I am just started with nodejs with react frontend. But I have some issue while authenticating user. I am trying to fetch user with specific email and password. My api for this is as follows:
I have created three files controller, services and router files for any api request.
//userServices.js
const db = require('./../../db-connection/connection')
userAuth: (params, callback) => {
db.query(`SELECT * FROM Users WHERE email = ?`,[params.email],
(error, result, fields) => {
if(!error) {
console.log('result = ' + result[0]);
return callback(error, result[0])
}
else
return callback(error)
});
}
And this is my userController js file.
//userController.js
const {create, userindex, userAuth} = require('./UserServices');
const {genSaltSync, hashSync, compareSync} = require('bcrypt');
const {sign} = require('jsonwebtoken');
userLoginAuth: (req, res) => {
const body = req.body;
userAuth(body, (error, results) => {
if (error)
console.log(error);
if (!results) {
return res.json({
success: 0,
data: 'Invalid email or password'
})
}
const result = compareSync(body.password, results.password);
if(!result) {
results.password = undefined;
const jsontoken = sign({result: results}, 'choegyel123', {
expiresIn: '1h'
});
return res.json({
success: 1,
message: 'Login successful',
token: jsontoken
})
} else
console.log('password' + result.password)
return res.json({
success: 0,
error: 'Invalid email or password'
});
});
}
But the problem is in userServices.js file. My sql query is correctly executed but in callback for the ' results ' i am getting weird object. I think I should get some array of corresponding data from the database table and in my console log I am getting [object object]. I am not sure what does this actually mean and I am also all sure this is a blocker, since I cannot retrive password with this object in my userController. Any help would be greatly appreciated. Thanks!
Issues
compareSync returns a boolean with true indicating correct password. You're using if(!result) which is the reverse.
Make sure your {} are correct on the else
You're logging result.password which is undefined because result is your compareSync return value. You meant to log results.password. Avoid using result and results for two different things because it makes it easy to make these mistakes. Something like bcryptResult and resultObj might be better.
When you console.log(), pass data as the second argument or make a second log because concatenating objects always shows [object Object].
Updated snippet
const result = compareSync(body.password, results.password);
if(result) {
results.password = undefined;
const jsontoken = sign({result: results}, 'choegyel123', {
expiresIn: '1h'
});
return res.json({
success: 1,
message: 'Login successful',
token: jsontoken
})
} else {
console.log('password', results.password)
return res.json({
success: 0,
error: 'Invalid email or password'
});
}
Related
I am trying to make login functionality
While I was creating the login function like this
login: (req,res) => {
const body = req.body;
getUserByEmail(body.email,(err,results)=>{
if(err){
console.log(err);
}
if(!results){
return res.json({
sucess: 0,
data: "Invalid email or password 1"
});
}
console.log(body.pw);
console.log(results.pw);
const result = compareSync(body.pw,results.pw);
console.log(result)
if(result){
results.pw = undefined;
const jsontoken = sign({result: results},"1234413",{
expiresIn: "1h"
});
return res.json({
sucess: 1,
message: "login sucessfully",
token: jsontoken
});
}else{
return res.json({
sucess: 0,
data: "Invalid email or password2"
});
}
});
}
Terminal Answer
I console log the body.pw and results.pw but seems like it give me same strings but
I was not sure why it gives me false result even if I have same string for body.pw and results.pw
compareSync compares a password with a hash. You first need to hash the password before comparing it with the plain-text password.
First run
bcrypt.hash(myPlaintextPassword, saltRounds).then(function(hash) {
// Store hash in your password DB.
});
Then you can compare
bcrypt.compare(myPlaintextPassword, hash).then(function(result) {
// result == true
});
I'm trying to get a product by id. Now when I tried this with postman it worked perfectly fine no problems whatsoever. But, when I tried to get the data with Angular it didn't work it keeps saying 404 not found I don't know what's the problem. Please if anyone knows tell me. Any help will be appreciated. Here's my code.
express.js:
route:
router.get("/get-product/:id", async (req, res) => {
await fetchProductById(req, res);
});
utils:
const fetchProductById = async (req, res) => {
const id = req.params.id;
const prod = await Product.findOne({_id: id});
if (prod) {
if (prod.length == 0)
res.status(200).json({
message: "No Products",
success: true,
});
else {
res.status(200).json({
prod,
success: true,
});
}
} else {
res.status(400).json({
prod,
message: "couldn't find any product",
id: req.id,
success: false,
});
}
};
Angular:
now the angular service:
getProductById(id: any){
return this.http.get<Products[]>(
environment.api + "products/get-product?id="+id
)
}
subscribing to the service inside a component:
let id = this.route.snapshot.params.id;
this._product.getProductById(id).subscribe(
(data: Products[])=>{
console.log(data)
},
error => {
console.log("there has been an error trying to fetch this product: "+id)
}
)
You used a query parameter instead of an url parameter. It should be "products/get-product/"+id:
getProductById(id: any){
return this.http.get<Products[]>(
environment.api + "products/get-product/"+id
)
}
I'm making an API. When I send correct data for login, I get JSON but when I send incorrect data, I get this [object object] message, why?
