I need to validate user input. The user can enter a full to header for an email message, so it may look like any of the following:
user#example.com
<user#example.com>
User <user#example.com>
"User" <user#example.com>
user#example.com, User2 <user2#example.com>
..etc. All of the above are valid To fields.
However, when user input is something like this:
user#example.com, not_an_email, User <user.example.com>
Then I want to respond with an error for the last 2 emails.
It's not a problem for me to check a plain email address for validity, but the extra String and braces <> I am a bit clueless about at the moment.
Related
enter image description here
I'm trying to login as a user on my website and it's giving me this error, I can register the user and search for it in the login as many times as I want if the password and username are correct, however when there is an error in the user name or password it happens this in postman and even putting the right password and username it does not show the information and stays like this. Only returning to normal when I restart the server.
enter image description here
I'm a beginner and I'm learning, so I don't know what's wrong, thank you in advance for your attention.
The error generally means that you can not send HTTP headers multiple times.
It occurs when username does not match because in line 24 you send status(401) but then code flow continues, trying to send another status() later.
It occurs when password does not match because in line 32 you send status(401), code flow continues and then in the next line (34) you try to send status(201). The last call might send you to the exception handler (catch ..) in which you also try to send another status(500)
to avoid this, you might try:
if (!user) {
return res.status(401).json('wrong credentials');
}
//... get password hash from DB...
if (password !== req.body.password) {
return res.status(401).json('wrong credentials');
}
return res.status(201).json(user);
Important sidenote:You should NEVER encrypt/decrypt passwords.
Store password hashes instead and only ever compare hashes. Use bcrypt!
I have a form which takes the user email and password. I have setup validation with express validator which checks if the user email and password are empty and if email is a valid email as shown below.
const loginSchema = [
body("email")
.isEmail()
.withMessage("email must contain a valid email address")
.notEmpty()
.withMessage("please enter email"),
body("password").notEmpty().withMessage("please enter password"),
];
When testing in postman, if a user was to submit the form without entering email and password, it displays all error messages. How do I use conditionals with express validator to make it so that isEmail() withMessage is only called if the request body email is not empty?
From express-validator docs:
If the option onlyFirstError is set to true, then only the first error for each field will be included.
So you basically have to do this instead
validationResult(req).array({ onlyFirstError: true })
Alternatively, you can use the following to have the errors from a request be a map from field path to first error of that field:
validationResult(req).mapped()
The problem is that in my User Schema I defined 3 inputs: name, surname and email. What if i want passport to make the user logged in only by email and password without writing name and surname?
There isn't a defined way to do sign in
And for your question no sign in is done by inputting everything found in userschema its normally email/username and password
As long as the inputs (email/username) are unique your good to go
To do that
Just search for the row where email:req.body.email
And then once you have this row compare do
If(row.password.equals(req.body.password)
If true do your cookie or whatever your gonna do
I am using SendGrid in Node.js to send emails to a group of people. THe list is something we maintain on our website. I want the to (aka recipient) field in the email header to show the group email address (e.g., my_group#my_website.com), instead of the recipient email address (e.g., bob#gmail.com). This allow us to separate direct emails from group emails.
In other words, if I receive an email from the group, it should be addressed to the group (e.g., my_group#my_website.com) instead of me in the email header.
When we used Google Groups, we would get the email sent to [group_email]#googlegroups.com, instead of my email address. Below are examples of what happens when an email is sent through Google Groups. I would like some help on replicating that.
This image shows the information associated with a Google Groups email I received. The to field is set to the Google Groups email address, instead of my Gmail address.
I thought it might be just a Google thing, but my Aol email also displays the Google Groups email as for the to field.
This is how we are currently sending the email. I understand I can set the to field to anything. However, if I change that to the group email (e.g., my_group#my_website.com), where would we be putting the email addresses of the recipients?
return sgMail.send({
to: recipient,
from: DEFAULT_SENDER,
subject: renderedMessage.subject,
html: renderedMessage.html,
text: renderedMessage.text,
mailSettings: MAIL_SETTINGS
});
I figured it out. You just need to BCC (or CC) all the recipients and set the to field to the group email address.
It would look like:
return sgMail.send({
to: "my_group#mywebsite.com",
bcc: recipients,
from: DEFAULT_SENDER,
subject: renderedMessage.subject,
html: renderedMessage.html,
text: renderedMessage.text,
mailSettings: MAIL_SETTINGS
});
I want to make a Meteor app where users can only create an account if their email ends with #mydomain.com.
In the end, they would actually only need to enter their username and not the #mydomain.com part.
So, the create user field would look like:
Name: __________
eMail: __________#mydomain.com
Password: __________
Renter: __________
How would I go about doing this?
You use accounts package: meteor add accounts-password.
Then you would configure it in server-side code (http://docs.meteor.com/#accounts_config): Accounts.config({restrictCreationByEmailDomain:'mydomain.com'});
And then use Accounts.createUser in combination with custom UI that autofills the email domain part.
I'm assuming you're using Meteor's built-in accounts management packages. To limit signups to mydomain.com email addresses, put the following in server-side code:
Accounts.validateNewUser(function(user) {
if (/#mydomain\.com$/.test(user.emails[0].address.toLowerCase())) {
return true;
} else {
throw new Meteor.Error(403, "Email domain not allowed.");
}
});
As for helping them with adding the #mydomain.com, write some client-side code that validates the field in the login form where they enter their username. If it lacks an #, tack #mydomain.com onto the end of it before the form gets submitted.