[英]get valid password with bcrypt
I am using nodejs with sequelize to setup my database, and currently i am trying to hash and salt my password, the hashing i already did, but now when i tyr to login i want to compare the password send in req.body with the hashed one, so i did this: 我正在使用带有sequelize的nodejs来设置我的数据库,目前我正在尝试对密码进行哈希处理和加盐处理,但我已经这样做了,但是现在当我要登录时,我想将在req.body中发送的密码与哈希进行比较一,所以我做到了:
router.post('/', function (req, res, next) {
console.log("hi");
if (JSON.stringify(req.body) == "{}") {
return res.status(400).json({ Error: "Login request body is empty" });
}
if (!req.body.username || !req.body.password) {
return res.status(400).json({ Error: "Missing fields for login" });
}
var password = User.validPassword(req.body.password);
// search a user to login
User.findOne({ where: { username: req.body.username, password: password } }) // searching a user with the same username and password sended in req.body
.then(function (user) {
if (!user) {
return res.status(400).json({ Error: "There is no user with those fields" }); // if there is no user with specific fields send
}
return res.status(400).json({ Error: "loged in!" }); // username and password match
}).catch(function (err) {
return res.status(200).json({ message: "server issues when trying to login!" }); // server problems
});
});
my model is like this: 我的模型是这样的:
"use strict";
var sequelize = require('./index');
var bcrypt = require('bcrypt-nodejs');
module.exports = function (sequelize, DataTypes) {
var User = sequelize.define("User", {
username: DataTypes.STRING,
email: DataTypes.STRING,
password: DataTypes.STRING
}, {
classMethods: {
generateHash: function (password) {
console.log("hi");
return bcrypt.hashSync(password, bcrypt.genSaltSync(8), null);
},
validPassword: function (password) {
return bcrypt.compareSync(password, this.password);
}
}
});
return User;
}
i don't get any response from 我没有收到任何回应
var password = User.validPassword(req.body.password);
i tried to console.log but stilm no response, when i try to go to router /login it just doesn0t give me any response it is loading all the time, any sugestion? 我试图console.log但没有响应,当我尝试去路由器/ login时,它并没有给我任何响应,它一直在加载,没有任何提示?
To start with, your route defines a post action to /
not /login
. 首先,您的路线将后动作定义为/
not /login
。 You can use postman to try that out if you don't have a front-end yet. 如果您还没有前端,可以使用邮递员进行尝试。
The validPassword method should be called on an instance of the User model so you should have written this portion of the code like this 应该在User模型的实例上调用validPassword方法,因此您应该像这样编写这段代码
router.post('/', function (req, res, next) {
console.log("hi");
if (JSON.stringify(req.body) == "{}") {
return res.status(400).json({ Error: "Login request body is empty" });
}
if (!req.body.username || !req.body.password) {
return res.status(400).json({ Error: "Missing fields for login" });
}
// search a user to login
User.findOne({ where: { username: req.body.username } }) // searching a user with the same username and password sended in req.body
.then(function (user) {
if(user && user.validPassword(req.body.password)) {
return res.status(200).json({message: "login successful"});
} else {
return res.status(401).json({message: "Unauthorized"});
}
}).catch(function (err) {
return res.status(200).json({ message: "server issues when trying to login!" }); // server problems
});
});
Also in you catch method, the status code should be something that depicts internal server error like 500
. 同样在catch方法中,状态代码应该是描述内部服务器错误的内容,例如500
。 200
is inappropriate. 200
是不合适的。
Soo seems like I could answer my own question, with the help of Femi Oladeji, basicly the problem was related to the fact that i want to acess the methods trough a instance and not a model. Soo似乎可以在Femi Oladeji的帮助下回答自己的问题,基本上,该问题与我想通过实例而非模型访问方法的事实有关。
So when I tried to acces it with the user instance, there was no method that treat instances, so made some changes on my model. 因此,当我尝试使用用户实例访问它时,没有处理实例的方法,因此对我的模型进行了一些更改。
"use strict";
var sequelize = require('./index');
var bcrypt = require('bcrypt-nodejs');
module.exports = function (sequelize, DataTypes) {
var User = sequelize.define("User", {
username: DataTypes.STRING,
email: DataTypes.STRING,
password: DataTypes.STRING
}, {
classMethods: {
generateHash: function (password) {
return bcrypt.hashSync(password, bcrypt.genSaltSync(8), null);
},
},
instanceMethods: {
validPassword: function (password) {
console.log(password, this.password)
return bcrypt.compareSync(password, this.password);
}
}
});
return User;
}
and there is the instanceMethods, that can treat the instance :) 还有instanceMethods,可以处理实例:)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.