I'm coding a website using html/css + javascript / jQuery.
Currently, I'm making a registration + login/logout service, but I'm stuck.
Here is my jQuery code for logging in (frontend):
// Login form
$(function() {
$('#login_btn').click(function() {
$.ajax({
url : '/login',
type : 'POST',
dataType : 'json',
data : {
username : $('#login_username').val(),
password : $('#login_password').val()
},
cache : false,
timeout : 5000,
success: function(data) {
if (data.reponse == 'success') {
createCookie('token', data.token, 7);
$.ajax({
url :"/account",
type:'GET',
headers : { "Authorization" : readCookie('token') },
dataType: 'json',
data: {
role: data.role
},
success: function(data, status) {
console.log("Status " + status);
console.log(data);
}
});
}
else {
if (data.msg == 'user not found') {
display_login_alert(false, 'user_not_found');
}
else if (data.msg == 'wrong password') {
display_login_alert(false, 'wrong_password');
}
else {
display_login_alert(false, 'unknown');
}
}
},
error: function() {
display_login_alert(false, 'unknown');
}
});
});
});
Here is my node.js + express + passport code (backend):
app.post('/login', (req, res) => {
User.findOne({
username: req.body.username
}, (err, user) => {
if (err)
throw err;
if (!user) {
res.send({reponse: 'error', msg: 'user not found'});
}
else {
// check if password matches
user.comparePassword(req.body.password, (err, isMatch) => {
if (isMatch && !err) {
// if user is found and password is right create a token
var token = jwt.sign(user, config.secret, { expiresIn: 21600 });
// return the information including token as JSON
res.json({
reponse: 'success',
token: 'JWT ' + token,
profile: user.profile,
role: user.role
});
}
else {
res.send({reponse: 'error', msg: 'wrong password'});
}
});
}
});
});
app.get('/account', passport.authenticate('jwt', { session: false }), (req, res) => {
var token = getToken(req.headers);
if (token) {
jwt.verify(token, config.secret, function(err, decoded){
if (err) {
return res.redirect("/");
}
else if (req.user.role != "Owner") {
return res.redirect("/");
}
else {
req.decoded = decoded;
res.sendFile('/.../account.html'); // /.../ : file path is good
}
});
}
});
The problem is that when I use postman, everything is okay. But when I click on the login button on my website, nothing happens, and there are no error
Can someone help me?
via robin.shin
No comments:
Post a Comment