Saturday, 13 May 2017

Node.js + express + passport (backend) / jQuery (frontend)

I'm coding a website using html/css + javascript / jQuery.

Currently, I'm making a registration + login/logout service, but I'm stuck.

Here is my jQuery code for logging in (frontend):

// Login form
$(function() {
  $('#login_btn').click(function() {
    $.ajax({
      url : '/login',
      type : 'POST',
      dataType : 'json',
      data : {
        username : $('#login_username').val(),
        password : $('#login_password').val()
      },
      cache : false,
      timeout : 5000,

      success: function(data) {
        if (data.reponse == 'success') {
          createCookie('token', data.token, 7);
          $.ajax({
            url :"/account",
            type:'GET',
            headers : { "Authorization" : readCookie('token') },
            dataType: 'json',
            data: {
              role: data.role
            },

            success: function(data, status) {
              console.log("Status " + status);
              console.log(data);
            }
          });
        }
        else {
          if (data.msg == 'user not found') {
            display_login_alert(false, 'user_not_found');
          }
          else if (data.msg == 'wrong password') {
            display_login_alert(false, 'wrong_password');
          }
          else {
            display_login_alert(false, 'unknown');
          }
        }
      },

      error: function() {
        display_login_alert(false, 'unknown');
      }
    });
  });
});

Here is my node.js + express + passport code (backend):

app.post('/login', (req, res) => {
  User.findOne({
    username: req.body.username
  }, (err, user) => {
    if (err)
    throw err;
    if (!user) {
  res.send({reponse: 'error', msg: 'user not found'});
    }
    else {
      // check if password matches
      user.comparePassword(req.body.password, (err, isMatch) => {
        if (isMatch && !err) {
          // if user is found and password is right create a token
          var token = jwt.sign(user, config.secret, { expiresIn: 21600 });
          // return the information including token as JSON
          res.json({
            reponse: 'success',
            token: 'JWT ' + token,
            profile: user.profile,
            role: user.role
          });
        }
        else {
          res.send({reponse: 'error', msg: 'wrong password'});
        }
      });
    }
  });
});

app.get('/account', passport.authenticate('jwt', { session: false }), (req, res) => {
  var token = getToken(req.headers);
  if (token) {
    jwt.verify(token, config.secret, function(err, decoded){
      if (err) {
        return res.redirect("/");
      }
      else if (req.user.role != "Owner") {
        return res.redirect("/");
      }
      else {
        req.decoded = decoded;
        res.sendFile('/.../account.html'); // /.../ : file path is good
      }
    });
  }
});

The problem is that when I use postman, everything is okay. But when I click on the login button on my website, nothing happens, and there are no error

Can someone help me?



via robin.shin

No comments:

Post a Comment