I am working on a project and I'm trying to build a login page on nodejs-html by using mysql as database. But my code directly gets to "response.send('Please enter Username and Password!');" part, and shows me that page.(no problem with mysql connection) Why can't i check if the login username and password is right? And go to the next page if true?
var mysql = require('mysql');
var express = require('express');
var session = require('express-session');
var bodyParser = require('body-parser');
var path = require('path');
var connection = mysql.createConnection({
....................
});
connection.connect((err) => {
if(err){
throw err;}
else console.log("connected");
});
var app = express();
app.use(session({
secret: 'secret',
resave: true,
saveUninitialized: true
}));
app.use(bodyParser.urlencoded({extended : true}));
app.use(bodyParser.json());
app.get('/', function(request, response) {
response.sendFile(path.join(__dirname + '/login.html'));
});
app.post('/', function(request, response) {
var username = request.body.user_name;
var password = request.body.pass;
console.log(username);
if (username && password) {
connection.query('SELECT * FROM users WHERE user_name = ? AND pass = ?', [username, password], function(error, results, fields) {
console.log(username);
if (results.length > 0) {
request.session.loggedin = true;
request.session.user_name = username;
response.redirect('/secondPage');
} else {
response.send('Incorrect Username and/or Password!');
}
response.end();
});
} else {
response.send('Please enter Username and Password!');
response.end();
}
});
app.get('/login', function(request, response) {
if (request.session.loggedin) {
response.send('Welcome back, ' + request.session.username + '!');
} else {
response.send('Please login to view this page!');
}
response.end();
});
app.listen(3000);
.body.user_name is undefined that's why
you must have forgot name attribute in your html
input type="text" name="user_name"
also password
<input type="password" name="pass" >
give them suitable name atribute so that body object can access them
Related
My login.component.ts file
How to set cookies in the code to display the username.
login Submit(){
console.log(this.userLogin.value)
this.service.LoginData(this.userLogin.value).subscribe((res)=>{
console.log(res)
this.userLogin.reset()
this.successmsg = res.message
this.Username = this.cookieService.set('username', this.Username)
})
}
I am trying to display the username but it only see me undefined.
api service file
LoginData(data:any):Observable<any>{
return this.http.post(`http://localhost:3000/login`,data)
}
dashboard(){
return this.http.get('http://localhost:3000/dashboard')
}
NodeJS file using MySQL database
app.post('/login', (req, res) => {
const username = req.body.username;
const password = req.body.password;
const query = `SELECT * FROM user WHERE username = '${username}' AND password = '${password}'`;
db.query(query, (error, result) => {
if (error) {
console.log('Error querying database:', error);
res.status(500).send('Error querying database');
} else if (result.length === 0) {
console.log('Invalid username or password');
res.status(401).send('Invalid username or password');
} else {
console.log('Login successful');
res.status(200).send({
message: 'Login successful',
username: username
});
}
});
res.cookie('username',`${username}`)
});
Goal:
I am aiming to teach myself how to use Node JS, MySQL and express.
I'm struggling to understand where to place my code for loading MySQL data into HTML.
Let me show you the whole code.
