[英]role based login in Angular
Roles are employee and admin.角色是员工和管理员。 i have created api that is generating token now i want to add roles on login means if employee logged in he should be directed towards respective pages and admin should be directed towards respective pages.我已经创建了生成令牌的 api,现在我想在登录时添加角色意味着如果员工登录,他应该被定向到相应的页面,而管理员应该被定向到相应的页面。 I have created separate table for roles now i want to know how the things work and how to add roles with the login credentials.to join the register table with roles in order to login i am using a mutual column which is internal_id .我已经为角色创建了单独的表,现在我想知道这些事情是如何工作的,以及如何使用登录凭据添加角色。为了登录,我正在使用一个相互列的internal_id加入带有角色的注册表。
here is the employee table这是员工表
here is my API which i created in nodejs.这是我在 nodejs 中创建的 API。
login: (req, res ) =>{
const body = req.body;
getUserByUserEmail(body.email, (err, results) => {
if(err) {
console.log(err);
}
if(!results) {
return res.json({
success : 0 ,
message : "Invalid Email or Password"
});
}
const result = compareSync( body.password, results[0].password);
if (result) {
results.password = undefined;
const jsontoken = sign({ result: results }, "qwe123", {expiresIn : "3h"});
return res.json({
success : 1 ,
message : "Login Succesfully!",
token : jsontoken
});
}
else{
return res.json({
success : 0 ,
message : "Invalid Email or Password"
});
}
});
}
this is the code how i am getting email and password from employee table.这是我如何从员工表中获取电子邮件和密码的代码。
getUserByUserEmail : (email , callBack) =>{
pool.query(
`select * from employee where email = ? `,
[email],
(error, results, fields) => {
if(error){
return callBack(error);
}
return callBack(null, results);
}
)
}
As a security consideration, I would like to suggest that your SQL query select * from employee where email = ?
出于安全考虑,我建议您的 SQL 查询select * from employee where email = ?
be more specific and only retrieve the information you need, eg: select internal_id, password from employee where email = ?
更具体,只检索您需要的信息,例如: select internal_id, password from employee where email = ?
As regards your mapping of roles: I won't provide a code-for-you.关于您的角色映射:我不会为您提供代码。 But using the stored internal_id you retrieved when authenticating, add a function like getRoleByUserID
where you search select role from roles where internal_id = ?, [stored_id_from_auth_query]
.但是使用您在身份验证时检索到的存储的internal_id ,添加一个类似getRoleByUserID
的函数,您可以select role from roles where internal_id = ?, [stored_id_from_auth_query]
搜索select role from roles where internal_id = ?, [stored_id_from_auth_query]
。 Then run a case or if/else statements to generate your view based on the returned role.然后运行 case 或 if/else 语句以根据返回的角色生成您的视图。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.