堆栈内存溢出
  简体   繁体   English

Angular 基于角色的登录

[英]role based login in Angular

 原文  2021-07-24 01:45:17       node.js/ angular/ authentication

问题描述

Roles are employee and admin.角色是员工和管理员。 i have created api that is generating token now i want to add roles on login means if employee logged in he should be directed towards respective pages and admin should be directed towards respective pages.我已经创建了生成令牌的 api,现在我想在登录时添加角色意味着如果员工登录,他应该被定向到相应的页面,而管理员应该被定向到相应的页面。 I have created separate table for roles now i want to know how the things work and how to add roles with the login credentials.to join the register table with roles in order to login i am using a mutual column which is internal_id .我已经为角色创建了单独的表,现在我想知道这些事情是如何工作的,以及如何使用登录凭据添加角色。为了登录,我正在使用一个相互列的internal_id加入带有角色的注册表。 在此处输入图片说明

here is the employee table这是员工表在此处输入图片说明

here is my API which i created in nodejs.这是我在 nodejs 中创建的 API。

 login: (req, res ) =>{
    const body = req.body;
    getUserByUserEmail(body.email, (err, results) => {
        if(err) {
            console.log(err);
        }
        if(!results) {
            return res.json({
                success : 0 ,
                message : "Invalid Email or Password"
            });
        }

        const result = compareSync( body.password, results[0].password);
        if (result) {
            results.password = undefined;
            const jsontoken = sign({ result: results }, "qwe123", {expiresIn : "3h"});
            return res.json({
                success : 1 ,
                message : "Login Succesfully!",
                token : jsontoken
            });
        }
        else{
            return res.json({
                success : 0 ,
                message : "Invalid Email or Password"
            });
        }
    });

 }

this is the code how i am getting email and password from employee table.这是我如何从员工表中获取电子邮件和密码的代码。

getUserByUserEmail  : (email , callBack) =>{
    pool.query(
        `select * from employee where email = ? `,
        [email],
        (error, results, fields) => {
            if(error){
               
                return callBack(error);
            }
            return callBack(null, results);
        }
    )
}

1 个解决方案

解决方案1
 0  2021-07-28 07:20:16

As a security consideration, I would like to suggest that your SQL query select * from employee where email = ?出于安全考虑,我建议您的 SQL 查询select * from employee where email = ? be more specific and only retrieve the information you need, eg: select internal_id, password from employee where email = ?具体,只检索您需要的信息,例如: select internal_id, password from employee where email = ?

As regards your mapping of roles: I won't provide a code-for-you.关于您的角色映射:我不会为您提供代码。 But using the stored internal_id you retrieved when authenticating, add a function like getRoleByUserID where you search select role from roles where internal_id = ?, [stored_id_from_auth_query] .但是使用您在身份验证时检索到的存储的internal_id ,添加一个类似getRoleByUserID的函数,您可以select role from roles where internal_id = ?, [stored_id_from_auth_query]搜索select role from roles where internal_id = ?, [stored_id_from_auth_query] Then run a case or if/else statements to generate your view based on the returned role.然后运行 ​​case 或 if/else 语句以根据返回的角色生成您的视图。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 node.js 中基于角色的登录身份验证 - Role based login authentication in node.js Node.js和Mongoose中基于角色的登录 - Role-Based login in nodejs and mongoose 具有角度和节点的基于角色的页面视图 - role-based page views with angular and node 登录表单无法使用基于用户角色的身份验证和重定向呈现 - Login form fail to render with user role based authentication and redirect 基于JWT身份验证和角色路由到Express中的多个Angular 7项目 - Routing to multiple Angular 7 projects in Express based on JWT authentication and Role 登录时检查角色 - Check role on login 我想根据用户的角色在登录后重定向用户并阻止他们访问 React.js 中的此页面 - i want to redirect user after login based on their role and stop them to access this page in React.js HapiJS中基于角色的身份验证 - Role based authentication in HapiJS 基于角色的jwt授权 - Role based jwt authorization 根据用户角色显示记录 - show records based on user role
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM