0

In my node.js project I have a server.js and a folder "views" that has a file called index.html, so right now when someone goes to example.com (or example.com/index.html) they go to index.js, well I'm trying to secure it so that only via specific links access is granted, for example

example.com -> takes you to access_denied.html and example.com/client={code-that-i-assign} example example.com/client=th9wdn298n3d2

I tried doing it with URLparams but I couldn't, can someone help me with a solution to this problem?

function api() {
    const apikey = "";
    const searchselect = window.location.search;
    const urlsearchparams = URLSearchParams(searchselect);
    urlsearchparams.has(apikey).then(return true);

}
Improve this question
4
  • Would you be able to show us what you have so far? Commented Jan 14, 2021 at 10:42
  • sure, here pastebin.com/P1H1nDCu Commented Jan 14, 2021 at 10:48
  • Are you using express on your server-side? Commented Jan 14, 2021 at 10:57
  • Yes @NickParsons Commented Jan 14, 2021 at 13:33

2 Answers 2

Reset to default
2

I think to undertand that you want to check if there is a get variable in the url like a token for enter and use a determinate pages, for to do that you must use the express middleware before the the middleware that serve the page in your server.js file, like:

app.use(function (req, res, next) { // controlla il token
  const foo = req.query.foo;

  if (foo !== 'MAGIC_KEY' /* or what control you want to do */) next(Error('Nope'));
  else next();
});
app.use(express.static(path.join(__dirname, 'public')));

and call the page whit this param /?foo=MAGIC_KEY

EDIT with your code:

const path = require("path");
const express = require("express");
const app = express();

// make all the files in 'public' available
// https://expressjs.com/en/starter/static-files.html
app.use(express.static("public"));

// this is the code I writed before
app.use(function (req, res, next) { //  /?foo=MAGIC_KEY
  const foo = req.query.foo;

  if (foo !== 'MAGIC_KEY') next(Error('Nope'));
  else next();
});

// This is the middleware that serve the index
// https://expressjs.com/en/starter/basic-routing.html
app.get("/", (request, response) => {
  response.sendFile(__dirname + "/views/index.html");
});

app.use(express.static(path.join(__dirname + "/views/gg.txt")));

const listener = app.listen(process.env.PORT, () => {
  console.log("Your app is listening on port " + listener.address().port);
});
Improve this answer
Sign up to request clarification or add additional context in comments.

7 Comments

Hey this isn't working this is my code --> pastebin.com/ZKQmK7vS It just takes me to index.js
In your code, you put the middleware after the middleware that serve index page. I edit the answer with edit
It still doesn't work here's a GIF of what happens and I changed views with public gyazo.com/006fb582ef4f802c0bf8e9e308bbd379
After the change did you restart the server? I try using server.js with the code in the answer and an easy views/index.html. When I call localhost:3000/?foo=MAGIC_KEY I see the page, where I don't use ?foo=MAGIC_KEY or I set a wrong foovalue like MAGIC_KEYs the server returns me an error.
this is the code github.com/AlTheLazyMonkey/problemStack.git
|
0

In this particular instance, you could manage the requests one by one, however it usually isn't a great solution. Just replace \key to whatever you need. If you land on example.com it will respond with access-denied.html, however, requesting example.com/key for instance will get you to the index.

const path = require("path");
const express = require("express");
const app = express();

// This is the middleware that serve the index
app.get("/", (request, response) => {
  response.sendFile(__dirname + "/public/access-denied.html");
});

app.get("/key", (request, response) => {
  response.sendFile(__dirname + "/public/index.html");
});

app.use(express.static(path.join(__dirname + "/public/gg.txt")));

const listener = app.listen(process.env.PORT, () => {
  console.log("Your app is listening on port " + listener.address().port);
});
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.