braitsch / node-login Goto Github PK
View Code? Open in Web Editor NEWA template for quickly building login systems on top of Node.js & MongoDB
Home Page: https://node-login.braitsch.io
License: Other
A template for quickly building login systems on top of Node.js & MongoDB
Home Page: https://node-login.braitsch.io
License: Other
I don't get a confirmation mail on the live-demo page!
Any ideas?
I've just started with nodejs and security.
Checking out the code I saw you store plain password in the cookie. Is it true? Does it introduce a security issue? Is there another way to do it? thanks
Why you don't use mongoose to connect to DB? Could make the application more simple, not?
There are a few fixes that need to be fixed either in here or on your own if you are someone who is looking to use this code.
How to get database connectivity to the MongoDB site and Mongodb file for use locally?
This is a mysql branch of node login great if you can take a look at it.
The registering of two users can overlap such that two users with the same username or email are in the database. I suggest adding an index to the email and username fields in the database.
Error: /home/somenath/node-exp/node-login/app/server/views/layout.jade:1 > 1| !!! 5 2| html 3| head 4| title Node.js Login !!!
is deprecated, you must now use doctype
at Object.Lexer.doctype (/home/somenath/node_modules/jade/lib/lexer.js:248:13) at Object.Lexer.next (/home/somenath/node_modules/jade/lib/lexer.js:833:15) at Object.Lexer.lookahead (/home/somenath/node_modules/jade/lib/lexer.js:113:46) at Parser.lookahead (/home/somenath/node_modules/jade/lib/parser.js:111:23) at Parser.peek (/home/somenath/node_modules/jade/lib/parser.js:88:17) at Parser.parse (/home/somenath/node_modules/jade/lib/parser.js:126:26) at Parser.parse (/home/somenath/node_modules/jade/lib/parser.js:140:24) at parse (/home/somenath/node_modules/jade/lib/jade.js:95:62) at Object.exports.compile (/home/somenath/node_modules/jade/lib/jade.js:152:9) at Object.exports.render (/home/somenath/node_modules/jade/lib/jade.js:256:15)
installed all dependencies.
jade, emailjs,stylus, mongodb, moments.
Would you be able to help me in finding what's going on with the code ? or am I missing something from my end ?
Quickest help would be highly appreciated.
i am getting the following error though i have added email on the email-dispatcher.js
' ERROR : code 5
ERROR : smtp undefined
ERROR : previous Error: getaddrinfo EAI_FAIL [email protected]
at GetAddrInfoReqWrap.onlookup [as oncomplete] (dns.js:64:26) {
errno: 'EAI_FAIL',
code: 'EAI_FAIL',
syscall: 'getaddrinfo',`
I couldn't find this awesome module on NPMjs.org. Is there a npm module for it yet? Thanks.
If a user change username in the account setting page, using firebug for example, can modify the account of other user.
Fix: in the update route use the user from req.session.user instead the req.param('user'),
You may want to look into this. Me=n00b - can't contribute for now. Thanks for sharing.
When app starts, i have this output:
[Error: failed to connect to [localhost:27017]]
I don't know if it's something that I'm doing wrong. Then the app just don't work. :/ please help me if you can.
Thanks. :)
Switch to bcrypt or something that's not badly broken and insecure.
After cloning the code and running the app locally, everything was working great until I created a new user and clicked submit. Instead of creating the user, the app did nothing (unless there was some error in the for, in which case it would alert me that my password wasn't long enough etc.)
User once logged in, goes to another tab and opens localhost:3000 he should see the update and delete page and not the login page.
This is because the file email-dispatcher.js has the following line hardcoded:
var link = 'https://nodejs-login.herokuapp.com/reset-password?e='+o.email+'&p='+o.pass;
If you are testing on localhost:3000 eMail points to the wrong link in herokuapp.com.
You can add this as en external variable also, as you did for EMAIL_HOST,EMAIL_USER and EMAIL_PASS
Regards,
J
Since no one else is getting this, I have a feeling that I am doing something really stupid. Anyways, so I installed this as per instructions (Not very hard considering it was four lines to type), and when I try to run app.js, I get this error:
events.js:72
throw er; // Unhandled 'error' event
^
Error: listen EACCES
at errnoException (net.js:884:11)
at Server._listen2 (net.js:1003:19)
at listen (net.js:1044:10)
at Server.listen (net.js:1110:5)
at Object. (C:\socialdonut\Socket\ap
at Module._compile (module.js:456:26)
at Object.Module._extensions..js (module.js:474
at Module.load (module.js:356:32)
at Function.Module._load (module.js:312:12)
at Function.Module.runMain (module.js:497:10)
Can you help me fix it?
I've done some debugging, but can't trace the problem, probably due to inexperience with node. Problem appears to be in /app/server/router.js (function around line 144).
The callback function(o) inside of AM.updatePassword() doesn't seem to be getting the result of the query, so 'o' is always null when if(o) happens, even though the password was successfully changed, and so an error 400 gets sent instead of 'ok' 200.