app.js
var express = require('express');
var mysql = require('mysql');
var dotenv = require('dotenv');
var path = require('path');
var cookieParser = require('cookie-parser');
dotenv.config({path: './.env'});
var app = express();
// Connection to MySQL
var db = mysql.createConnection({
host: process.env.DATABASE_HOST,
user: process.env.DATABASE_USER,
password: process.env.DATABASE_PASSWORD,
database: process.env.DATABASE
});
db.connect(function(error) {
if(error) {
console.log(error);
}
else{
console.log("Connected");
}
});
// Parse URL-Encoded bodies
app.use(express.urlencoded({extended: false}));
// Parse JSON bodies
app.use(express.json());
// Initialize a cookie
app.use(cookieParser());
// View engine to control HTML
app.set('view engine', 'hbs');
// Public dir
var publicDir = path.join(__dirname, './public');
app.use(express.static(publicDir));
// Define routes
app.use('/', require('./routes/pages'));
app.use('/auth', require('./routes/auth'));
app.listen(3000, function() {
console.log("Server is running on port 3000");
});
routes/pages.js
var express = require('express');
var authController = require('../controllers/auth');
var router = express.Router();
// Home
router.get("/", authController.isLoggedIn, function(req,res) {
res.render("index", {
user: req.user
});
});
// Register
router.get("/register", function(req, res) {
res.render("register");
});
// Login
router.get("/login", function(req, res) {
res.render("login");
});
// Profile
router.get('/profile', authController.isLoggedIn, function(req, res) {
if(req.user) {
res.render('profile', {
user: req.user
});
}
else {
res.redirect('login');
}
});
// Forum
router.get('/forums', authController.isLoggedIn, function(req, res) {
if(req.user) {
res.render('forums');
} else {
res.redirect('login');
}
});
// English Division //
// Premier League
router.get('/Leagues/EnglishDivision', authController.isLoggedIn, function(req, res) {
if(req.user) {
res.render('PremierLeague');
} else {
res.redirect('../../login');
}
});
module.exports = router;
routes/auth.js
var express = require('express');
var authController = require('../controllers/auth');
var router = express.Router();
// Register
router.post("/register", authController.register);
// Login
router.post("/login", authController.login);
// Logout
router.get('/logout', authController.logout);
module.exports = router;
controllers/auth.js
var mysql = require('mysql');
var jwt = require('jsonwebtoken');
var bcrypt = require('bcryptjs');
var {promisify} = require('util');
// Connection to MySQL
var db = mysql.createConnection({
host: process.env.DATABASE_HOST,
user: process.env.DATABASE_USER,
password: process.env.DATABASE_PASSWORD,
database: process.env.DATABASE
});
// Register function
exports.register = function(req, res) {
console.log(req.body);
var {name, email, password, passwordConfirm} = req.body;
db.query("SELECT email FROM users WHERE email = ?", [email], function(error, result) {
if(error){
console.log(error);
}
if(result.length > 0) {
return res.render('register', {
message: 'That email is already in use'
})
} else if(password !== passwordConfirm) {
return res.render('register', {
message: 'Passwords do not match'
});
}
let hashedPassword = bcrypt.hashSync(password, 8);
console.log(hashedPassword);
// Insert user details into MySQL
db.query('INSERT INTO users set ?', {name: name, email: email, password: hashedPassword, dateJoined: new Date()}, function(error, result) {
if(error) {
console.log(error);
} else {
console.log(result);
return res.render('register', {
message: 'User registered'
});
}
});
});
}
// Login function
exports.login = function(req, res) {
try {
var {email, password} = req.body;
if(!email || !password) {
return res.status(400).render('login', {
message: 'Please provide an email and password'
});
}
db.query('SELECT * FROM users WHERE email = ?', [email], async function(error, result) {
console.log(result);
if(!result.length > 0 || !(await bcrypt.compare(password, result[0].password))) {
res.status(401).render('login', {
message: 'The email or password is incorrect'
});
}
else {
var id = result[0].id;
// Create a token
var token = jwt.sign({id}, process.env.JWT_SECRET, {
expiresIn: process.env.JWT_EXPIRES_IN
});
console.log("The token is " + token);
// Create a cookie
var cookieOptions = {
expires: new Date(
Date.now() + process.env.JWT_COOKIE_EXPIRES * 24 * 60 * 60 * 1000
),
httpOnly: true
}
// Set up a cookie
res.cookie('jwt', token, cookieOptions);
res.status(200).redirect("/");
}
});
} catch (error) {
console.log(error);
}
}
// Check if logged in
exports.isLoggedIn = async function(req, res, next) {
console.log(req.cookies);
if(req.cookies.jwt){
try {
// Verify the token
var decoded = await promisify(jwt.verify)(req.cookies.jwt, process.env.JWT_SECRET);
console.log(decoded);
// Check if user exist
db.query("SELECT id, name, email, password, date_format(datejoined, '%d/%m/%Y') as dateJoined FROM users WHERE id = ?", [decoded.id], function(error, result) {
console.log(result);
// If no result
if(!result) {
return next();
}
req.user = result[0];
return next();
});
}
catch (e) {
console.log(e);
return next();
}
} else{
next();
}
}
// Logout function
exports.logout = async function(req, res) {
res.clearCookie('jwt');
res.status(200).redirect('/');
}
Question
In my .hbs file called PremierLeague I'd like to load MySQL data in HTML format. Where in the code below I need to start?
