AngularJS - 使用md5密码检查登录服务中的用户/密码

Question

I have created a login using angularjs - i am simply trying to pass it to my service user.php to check the credentials and then forward after authenticated. 我使用angularjs创建了一个登录 - 我只是试图将它传递给我的服务user.php以检查凭据，然后在经过身份验证后转发。 Problem is, is my password is ecrytped using md5 and im trying to figure out how to add this encoding into my data being sent from the service. 问题是，我的密码是使用md5生成的，我试图弄清楚如何将这种编码添加到我从服务发送的数据中。

login form - login.html 登录表单 - login.html

    <div class="bs-example">
    <form role="form" name="form1">
    <div class="pgelogo"></div><p></p>
       <div class="form-group">
       <p>Welcome : <span>{{user.userid}}</span></p>
         <label for="exampleInputEmail1">Userid</label>
         <input type="text" placeholder="Enter name"  class="form-control" 
          ng-model="user.userid" required>
       </div>
       <div class="form-group">
         <label for="exampleInputPassword1">Password</label>
         <input type="password" name="pass" placeholder="Password"
          id="exampleInputPassword1" class="form-control" ng-model="user.pass" 
             required>
       </div>
          <button class="btn btn-default" type="submit" ng-click="login(user)" 
           ng-disabled="form1.$invalid">Submit</button>
          <p>{{msgtxt}}</p>
   </form>
   </div>

controller - loginctrl.js controller - loginctrl.js

    'use strict';

     app.controller('loginCtrl', ['$scope','loginService', 
        function ($scope,loginService) {
$scope.msgtxt='';
$scope.login=function(data){
    loginService.login(data,$scope); //call login service
   };
    }]);

directive - logindrc.js 指令 - logindrc.js

    'use strict';
          app.directive('loginDirective',function(){
 return{
    templateUrl:'partials/tpl/login.tpl.html'
   }
     });

service - loginservice.js service - loginservice.js

   'use strict';
    app.factory('loginService',function($http, $location, sessionService){
return{
    login:function(data,scope){
        var $promise=$http.post('data/user.php',data); 
                     //send data to user.php
        $promise.then(function(msg){
            var uid=msg.data;
            var pass=msg.data;
            if(uid && pass){
                //scope.msgtxt='Correct information';
                sessionService.set('uid',uid);
                //sessionService.set('lvl',level);
                $location.path('/home');
            }          
            else  {
                scope.msgtxt='incorrect information';
                $location.path('/login');
            }                  
        });
    },
    logout:function(){
        sessionService.destroy('uid');
        //sessionService.destroy('lvl');
        $location.path('/login');
    },
    islogged:function(){
        var $checkSessionServer=$http.post('data/check_session.php');
        return $checkSessionServer;
        /*
        if(sessionService.get('user')) return true;
        else return false;
        */
    }
       }
          });

**user.php - checks user authentication ** user.php - 检查用户身份验证

          ini_set("display_errors",1); 
          error_reporting(E_ALL);

         //connect to db
          require "../protected/db.php";

         //$user=json_decode(file_get_contents('php://input'));

           $user = $_SESSION['uid']=uniqid('ang_');
         //$user   = $_POST['uid'];
           $pass   = md5($_POST['pass']));

           session_start();

          if(isset($user) && isset($pass)) 
          {
         //get userid and level from users table according to 
           username and password entered
          $sql = "SELECT userid,lvl FROM dbo.users WHERE userid = ? AND psw = ?";

          $params = array($user, $pass);

      $stmt = sqlsrv_query($conn,$sql,$params);

     //if query does not work, return false
      if($stmt === false){
     die( print_r( sqlsrv_errors(), true));
      }

        $row = sqlsrv_fetch_array($stmt, SQLSRV_FETCH_ASSOC);
        if($row)
           {
              do{
        //store users session for angular to handle
         $_SESSION['uid']=uniqid('ang_');
         $_SESSION['level'] = $row['lvl'];

      //update the userlogin table with active user sesssion
       $rec = "INSERT INTO dbo.user_login (
                user_id,
                time)
                VALUES 
                (?,getdate())";

        $recparams = array($user);
        $s = sqlsrv_query($conn,$rec,$recparams);

       if( $s === false )
        {
        die( print_r( sqlsrv_errors(), true));
        }

                   } while( $row = sqlsrv_fetch_array( $stmt ) );
                 }   

               session_destroy();
               }

I am able to authenticate with just simple username password but i need the password to be encoded to check against the values in my db. 我能够使用简单的用户名密码进行身份验证，但我需要对密码进行编码以检查我的数据库中的值。 I am getting error 500 service error meaning something is happening on the server end... just can't pin point it. 我收到错误500服务错误意味着服务器端发生了一些事情...只是无法指出它。 Any help with this would be appreciated by any of you angularjs masters. 任何有角度的大师都会对你有任何帮助。

Answer 1

Integrate this module: http://ngmodules.org/modules/angular-md5 整合此模块： http ： //ngmodules.org/modules/angular-md5

On the login form: login form - login.html 在登录表单上：登录表单 - login.html

<input type="password" name="pass" placeholder="Password"
     id="exampleInputPassword1" class="form-control" ng-model="pass" required>

And then on the controller: controller - loginctrl.js 然后在控制器上：controller - loginctrl.js

app.controller('loginCtrl', ['$scope','md5','loginService', function ($scope,md5,loginService) {
    $scope.$watch('pass', function() {
        $scope.user.pass = md5.createHash($scope.pass || '');
    });
    ...
}]);

So this solved the issue in my case 所以这解决了我的问题

AngularJS - 使用md5密码检查登录服务中的用户/密码

问题描述

1 个解决方案

解决方案1
2 2014-11-26 09:29:38

AngularJS - 使用md5密码检查登录服务中的用户/密码

问题描述

1 个解决方案

解决方案1 2 2014-11-26 09:29:38

解决方案1
2 2014-11-26 09:29:38