search

oracle / node-oracledb

Oracle Database driver for Node.js maintained by Oracle Corp.
http://oracle.github.io/node-oracledb/
Other
2.25k stars 1.07k forks source link

i need help with node.js and oracledb #1123

Closed DarkNeku closed 5 years ago

DarkNeku commented 5 years ago

Hi, I have been with this code for a few days and the truth is already making me crazy, the problem is that after asking I knew that I am wrong when executing the function that validates because it is not synchronic, the issue is that I do not know where I should put the code of the async function ... the code is

var express = require('express');
var session = require('express-session');
var bodyParser = require('body-parser');
var path = require('path');
var moment = require('moment');
var oracledb = require('oracledb');
var bcrypt = require('bcrypt');
var jwt = require('jsonwebtoken');
var async = require('async');
var conexion = require(__dirname + '/conexion.js')

var app = express();
app.use(session({
    secret: 'secret',
    resave: true,
    saveUninitialized: true
}));
app.use(bodyParser.urlencoded({extended : true}));
app.use(bodyParser.json());

app.get('/', function(request, response) {
    response.sendFile(path.join(__dirname + '/login.html'));
});

app.post('/auth', function(request, response) {
    var nombre = request.body.nombre;
    var password = request.body.password;   
        connection.execute('SELECT * FROM camaras.usuario WHERE nombre = ? AND password = ?', 
            [nombre, password], 
            function(error, results, fields) {
            if (results.length > 0) {
                request.session.loggedin = true;
                request.session.nombre = nombre;
                response.redirect('/home');
            } else {
                response.send('usuario y contraseña incorrecto!');
            }           
            response.end();
        });

});

app.get('/home', function(request, response) {
    if (request.session.loggedin) {
        response.send('Welcome back, ' + request.session.nombre + '!');
    } else {
        response.send('Please login to view this page!');
    }
    response.end();
});

app.listen(3000);
anthony-tuininga commented 5 years ago

I'd suggest looking at this blog series for ideas on how to write this sort of application.

dmcghan commented 5 years ago

You've already posted this code. I pointed out several issues, including:

  1. Security issues storing passwords in cleartext
  2. No connection pool
  3. Wrong syntax for bind variables

None of which has been addressed. Why is that?

Also, your description of the problem is hard to understand:

the problem is that after asking I knew that I am wrong when executing the function that validates because it is not synchronic, the issue is that I do not know where I should put the code of the async function

What do you mean by "the function that validates"? What is the "the code of the async function" you're referring to?

What generally helps us to help you is a reproducible test case. This means you should provide us with everything we need to reproduce your problem so that we can help. In your case, this would mean that you should give us a script that creates the user table and inserts some test data. Then you should provide all the Node.js code. You're not showing us all the code because we can't see where the connection comes from.

Did you read the blog series that Anthony and I suggested?

cjbj commented 5 years ago

Closing - no activity.