使用 nodejs 进行电子邮件验证
Email verification with nodejs
我正在尝试在注册时发送一封验证邮件。如果验证有效,数据库中的“已激活”列 table 将更改为“真”。
我可以成功发送邮件,但我认为验证码有问题。
当我按发送到电子邮件的 link 时,我收到“禁止访问”!我会需要一些帮助!提前致谢!
app.post('/insertuser', function (_req, res) {
var data = JSON.parse(_req.body.data);
var username = data.username;
var age = data.age;
var password = data.password;
var fname = data.fname;
var lname = data.lname;
var address = data.address;
var city = data.city;
var email = data.email;
var sq = data.sq;
var answer = data.answer;
var pnumber = data.pnumber;
var dataentered = data.dataentered;
var date = new Date();
var mail = {
"id": username,
"created": date.toString()
}
secret_code = sha1(pnumber) //since pnumber is unique;
const token_mail_verification = jwt.sign(mail, secret_code, { expiresIn: '1d' });
var url = "http://localhost:3000/verify?username=" + token_mail_verification;
mysqlConnection.connect(function () {
var query = "Insert into Customer (Username,Age,Password,First_Name,Last_Name,Email,Address,City,Phone_No,SQ,Answer,Date_Entered) values('" + username + "','" + age + "','" + sha1(password) + "','" + fname + "','" + lname + "','" + email + "','" + address + "','" + city + "','" + pnumber + "','" + sq + "','" + answer + "','" + dataentered + "')";
mysqlConnection.query(query, function (err, results, _fields) {
if (err) {
console.log(err);
res.send('Please try again!');
}
else {
if (results.affectedRows > 0) {
var mailOptions = {
from: '//myemail',
to: email,
subject: "Account Verification",
text: "Click on the link below to veriy your account " + url,
};
transporter.sendMail(mailOptions, function (error, info) {
if (error) {
console.log(error);
//Handle error here
res.send('Please try again!');
} else {
console.log('Email sent: ' + info.response);
res.send('Thanks for registering! Please confirm your email! We have sent a link!');
}
});
}
else {
console.log("Try again");
res.send('Please try again!');
}
}
})
})
});
验证码
app.get('/verify', function (req, res) {
token = req.query.id;
console.log(token)
if (token) {
try {
jwt.verify(token, secret_code, (e, decoded) => {
if (e) {
console.log(e)
return res.sendStatus(403)
} else {
id = decoded.id;
mysqlConnection.connect(function () {
var query = " UPDATE Customers SET Activation = 'True' ; WHERE Email =" + email;
mysqlConnection.query(query, function (err, results, _fields) {
if (err) {
console.log(err);
res.send('Please try again!');
}
else {
console.log("updated Successfully");
}
})
})
}
});
} catch (err) {
console.log(err)
return res.sendStatus(403)
}
} else {
return res.sendStatus(403)
}
});```
你的查询参数命名为用户名而不是 id,所以代码应该是这样的
app.get('/verify', function (req, res) {
token = req.query.username;
在发送电子邮件之前,您可以将用户电子邮件添加到编码正文中
var mail = {
username: username,
email: email,
created: date.toString()
}
然后你可以解码它来查询用户信息或更新它,
你的 else 块可能看起来像这样
var email = decoded.email;
mysqlConnection.connect(function () {
var query =
" UPDATE Customers SET Activation = 'True' ; WHERE Email =" +
email;
mysqlConnection.query(query, function (err, results, _fields) {
if (err) {
console.log(err);
res.send("Please try again!");
} else {
console.log("updated Successfully");
}
});
});
我正在尝试在注册时发送一封验证邮件。如果验证有效,数据库中的“已激活”列 table 将更改为“真”。
我可以成功发送邮件,但我认为验证码有问题。
当我按发送到电子邮件的 link 时,我收到“禁止访问”!我会需要一些帮助!提前致谢!
app.post('/insertuser', function (_req, res) {
var data = JSON.parse(_req.body.data);
var username = data.username;
var age = data.age;
var password = data.password;
var fname = data.fname;
var lname = data.lname;
var address = data.address;
var city = data.city;
var email = data.email;
var sq = data.sq;
var answer = data.answer;
var pnumber = data.pnumber;
var dataentered = data.dataentered;
var date = new Date();
var mail = {
"id": username,
"created": date.toString()
}
secret_code = sha1(pnumber) //since pnumber is unique;
const token_mail_verification = jwt.sign(mail, secret_code, { expiresIn: '1d' });
var url = "http://localhost:3000/verify?username=" + token_mail_verification;
mysqlConnection.connect(function () {
var query = "Insert into Customer (Username,Age,Password,First_Name,Last_Name,Email,Address,City,Phone_No,SQ,Answer,Date_Entered) values('" + username + "','" + age + "','" + sha1(password) + "','" + fname + "','" + lname + "','" + email + "','" + address + "','" + city + "','" + pnumber + "','" + sq + "','" + answer + "','" + dataentered + "')";
mysqlConnection.query(query, function (err, results, _fields) {
if (err) {
console.log(err);
res.send('Please try again!');
}
else {
if (results.affectedRows > 0) {
var mailOptions = {
from: '//myemail',
to: email,
subject: "Account Verification",
text: "Click on the link below to veriy your account " + url,
};
transporter.sendMail(mailOptions, function (error, info) {
if (error) {
console.log(error);
//Handle error here
res.send('Please try again!');
} else {
console.log('Email sent: ' + info.response);
res.send('Thanks for registering! Please confirm your email! We have sent a link!');
}
});
}
else {
console.log("Try again");
res.send('Please try again!');
}
}
})
})
});
验证码
app.get('/verify', function (req, res) {
token = req.query.id;
console.log(token)
if (token) {
try {
jwt.verify(token, secret_code, (e, decoded) => {
if (e) {
console.log(e)
return res.sendStatus(403)
} else {
id = decoded.id;
mysqlConnection.connect(function () {
var query = " UPDATE Customers SET Activation = 'True' ; WHERE Email =" + email;
mysqlConnection.query(query, function (err, results, _fields) {
if (err) {
console.log(err);
res.send('Please try again!');
}
else {
console.log("updated Successfully");
}
})
})
}
});
} catch (err) {
console.log(err)
return res.sendStatus(403)
}
} else {
return res.sendStatus(403)
}
});```
你的查询参数命名为用户名而不是 id,所以代码应该是这样的
app.get('/verify', function (req, res) {
token = req.query.username;
在发送电子邮件之前,您可以将用户电子邮件添加到编码正文中
var mail = {
username: username,
email: email,
created: date.toString()
}
然后你可以解码它来查询用户信息或更新它, 你的 else 块可能看起来像这样
var email = decoded.email;
mysqlConnection.connect(function () {
var query =
" UPDATE Customers SET Activation = 'True' ; WHERE Email =" +
email;
mysqlConnection.query(query, function (err, results, _fields) {
if (err) {
console.log(err);
res.send("Please try again!");
} else {
console.log("updated Successfully");
}
});
});