When the correct information is provided.
Here is my code.
router.route('/login').post(function (req, res, next) {
console.log('i should be here when path match to login', req.body);
UserModel.findOne({
username: req.body.username,
})
.exec(function (err, user) {
if (err) {
return next(err);
}
if (user) {
var passwordMatch = passwordHash.verify(req.body.password, user.password);
if (passwordMatch) {
var token = generateToken(user);
res.status(200).json({
user: user,
token: token
});
} else {
next({
message: "password didnot match",
status: 400
})
}
} else {
next({
message: 'Invalid Username',
status: 400
})
}
});
});
The value [Object object] has nothing to do with the data you sent. This has to do with the way you print the value.
[Object object] means you have received an object. The value of type usually returned when you either concatinate the object with string.
Example:
var obj = {a: 1};
console.log('Printing ' + obj); // Prints [object object]
So, instead of concatinating the object, you can stringify the object and print it.
Example
var obj = {a: 1};
console.log('Printing ' + JSON.stringify(obj)); // Prints {"a":1}
Or
var obj = {a: 1};
console.log('Printing ', obj); // Prints formatted {"a":1}
res.status(200).json({
user: user,
token: token
});
This is how you are sending on success. You are formatting response as JSON.
But on failure, you are returning plain JS Object. Formatting failure responses as JSON object will solve your problem.
You can do this without using next. Try this code, It will work straight away!
router.route('/login').post(function (req, res, next) {
console.log('i should be here when path match to login', req.body);
UserModel.findOne({
username: req.body.username,
})
.exec(function (err, user) {
if (err) {
console.log(err);
res.status(500).json({message:'Backend error'})
}
if (user) {
var passwordMatch = passwordHash.verify(req.body.password, user.password);
if (passwordMatch) {
var token = generateToken(user);
res.status(200).json({
user: user,
token: token,
message:'Login successful'
});
} else {
res.status(400).json({message:'Wrong password'})
}
} else {
res.status(400).json({message:'User does not exist'})
}
});
});
I'm trying to get a single email from an Office 365 Mailbox.
I'm sending the email id to my app via a POST (req.body.id) and then calling this code in order to get some email properties:
router.post('/id', async function(req, res, next) {
console.log("email with ID -> ", req.body.id)
let parms = { title: 'Inbox', active: { inbox: true } };
const accessToken = await authHelper.getAccessToken(req.cookies, res);
const userName = req.cookies.graph_user_name;
if (accessToken && userName) {
parms.user = userName;
// Initialize Graph client
const client = graph.Client.init({
authProvider: (done) => {
done(null, accessToken);
}
});
try {
const result = await client
.api('/me/messages/', req.body.id)
.select('id,subject,from,toRecipients,ccRecipients,body,sentDateTime,receivedDateTime')
.get();
parms.messages = result.value;
console.log("email -> ", result.value);
res.render('message', parms);
} catch (err) {
parms.message = 'Error retrieving messages';
parms.error = { status: `${err.code}: ${err.message}` };
parms.debug = JSON.stringify(err.body, null, 2);
res.render('error', parms);
}
} else {
// Redirect to home
res.redirect('/');
}
});
At the moment, result.value contains all of the messages in the mailbox instead of just the message with provided id.
Could someone tell me where my error is, please?
The api method has a single path parameter. Calling it like .api('/me/messages/', req.body.id) is effectivly sending it a path ("/me/messages/") along with an additional parameter it ignores.
You need to send it a single string so you'll need to append the req.body.id to the path ({path} + {id}):
const result = await client
.api('/me/messages/' + req.body.id)
.select('id,subject,from,toRecipients,ccRecipients,body,sentDateTime,receivedDateTime')
.get();
I have recently been developing a MERN application and I have recently came into the trouble that express is saying that I am setting headers after they are sent.
I am using mongo db and trying to update a user profile.
I have tried to comment out my res.send points to find the issue but I have failed to do so.
