javascript - 我收到 403 错误,需要知道如何修复它
问题描述
我正在研究 Node.js,并且是第一次学习会话。我正在关注有关会话的视频,当我尝试使用 localhost:3000/signup 进行注册时出现 403 错误。我将 {"username": "sebastian", "password": "password"} 传递给注册 API。我的 app.js 身份验证给了我一个 403 错误,我不知道为什么。你能帮忙吗?我真的需要快速帮助。
应用程序.js
var express = require('express');
var User = require('../models/user')
var router = express.Router();
router.use(express.json())
/* GET users listing. */
router.get('/', function(req, res, next) {
res.send('respond with a resource');
});
router.post('/signup', (req, res, next) => {
User.findOne({username: req.body.username})
.then((user) => {
if(user != null) {
var err = new Error('User ' + req.body.username + ' already exists!');
err.status = 403;
next(err);
}
else {
return User.create({
username: req.body.username,
password: req.body.password});
}
})
.then((user) => {
res.statusCode = 200;
res.setHeader('Content-Type', 'application/json');
res.json({status: 'Registration Successful!', user: user});
}, (err) => next(err))
.catch((err) => next(err));
});
router.post('/login', (req, res, next) => {
if(!req.session.user) {
var authHeader = req.headers.authorization;
if (!authHeader) {
var err = new Error('You are not authenticated!');
res.setHeader('WWW-Authenticate', 'Basic');
err.status = 401;
return next(err);
}
var auth = new Buffer.from(authHeader.split(' ')[1], 'base64').toString().split(':');
var username = auth[0];
var password = auth[1];
User.findOne({username: username})
.then((user) => {
if (user === null) {
var err = new Error('User ' + username + ' does not exist!');
err.status = 403;
return next(err);
}
else if (user.password !== password) {
var err = new Error('Your password is incorrect!');
err.status = 403;
return next(err);
}
else if (user.username === username && user.password === password) {
req.session.user = 'authenticated';
res.statusCode = 200;
res.setHeader('Content-Type', 'text/plain');
res.end('You are authenticated!')
}
})
.catch((err) => next(err));
}
else {
res.statusCode = 200;
res.setHeader('Content-Type', 'text/plain');
res.end('You are already authenticated!');
}
})
router.get('/logout', (req, res) => {
if (req.session) {
req.session.destroy();
res.clearCookie('session-id');
res.redirect('/');
}
else {
var err = new Error('You are not logged in!');
err.status = 403;
next(err);
}
});
module.exports = router;
用户型号代码
var mongoose = require('mongoose');
var Schema = mongoose.Schema;
var User = new Schema({
username: {
type: String,
required: true,
unique: true
},
password: {
type: String,
required: true
},
admin: {
type: Boolean,
default: false
}
});
module.exports = mongoose.model('User', User);
用户路线代码
var express = require('express');
var User = require('../models/user')
var router = express.Router();
router.use(express.json())
/* GET users listing. */
router.get('/', function(req, res, next) {
res.send('respond with a resource');
});
router.post('/signup', (req, res, next) => {
User.findOne({username: req.body.username})
.then((user) => {
if(user != null) {
var err = new Error('User ' + req.body.username + ' already exists!');
err.status = 403;
next(err);
}
else {
return User.create({
username: req.body.username,
password: req.body.password});
}
})
.then((user) => {
res.statusCode = 200;
res.setHeader('Content-Type', 'application/json');
res.json({status: 'Registration Successful!', user: user});
}, (err) => next(err))
.catch((err) => next(err));
});
router.post('/login', (req, res, next) => {
if(!req.session.user) {
var authHeader = req.headers.authorization;
if (!authHeader) {
var err = new Error('You are not authenticated!');
res.setHeader('WWW-Authenticate', 'Basic');
err.status = 401;
return next(err);
}
var auth = new Buffer.from(authHeader.split(' ')[1], 'base64').toString().split(':');
var username = auth[0];
var password = auth[1];
User.findOne({username: username})
.then((user) => {
if (user === null) {
var err = new Error('User ' + username + ' does not exist!');
err.status = 403;
return next(err);
}
else if (user.password !== password) {
var err = new Error('Your password is incorrect!');
err.status = 403;
return next(err);
}
else if (user.username === username && user.password === password) {
req.session.user = 'authenticated';
res.statusCode = 200;
res.setHeader('Content-Type', 'text/plain');
res.end('You are authenticated!')
}
})
.catch((err) => next(err));
}
else {
res.statusCode = 200;
res.setHeader('Content-Type', 'text/plain');
res.end('You are already authenticated!');
}
})
router.get('/logout', (req, res) => {
if (req.session) {
req.session.destroy();
res.clearCookie('session-id');
res.redirect('/');
}
else {
var err = new Error('You are not logged in!');
err.status = 403;
next(err);
}
});
module.exports = router;
解决方案
我想到了。当我应该去 localhost:3000/users/signup 时,我要去 localhost:3000/signup。
推荐阅读
- ios - 在文本字段swift中附加逗号作为用户输入
- javascript - RxJS - 哪个运算符可以结合最近 N 个事件的历史?
- facebook - 为什么即使在应用审核后也无法获取 Facebook 事件?
- string - 串行数据从连续字符串读取并解析为变量(Arduino)
- c# - 知道我将使用syncfusion来制作我的UI控件,学习Windows窗体或WPF会更好吗?
- c# - 如何从 UserControl 实时获取结果?
- amazon-web-services - Terraform 中的相对路径
- php - SOAP:过程“helloRequest”不存在
- html - 水平滚动条 - 面板内无法容纳信息?
- codeigniter - 在代码点火器中更改登录用户的密码