Desired goal:
This is when the user clicks into view premier league
Foreach record in MySQL I'd like to add a new card for each record. I know how to use HandleBars {{some.data}}.
I just don't get where I code the query?
Does it needs to be in a controller or can it be in in the router.get(...?
Also how do I use {{#foreach}} correctly ?
You don't need any other specific controller, the right place to code the query is actually the route itself.
But before entering the core of your question, let's talk a while about your code.
I can see you are performing connection to database more than once, you could add database dedicated controller, something like:
controllers/db.js
var mysql = require('mysql');
var dotenv = require('dotenv');
dotenv.config({path: './.env'});
// Connection to MySQL
var db = mysql.createConnection({
host: process.env.DATABASE_HOST,
user: process.env.DATABASE_USER,
password: process.env.DATABASE_PASSWORD,
database: process.env.DATABASE
});
function connect(done) {
db.connect(done);
}
module.exports = { db: db, connect: connect };
this let you access to the database instance from every file with just one line:
var db = require('./controllers/db').db;
than you could use the connect function in your app:
app.js
var express = require('express');
var db = require(./controllers/db);
var path = require('path');
var cookieParser = require('cookie-parser');
// set up your server
var app = express();
// Parse URL-Encoded bodies
app.use(express.urlencoded({extended: false}));
// Parse JSON bodies
app.use(express.json());
// Initialize a cookie
app.use(cookieParser());
// View engine to control HTML
app.set('view engine', 'hbs');
// Public dir
var publicDir = path.join(__dirname, './public');
app.use(express.static(publicDir));
// Define routes
app.use('/', require('./routes/pages'));
app.use('/auth', require('./routes/auth'));
// finally run your server only if you can connect to the database
db.connect(function(error) {
if(error) return console.log("Error connecting to the database:", error);
app.listen(3000, function() {
console.log("Server is running on port 3000");
});
});
you could also simplify you controllers/auth.js removing database connection stuff and using only the line to require your database controller.
Finally you can code your query:
routes/pages.js
var express = require('express');
var authController = require('../controllers/auth');
var db = require('../controllers/db').db;
var router = express.Router();
// Omissis... other routes
// Premier League
router.get('/Leagues/EnglishDivision', authController.isLoggedIn, function(req, res) {
// a good practice is first to handle possible exit cases to reduce nesting levels
if(! req.user) return res.redirect('../../login');
// this is actually the right place to perform queries
db.query('SELECT ...', [...], function(error, results) {
// once again first possible exit cases
if(error) return res.status(500).end(error.message)
res.render('PremierLeague', { results: results });
});
});
module.exports = router;
Last in your PremierLeague.hbs file you can handle the results in a #foreach directive.
Just pass your data when you render the view
router.get('/Leagues/EnglishDivision', authController.isLoggedIn, function(req, res) {
if(req.user) {
connection.query('SELECT * FROM EnglishDivision',function (err,results) {
if (err) throw err;
res.render('PremierLeague',{data: results});
});
} else {
res.redirect('../../login');
}
});
then in the .hbs file
{{#each data}}
<div class="card">
<h3>{{this.someData}}</h3>
<h2>{{this.someData}}</h2>
</div>
{{/each}}
I'm getting into node.js and decided to create a user account management system using MySQL as the back-end. On LocalHost it is working fine. I then tried to replicate this on my live website. I installed nvm, npm, node and all the dependencies. Now, on local host all I have to do is "node login.js" and everything works. On the live website it is a different story. I cannot seem to figure out how to get the POST endpoints to work.
An example of this...
