使用 nodejs 进行电子邮件验证

Email verification with nodejs

我正在尝试在注册时发送一封验证邮件。如果验证有效,数据库中的“已激活”列 table 将更改为“真”。
我可以成功发送邮件,但我认为验证码有问题。
当我按发送到电子邮件的 link 时,我收到“禁止访问”!我会需要一些帮助!提前致谢!

    app.post('/insertuser', function (_req, res) {
    var data = JSON.parse(_req.body.data);
    var username = data.username;
    var age = data.age;
    var password = data.password;
    var fname = data.fname;
    var lname = data.lname;
    var address = data.address;
    var city = data.city;
    var email = data.email;
    var sq = data.sq;
    var answer = data.answer;
    var pnumber = data.pnumber;
    var dataentered = data.dataentered;
    
    var date = new Date();
    var mail = {
    "id": username,
    "created": date.toString()
    }
    secret_code  = sha1(pnumber) //since pnumber is unique;
    
    const token_mail_verification = jwt.sign(mail, secret_code, { expiresIn: '1d' });
    var url = "http://localhost:3000/verify?username=" + token_mail_verification;

    mysqlConnection.connect(function () {
        var query = "Insert into Customer (Username,Age,Password,First_Name,Last_Name,Email,Address,City,Phone_No,SQ,Answer,Date_Entered) values('" + username + "','" + age + "','" + sha1(password) + "','" + fname + "','" + lname + "','" + email + "','" + address + "','" + city + "','" + pnumber + "','" + sq + "','" + answer + "','" + dataentered + "')";
        mysqlConnection.query(query, function (err, results, _fields) {
            if (err) {
                console.log(err);
                res.send('Please try again!');
            }
            else {
                if (results.affectedRows > 0) {
                    var mailOptions = {
                        from: '//myemail',
                        to: email,
                        subject: "Account Verification", 
                        text: "Click on the link below to veriy your account " + url,
                    };
                    transporter.sendMail(mailOptions, function (error, info) {
                        if (error) {
                            console.log(error);
                            //Handle error here
                            res.send('Please try again!');
                        } else {
                            console.log('Email sent: ' + info.response);
                            res.send('Thanks for registering! Please confirm your email! We have sent a link!');
                        }
                    });
                }
                else {
                    console.log("Try again");
                    res.send('Please try again!');
                }

            }
        })
    })
});

验证码

app.get('/verify', function (req, res) {
    token = req.query.id;

    console.log(token)
    if (token) {
        try {
            jwt.verify(token, secret_code, (e, decoded) => {
                if (e) {
                    console.log(e)
                    return res.sendStatus(403)
                } else {
                    id = decoded.id;

                    mysqlConnection.connect(function () {
                        var query = " UPDATE  Customers  SET  Activation = 'True' ; WHERE  Email =" + email;
                        mysqlConnection.query(query, function (err, results, _fields) {
                            if (err) {
                                console.log(err);
                                res.send('Please try again!');
                            }
                            else {
                                console.log("updated Successfully");
                            }
                        })
                    })
                }
            });
        } catch (err) {
            console.log(err)
            return res.sendStatus(403)
        }
    } else {
        return res.sendStatus(403)
    }
});```

你的查询参数命名为用户名而不是 id,所以代码应该是这样的

app.get('/verify', function (req, res) {
    token = req.query.username;

在发送电子邮件之前,您可以将用户电子邮件添加到编码正文中

var mail = {
  username: username,
  email: email,
  created: date.toString()
}

然后你可以解码它来查询用户信息或更新它, 你的 else 块可能看起来像这样

  var email = decoded.email;

  mysqlConnection.connect(function () {
    var query =
      " UPDATE  Customers  SET  Activation = 'True' ; WHERE  Email =" +
      email;
    mysqlConnection.query(query, function (err, results, _fields) {
      if (err) {
        console.log(err);
        res.send("Please try again!");
      } else {
        console.log("updated Successfully");
      }
    });
  });