Delete a user with Mongoose, Express
Since you are new I think I should lead you to find the problem yourself:)
- Make sure about form methods.
- Make sure the route for user deletion is called.
If the markup doesn't seem right I am sorry cas I am using my phone to post this answer.
Nicholas Gati
Updated on June 04, 2022Comments
-
Nicholas Gati almost 2 years
I am new to Express and MongoDB. I created a small web app in Node.js and am using Express.js and Mongoose. I can succesfully create a user and have a user sign in but I am having trouble with a user being able to delete their account.
I have a user.js file in my routes folder which is where I am writing the code to signup, signin, delete, etc. Here is a link to the project on GitHub ( https://github.com/NicholasGati/shopping-cart-2 ). The button to delete a user's account is in views/user/edit.hbs. I put the button in a form. When I click the button, the user is not deleted and I am redirected to '/' for some reason. Note: '/:id' in my routes/user.js file becomes '/user/:id'.
Here is the code in the routes/user.js file for the delete method:
router.delete('/:id', isLoggedIn, (req, res, next) => { User.findOneAndRemove({_id: req.params.id}, (err) => { if (err) { req.flash("error", err); return res.redirect("/user/edit"); } req.flash("success", "Your account has been deleted."); req.logout(); return res.redirect("/shop/coffee"); }); });
Here is the form in views/user/edit.hbs:
<form action="/user/{{user.id}}" method="delete"> <div class="form-group"> <button type="submit" class="btn btn-danger">Delete Account</button> </div> </form>
Also, here is the isLoggedIn function:
function isLoggedIn(req, res, next) { if (req.isAuthenticated()) { return next(); } res.redirect("/"); }
-
Nicholas Gati over 7 yearsThank you so much Saeid! I thought about your first point to check the form method and tried method="post" instead of the method="delete" and changed route.delete() to route.post() in my routes/user.js file. I then added a hidden field in the form with the csrf token and it worked! Thanks for leading me in the right direction.
-
Heartbit over 7 yearsYour welcome @NicholasGati. I think you could use
delete
method also. -
Heartbit over 7 yearsAnd if you feel that an answer help you to solve your problem it will be better to give a vote.
-
Nicholas Gati over 7 yearsThanks Shazam. Strangely, the 'delete' methods didn't work but when I changed them to 'post', it all worked fine. I am still not sure why that is, but since changing the routes/user.js file to use router.post() and method='post' in the form, the user was successfully deleted. I also had to add a csrf token in the form as a hidden field too. Thanks for your response!
-
Nicholas Gati over 7 yearsI don't yet have the reputation to vote answers but when I do, I will upvote your answer. Thanks Saeid!
-
Heartbit over 7 years@NicholasGat I hope that you will get the reputations asap but you also should chose the best answer for your question :) thanks!
-
Manish over 5 yearsuse package
multer
,npm install --save multer
to support delete request.