Email verification with nodejs
Question
I'm trying to send a verification email when signing up. If the verification works the column "Activated" in a database table will change to "True".
I can send the email successfully but I think there's something wrong with the verification code.
When I press the link sent to the email I get "Forbidden"! I would use some help! Thanks in advance!
app.post('/insertuser', function (_req, res) {
var data = JSON.parse(_req.body.data);
var username = data.username;
var age = data.age;
var password = data.password;
var fname = data.fname;
var lname = data.lname;
var address = data.address;
var city = data.city;
var email = data.email;
var sq = data.sq;
var answer = data.answer;
var pnumber = data.pnumber;
var dataentered = data.dataentered;
var date = new Date();
var mail = {
"id": username,
"created": date.toString()
}
secret_code = sha1(pnumber) //since pnumber is unique;
const token_mail_verification = jwt.sign(mail, secret_code, { expiresIn: '1d' });
var url = "http://localhost:3000/verify?username=" + token_mail_verification;
mysqlConnection.connect(function () {
var query = "Insert into Customer (Username,Age,Password,First_Name,Last_Name,Email,Address,City,Phone_No,SQ,Answer,Date_Entered) values('" + username + "','" + age + "','" + sha1(password) + "','" + fname + "','" + lname + "','" + email + "','" + address + "','" + city + "','" + pnumber + "','" + sq + "','" + answer + "','" + dataentered + "')";
mysqlConnection.query(query, function (err, results, _fields) {
if (err) {
console.log(err);
res.send('Please try again!');
}
else {
if (results.affectedRows > 0) {
var mailOptions = {
from: '//myemail',
to: email,
subject: "Account Verification",
text: "Click on the link below to veriy your account " + url,
};
transporter.sendMail(mailOptions, function (error, info) {
if (error) {
console.log(error);
//Handle error here
res.send('Please try again!');
} else {
console.log('Email sent: ' + info.response);
res.send('Thanks for registering! Please confirm your email! We have sent a link!');
}
});
}
else {
console.log("Try again");
res.send('Please try again!');
}
}
})
})
});
Verification Code
app.get('/verify', function (req, res) {
token = req.query.id;
console.log(token)
if (token) {
try {
jwt.verify(token, secret_code, (e, decoded) => {
if (e) {
console.log(e)
return res.sendStatus(403)
} else {
id = decoded.id;
mysqlConnection.connect(function () {
var query = " UPDATE Customers SET Activation = 'True' ; WHERE Email =" + email;
mysqlConnection.query(query, function (err, results, _fields) {
if (err) {
console.log(err);
res.send('Please try again!');
}
else {
console.log("updated Successfully");
}
})
})
}
});
} catch (err) {
console.log(err)
return res.sendStatus(403)
}
} else {
return res.sendStatus(403)
}
});```
2 answers
solution1
1 ACCPTED 2021-03-10 12:21:02
your query parameter is named username not id so the code should like this
app.get('/verify', function (req, res) {
token = req.query.username;
solution2
0 2021-03-10 13:21:58
before sending the email you can add the user email to the coded body
var mail = {
username: username,
email: email,
created: date.toString()
}
and then you can decode it to query the user info or update it, your else block could look something like this
var email = decoded.email;
mysqlConnection.connect(function () {
var query =
" UPDATE Customers SET Activation = 'True' ; WHERE Email =" +
email;
mysqlConnection.query(query, function (err, results, _fields) {
if (err) {
console.log(err);
res.send("Please try again!");
} else {
console.log("updated Successfully");
}
});
});
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.