用户注册和认证(注册和登录)Node.js
[英]User registration and authentication (register and login) Nodejs
问题描述
I have two types of users , vendor and buyer. 
我有两种类型的用户,卖方和买方。 Should i create two different APIs to register and authenticate each type of user or a single API to handle both users? 我应该创建两个不同的API来注册和认证每种类型的用户,还是创建一个API来处理两个用户? Also when creating my database model , should i create two different collections or should i create a single collection and create an extra field like role and populate it with the respective role of the user? 另外,在创建数据库模型时,我应该创建两个不同的集合还是应该创建单个集合并创建一个额外的字段(例如角色),并使用用户各自的角色填充它? Both vendor and buyer share almost all fields, except the vendor has an extra field that has the article they wana sell. 卖方和买方都共享几乎所有字段,除了卖方有一个额外的字段,其中包含他们要出售的商品。 Which approach is better? 哪种方法更好? I'm using Express and MongoDB , I also intend to use Angular on the front end 我正在使用Express和MongoDB ,我也打算在前端使用Angular
Any help would be much appreciated , thank you. 任何帮助将不胜感激,谢谢。
2 个解决方案
解决方案1
0 2018-08-01 01:20:52
There cannot be a strict answer for the above. 上面没有一个严格的答案。 You can keep them separate - separate APIs, collections - advantage would be separation of concern, which on long term MAY be helpful for future development where you may want to add something specific for either of the two parties without disturbing the other. 您可以将它们分开-分开的API和集合-优点是将关注点分开,从长远来看,这可能对将来的开发有所帮助,在将来的开发中,您可能希望为两方中的任何一方添加特定的内容而不会干扰对方。 At the same time if you keep them together - then it is just less code to maintain. 同时,如果将它们放在一起-则只需维护较少的代码。 It is more choice which you/your organization will need to take on the long term prospect of the application you are building. 您/您的组织将需要更多选择来承担正在构建的应用程序的长期前景。 If I had to make a choice, I would keep them separate. 如果必须做出选择,我会将它们分开。
解决方案2
0 2018-08-01 01:54:08
That's a good question for when you are mocking up your Collection Design. 当您模拟收藏设计时,这是一个很好的问题。 You have to start thinking about your users, and how different a vendor and a buyer is. 您必须开始考虑您的用户,以及卖方和买方有何不同。 Vendors and buyers are both users, but you could have a collection for items being sold by a user, and a boolean to differentiate who is a buyer and who is a seller. 供应商和买方都是用户,但是您可以收集用户正在出售的物品的集合,并可以使用布尔值来区分谁是买方和谁是卖方。 Ultimately these questions are what you want to decide prior to writing your API. 最终,这些问题是您在编写API之前要决定的。 If you want to set up two separate APIs for each user register, that is perfectly fine, but that is completely up to you. 如果要为每个用户注册设置两个单独的API,那很好,但这完全取决于您。
Let's assume you decide to unify the login API into 1. You could define your user Models something like this. 假设您决定将登录API统一为1。您可以定义用户模型,如下所示。 I like using Typescript to typecheck everything I user. 我喜欢使用Typescript对我使用的所有内容进行类型检查。 I might be over doing it but I like it. 我可能已经做完了,但是我喜欢。
export interface User {
id?: string; // add it as option in the case of regisration
name: string;
email: string;
password?: string;
// you can add more fields that both Vendor and Buyer would have in common.
}
export interface Vendor extends User {
// here we define specific fields that a vendor would have that a buyer wouldn't
selling: Array<Object>;
isVendor: boolean;
revenue: number;
// more fields here if needed
}
export interface Buyer extends User {
// define fields that a buyer would have that a vendor wouldn't
cart: Array<Object>; // cart items of what they are purchasing
cartTotal: number;
billing: string;
// more fields here
}
In the code above, the interface for User defines a basic User, and the interfaces for Buyer and Vendor extend the User interface, each adding their own fields unique to those models. 在上面的代码中,“用户”界面定义了一个基本用户,“购买者”和“供应商”界面扩展了“用户”界面,每个界面都添加了自己的字段,这些字段对于那些模型是唯一的。
For your Registration API, you can simply have a checkbox in the form asking if the user is a vendor. 对于您的注册API,您只需在表单中有一个复选框,询问用户是否为供应商。 This will enable the boolean in the Vendor interface, telling your API (this you would handle internally at the API code) that the information that is being sent is for a Vendor. 这将在Vendor接口中启用布尔值,告诉您的API(您将在API代码内部进行处理),所发送的信息是针对Vendor的。 Then save the basic info in the Users collection, and vendor information in the Vendor collection, keeping a common key between the two to user for reference when searching for one another. 然后,将基本信息保存在“用户”集合中,将供应商信息保存在“供应商”集合中,并在两者之间保持公用密钥,以供用户相互搜索时参考。
When having a Login API, you don't have to differentiate between the two at the authentication level because the basic information for a User contains the fields needed to authenticate, when rendering the view for each User Type, simply check if the boolean for isVendor exists and is true, then route the user to the correct endpoint. 使用登录API时,您不必在身份验证级别上区分两者,因为用户的基本信息包含身份验证所需的字段,在呈现每种用户类型的视图时,只需检查isVendor的布尔值即可存在并且为真,然后将用户路由到正确的端点。
This question is hard to answer simply because there are so many ways one can approach this problem. 仅仅因为有很多方法可以解决这个问题,所以很难回答这个问题。 It is up to the developer to decide which way they prefer to organize everything and lay things out. 由开发人员决定他们更喜欢以哪种方式来组织所有内容并进行布局。 Want to keep things simply and create an endpoint for every user type? 是否想简单地为每种用户类型创建一个端点? Go for it. 去吧。 Want to consolidate all authentication for all user Types into one? 是否要将所有用户类型的所有身份验证合并为一个? That is perfectly fine too. 那也很好。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.