<form action="auth" method="POST">
should allow for this javascript to run
app.post('/auth', function(request, response) {
On the HostGator terminal I have installed all my dependencies, also Apache is available on HostGator but I am not using it, should I?
"dependencies": {
"bcrypt-nodejs": "0.0.3",
"bcryptjs": "^2.4.3",
"body-parser": "^1.19.0",
"express": "^4.16.4",
"express-session": "^1.16.1",
"express-sessions": "^1.0.6",
"mysql": "^2.17.1",
"nan": "^2.14.0"
I use "node login.js" to start the server
Here is my full code with some credentials **** out
HTML
<div class="accounts-form">
<h1>Login Form</h1>
<form action="auth" method="POST">
<input type="text" name="username" placeholder="Username" required maxlength="50">
<input type="password" name="password" placeholder="Password" required maxlength="255">
<input type="submit">
<h4> Sign Up </h4>
</form>
</div>
JavaScript
var mysql = require('mysql');
var express = require('express');
var session = require('express-session');
var bodyParser = require('body-parser');
var path = require('path');
var bcrypt = require('bcryptjs');
const saltRounds = 14;
var connection = mysql.createConnection({
**********
});
var app = express();
app.use(session({
secret: ****************,
resave: true,
saveUninitialized: true
}));
app.use(bodyParser.urlencoded({
extended: true
}));
app.use(bodyParser.json());
app.get('/', function(request, response) {
response.sendFile(path.join(__dirname + '/login.html'));
});
app.post('/user', function(request, response) {
var username = request.body.username;
var password = request.body.password;
var password2 = request.body.password2;
var email = request.body.email;
if (password == password2) {
if (username && password && email) {
bcrypt.hash(password, saltRounds, function(error, hash) {
var sql = "INSERT INTO accounts (username, password, email ) VALUES ( ? , ? , ?)";
connection.query(sql, [username, hash, email], function(error, results, fields) {
if (error) throw error;
console.log("1 record inserted");
response.redirect('/login');
})
});
};
} else {
console.log("Password not identical.");
};
});
app.post('/auth', function(request, response) {
var username = request.body.username;
var password = request.body.password;
if (username && password) {
connection.query('SELECT password FROM accounts WHERE username = ?', [username], function(error, hash) {
bcrypt.compare(password, hash[0].password, function(error, res) {
if (res) {
request.session.loggedin = true;
request.session.username = username;
response.redirect('/home');
} else {
response.send('Incorrect Username and/or Password!');
}
response.end();
});
});
} else {
response.send('Please enter Username and Password!');
response.end();
}
});
app.get('/signup', function(request, response) {
response.sendFile(path.join(__dirname + '/signup.html'));
});
app.get('/login', function(request, response) {
response.sendFile(path.join(__dirname + '/login.html'));
});
app.get('/home', function(request, response) {
if (request.session.loggedin) {
response.send('Welcome back, ' + request.session.username + '!');
} else {
response.send('Please login to view this page!');
}
response.end();
});
app.listen(3742);
It is resulting in a 404 error whenever I hit the submit button
Error
<form action="/auth" method="POST">
because you defined and not auth
app.post('/auth', function(request, response) {
I got this simple code from a tutorial to a sample login html form to detect if user and the password are on my database for a user register or not.
this code can detect the email if exist but not the password.
what's wrong in here?
var express = require('express');
var app = express();
var server = require('http').createServer(app);
bodyParser = require('body-parser');
var mysql = require('mysql');
var connection = mysql.createConnection({
host: 'localhost',
database: 'chmult',
user: 'root',
password: '',
});
users = [];
connections = [];
app.get('/', function(req, res){
res.sendFile(__dirname + '/');
});
app.use(bodyParser.urlencoded({
extended: true
}));
/**bodyParser.json(options)
* Parses the text as JSON and exposes the resulting object on req.body.
