Home > other >  MONGODB findOne() needs a variable
MONGODB findOne() needs a variable

Time:10-20

My function is set to find email brought from /login POST method, but I am failing to declare the variable properly, what is the variable to be inserted into the findOne form on app.get('/data')?

I have:

app.post('/login', function (req, res) {
    //console.log(req.body);
    const uri = "mongodb srv://<PRIVATE INFO>.eapnyil.mongodb.net/?retryWrites=true&w=majority";
    const client = new MongoClient(uri, { useNewUrlParser: true, useUnifiedTopology: true, serverApi: ServerApiVersion.v1 });
    const users = client.db("data").collection("users");
    users.findOne({email:req.body.email},function(err,data){
        if(data){
            
            if(data.password==req.body.password){
                //console.log("Logged In.");
                console.log('Email in DB is: '   data.email);
                console.log('Email in form is: '   req.body.email);
                //res.send({"Success":"Success!"});
                res.redirect('/data');
            }else{
                res.send({"Failed with":"Wrong password!"});
            }
        }else{
            res.send({"Try again":"Email not registered!"});
        }
    });
});


app.get('/data', (req, res) => {

    const users = client.db("data").collection("users");
    users.findOne({unique_id:req.session.id})((err, result) => {
    if (err) return console.log(err)
    // renders index.ejs

    res.render('pages/data.ejs', {users: result})
  })
});

and on the login.ejs file the following:

    <p>Login</p>
</div>
<div >
    <form id="form" method="POST" action="/login">
        <input type="text" name="email" placeholder="E-mail" required="" ><br/>
        <input type="password" name="password" placeholder="Password" required="" ><br/>
        <input type="submit" value="Login" >
    </form>
</div>

CodePudding user response:

Not sure why you are redirecting to the /data method when you already have the user to pass to the view.
Try to redirect in /login directly:

app.post('/login', function (req, res) {
  //console.log(req.body);
  const uri =
    'mongodb srv://<PRIVATE INFO>.eapnyil.mongodb.net/?retryWrites=true&w=majority';
  const client = new MongoClient(uri, {
    useNewUrlParser: true,
    useUnifiedTopology: true,
    serverApi: ServerApiVersion.v1,
  });
  const users = client.db('data').collection('users');
  
  users.findOne({ email: req.body.email }, function (err, data) {
    if (data) {
      if (data.password === req.body.password) {
        res.render('pages/data.ejs', {users: data})
      } else {
        res.send({ 'Failed with': 'Wrong password!' });
      }
    } else {
      res.send({ 'Try again': 'Email not registered!' });
    }
  });
});

Also, I suggest you hash the password that you store in the database using libraries like bcrypt.
Storing credentials in plain text is a bad security practice.

CodePudding user response:

app.get('/data', (req, res) => {

    const users = client.db("data").collection("users");
    users.findOne({unique_id:req.session.id},((err, result) => {
    if (err) return console.log(err)
    // renders index.ejs

    res.render('pages/data.ejs', {users: result})
  }))
});

there is a syntax error after {unique_id:req.session.id}, replace ')' for ',' and close ')' correctly

  • Related