Javascript b crypt/Mongoose更改用户密码
我正在尝试将更改密码选项添加到我构建的仪表板中。我的表单有三个输入:currentPassword、newPassword、confirmNewPassword。这是您的标准对照数据库检查当前密码,如果它匹配,则使用新密码更新它 无论我做什么,我都无法在匹配成功的地方运行代码(bcrypt.compare之后的代码)。我知道我使用的是正确的密码。我不知道我做错了什么。谢谢你的帮助Javascript b crypt/Mongoose更改用户密码,javascript,node.js,mongodb,mongoose,bcrypt,Javascript,Node.js,Mongodb,Mongoose,Bcrypt,我正在尝试将更改密码选项添加到我构建的仪表板中。我的表单有三个输入:currentPassword、newPassword、confirmNewPassword。这是您的标准对照数据库检查当前密码,如果它匹配,则使用新密码更新它 无论我做什么,我都无法在匹配成功的地方运行代码(bcrypt.compare之后的代码)。我知道我使用的是正确的密码。我不知道我做错了什么。谢谢你的帮助 router.post("/changepassword", ensureAuthenticat
router.post("/changepassword", ensureAuthenticated, (req, res) => {
const { currentPassword, newPassword, confirmNewPassword } = req.body;
const userID = req.user.userID;
let errors = [];
//Check required fields
if (!currentPassword || !newPassword || !confirmNewPassword) {
errors.push({ msg: "Please fill in all fields." });
}
//Check passwords match
if (newPassword !== confirmNewPassword) {
errors.push({ msg: "New passwords do not match." });
}
//Check password length
if (newPassword.length < 6 || confirmNewPassword.length < 6) {
errors.push({ msg: "Password should be at least six characters." });
}
if (errors.length > 0) {
res.render("changepassword", {
errors,
name: req.user.name,
});
} else {
//VALIDATION PASSED
//Ensure current password submitted matches
User.findOne({ userID: userID }).then(user => {
//encrypt newly submitted password
bcrypt.compare(currentPassword, user.password, (err, isMatch) => {
if (err) throw err;
if (isMatch) {
console.log(user.password);
//Update password for user with new password
bcrypt.genSalt(10, (err, salt) =>
bcrypt.hash(newPassword, salt, (err, hash) => {
if (err) throw err;
user.password = hash;
user.save();
})
);
req.flash("success_msg", "Password successfully updated!");
res.redirect("/dashboard");
} else {
//Password does not match
errors.push({ msg: "Current password is not a match." });
res.render("changepassword", {
errors,
name: req.user.name,
});
}
});
});
}
});
router.post(“/changepassword”),确保重新验证(req,res)=>{
const{currentPassword,newPassword,confirmNewPassword}=req.body;
const userID=req.user.userID;
让错误=[];
//检查必填字段
如果(!currentPassword | | |!newPassword | |!confirmNewPassword){
错误。推送({msg:“请填写所有字段。”});
}
//检查密码是否匹配
if(newPassword!==confirmNewPassword){
错误。推送({msg:“新密码不匹配。”});
}
//检查密码长度
if(newPassword.length<6 | | confirmNewPassword.length<6){
错误。推送({msg:“密码至少应为六个字符。”});
}
如果(errors.length>0){
res.render(“更改密码”{
错误,
名称:req.user.name,
});
}否则{
//通过验证
//确保提交的当前密码匹配
findOne({userID:userID})。然后(User=>{
//加密新提交的密码
bcrypt.compare(currentPassword,user.password,(err,isMatch)=>{
如果(错误)抛出错误;
如果(isMatch){
console.log(用户密码);
//使用新密码更新用户的密码
bcrypt.genSalt(10,(错误,盐)=>
bcrypt.hash(newPassword,salt,(err,hash)=>{
如果(错误)抛出错误;
user.password=hash;
user.save();
})
);
请求flash(“成功消息”,“密码成功更新!”);
res.redirect(“/仪表板”);
}否则{
//密码不匹配
错误。推送({msg:“当前密码不匹配。”});
res.render(“更改密码”{
错误,
名称:req.user.name,
});
}
});
});
}
});
尝试使用异步等待语法
router.post("/changepassword", ensureAuthenticated, async (req, res) => {
const { currentPassword, newPassword, confirmNewPassword } = req.body;
const userID = req.user.userID;
let errors = [];
//Check required fields
if (!currentPassword || !newPassword || !confirmNewPassword) {
errors.push({ msg: "Please fill in all fields." });
}
//Check passwords match
if (newPassword !== confirmNewPassword) {
errors.push({ msg: "New passwords do not match." });
}
//Check password length
if (newPassword.length < 6 || confirmNewPassword.length < 6) {
errors.push({ msg: "Password should be at least six characters." });
}
if (errors.length > 0) {
res.render("changepassword", {
errors,
name: req.user.name,
});
} else {
//VALIDATION PASSED
//Ensure current password submitted matches
User.findOne({ userID: userID }).then(async (user) => {
