Step 11
Let's update the catch
block in the route handler for POST /login
in index.js
:
} catch (err) {
console.log(err);
// redirect to homepage
res.cookie("message", "Incorrect username or password").redirect("/");
}
Also, update the route handler for GET /
:
app.get("/", (req, res) => {
const message = req.cookies.message;
res.render("index.njk", { message });
});
Notice the message
is read from the req.cookies
and not req.query
.
Save index.js
and visit http://localhost:5001/. Enter a username/password that does not exist in the database. You must get the "Incorrect username or password" message. But notice the URL is simply http://localhost:5001/
. So where does this data come from?
Open the developer tools, go to "Application" tab and look under "Cookies".