node.js - the code working right but i still get Error: Can't set headers after they are sent -
i working on code protect node.js login script brute fore attacks add this (express-rate-limit) code , worked , result want after redirect happen error massage
error: can't set headers after sent. @ validateheader (_http_outgoing.js:504:11) @ serverresponse.setheader (_http_outgoing.js:511:3) @ object.handler (/opt/lampp/htdocs/x/chessmult/regtest/using-passport-with-sequelize-and-mysql-master/node_modules/express-rate-limit/lib/express-rate-limit.js:25:17) @ /opt/lampp/htdocs/x/chessmult/regtest/using-passport-with-sequelize-and-mysql-master/node_modules/express-rate-limit/lib/express-rate-limit.js:79:30 @ memorystore.incr (/opt/lampp/htdocs/x/chessmult/regtest/using-passport-with-sequelize-and-mysql-master/node_modules/express-rate-limit/lib/memory-store.js:12:7)
i tried using
return
with res.redirect still error code
var ratelimit = require('express-rate-limit'); var loginacclimiter = new ratelimit({ windowms: 60*60*1000, // 1 hour window delayafter: 1, // begin slowing down responses after first request delayms: 3*1000, // slow down subsequent responses 3 seconds per request max: 1, // start blocking after 5 requests onlimitreached: (function (req,res) { req.flash('thelimitlogin', 'error:you maked alot of wrong login not allowed login next hour '); res.redirect('/signin') return; }) }); app.get('/signin', function (req, res, next) { var personlist = []; var personlist2 = []; var person = { 'theemaildexist':req.flash('emaildexist'), 'limitlogin':req.flash('thelimitlogin') //'date':rows[i].ptime } var person2 = { 'theincorrectpass':req.flash('incorrectpass') //'date':rows[i].ptime } //console.log(rows[i].contact); personlist.push(person); personlist2.push(person2); //console.log('threq',req.flash('emailmessage')); res.render('signin',{"personlist": personlist,"personlist2": personlist2}) return; //res.send(); }); app.post('/signin',loginacclimiter, passport.authenticate('local-signin',{failureredirect: '/signin',failureflash : true}), function(req, res,next) { // if function gets called, authentication successful. // `req.user` contains authenticated user. sess = req.session; sess.email=req.user.email; res.redirect('/users/' + req.user.email); });
Comments
Post a Comment