[英]ExpressJS, NodeJs and Redis Simple Login Error
我在检查Redis中的用户名和密码时遇到问题,提示用户名和密码未定义。 希望您能帮助我在NodeJ / ExpressJs专家中解决此问题。
码:
app.js
var express = require('express');
var app = express();
var redis = require("redis"),
client = redis.createClient();
var user, pass;
app.use(express.bodyParser());
client.on("error", function (err) {
console.log("error event - " + client.host + ":" + client.port + " - " + err);
});
app.get('/', function (req, res) {
res.sendfile(__dirname + '/index.html');
});
app.post('/', function (req, res) {
console.log("");
console.log("--------------------");
console.log(req.body.user.username);
console.log(req.body.user.password);
console.log("--------EOF---------");
client.hmget(req.body.user.username + user, req.body.user.pasword + pass,
redis.print);
if (req.body.user.username && req.body.user.password == user && pass)
{
res.write("Successfully logged in!");
}
else
{
res.write("Username or Password is incorrect");
}
console.log("req.body.username: " + req.body.username);
console.log("req.body.password: " + req.body.password);
console.log("username: " + user);
console.log("username: " + pass);
res.end();
});
app.listen(80)
这是我的index.html代码。
index.html
<html>
<head></head>
<body>
<form method="post" action="/">
Username: <input type="text" name="user[username]" > <br>
Password: <input type="text" name="user[password]"> <br>
<input type="submit" value="Submit">
</form>
</body>
</html>
我假设Redis实例包含一个名为“凭据”的哈希对象,其中包含用户和密码之间的关联。
HMSET credentials didier mypass
我将重写post方法,如下所示:
app.post('/', function (req, res) {
console.log("--------------------");
console.log(req.body.user.username);
console.log(req.body.user.password);
console.log("--------EOF---------");
client.hmget( 'credentials', req.body.user.username, function (err,pass) {
console.log("req.body.username: " + req.body.user.username);
console.log("req.body.password: " + req.body.user.password);
console.log("pass: " + pass );
console.log("err: " + err );
if ( (!err) && pass && pass == req.body.user.password )
res.write( "Successfully logged in!" );
else
res.write( "Username or Password is incorrect");
res.end();
});
});
使用此代码,我将获得成功的登录消息以及以下跟踪信息:
--------------------
didier
mypass
--------EOF---------
req.body.username: didier
req.body.password: mypass
pass: mypass
err: null
请注意,这种存储凭据的方式和这种身份验证机制完全不安全。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.