[英]Nodejs doesn't save hashed password to mysql db
New to NodeJS, trying to write user registration by my own, but facing a trouble when app saves non-hashed password. NodeJS的新增功能,试图由我自己编写用户注册,但是当应用程序保存未加密的密码时遇到了麻烦。 Tried to check if password is hashed before saving and alert says it is.
试图在保存之前检查密码是否已哈希,然后警报说是。 Here's my code:
这是我的代码:
var userData = {
email: req.body.email,
password: req.body.password
}
var user = userData;
bcrypt.hash(user.password, 10, function(err, hash){
if(err) console.log(err);
user.password = hash;
alert(user.password); //shows hashed password
});
//skipped connection code
database.connection.query("insert into users set ?", user, function(err){ //saves non-hashed password
if(err) console.log(err);
console.log("successfull");
});
bcrypt.hash
is asynchronous. bcrypt.hash
是异步的。 You have what is essentially a race condition in your code. 您的代码中实际上具有竞争条件。
database.connection.query("insert into users set ?", user, function(err){ //saves non-hashed password
if(err) console.log(err);
console.log("successfull");
});
When you pass user
to this method, user.password
has not yet been populated by the bcrypt.hash
callback. 当你通过
user
这种方法, user.password
尚未被填充bcrypt.hash
回调。
You'll need to put the query logic in the bcrypt callback if you stick with a callback oriented style, though most javascripters would likely use promises or async/await (which should be available natively in most recent releases of Node.js). 如果您坚持使用面向回调的样式,则需要将查询逻辑放在bcrypt回调中,尽管大多数JavaScript编写者可能会使用Promise或async / await(应在最新版本的Node.js中本地提供)。
bcrypt.hash(user.password, 10, function(err, hash){
if(err) console.log(err);
user.password = hash;
alert(user.password); //shows hashed password
//>>query logic should go here.
});
Looks like you need to put the database query inside the callback. 看起来您需要将数据库查询放入回调中。 Try something like this:
尝试这样的事情:
var userData = {
email: req.body.email,
password: req.body.password
}
var user = userData;
bcrypt.hash(user.password, 10, function(err, hash){
if(err) console.log(err);
user.password = hash;
database.connection.query("insert into users set ?",
user, function(err){ //saves non-hashed password
if(err) console.log(err);
console.log("successfull");
});
});
Node.js is asynchronous like that. 像这样Node.js是异步的。 That is why there are callback functions.
这就是为什么有回调函数的原因。 You are inserting the user before you have hashed the password or those events happened at the same time.
您在散列密码或这些事件同时发生之前正在插入用户。 Basically, you have a race condition.
基本上,您有比赛条件。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.