Already made a change suggested by someone else to use accounts.findAndModify() instead of accounts.save(), which fixes a Type error being reported to the console, but doesn't change the functionality (password is still successfully changed, but user still sees an inaccurate error "I'm sorry, something went wrong".
app.post('/reset-password', function(req, res) {
...
...
...
AM.updatePassword(email, nPass, function(o){
if (o){ <<-- always null, even when password was successfully changed
res.send('ok', 200);
} else{
res.send('unable to update password', 400);
}
})
});
I made a fork (nogin) as I thought you were no longer maintaining, and I also wanted to refactor so the project could be used as an npm dependency without need for modifying the source.
If you are interested in these changes, I would be happy to collaborate, e.g., in setting up an organization where we could collaborate. (The changes are I feel too substantial for me to re-submit as new PRs here.)
Hi,
How to add a new field in signup page and insert the value to the DB. also need to verify that field with the Login credentials.
Thanks,
Arun
Hi,
I just cloned this project, am getting this issue "[Error: failed to connect to [localhost:27017]]", but sever is listening to the port. I checked with server.js, connection.js files seems everything is fine. Please help me to comeout from this issue.
Hello,
thanks first for your amazing masterpiece of login system.
I just feel compelled to inquire of how to apply this server to my personal front-end login page without pre-existing front login page you've made...
Thank you kindly.
route.js 175 line
Change
AM.deleteAccount(req.body.id, function (e, obj) {"
To
AM.deleteAccount(req.session.user._id, function (e, obj) {"
Looks like you saved the username and password in cookies in plain text? is that safe?
Hi @braitsch,
This project is probably the best mvc login I have seen.
Do you have any plans on expanding on this perhaps a crud way of managing each user like a administration panel?
As what title said.
Express server listening on port 8080 in development mode
connected to database :: login-testing
Error: EACCES, open '/opt/lampp/htdocs/node-login/app/public/css/style.css'
i get this error when i navigate to localhost:8080
In your EmailDispatcher https://github.com/braitsch/node-login/blob/master/app/server/modules/email-dispatcher.js you send reset link lik ethe following:
var link = 'http://node-login.braitsch.io/reset-password?e='+o.email+'&p='+o.pass;
Although that password is hashed I think it's not secure send it to client. It would be more secure as generate another hashed string. What do you think about it?
Hi, the https://nodejs-login.herokuapp.com/ website is down. The reason this repo was successful is because of that quick demo site. Please fix it asap.
I think the reason this site is not working is because heroku discontinued some of its most useful add-ons like mlab database add-on.
Login without remember-me option as It will redirect to /home but even if session is assign then also while re-traversing index page It wont redirect to /home so to Fix this
Inside routes.js replace this function with this function which is below
app.get('/', function(req, res){
// This one is for If session is assign so redirect it
if(req.session.user)
{
res.redirect('/home');
}
// check if the user has an auto login key saved in a cookie //
else if (req.cookies.login == undefined){
res.render('login', { title: 'Hello - Please Login To Your Account { For Exp} ' });
}
else{
// attempt automatic login //
AM.validateLoginKey(req.cookies.login, req.ip, function(e, o){
if (o){
AM.autoLogin(o.user, o.pass, function(o){
req.session.user = o;
res.redirect('/home');
});
} else{
res.render('login', { title: 'Hello - Please Login To Your Account' });
}
});
}
});
i put my mongodb conncetivity link on mongoose.connect('mongodb://localhost/ManualAuth', { useMongoClient: true }); but i cnnot connected with it and also register.ejs register button not working what should i do now.
Hello, what should I do if I wanted to use an external DB? Like something hosted on MongoHQ service
Did you also try to integrate Mongoose?
Hi, i am new to node.js. I wanted to know whether I could link pages to my html pages after user sign in. Because your code is based on jade and js. I tried to include my html page in a jade file I created (index.jade). It still shows "I'm sorry, the page or resource you are searching for is currently unavailable" .
Can I get any suggestion from you?
I've cloned your repo (thanks, btw) afterwards, i've tried:
but i've some problems, and a lot of warns, obviously, it's impossible to run the project. :/
i've tried to run it anyway, so i can get a message error and it seems to be some issue with bycript module.
I would help but i'm such a n00b with node yet. So if you can figure out what's wrong and fix it. it would be awesome!
Have you considered adding a second password input box to verify the user's password?
Also, would be cool if the email address had to be verified.
These two features would make this already excellent module a perfect user login solution.
If you have no plans to add these features in the near future I might have a go myself.
Would be easier for the original author though!
Hi,
What is your license usage for your work?
Thanks,
I don't know how to find the data set in the localhost.
show dbs
admin 0.000GB
config 0.000GB
local 0.000GB
node-login 0.000GB
There is nothing in the database.How to find the data?
Hey,
First of all, thanks for a great example. I have a potential issue with it though. The reset password link looks like this:
'http://node-login.braitsch.io/reset-password?u='+o.pass;
What happens if two users have the same password? The hash should be the same, right, so AM.setPassword should fail on "findOne" in that case.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.