Here is my post method for updating the user profile:
app.post("/api/account/update", (req, res) => {
const { body } = req;
// Validating and Checking Email
if (body.email) {
var email = body.email;
email = email.toLowerCase();
email = email.trim();
body.email = email;
User.find(
{
email: body.email
},
(err, previousUsers) => {
if (previousUsers.length > 0) {
return res.send({
success: false,
message:
"Error: There is already another account with that email address"
});
} else {
}
}
);
}
// Validating Names Function
function checkName(name) {
var alphaExp = /^[a-zA-Z]+$/;
if (!name.match(alphaExp)) {
return res.send({
success: false,
message: "Error: Names cannot contain special characters or numbers"
});
}
}
checkName(body.firstName);
checkName(body.lastName);
// Making sure that all fields cannot be empty
if (!body.email && !body.firstName && !body.lastName) {
return res.send({
success: false,
message: "Error: You cannot submit nothing"
});
}
// Getting User ID from the current session
UserSession.findById(body.tokenID, function(err, userData) {
// Finding User ID using the current users session token
if (userData.isDeleted) {
return res.send({
success: false,
message:
"Error: Session token is no longer valid, please login to recieve a new one"
});
}
// Deleting the token ID from the body object as user table entry doesnt store tokens
delete body.tokenID;
// Finding the user profile and updating fields that are present
User.findByIdAndUpdate(userData.userId, body, function(err, userInfo) {
if (!err) {
return res.send({
success: true,
message: "Success: User was updated successfully"
});
}
});
});
});
This is the call that I am doing to the backend of the site:
onUpdateProfile: function(fieldsObj) {
return new Promise(function(resolve, reject) {
// Get Session Token
const obj = getFromStorage("the_main_app");
// Defining what fields are getting updated
fieldsObj.tokenID = obj.token;
// Post request to backend
fetch("/api/account/update", {
method: "POST",
headers: {
"Content-Type": "application/json"
},
body: JSON.stringify(fieldsObj)
})
.then(res => {
console.log("Verify Token - Res");
return res.json();
})
.then(json => {
console.log("Verify Token JSON", json);
if (json.success) {
window.location.href = `/manage-account?success=${json.success}`;
} else {
window.location.href = `/manage-account?success=${json.success}`;
}
});
});
}
Here is my error message that I am getting:
Error: Can't set headers after they are sent.
at validateHeader (_http_outgoing.js:491:11)
at ServerResponse.setHeader (_http_outgoing.js:498:3)
at ServerResponse.header (C:\Users\kieran.corkin\Desktop\Projects\Mern Template Final\mern-cra-and-server\server\node_modules\express\lib\response.js:767:10)
at ServerResponse.send (C:\Users\kieran.corkin\Desktop\Projects\Mern Template Final\mern-cra-and-server\server\node_modules\express\lib\response.js:170:12)
at ServerResponse.json (C:\Users\kieran.corkin\Desktop\Projects\Mern Template Final\mern-cra-and-server\server\node_modules\express\lib\response.js:267:15)
at ServerResponse.send (C:\Users\kieran.corkin\Desktop\Projects\Mern Template Final\mern-cra-and-server\server\node_modules\express\lib\response.js:158:21)
at C:\Users\kieran.corkin\Desktop\Projects\Mern Template Final\mern-cra-and-server\server\routes\api\account.js:270:22
at C:\Users\kieran.corkin\Desktop\Projects\Mern Template Final\mern-cra-and-server\server\node_modules\mongoose\lib\model.js:4641:16
at process.nextTick (C:\Users\kieran.corkin\Desktop\Projects\Mern Template Final\mern-cra-and-server\server\node_modules\mongoose\lib\query.js:2624:28)
at _combinedTickCallback (internal/process/next_tick.js:131:7)
at process._tickCallback (internal/process/next_tick.js:180:9)
[nodemon] app crashed - waiting for file changes before starting...
Can anyone help me with this?
EDIT
I have changed my code, this seems to now work however I feel like its a little messy when put together. Any refactoring tips?
