I started to develop a little web site in NodeJS, with admin authentication based on https://github.com/DanialK/Simple-Authentication, it work very well.
I can create a user, login with it and see the private page (dashboard). But I have a problem with my template (I'm using Nunjucks), when the admin come to his dashboard I just wan't to show :
logged as : 'admin_username'.
This is my code :
Model :
const UserSchema = new mongoose.Schema({
username: String,
email: String,
password: String,
salt: String,
hash: String
})
Model definition :
const User = mongoose.model('user', UserSchema)
My route :
router.route('/admin/dashboard', requiredAuthentication)
.get((req, res) => {
console.log("################ GET DASHBOARD ##################")
requiredAuthentication(req, res, function() {
User.find().then(user => {
res.render('admin/dashboard.njk', {user: user})
console.log(user)
}).catch(err => {
console.error(err)
})
})
})
So I send "user", should be used in my template :
{% extends "base/layout.njk" %}
{% block content %}
admin:dashboard page <br /><br /><br />
{% if sessionFlash.message %}
<div class="{{ sessionFlash.type }}">
{{ sessionFlash.message }}
</div>
{% endif %}
You are logged as : {{ user.username }}
{% endblock %}
With user.username I can't get the username. With user only I get the entire document from the DB, username, email, salt, hash.
This is the result of the console.log(user) from the route :
[ { _id: 58c58ad8a5e54c00117ce85b,
username: 'test',
email: 'test',
salt: '/71BBVmr8E3b/HUz8L89IWLV7xM/vG9nvJRGzQYPw4dwR8GICr0kJtGs8dqwNzsMU7yki9aa2WM7C2NRxf/ausw+4kyiLojfugYzdrh+6obBq5HcZPZfQq+djwsTyyd+CDPJ/EmbUQyIL1yM7lRLfkhfrCIZ9P1mJZZM9fv4thw=',
hash: '��F\u0000\u000b ��a�\u001c|A˓P�N&��\u0010�5ajd�7{c �@�mQ����&��W�rW\'�+������\u0013����������N�4�y>/1��R\u001ca>���=U�u<9�T�o" \u000b�����Ʌ^�\u0004\u001f��\u0007�B`A�d���N@M$���',
__v: 0 } ]
Don't know if this is important, there is the two function used for authentication : requiredAuthentication and authenticate :
function authenticate(name, pass, fn) {
if (!module.parent) console.log('authenticating %s:%s', name, pass);
User.findOne({
username: name
},
function (err, user) {
if (user) {
if (err) return fn(new Error('cannot find user'));
hash(pass, user.salt, function (err, hash) {
if (err) return fn(err);
if (hash == user.hash) return fn(null, user);
fn(new Error('invalid password'));
});
} else {
return fn(new Error('cannot find user'));
}
});
}
function requiredAuthentication(req, res, next) {
console.log("#### ->REQUIREDAUTHENTICATION() ####")
if (req.session.user) {
console.log("#### AUTH NEXT() ####")
next();
} else {
console.log("#### AUTH DIE() ####")
req.session.sessionFlash = {
type: 'alert alert-success',
message: 'You can't access the dashboard'
}
res.redirect('/admin/account/login');
}
}
Thanks for helping me, if you wan't additional informations ask me.
Looks like that user object is actually an array with 1 item. You can tell by that leading [ in the console.log output. To fix the issue, you can either pass in user[0] to your render function, or add a for loop to your template in case you'll be grabbing multiple users later on.