Fatal编程技术网
  • express/
  • Express 散列路由文件中的密码并更新

Express 散列路由文件中的密码并更新

express mongoose

Express 散列路由文件中的密码并更新,express,mongoose,passport.js,mean-stack,Express,Mongoose,Passport.js,Mean Stack,这是我想要散列我的密码(使用passport)并更新它的PUT方法 router.put('/reset/:token', function(req, res) { console.log('listening'); User.findOneAndUpdate({resetPasswordToken:req.params.token},{ password: req.body.password, resetPasswordToken: undefined, r

这是我想要散列我的密码(使用passport)并更新它的
PUT
方法

router.put('/reset/:token', function(req, res) {
    console.log('listening');
  User.findOneAndUpdate({resetPasswordToken:req.params.token},{
    password: req.body.password,
    resetPasswordToken: undefined,
    resetPasswordExpires: undefined
  },function(err,user) {
    if(err) {
      console.log(err + 'is here');
    } else {
      res.json(user);
    }
  });
    });
我只想拥有变量
密码
。如何在此方法中哈希并更新它。

我假设您使用的是
Mongoose
。首先,在
模式中创建
pre
方法


router.put('/reset/:token', function(req, res) {
    console.log('listening');
  User.findOneAndUpdate({resetPasswordToken:req.params.token},{
    password: req.body.password,
    resetPasswordToken: undefined,
    resetPasswordExpires: undefined
  },function(err,user) {
    if(err) {
      console.log(err + 'is here');
    } else {
      res.json(user);
    }
  });
    });


UserSchema


const mongoose            = require('mongoose')
    , bcrypt              = require('bcrypt-nodejs')
    , SALT_WORK_FACTOR    = 10;

 const UserSchema = new mongoose.Schema({
 ... // schema here
});

/**
 * Hash password with blowfish algorithm (bcrypt) before saving it in to the database
 */
UserSchema.pre('save', function(next) {
    var user = this;

    // only hash the password if it has been modified (or is new)
    if (!user.isModified('password'))
        return next();

    user.password = bcrypt.hashSync(user.password, bcrypt.genSaltSync(SALT_WORK_FACTOR), null);
    next();
});

mongoose.model('User', UserSchema);


然后在您的路线中:


router.put('/reset/:token', function(req, res, next) {
    User.findOne({resetPasswordToken: new RegExp('^' + req.params.token + '$', "i")}, function (err, user) {
        if (err)
            return next(err);

        if (!user)
            return res.status(422).json({errors: [{msg: 'invalid reset token'}]});

        user.resetPasswordToken = '';
        user.resetPasswordExpires = '';
        user.password = req.body.password;

        user.save().then(function (user) {
            return res.status(200).json(user);
        });
    });
});



是的,我已经按照你说的那样试过了,但它没有对密码进行哈希运算。我已经详细地发布了一个新问题。请检查一下。