URL Parameters for accessing files using JavaScript
Question
In my node.js project I have a server.js and a folder "views" that has a file called index.html, so right now when someone goes to example.com (or example.com/index.html ) they go to index.js, well I'm trying to secure it so that only via specific links access is granted, for example
example.com -> takes you to access_denied.html and example.com/client={code-that-i-assign} example example.com/client=th9wdn298n3d2
I tried doing it with URLparams but I couldn't, can someone help me with a solution to this problem?
function api() {
const apikey = "";
const searchselect = window.location.search;
const urlsearchparams = URLSearchParams(searchselect);
urlsearchparams.has(apikey).then(return true);
}
2 answers
solution1
2 ACCPTED 2021-01-14 10:58:16
I think to undertand that you want to check if there is a get variable in the url like a token for enter and use a determinate pages, for to do that you must use the express middleware before the the middleware that serve the page in your server.js file, like:
app.use(function (req, res, next) { // controlla il token
const foo = req.query.foo;
if (foo !== 'MAGIC_KEY' /* or what control you want to do */) next(Error('Nope'));
else next();
});
app.use(express.static(path.join(__dirname, 'public')));
and call the page whit this param /?foo=MAGIC_KEY
EDIT with your code:
const path = require("path");
const express = require("express");
const app = express();
// make all the files in 'public' available
// https://expressjs.com/en/starter/static-files.html
app.use(express.static("public"));
// this is the code I writed before
app.use(function (req, res, next) { // /?foo=MAGIC_KEY
const foo = req.query.foo;
if (foo !== 'MAGIC_KEY') next(Error('Nope'));
else next();
});
// This is the middleware that serve the index
// https://expressjs.com/en/starter/basic-routing.html
app.get("/", (request, response) => {
response.sendFile(__dirname + "/views/index.html");
});
app.use(express.static(path.join(__dirname + "/views/gg.txt")));
const listener = app.listen(process.env.PORT, () => {
console.log("Your app is listening on port " + listener.address().port);
});
solution2
0 2021-01-15 13:08:14
In this particular instance, you could manage the requests one by one, however it usually isn't a great solution. Just replace \key to whatever you need. If you land on example.com it will respond with access-denied.html , however, requesting example.com/key for instance will get you to the index.
const path = require("path");
const express = require("express");
const app = express();
// This is the middleware that serve the index
app.get("/", (request, response) => {
response.sendFile(__dirname + "/public/access-denied.html");
});
app.get("/key", (request, response) => {
response.sendFile(__dirname + "/public/index.html");
});
app.use(express.static(path.join(__dirname + "/public/gg.txt")));
const listener = app.listen(process.env.PORT, () => {
console.log("Your app is listening on port " + listener.address().port);
});
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.