堆栈内存溢出
  简体   繁体   English

Node.js不会将哈希密码保存到mysql数据库

[英]Nodejs doesn't save hashed password to mysql db

 原文  2018-07-07 20:05:50       node.js/ bcrypt

问题描述

New to NodeJS, trying to write user registration by my own, but facing a trouble when app saves non-hashed password. NodeJS的新增功能,试图由我自己编写用户注册,但是当应用程序保存未加密的密码时遇到了麻烦。 Tried to check if password is hashed before saving and alert says it is. 试图在保存之前检查密码是否已哈希,然后警报说是。 Here's my code: 这是我的代码: 

var userData = {
        email: req.body.email,
        password: req.body.password
    }

        var user = userData;

        bcrypt.hash(user.password, 10, function(err, hash){
                if(err) console.log(err);
                user.password = hash;
                alert(user.password); //shows hashed password
            });

        //skipped connection code

        database.connection.query("insert into users set ?", user, function(err){ //saves non-hashed password
            if(err) console.log(err);
            console.log("successfull");

        });

2 个解决方案

解决方案1
 3 已采纳  2018-07-07 20:14:12

bcrypt.hash is asynchronous. bcrypt.hash是异步的。 You have what is essentially a race condition in your code. 您的代码中实际上具有竞争条件。 

    database.connection.query("insert into users set ?", user, function(err){ //saves non-hashed password
        if(err) console.log(err);
        console.log("successfull");

    });

When you pass user to this method, user.password has not yet been populated by the bcrypt.hash callback. 当你通过user这种方法, user.password尚未被填充bcrypt.hash回调。

You'll need to put the query logic in the bcrypt callback if you stick with a callback oriented style, though most javascripters would likely use promises or async/await (which should be available natively in most recent releases of Node.js). 如果您坚持使用面向回调的样式,则需要将查询逻辑放在bcrypt回调中,尽管大多数JavaScript编写者可能会使用Promise或async / await(应在最新版本的Node.js中本地提供)。 

    bcrypt.hash(user.password, 10, function(err, hash){
            if(err) console.log(err);
            user.password = hash;
            alert(user.password); //shows hashed password

            //>>query logic should go here.
        });

解决方案2
 1  2018-07-07 20:16:43

Looks like you need to put the database query inside the callback. 看起来您需要将数据库查询放入回调中。 Try something like this: 尝试这样的事情: 

    var userData = {
       email: req.body.email,
       password: req.body.password
    }

    var user = userData;

    bcrypt.hash(user.password, 10, function(err, hash){
         if(err) console.log(err);
         user.password = hash;
         database.connection.query("insert into users set ?", 
            user, function(err){ //saves non-hashed password
            if(err) console.log(err);
            console.log("successfull");
        });
    });

Node.js is asynchronous like that. 像这样Node.js是异步的。 That is why there are callback functions. 这就是为什么有回调函数的原因。 You are inserting the user before you have hashed the password or those events happened at the same time. 您在散列密码或这些事件同时发生之前正在插入用户。 Basically, you have a race condition. 基本上,您有比赛条件。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 NodeJS 更新用户 Bcrypt - 密码不会被散列 - NodeJS Updating User Bcrypt - Password doesn't get hashed NodeJs安全性-从数据库读取散列的sha256密码 - NodeJs Security - Read hashed sha256 password from DB 验证NodeJS中的哈希密码 - Verify hashed password in NodeJS 无法使用bcrypt和书架将哈希密码保存到数据库 - Can't save hashed password to database using bcrypt and bookshelf 使用dcrypt对密码进行哈希处理后,使用MySQL中的NodeJs登录用户 - Login User using NodeJs from MySQL after password has been hashed using dcrypt 如何在 NodeJS 应用程序中验证 PHP 散列密码 - How to verify a PHP hashed password in a NodeJS app 使用bcryptjs将哈希密码保存到数据库时出错 - error saving hashed password to db using bcryptjs brcypt模块未将密码散列 - Password isn't getting hashed by brcypt module 如果数据库中包含哈希密码,则可以在登录时在输入框中使用该哈希密码 - If hashed password is in DB can villain use that hashed password in input box in login 将散列密码保存到 Sequelize 违背了我保存散列密码的简单愿望 - Saving hashed password to Sequelize is defying my simple wish to save a hashed password
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM