Getting Information from Req.User() into Req.params() in ExpressJS

Question

After people log into my Express app, I'd like to redirect them to a url that reads:

www.mysite.com/:user

What I'm having trouble with is that my req.params object is coming up as an empty object literal when people get re-directed after logging in.

Ideally what I'd like to do is to somehow take the information stored in req.user and pass some of that information into the URL.

So basically I'd like to get from here:

router.post('/login',
passport.authenticate('local', {successRedirect:'/', failureRedirect: '/login', failureFlash: true}));

To here:

router.get('/:user', function(req, res) {
    //stuff
}

After logging in the req.user object reads like this:

{
  username: joesmith@mail.com,
  name: Joe Smith,
  password:  dkei348#$kDL^583L,
  formulas: []
}

And the code I'm attempting to use is as follows:

router.get('/:user', function(req, res) {
var user = req.user.name;
req.params = {
  "user": user
}

But this doesn't work because initially req.user.name is undefined if someone isn't already logged in, so I can't get past the console error.

Apparently I don't understand how req.params is generated in enough detail to get around this problem.

Thank you.

Answer 1

If you want to have username in parameters you shoud redirect to '/' + req.user.name); because '/' doesn't have any params. That's why it is undefined. (additionaly you shoud check if parameter is defined and handle the error, so instead of console error you get error 404 or get to next, proper routing path).

Passport Documentation privides examples of doiung it:

app.post('/login',
  passport.authenticate('local'),
  function(req, res) {
    // If this function gets called, authentication was successful.
    // `req.user` contains the authenticated user.
    res.redirect('/' + req.username);
  });

or more complex custom callback :

app.get('/login', function(req, res, next) {
  passport.authenticate('local', function(err, user, info) {
    if (err) { return next(err); }
    if (!user) { return res.redirect('/login'); }
    req.logIn(user, function(err) {
      if (err) { return next(err); }
      return res.redirect('/' + user.name);
    });
  })(req, res, next);
});

But I think it is not a good practice and safer would be to redirect to the proper page/content by req.user value without putting it to URL, for example setting req.auth. and then using next(); instead of res.redirect('/' + user.name); to get to the next middleware. There username would be taken from req.auth.username, not from /:username.

How does the structure of your routing looks? You shoud make sure router.get('/:user' .. is not before router.get('/login'...

Answer 2

You can provide a custom handler, instead of letting Passport do all the redirecting:

app.post('/login', function(req, res, next) {
  passport.authenticate('local', function(err, user, info) {
    if (err) {
      req.flash('error', 'Unable to authenticate user');
      return res.redirect('/login');
    }
    if (! user) {
      return res.redirect('/login');
    }
    req.logIn(user, function(err) {
      if (err) {
        req.flash('error', 'Unable to log in user');
        return res.redirect('/login');
      }
      return res.redirect('/' + user.username);
    });
  })(req, res, next);
});

This does mean that each logged-in user gets their "personal" URL, because you're redirecting to /USERNAME. I'm not sure from your question if that's actually your intention.

Answer 3

Looks like you are wanting to access whatever /:user value is. e.g. www.mysite.com/stretch0. Therefore you would access it like var user = req.params.user;