Javascript 无法将存储的密码作为参数发送到comparepassword()方法节点js
我一直在努力通过将mongoose中已经存储/散列的密码发送到调用的函数来执行passoword比较功能来比较密码。下面是users.js的代码。我评论了有问题的部分出于调试目的,我已经在调用函数和被调用函数中打印了参数值,如末尾所示。 users.jsJavascript 无法将存储的密码作为参数发送到comparepassword()方法节点js,javascript,node.js,mongodb,passport.js,bcrypt,Javascript,Node.js,Mongodb,Passport.js,Bcrypt,我一直在努力通过将mongoose中已经存储/散列的密码发送到调用的函数来执行passoword比较功能来比较密码。下面是users.js的代码。我评论了有问题的部分出于调试目的,我已经在调用函数和被调用函数中打印了参数值,如末尾所示。 users.js var express = require('express'); var router = express.Router(); var multer = require('multer'); var upload = multer({dest
var express = require('express');
var router = express.Router();
var multer = require('multer');
var upload = multer({dest: './uploads'});
var passport = require('passport');
var LocalStrategy = require('passport-local').Strategy;
var User=require('../models/user');
router.post('/login',
passport.authenticate('local',{failureRedirect:'/users/login',failureFlash:'Invalid username or password'}),
function(req, res) {
req.flash('success','You are now logged in!');
res.redirect('/');
console.login("Login Working!...");
});
passport.serializeUser(function(user, done) {
done(null, user.id);
});
passport.deserializeUser(function(id, done) {
User.getUserById(id, function(err, user) {
done(err, user);
});
});
passport.use(new LocalStrategy(function(username,password,done){
User.getUserByUsername(username,function(err,user){
console.log("user object is : "+user);
if(err) throw err;
if(!user){
return done(null,false,{message:'Unknown user'});
}
//The problem lies in the second argument below calling function
User.comparePassword(password,user.passowrd,function(err,isMatch){
console.log("Value of isMatch is :"+isMatch);
console.log("user.password is : "+user.password);
if(err) return done(err);
if(isMatch){
return done(null,user);
}else{
return done(null,false,{message : 'Invalid Password'});
}
});
});
}));
var mongoose= require('mongoose');
mongoose.connect('mongodb://localhost/nodeauth');
var db = mongoose.connection;
var bcrypt = require('bcryptjs');
//user Schema
var UserSchema = mongoose.Schema({
username : {
type :String,
index: true
},
password:{
type : String
},
email:{
type : String
},
name:{
type : String
},
profileimage:{
type : String
}
});
var User= module.exports=mongoose.model('User',UserSchema);
module.exports.createUser=function(newUser,callback){
bcrypt.genSalt(10,function(err,salt){
bcrypt.hash(newUser.password,salt,function(err,hash){
newUser.password=hash;
newUser.save(callback);
});
});
}
module.exports.getUserById = function(id,callback){
User.findById(id,callback);
}
module.exports.getUserByUsername = function(username,callback){
console.log("indside getUserByUsername impl., username is :"+username);
var query ={username:username};
User.findOne(query,callback);
}
//here in the below calling function., the second passed argument 'hash' is showing as 'undefined' in the result.
module.exports.comparePassword = function(candidatePassword,hash,callback){
console.log("indside comparePassword impl., candidatePassword is :"+candidatePassword);
console.log("hash of the password is :"+hash);
bcrypt.compare(candidatePassword, hash, function(err, isMatch) {
callback(null,isMatch);
});
}
但问题是,当我调用comparePassword()
方法时,将密码作为第一个参数(已从登录表单中发布)和用户.passowrd
作为第二个参数(已存储在mongoose中)。,其他文件/models/user.js
中的函数实现未获取第二个参数的值,即user.passowrd
下面是/models/user.js的代码
var express = require('express');
var router = express.Router();
var multer = require('multer');
var upload = multer({dest: './uploads'});
var passport = require('passport');
var LocalStrategy = require('passport-local').Strategy;
var User=require('../models/user');
router.post('/login',
passport.authenticate('local',{failureRedirect:'/users/login',failureFlash:'Invalid username or password'}),
function(req, res) {
req.flash('success','You are now logged in!');
res.redirect('/');
console.login("Login Working!...");
});
passport.serializeUser(function(user, done) {
done(null, user.id);
});
passport.deserializeUser(function(id, done) {
User.getUserById(id, function(err, user) {
done(err, user);
});
});
passport.use(new LocalStrategy(function(username,password,done){
User.getUserByUsername(username,function(err,user){
console.log("user object is : "+user);
if(err) throw err;
if(!user){
return done(null,false,{message:'Unknown user'});
}
//The problem lies in the second argument below calling function
User.comparePassword(password,user.passowrd,function(err,isMatch){
console.log("Value of isMatch is :"+isMatch);
console.log("user.password is : "+user.password);
if(err) return done(err);
if(isMatch){
return done(null,user);
}else{
return done(null,false,{message : 'Invalid Password'});
}
});
});
}));
var mongoose= require('mongoose');
mongoose.connect('mongodb://localhost/nodeauth');
var db = mongoose.connection;
var bcrypt = require('bcryptjs');
//user Schema
var UserSchema = mongoose.Schema({
username : {
type :String,
index: true
},
password:{
type : String
},
email:{
type : String
},
name:{
type : String
},
profileimage:{
type : String
}
});
var User= module.exports=mongoose.model('User',UserSchema);
module.exports.createUser=function(newUser,callback){
bcrypt.genSalt(10,function(err,salt){
bcrypt.hash(newUser.password,salt,function(err,hash){
newUser.password=hash;
newUser.save(callback);
});
});
}
module.exports.getUserById = function(id,callback){
User.findById(id,callback);
}
module.exports.getUserByUsername = function(username,callback){
console.log("indside getUserByUsername impl., username is :"+username);
var query ={username:username};
User.findOne(query,callback);
}
//here in the below calling function., the second passed argument 'hash' is showing as 'undefined' in the result.
module.exports.comparePassword = function(candidatePassword,hash,callback){
console.log("indside comparePassword impl., candidatePassword is :"+candidatePassword);
console.log("hash of the password is :"+hash);
bcrypt.compare(candidatePassword, hash, function(err, isMatch) {
callback(null,isMatch);
});
}
下面是为调试目的编写的console.log语句的输出:
我在代码中做错了什么,即,我得到的是'undefined'而不是存储的用于比较的密码,该密码作为第二个参数发送到comparePassword
方法。请检查user.passowrd的拼写。您必须提供类似的用户。密码请检查user.passowrd的拼写。您必须提供类似user.password的密码