[英]Mongoose Populate users is returning a 404 (forbidden)
我正在尝试填充项目中的用户数组,但我正在获取GET http://localhost:9000/api/users 403 (Forbidden)
(如果已登录)和GET http://localhost:9000/api/users 403 (Unauthorised)
(如果未登录)。 因此,我很确定自己的问题是因为用户具有附加的身份验证,并且在我调用列表项目功能时也是如此。
我要做的只是为每个项目获取一个用户数组,然后使用objectid用用户名和profile_image填充该列表。
这是我所拥有的:
exports.index = function (req, res) {
Project
.find(function (err, projects) {
if (err) { //handle error
return handleError(res, err);
}
return projects;
})
.populate('users')
.exec(function (err, projects) {
if (err) { //handle error
return handleError(res, err);
}
return res.json(200, projects);
});
};
ProjectSchemas:
'use strict';
var mongoose = require('mongoose'),
Schema = mongoose.Schema;
var ProjectSchema = new Schema({
name: String,
type: String,
users: [{ type: Schema.Types.ObjectId, ref: 'User' }]
});
ProjectSchema.statics = {
load: function (id, cb) {
this.findOne({ _id : id })
.populate('users', 'name profile_image')
.exec(cb);
}
}
module.exports = mongoose.model('Project', ProjectSchema);
UserSchema:
'use strict';
var mongoose = require('mongoose');
var Schema = mongoose.Schema;
var crypto = require('crypto');
var authTypes = ['github', 'twitter', 'facebook', 'google'];
var UserSchema = new Schema({
name: String,
email: { type: String, lowercase: true },
profile_image: String,
role: {
type: String,
default: 'user'
},
hashedPassword: String,
provider: String,
salt: String,
facebook: {},
twitter: {},
google: {},
github: {}
});
/**
* Virtuals
*/
UserSchema
.virtual('password')
.set(function(password) {
this._password = password;
this.salt = this.makeSalt();
this.hashedPassword = this.encryptPassword(password);
})
.get(function() {
return this._password;
});
// Public profile information
UserSchema
.virtual('profile')
.get(function() {
return {
'name': this.name,
'role': this.role
};
});
// Non-sensitive info we'll be putting in the token
UserSchema
.virtual('token')
.get(function() {
return {
'_id': this._id,
'role': this.role
};
});
/**
* Validations
*/
// Validate empty email
UserSchema
.path('email')
.validate(function(email) {
if (authTypes.indexOf(this.provider) !== -1) return true;
return email.length;
}, 'Email cannot be blank');
// Validate empty password
UserSchema
.path('hashedPassword')
.validate(function(hashedPassword) {
if (authTypes.indexOf(this.provider) !== -1) return true;
return hashedPassword.length;
}, 'Password cannot be blank');
// Validate email is not taken
UserSchema
.path('email')
.validate(function(value, respond) {
var self = this;
this.constructor.findOne({email: value}, function(err, user) {
if(err) throw err;
if(user) {
if(self.id === user.id) return respond(true);
return respond(false);
}
respond(true);
});
}, 'The specified email address is already in use.');
var validatePresenceOf = function(value) {
return value && value.length;
};
/**
* Pre-save hook
*/
UserSchema
.pre('save', function(next) {
if (!this.isNew) return next();
if (!validatePresenceOf(this.hashedPassword) && authTypes.indexOf(this.provider) === -1)
next(new Error('Invalid password'));
else
next();
});
/**
* Methods
*/
UserSchema.methods = {
/**
* Authenticate - check if the passwords are the same
*
* @param {String} plainText
* @return {Boolean}
* @api public
*/
authenticate: function(plainText) {
return this.encryptPassword(plainText) === this.hashedPassword;
},
/**
* Make salt
*
* @return {String}
* @api public
*/
makeSalt: function() {
return crypto.randomBytes(16).toString('base64');
},
/**
* Encrypt password
*
* @param {String} password
* @return {String}
* @api public
*/
encryptPassword: function(password) {
if (!password || !this.salt) return '';
var salt = new Buffer(this.salt, 'base64');
return crypto.pbkdf2Sync(password, salt, 10000, 64).toString('base64');
}
};
module.exports = mongoose.model('User', UserSchema);
我找到了解决方案,我需要为不需要身份验证的公共用户创建一条新路线:
router.get('/public', controller.public);
然后,我将其添加到控制器中:
/**
* Get public list of users
*/
exports.public = function(req, res) {
User.find({}, 'name profileImage',function (err, users) {
if(err) return res.send(500, err);
res.json(200, users);
});
};
然后在我的状态提供程序中,我确定用户使用/ users / public:
resolve: {
users: function(usersModel) {
return usersModel.one('public').getList()
}
}
现在,这已解决了403错误!
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.