页面呈现数据后,res.redirect无法正常工作
[英]res.redirect not working after the page is rendered with data
问题描述
I have a simple functionality of forget password, that when user requests for change in password he recieves an email with token and his email on clicking of it he will be redirected to a page which will take his new passwords. 
我有一个简单的忘记密码功能,即当用户请求更改密码时,他会收到一封带有令牌的电子邮件,而单击该电子邮件时,他将被重定向到使用新密码的页面。
What I do is when I click on a link in the email , server gets the request and a function take data out of the link renders the page with data (using res.render) and then it should redirect to the rendered page. 我要做的是,当我单击电子邮件中的链接时,服务器收到请求,并且函数从链接中取出数据,使用数据渲染页面(使用res.render),然后它将重定向到渲染的页面。
The problem I am facing is when I click on link I am getting data and page rendered but I can't let res.redirect() to work. 我面临的问题是,当我单击链接时,我正在获取数据和页面,但是我无法让res.redirect()正常工作。
my link looks like this 我的链接看起来像这样
http://localhost:3000/api/resetpassword?_csrf=ab8aa6a41567f817330e3e0a214725f8b2f88b487d5bef16f162e033c6a63dc41933511ddb79cb44ca049f472b3e0c593dbbaf&email=dummyEmail%2540dumyurl.ca
And then I get the request on server using app.get(). 然后,我使用app.get()在服务器上收到请求。
app.get('/api/resetpassword', Admin.resetPasswordPage);
and my rendering and redirecting function looks like this; 我的渲染和重定向功能看起来像这样;
resetPasswordPage: function (req, res, next) {
req.query.email = decodeURIComponent(req.query.email) ;
res.render('resetPassword', {
Email: req.query.email,
Csrf : req.query._csrf,
}, function (err, html) {
console.log("TESTING HTML ", html);
if (!err)
res.redirect("/resetPassword");
});
}
Rendering is successful as I am getting complete HTML of the page in the html parameter, but the question is how to redirect to that page. 渲染成功,因为我在html参数中获取了页面的完整HTML,但问题是如何重定向到该页面。 That page is made in EJS and its in views folder. 该页面在EJS及其“ views”文件夹中创建。
1 个解决方案
解决方案1
2 已采纳 2013-07-17 17:56:17
It sounds like you want this flow: 听起来像您要这样的流程:
- User clicks link to
/api/resetpassword...用户点击链接到/api/resetpassword... - express runs the
resetPasswordPagefunction快速运行resetPasswordPage函数 -
resetPasswordPageresponds with the reset password form HTML page, pre-filled out based on the query parametersresetPasswordPage以重置密码表单HTML页面resetPasswordPage响应,该页面根据查询参数预先填写 - I think at this point you don't like the URL in the browser address bar, which is why you think you need a redirect. 我认为目前您不喜欢浏览器地址栏中的URL,这就是为什么您认为需要重定向的原因。 But you need those query string parameters, and if you do a redirect to just
/resetPassword, you'll lose them.但是,您需要这些查询字符串参数,如果仅重定向到/resetPassword,则会丢失它们。 So you either have to live with the URL (which I would recommend as it's the simplest) or rely on session state and the session cookie.因此,您要么必须使用URL(我建议使用它,因为它是最简单的),要么必须依赖会话状态和会话cookie。 However, marking the session with something like passwordResetOK=trueprobably exposes you to a whole bunch of CSRF attacks that the_csrfquery string parameter is there to prevent.但是,使用passwordResetOK=true类的标记会话可能会使您遭受一堆CSRF攻击,而_csrf查询字符串参数可以防止这些攻击。 - You don't need any redirect here, the browser has the form. 您在这里不需要任何重定向,浏览器具有表格。 Next step is for the user to fill out the form and submit it with
<form method="post" action="/resetPassword">下一步是用户填写表单并使用<form method="post" action="/resetPassword"> - Browser does
POST /resetPassword浏览器执行POST /resetPassword - express routes that to another function that changes the password and then either sends back a success page or redirects to the home page or whatever 将路由表达到另一个更改密码的功能的路由,然后发送回成功页面或重定向到主页或任何其他内容
So long story short is I think you just need to accept the URL being what it is and you don't need a redirect in here until after the password reset operation completes. 长话短说,我想您只需要接受URL本身就是什么,在密码重置操作完成之前,您不需要在此处进行重定向。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.