Code:
app.post("/api/account/update", (req, res) => {
// Preform checks on data that is passed through
const { body } = req;
var messages = {
ExistedUser:
"Error: There is already another account with that email address",
NameFormat: "Error: Names cannot contain special characters or numbers",
BlankInputs: "Error: You cannot submit nothing",
accountLoggedOut:
"Error: Session token is no longer valid, please login to recieve a new one",
successfullyUpdated: "Success: User was updated successfully"
};
var usersFound;
if (body.email) {
var email = body.email;
email = email.toLowerCase();
email = email.trim();
body.email = email;
User.find(
{
email: body.email
},
(err, UserCount) => {
usersFound = UserCount;
}
);
}
function capitalize(text) {
return text.replace(/\b\w/g, function(m) {
return m.toUpperCase();
});
}
if (body.firstName) {
body.firstName = capitalize(body.firstName);
}
if (body.lastName) {
body.lastName = capitalize(body.lastName);
}
//Making sure that all fields cannot be empty
if (!body.email && !body.firstName && !body.lastName) {
return res.send({
success: false,
message: messages.BlankInputs
});
}
// Getting User ID from the current session
UserSession.findById(body.tokenID, function(err, userData) {
// Finding User ID using the current users session token
if (userData.isDeleted) {
return res.end({
success: false,
message: messages.accountLoggedOut
});
}
if (userData) {
// Deleting the token ID from the body object as user table entry doesnt store tokens
delete body.tokenID;
// Finding the user profile and updating fields that are present
User.findByIdAndUpdate(userData.userId, body, function(err, userInfo) {
if (userInfo) {
if (!usersFound.length > 0) {
return res.send({
success: true,
message: messages.successfullyUpdated
});
} else {
return res.send({
success: false,
message: messages.ExistedUser
});
}
}
});
}
});
});
You're calling res.send() twice. res.send() ends the process. You ought to refactor such that you call res.write() and only call res.send() when you're done.
This StackOverflow link describes the difference in more detail. What is the difference between res.send and res.write in express?
I believe this is happening, as you're trying to send a response after the first / initial response has already been sent to the browser. For example:
checkName(body.firstName);
checkName(body.lastName);
Running this function twice is going to try and yield 2 different "response" messages.
The product of a single route, should ultimately be a single response.
Thanks for all your help on this issue.
Here is my final code that allowed it to work.
I have also tried to "refactor" it too. Let me know if you'd do something else.
app.post("/api/account/update", (req, res) => {
const { body } = req;
console.log(body, "Logged body");
// Defining objects to be used at the end of request
var updateUserInfo = {
userInfo: {},
sessionToken: body.tokenID
};
var hasErrors = {
errors: {}
};
// Checking that there is at least one value to update
if (!body.email && !body.firstName && !body.lastName) {
var blankError = {
success: false,
message: "Error: You cannot change your details to nothing"
};
hasErrors.errors = { ...hasErrors.errors, ...blankError };
} else {
console.log("Normal Body", body);
clean(body);
console.log("Cleaned Body", body);
updateUserInfo.userInfo = body;
delete updateUserInfo.userInfo.tokenID;
}
// Function to check if object is empty
function isEmpty(obj) {
if (Object.keys(obj).length === 0) {
return true;
} else {
return false;
}
}
// Function to remove objects from body if blank
function clean(obj) {
for (var propName in obj) {
if (obj[propName] === "" || obj[propName] === null) {
delete obj[propName];
}
}
}
// Checking and Formatting Names Given
function capitalize(text) {
return text.replace(/\b\w/g, function(m) {
return m.toUpperCase();
});
}
if (body.firstName) {
body.firstName = capitalize(body.firstName);
}
if (body.lastName) {
body.lastName = capitalize(body.lastName);
}
// Checking and formatting email
if (body.email) {
body.email = body.email.toLowerCase();
body.email = body.email.trim();
// Checking for email in database
User.find({ email: body.email }, (err, EmailsFound) => {
if (EmailsFound.length > 0) {
var EmailsFoundErr = {
success: false,
message: "There is already an account with that email address"
};
hasErrors.errors = { ...hasErrors.errors, ...EmailsFoundErr };
}
});
}
// Getting User Session Token
UserSession.findById(updateUserInfo.sessionToken, function(err, userData) {
// Finding User ID using the current users session token
if (userData.isDeleted) {
var userDeletedError = {
success: false,
message:
"Your account is currently logged out, you must login to change account details"
};
hasErrors.errors = { ...hasErrors.errors, ...userDeletedError };
} else {
// Finding the user profile and updating fields that are present
User.findByIdAndUpdate(
userData.userId,
updateUserInfo.userInfo,
function(err, userInfo) {
// userInfo varable contains user db entry
if (err) {
var updateUserError = {
success: false,
message: "Error: Server Error"
};
hasErrors.errors = {
...hasErrors.errors,
...updateUserError
};
}
if (isEmpty(hasErrors.errors)) {
res.send({
success: true,
message: "Success: You have updated your profile!"
});
} else {
res.send({
success: false,
message: hasErrors.errors
});
}
}
);
}
});
});