Javascript 我的API路由不工作;NodeJS
我正在使用NodeJS开发一个身份验证API系统。Javascript 我的API路由不工作;NodeJS,javascript,node.js,api,express,server,Javascript,Node.js,Api,Express,Server,我正在使用NodeJS开发一个身份验证API系统。/SignupAPI端点工作正常,但/authenticate工作不正常。每次调用/authenticate端点时,我都会收到错误消息:“无法验证用户”,即使提供了有效的用户; 下面是我的代码。请告诉我我做错了什么 var express = require("express"); var mongoose = require("mongoose"); var User = require("../models/user"); module.
/Signup
API端点工作正常,但/authenticate
工作不正常。每次调用/authenticate
端点时,我都会收到错误消息:“无法验证用户”
,即使提供了有效的用户;
下面是我的代码。请告诉我我做错了什么
var express = require("express");
var mongoose = require("mongoose");
var User = require("../models/user");
module.exports = function (router) {
router.post('/signup', function (req,res) {
var user = new User();
user.local.username = req.body.username;
user.local.email = req.body.email;
user.local.password = req.body.password;
if (req.body.username == null || req.body.username == '' || req.body.email == null || req.body.email == '' || req.body.password == null || req.body.password == '') {
res.json({success:false, message:'Ensure username, email and password were provided'});
} else {
user.save(function (err, data) {
if (err) res.json({success:false, message:'Username or Email already exists!'});
// console.log(err.errors)
res.json({success:true, message:'New user created', data:data});
console.log(data)
});
}
})
router.post('/authenticate', function (req,res) {
User.findOne({username: req.body.username}).exec(function (err,user) {
if(err)
return res.send(err);
if (!user) {
res.json({success:false, message: 'Could not authenticate user'});
} else if(user){
var validPassword = user.comparePassword(req.body.password)
if (!validPassword) {
res.json({success:false, message: 'Could not authenticate password'});
} else{
res.json({success:true, message: 'User authenticated'});
}
}
});
});
}
编辑用户模型:
var mongoose = require('mongoose');
var Schema = mongoose.Schema;
var bcrypt = require('bcrypt-nodejs');
// define the schema for our user model
var userSchema = new Schema({
local : {
username : {type:String,unique:true,required:true, lowercase:true},
email : {type:String,unique:true,required:true, lowercase:true},
password : String
},
created_at : {type:Date, default:Date.now},
updated_at : {type:Date, default:Date.now}
});
userSchema.pre('save', function(next){
var user = this;
var now = new Date();
user.updated_at = now;
if(!user.created_at){
user.created_at = now
}
bcrypt.hash(user.local.password, null, null, function (err, hash) {
if(err) return next(err)
user.local.password = hash;
next(); })
});
// checking if password is valid
userSchema.methods.comparePassword = function(password) {
return bcrypt.compareSync(password, this.local.password); };
// create the model for users and expose it to our app
module.exports = mongoose.model('User', userSchema);
刚才看到了一个bug,你的用户名在本地文件中
router.post('/authenticate', function (req,res) {
User.findOne({'local.username': req.body.username}).exec(function (err,user) {
if(err)
return res.send(err);
else{
}
});
我认为你的密码处理是个问题-你能展示一下用户模型吗?特别是pre hooks和comparePassword?您是否在req.body.password中收到密码?您是否确定要检索的mongo文档结构与保存时相同?我可以保存新文档(创建新用户),但我可以;无法读取特定的用户。似乎是我的
用户。find(…)
函数没有启动。我感觉它不会等待comparePassword返回。为什么不进行回调,并返回一个包含true或false的回调,然后处理此问题。哦,是的,您这样做了。谢谢你的超能力。