0

Im trying to add reset password feature.User enters username,email and full name,when these values match data from database ,password is changed,otherwise an error is shown. This is what im doing-

app.post("/reset",function(req,res){
User.findByUsername(req.body.username).then(function(sanitizedUser){
if (sanitizedUser){
    sanitizedUser.setPassword(req.body.password, function(){
        sanitizedUser.save();
        req.flash("success","password resetted");
            res.redirect("/login");
    });
} else {
    req.flash("error","User doesnt exist");
            res.redirect("/reset");
}
},function(err){
    console.log(err);res.redirect("/");
});

});

But i want to compare more than just the username,i want to compare email and name of the user too.And when i add- User.find({username:req.body.username},{email:req.body.email},{name:req.body.name})and enter some wrong data,the page just keeps reloading rather than showing an error. What changes should i make to do that?Please help.

Im using express,nodejs,mongodb

Improve this question
2
  • Are you using Passport? passportjs.org Commented Apr 26, 2017 at 17:20
  • Yes,im using Passport @DanGreen-Leipciger Commented Apr 26, 2017 at 17:37

2 Answers 2

Reset to default
1

You have a redirect loop.

In the case of !sanitizedUser you redirect to the same page res.redirect('/reset').

This is causing your page to keep reloading.

You should change the line:

res.redirect('/reset')

to

res.status(500).send('Some useful error message')

Improve this answer
Sign up to request clarification or add additional context in comments.

13 Comments

its still not working,btw did you take that into consideration that im using multiple creteria for searching (as i mentioned at the end of question)
Have you tried with the values hard coded? i.e. User.find({username:"dan"},{email:"[email protected]"},{name:"Dan Green-Leipciger"})?
How can i try that? if i change the code as you said,the password might change ,but how would i know,since password is saved as some salt and hash
First of all, you should not be touching the password here. You need to email a reset token with an expiry time. Have the user click a link with that token as a get parameter, check for that in your route and only then allow them to reset the password.
yes,the hash and salt changed ,i think that means the password changed
|
0 
if(req.body.username && req.body.email && req.body.name && req.body.password){

    //add logic to hash password below
    let hashedPassword = req.body.password;


    Model.findOneAndUpdate(
        { username : req.body.username, email : req.body.email, name : req.body.name },
        { "$set" : { password : hashedPassword } },
        //if below option "new" is set to true, call back will return new document else it will return old document beforeupdate
        { new : true },
        //call back
        function(err, person){
            if(err){
                //err found
                res.send(err);
            }
            else{
                // no error and also person exists
                res.send('Password successfully updated..');
            }
        }
    );
}
else{
    res.send('Please provide all details..');
}
Improve this answer

16 Comments

It is showing 'Password successfully updated..',but the new password doesnt work and the old one does
If you do console.log(person) in success Else part, do u get a person object? Which password does it show?
And also i noticed that after changing the password,now i can see the password in normal english when i find the user in mongodb,before it just used to show salt and hash
The commend where I have mentioned add logic for hash password, you need to get hashed password in there so that it will be saved in encrypted format in dB..
Okay.Is that also the reason that the new password isnt getting saved?
|

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.