Node.js I';我使用mongoose加密,当我运行我的服务器时,我得到一个错误:身份验证码丢失
我在代码中正确设置了mongoose.encryption。我知道这一点,因为当我转到“/register”路径时,我的密码被正确加密Node.js I';我使用mongoose加密,当我运行我的服务器时,我得到一个错误:身份验证码丢失,node.js,authentication,mongoose,Node.js,Authentication,Mongoose,我在代码中正确设置了mongoose.encryption。我知道这一点,因为当我转到“/register”路径时,我的密码被正确加密 app.get('/cadastrar', (req, res) => { res.render('registrar'); }); app.post('/cadastrar', (req, res) =>{ const cadastro = req.body.cadastro; User.create({nickname: cadastro
app.get('/cadastrar', (req, res) => {
res.render('registrar');
});
app.post('/cadastrar', (req, res) =>{
const cadastro = req.body.cadastro;
User.create({nickname: cadastro.nickname, email: cadastro.email, password: cadastro.password},(err) => {
err ? console.log(err) : console.log('Successfully added a new user!'); res.render('/');
});
})
下面是我注册后的密码:
{
"_id" : ObjectId("5cbb2dce3014e52b34732df8"),
"nickname" : "Bulbassauro",
"email" : "bulba@pokemon.com",
"_ct" : { "$binary" : "YeLrW1jgdaT4IBFaBExr+Y4IUVkA5UtJoww6hYKqynAVg7OYjEuhJhQt2z2CtIBPHQ==", "$type" : "00" },
"_ac" : { "$binary" : "YUmRsA2QBkUw9fgyNTimqAeEPxsLgjtI4bLErh2FJmZCWyJfaWQiLCJfY3QiXQ==", "$type" : "00" },
"__v" : 0
}
我重构了我的代码,因此我有一个不同的文件,用于设置mongoose.Schema:
const mongoose = require('mongoose');
const encrypt = require('mongoose-encryption');
const userSchema = new mongoose.Schema(
{
nickname : String,
email : String,
password : String
}
);
const secret = 'viciadoemjogo';
userSchema.plugin(encrypt, {secret: secret, encryptedFields:['password']});
module.exports = mongoose.model('User', userSchema);
下面是我的登录路径。但是我不能登录。这意味着我的密码没有被解密。
这时我得到了一个错误:身份验证代码丢失
app.get('/login', (req, res) => {
res.render('registrar');
});
app.post('/login', (req, res) => {
const email = req.body.login.email;
const password = req.body.login.password;
User.findOne({email: email}, (err, foundUser) =>{
if(err){
console.log(err);
} else {
if(foundUser){
if(foundUser.password === password){
res.render('nivelamento');
}
}
}
});
});
有人能告诉我为什么不能登录吗?错误来自const email=req.body.login.email; const password=req.body.login.password 应该是 const email=req.body.email; const password=req.body.password
一旦您将代码更新为这些更改,一切都将正常工作。mongoose加密的工作原理是,当您保存()时,它会加密;当您调用find()或findOne()时,它会解密。因此,您正在比较pass string与pass string not pass hash。错误来自const email=req.body.login.email; const password=req.body.login.password 应该是 const email=req.body.email; const password=req.body.password
一旦您将代码更新为这些更改,一切都将正常工作。mongoose加密的工作原理是,当您保存()时,它会加密;当您调用find()或findOne()时,它会解密。因此,您正在比较pass string和pass string,而不是pass hash。因为您正在比较pass hash和pass string,因为您正在比较pass hash和pass string