Express 散列路由文件中的密码并更新
这是我想要散列我的密码(使用passport)并更新它的Express 散列路由文件中的密码并更新,express,mongoose,passport.js,mean-stack,Express,Mongoose,Passport.js,Mean Stack,这是我想要散列我的密码(使用passport)并更新它的PUT方法 router.put('/reset/:token', function(req, res) { console.log('listening'); User.findOneAndUpdate({resetPasswordToken:req.params.token},{ password: req.body.password, resetPasswordToken: undefined, r
PUT
方法
router.put('/reset/:token', function(req, res) {
console.log('listening');
User.findOneAndUpdate({resetPasswordToken:req.params.token},{
password: req.body.password,
resetPasswordToken: undefined,
resetPasswordExpires: undefined
},function(err,user) {
if(err) {
console.log(err + 'is here');
} else {
res.json(user);
}
});
});
我只想拥有变量
密码
。如何在此方法中哈希并更新它。我假设您使用的是Mongoose
。首先,在模式中创建pre
方法
router.put('/reset/:token', function(req, res) {
console.log('listening');
User.findOneAndUpdate({resetPasswordToken:req.params.token},{
password: req.body.password,
resetPasswordToken: undefined,
resetPasswordExpires: undefined
},function(err,user) {
if(err) {
console.log(err + 'is here');
} else {
res.json(user);
}
});
});
UserSchema
const mongoose = require('mongoose')
, bcrypt = require('bcrypt-nodejs')
, SALT_WORK_FACTOR = 10;
const UserSchema = new mongoose.Schema({
... // schema here
});
/**
* Hash password with blowfish algorithm (bcrypt) before saving it in to the database
*/
UserSchema.pre('save', function(next) {
var user = this;
// only hash the password if it has been modified (or is new)
if (!user.isModified('password'))
return next();
user.password = bcrypt.hashSync(user.password, bcrypt.genSaltSync(SALT_WORK_FACTOR), null);
next();
});
mongoose.model('User', UserSchema);
然后在您的路线中:
router.put('/reset/:token', function(req, res, next) {
User.findOne({resetPasswordToken: new RegExp('^' + req.params.token + '$', "i")}, function (err, user) {
if (err)
return next(err);
if (!user)
return res.status(422).json({errors: [{msg: 'invalid reset token'}]});
user.resetPasswordToken = '';
user.resetPasswordExpires = '';
user.password = req.body.password;
user.save().then(function (user) {
return res.status(200).json(user);
});
});
});
是的,我已经按照你说的那样试过了,但它没有对密码进行哈希运算。我已经详细地发布了一个新问题。请检查一下。