每当我尝试使用查询参数重定向到新网址,然后尝试渲染它时,它都不想渲染。如果我去掉额外的查询参数,页面将呈现得很好。
这些是检查用户登录及其随后显示的个人资料的功能。该函数的目的是将用户的用户名发送到 url 中,然后由配置文件函数获取以填充配置文件 pug 模板。
exports.loginCheck = async (req, res) => {
let usernameStr = req.body.username;
let passwordStr = req.body.password;
var userFound = await User.findOne()
.where("username")
.equals(usernameStr)
.where("password")
.equals(passwordStr)
.select("username email age password answer1 answer2 answer3")
.then((account) => {
console.log(userFound);
res.redirect(`/profile/${account.username}`);
})
.catch((err) => {
console.log(err);
res.render("login", {
errorMsg: 'Username and/or password is incorrect.'
});
});
}
exports.profile = async (req, res) => {
var param = req.params.userP;
var userFound = await User.findOne()
.where("username")
.equals(param)
.select("username email")
.then((user) => {
res.render('profile', {
username: user.username, //I get an error saying cant read '.username', but it will find the user
email: user.email
})
})
}
路线:
app.get('/profile/:userP', routes.profile); //this one doesnt render
app.get('/profile', routes.profile); //this one does render
app.post('/profile/login', urlencodedParser, routes.loginCheck); //the post route after users login
所有这些路线都是为了渲染配置文件哈巴狗模板。
我尝试过执行参数、查询字符串、弄乱发布到个人资料页面的表单路由、在登录功能和个人资料功能上重定向和呈现。我希望通过“/profile/login”路由将数据发布到登录功能,然后使用用户信息或仅将用户名发送到配置文件页面重定向到配置文件页面,以便我可以使用以下内容填充配置文件页面来自我的数据库的用户信息。
您正在将
async/awaitthenvar userFound = await User.findOne() //< async/await return value stored in userFound
//..
//..
.then((account) => { //< Return value stored in account
//..
在 JavaScript 中,异步任务通过回调或使用 Promise then
async/awaitthenasync/awaittry/catch像这样更新你的代码:
exports.loginCheck = async (req, res) => {
try{
const usernameStr = req.body.username;
const passwordStr = req.body.password;
const userFound = await User.findOne()
.where("username").equals(usernameStr)
.where("password").equals(passwordStr)
.select("username email age password answer1 answer2 answer3");
if(!userFound){ //< Will be true if userFound == null
res.render("login", {
errorMsg: 'Username and/or password is incorrect.'
});
}else{ //< userFound has a match so redirect
console.log(userFound);
return res.redirect(`/profile/${userFound.username}`);
}
}catch(err){
console.log(err);
res.render("login", {
errorMsg: 'Internal error on server'
});
}
}
exports.profile = async (req, res) => {
try{
const param = req.params.userP;
const userFound = await User.findOne()
.where("username").equals(param)
.select("username email");
if(!userFound){ //< Will be true if userFound == null
res.render("login", {
errorMsg: 'User not found'
});
}else{ //< userFound has a match so redirect
res.render('profile', {
username: userFound.username,
email: userFound.email
});
}
}catch(err){
console.log(err);
res.render("login", {
errorMsg: 'Internal error on server'
});
}
}
最后,这条路没有任何目的:
app.get('/profile', routes.profile);
您正在将此请求路由到
routes.profilereq.params.userP顺便说一句,没有适当的安全措施。我可以猜出
username/profile/bob123/profile/sally123