D
D
Danil2014-12-24 18:01:24
JavaScript
Danil, 2014-12-24 18:01:24

How to properly organize the site robot on nodejs?

I am developing a small application, but I have no experience in server-side programming. Node.js application, ejs templating engine.
It is necessary that it be like this:
1. At the entrance it asks for a login / password.
2. If true - shows the main page.
3. The user enters data, sends it via ajax.
4. The server, having received a request, changes the appearance of this page (the data on it).
What is now:
On entry ("/") index.js:

router.get('/', function(req, res) {
  if (req.signedCookies.rememberme == 'registered') {
    var register = true
    res.render('index', { register:register });
  } else {
    var register = false;
    res.render('index', { register:register });
  }
});

Template code:
<% if (register == false) { %>
    <%= include login.ejs %>
  <% } %>
  
  <% if (register == true) { %>
    <%= include main.ejs %>
  <% } %>

The user gets to login.ejs because he is not logged in. There he enters a login / password and a reconciliation with the database takes place. If there is such a user with a password, I write a cookie:
res.cookie('ImRegistered', 'registered', { maxAge: 900000, signed: true })

And I refresh the page. Now index.js lets us in (sees that we are logged in by cookie) and we get the content page. To log out, I delete cookies.
Is this correct, or are they going to hell for this?
Now point 4 is needed. How can I change an already rendered page? After I gave the 1st race
res.render('index', { register:register, somevar: 'someval' });

The 2nd call of the same code does not work. How can I update anything? For example, I want to update main.ejs which is included in the page.

Answer the question

In order to leave comments, you need to log in

3 answer(s)
R
Rikcon, 2014-12-24
@Veneomin

Authorization through cookies - holes are safe, especially since they are not even obfuscated.
From the cookie name ImRegistered and signed, you can understand why it is needed and substitute your value.
Use sessions https://github.com/expressjs/session

K
Konstantin Kitmanov, 2014-12-25
@k12th

Offtopic: terrible code. First, don't declare variables in conditional blocks. Secondly, don't you see that you have the same thing written twice?

router.get('/', function(req, res) {
    res.render('index', { register:  req.signedCookies.rememberme == 'registered' })  
});

S
smanioso, 2014-12-24
@smanioso

Read this way - passportjs.org

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question