
.catch(function (error) {
console.log(error);
});
}
}
};
It seems to work correctly (though there are times when it asks me to log in again for seemingly no reason), however the component is putting the submitted form details into the querystring of the url ( example ).
Would anyone be able to tell me what I am doing wrong or, if I am doing this totally incorrectly, point me in the direction of a codebase/guide that is doing logins correctly?
Many thanks in advance.
Take a look at Vue v-on event modifiers to modify the default element behavior.
In your case you can do:
<button #click.prevent="login">Login</button>
Or in the form tag (ensure your submit button is type "submit"):
<form #submit.prevent="login">
with regards to the component is putting the submitted form details into the querystring of the url, the reason is that clicking on the button also trigger submit on the form.
HTML form submits form values to the server.
But normally in JS frameworks like Vue or React, form values are submited through ajax, without any page refresh. So using <form> has not much value here.
2 things you could do in this case
Remove <form> element. it should still works corectly
handle the form submit event.
For e.g.
<form #submit="handleSubmit($event)">
methods: {
handleSubmit:(e) =>{
e.preventDefault();
}
}

Categories

Resources