*/
app.use(bodyParser.json());
connection.connect();
app.post('/', function(req, res){
var username= req.body.user.username;
var password = req.body.user.password;
connection.query('SELECT * FROM tesko WHERE username = ?',[username], function (error, results, fields) {
if (error) {
// console.log("error ocurred",error);
res.send({
"code":400,
"failed":"error ocurred"
})
}else{
// console.log('The solution is: ', results);
if(results.length >0){
if([0].password == password){
res.send({
"code":200,
"success":"login sucessfull"
});
}
else{
res.send({
"code":204,
"success":"Email and password does not match"
});
}
}
else{
res.send({
"code":204,
"success":"Email does not exits"
});
}
}
});
});
app.listen(3231);
console.log('Example app listening at port:3231');
my html forms
<form method="post" action="">
<input type="text" name="user[username]">
<input type="text" name="user[password]">
<input type="submit" value="Submit">
</form>
</html>
The column names on my table are (username,password). Both are varchar and I tried with other table that have md5. Still can't detect the password.
this bit of code looks suspicious:
if(results.length >0){
if([0].password == password){
res.send({
"code":200,
"success":"login sucessfull"
});
}
particularly [0].password I'd expect that to be undefined.
[0] is an array literal here, instead of an index into an array. You probably want results[0].password instead, judging by the line before it.
I'm trying to use PassportJS to authenticate requests on my site, but it's not working. When I trying to login nothing happening. I'm using MYSQL database to store the user datas and I didn't find a tutorial for this.
APP.JS:
var session = require('express-session');
var routes = require('./routes');
var sha1 = require('sha1');
var cookieParser = require('cookie-parser');
var bodyParser = require('body-parser');
var flash = require('connect-flash');
var RedisStore = require('connect-redis')(session);
var passport = require('passport');
var LocalStrategy = require('passport-local').Strategy;
app.use(cookieParser()); // read cookies (needed for auth)
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({
extended: true
}));
app.use(session({
store: new RedisStore({
host: '127.0.0.1',
port: 6379,
prefix: 'sess'
}),
resave: true,
saveUninitialized: true,
secret: 'xxxxxxx'
}));
app.use(passport.initialize());
app.use(passport.session());
app.use(flash());
passport.use('local-login', new LocalStrategy({
usernameField: 'email',
passwordField: 'password'
},
function(username, password, done){
var connection = mysql.createConnection(
{
host : sql.host,
user : sql.user,
password : sql.password,
database : sql.db_users
}
);
console.log(username);
console.log(password);
connection.connect();
var queryUserCheck = 'SELECT userID, email, password, users WHERE email = "' + username + '"';
connection.query(queryUserCheck, function(err, rows, field) {
if(err){
res.status(500).end(err);
console.log(err);
connection.end();
}else{
user = rows[0];
userID = rows[0].userID;
console.log('Checkpoint 1');
if(!user) { return done(null, false, {message: 'The user is not exist'});}
else if(sha1(password) != user.password) { return done(null, false, {message: "Wrong password"});}
else{
console.log('Checkpoint 2');
return done(null, user);}
connection.end();
}
});
}
));
passport.serializeUser(function(user, done) {
console.log('serializeUser');
done(null, user.id);
});
passport.deserializeUser(function(id, done) {
User.findById(id, function(err, user) {
done(err, user);
});
});
routes.init(app, passport);
I'm actually not really understand the above 2 function. I know it's need to attach and deattach the user from the session, but do I need to change anything on these functions to make it customized or just leave as is?
Router:
exports.init = function(app, passport){
app.post('/login', login);
app.get('/logout', logout);
app.get('/userinfo', checkAuth, require('./users/users/userDetails'));
function login(req, res, next){
passport.authenticate('local-login', function(err, user, info){
if(err){
return next(err);
}
console.log('Authentication is successfull');
});
}
function logout(req, res){
if(req.isAuthenticated()){
req.logout();
req.session.messages = "Log out successfully";
}
res.writeHead(200, { 'Content-Type': 'application/json'});
res.end(true);
}
function checkAuth(req, res, next){
if(req.isAuthenticated) return next();
else{
res.status(401).end("Not Authorized!");
}
}
};
Could somebody help me what I missed? Thank you so much.