使用nodejs上的express服务器通过passport登录,使用mongoose连接mongoDB
我对身份验证和授权非常陌生,我正在尝试登录并注册用户以访问我的api。我成功地完成了注册处理程序,存储了用户信息,并成功地对其进行了Bcrypt。但我仍然难以通过登录端点处理程序访问它们以登录它们。 这是我到目前为止编写的代码使用nodejs上的express服务器通过passport登录,使用mongoose连接mongoDB,express,authentication,mongoose,passport.js,bcrypt,Express,Authentication,Mongoose,Passport.js,Bcrypt,我对身份验证和授权非常陌生,我正在尝试登录并注册用户以访问我的api。我成功地完成了注册处理程序,存储了用户信息,并成功地对其进行了Bcrypt。但我仍然难以通过登录端点处理程序访问它们以登录它们。 这是我到目前为止编写的代码 if (process.env.NODE_ENV !== 'production') { require('dotenv').config(); } const express = require('express'); const app = express();
if (process.env.NODE_ENV !== 'production') {
require('dotenv').config();
}
const express = require('express');
const app = express();
const bcrypt = require('bcrypt');
const passport = require('passport');
const flash = require('express-flash');
const session = require('express-session');
const methodOverride = require('method-override');
const ejs = require('ejs');
const middle = require('./middlewares/middleware');
const mongoose = require('mongoose');
const usersDb = require('./db/db');
const initializePassport = require('./passport-config');
mongoose.connect(process.env.DATABASE_URL, {
useUnifiedTopology: true,
useNewUrlParser: true,
});
const db = mongoose.connection;
db.on('error', (error) => console.error(error));
db.once('open', () => console.log('DATABASE IS AVAILABLE'));
initializePassport(
passport,
(name) => usersDb.find((user) => user.name === name),
(password) => usersDb.find((user) => user.password === password)
);
app.set('view engine', 'ejs');
// app.use(express.json());
app.use(express.urlencoded({ extended: false }));
app.use(flash());
app.use(
session({
secret: process.env.SESSION_SECRET,
resave: false,
saveUninitialized: false,
})
);
app.use(passport.initialize());
app.use(passport.session());
app.use(methodOverride('_method'));
// app.get('/users', async (req, res) => {
// try {
// users = await usersDb.find();
// res.json(users);
// } catch (err) {
// res.status(500).json({ message: err.message });
// }
// });
app.get('/', middle.checkAuthenticated, (req, res) => {
res.render('index.ejs', { name: req.user.name }, { users });
});
app.get('/login', middle.checkNotAuthenticated, (req, res) => {
res.render('login.ejs');
});
app.post(
'/login',
middle.checkNotAuthenticated,
passport.authenticate('local', {
successRedirect: '/',
failureRedirect: '/login',
failureFlash: true,
})
);
app.get('/register', middle.checkNotAuthenticated, (req, res) => {
res.render('register.ejs');
});
app.post('/register', middle.checkNotAuthenticated, async (req, res) => {
try {
const hashedPassword = await bcrypt.hash(req.body.password, 10);
user = await new usersDb({
name: req.body.name,
password: hashedPassword,
score: req.body.score,
dateSignedUp: req.body.dateSignedUp,
lastPlayed: req.body.lastPlayed,
});
user.save(function (err, user) {
if (err) return console.error(err);
console.log(`user ${user.name} registered successfully`);
});
res.redirect('/login');
} catch {
res.redirect('/register');
}
});
app.delete('/logout', (req, res) => {
req.logOut();
res.redirect('/login');
});
app.listen(3000);
下面是passport配置文件的内容
const localStrategy = require('passport-local').Strategy;
const bcrypt = require('bcrypt');
const usersDb = require('./db/db');
function initialize(passport, getUserByName) {
const authenticateUser = async (name, password, done) => {
const user = usersDb.findOne({ name: name });
if (user == null) {
return done(null, false, { message: 'no user with that name' });
}
try {
if (
await bcrypt.compare(password, user.password, function (err, result) {
result = true;
})
) {
return done(null, user);
} else {
return done(null, false, { message: 'password incorrect' });
}
} catch (e) {
return done(e);
}
};
passport.use(new localStrategy({ usernameField: 'name' }, authenticateUser));
passport.serializeUser((user, done) => done(null, user.id));
passport.deserializeUser((id, done) => {
User.findById(id, function (err, user) {
done(err, user);
});
});
}
module.exports = initialize;
就我调试到现在为止,我不能与数据库通信时,我问
const user = usersDb.findOne({ name: name });
任何帮助都将不胜感激
非常感谢您阅读所有代码。这样您可以在查找名称后添加一个承诺,这样它将等待结果并将其存储在respone中 usersDb.findOne({name:name}) .then(user=>console.log(user))//它将记录结果 另一种方法是传递函数: usersDb.findOne({name:name},(err,result)=>{ 如果(错误)抛出错误 如果(!user)返回done(null,false,{消息:'没有使用该名称的用户'}) //如果密码正确,您可以在这里将其余代码添加到chick })
我对它们两个都使用这个函数,实际上const usersDb=require('./db/db');我希望这有助于让我知道。