mongoose更新用户配置文件,无需用户输入密码
使用Node Express Mongoose,我希望登录用户能够更新其个人资料,而无需在更新表单上再次提供密码。他们在登录时提供了它,并收到了JWT 我遇到的问题是,我已设置Mongoose以要求输入密码。 因此,我正在构建的API在提交用户更新表单时给出了错误的请求错误,并且不包含密码 JWT不包含密码,因此我无法从那里获取密码mongoose更新用户配置文件,无需用户输入密码,mongoose,Mongoose,使用Node Express Mongoose,我希望登录用户能够更新其个人资料,而无需在更新表单上再次提供密码。他们在登录时提供了它,并收到了JWT 我遇到的问题是,我已设置Mongoose以要求输入密码。 因此,我正在构建的API在提交用户更新表单时给出了错误的请求错误,并且不包含密码 JWT不包含密码,因此我无法从那里获取密码 const config = require("config"); const jwt = require("jsonwebtoken
const config = require("config");
const jwt = require("jsonwebtoken");
const Joi = require("@hapi/joi");
const mongoose = require("mongoose");
const userSchema = new mongoose.Schema({
username: {
type: String,
required: true,
minlenghth: 5,
maxlength: 255,
unique: true,
trim: true,
},
password: {
type: String,
required: true,
minlength: 3,
maxlength: 1024,
trim: true,
},
name: {
type: String,
required: true,
minlength: 3,
maxlength: 30,
trim: true,
}
});
userSchema.methods.generateAuthToken = function () {
const token = jwt.sign(
{
_id: this._id,
username: this.username,
name: this.name,
isAdmin: this.isAdmin,
},
config.get("jwtPrivateKey")
);
return token;
};
const User = mongoose.model("User", userSchema);
function validateUser(req) {
const schema = Joi.object({
username: Joi.string().min(5).max(255).required().email(),
password: Joi.string()
.regex(/^[a-zA-Z0-9]{3,255}$/)
.required(),
name: Joi.string().min(3).max(30).required(),
});
return schema.validate(req);
}
exports.User = User;
exports.validateUser = validateUser;
路线如下所示:
router.post("/", validate(validateUser), async (req, res) => {
let user = await User.findOne({ username: req.body.username });
if (user) return res.status(400).send("User already registered.");
user = new User(_.pick(req.body, ["username", "password", "name"]));
const salt = await bcrypt.genSalt(10);
user.password = await bcrypt.hash(user.password, salt);
await user.save();
const token = user.generateAuthToken();
res
.header("x-auth-token", token)
.send(_.pick(user, ["_id", "username", "name"]));
});
router.put("/:id", [auth, validate(validateUser)], async (req, res) => {
const user = await User.findByIdAndUpdate(
req.params.id,
{
username: req.body.username,
password: req.body.password, // This is what I DON'T want
name: req.body.name,
}
);
if (!user)
return res.status(404).send("The user with the given ID was not found.");
res.send(user);
});