//encrypt newly submitted password
// async-await syntax
const isMatch = await bcrypt.compare(currentPassword, user.password);
if (isMatch) {
console.log(user.password);
//Update password for user with new password
bcrypt.genSalt(10, (err, salt) =>
bcrypt.hash(newPassword, salt, (err, hash) => {
if (err) throw err;
user.password = hash;
user.save();
})
);
req.flash("success_msg", "Password successfully updated!");
res.redirect("/dashboard");
} else {
//Password does not match
errors.push({ msg: "Current password is not a match." });
res.render("changepassword", {
errors,
name: req.user.name,
});
}
});
}
});
router.post(“/changepassword”),确保重新验证,异步(req,res)=>{
const{currentPassword,newPassword,confirmNewPassword}=req.body;
const userID=req.user.userID;
让错误=[];
//检查必填字段
如果(!currentPassword | | |!newPassword | |!confirmNewPassword){
错误。推送({msg:“请填写所有字段。”});
}
//检查密码是否匹配
if(newPassword!==confirmNewPassword){
错误。推送({msg:“新密码不匹配。”});
}
//检查密码长度
if(newPassword.length<6 | | confirmNewPassword.length<6){
错误。推送({msg:“密码至少应为六个字符。”});
}
如果(errors.length>0){
res.render(“更改密码”{
错误,
名称:req.user.name,
});
}否则{
//通过验证
//确保提交的当前密码匹配
findOne({userID:userID})。然后(异步(User)=>{
//加密新提交的密码
//异步等待语法
const isMatch=wait bcrypt.compare(currentPassword,user.password);
如果(isMatch){
console.log(用户密码);
//使用新密码更新用户的密码
bcrypt.genSalt(10,(错误,盐)=>
bcrypt.hash(newPassword,salt,(err,hash)=>{
如果(错误)抛出错误;
user.password=hash;
user.save();
})
);
请求flash(“成功消息”,“密码成功更新!”);
res.redirect(“/仪表板”);
}否则{
//密码不匹配
错误。推送({msg:“当前密码不匹配。”});
res.render(“更改密码”{
错误,
名称:req.user.name,
});
}
});
}
});
我弄明白了那是什么。const userID应设置为等于req.user.id。然后,在我的MongooseFind中,我应该使用_id作为查询
router.post("/changepassword", ensureAuthenticated, (req, res) => {
const { currentPassword, newPassword, confirmNewPassword } = req.body;
const userID = req.user.id;
let errors = [];
//Check required fields
if (!currentPassword || !newPassword || !confirmNewPassword) {
errors.push({ msg: "Please fill in all fields." });
}
//Check passwords match
if (newPassword !== confirmNewPassword) {
errors.push({ msg: "New passwords do not match." });
}
//Check password length
if (newPassword.length < 6 || confirmNewPassword.length < 6) {
errors.push({ msg: "Password should be at least six characters." });
}
if (errors.length > 0) {
res.render("changepassword", {
errors,
name: req.user.name,
});
} else {
//VALIDATION PASSED
//Ensure current password submitted matches
User.findOne({ _id: userID }).then(user => {
//encrypt newly submitted password
bcrypt.compare(currentPassword, user.password, (err, isMatch) => {
if (err) throw err;
if (isMatch) {
//Update password for user with new password
bcrypt.genSalt(10, (err, salt) =>
bcrypt.hash(newPassword, salt, (err, hash) => {
if (err) throw err;
user.password = hash;
user.save();
})
);
req.flash("success_msg", "Password successfully updated!");
res.redirect("/dashboard");
} else {
//Password does not match
errors.push({ msg: "Current password is not a match." });
res.render("changepassword", {
errors,
name: req.user.name,
});
}
});
});
}
router.post(“/changepassword”),确保重新验证(req,res)=>{
const{currentPassword,newPassword,confirmNewPassword}=req.body;
const userID=req.user.id;
让错误=[];
//检查必填字段
如果(!currentPassword | | |!newPassword | |!confirmNewPassword){
错误。推送({msg:“请填写所有字段。”});
}
//检查密码是否匹配
if(newPassword!==confirmNewPassword){
错误。推送({msg:“新密码不匹配。”});
}
//检查密码长度
if(newPassword.length<6 | | confirmNewPassword.length<6){
错误。推送({msg:“密码至少应为六个字符。”});
}
如果(errors.length>0){
res.render(“更改密码”{
错误,
名称:req.user.name,
});
}否则{
//通过验证
//确保提交的当前密码匹配
findOne({u id:userID})。然后(User=>{
//加密新提交的密码
bcrypt.compare(currentPassword,user.password,(err,isMatch)=>{
如果(错误)抛出错误;
如果(isMatch){
//使用新密码更新用户的密码
bcrypt.genSalt(10,(错误,盐)=>
bcrypt.hash(newPassword,salt,(err,hash)=>{
如果(错误)抛出错误;
user.password=hash;
user.save();
})
);
请求flash(“成功消息”,“密码成功更新!”);