Node.js Mongo:仅在插入时创建哈希密码,不进行更新
下面是我的mongo帐户集合的JS for Account mongoose模型文件,其中包含两种方法。创建帐户时,会创建hashedPassword字段,但当我更新文档时,该字段不起作用。是否只有在插入而不是更新时才调用VirtualNode.js Mongo:仅在插入时创建哈希密码,不进行更新,node.js,mongoose,Node.js,Mongoose,下面是我的mongo帐户集合的JS for Account mongoose模型文件,其中包含两种方法。创建帐户时,会创建hashedPassword字段,但当我更新文档时,该字段不起作用。是否只有在插入而不是更新时才调用Virtual 'use strict'; var mongoose = require('mongoose'), Schema = mongoose.Schema, crypto = require('crypto'); var Account
'use strict';
var mongoose = require('mongoose'),
Schema = mongoose.Schema,
crypto = require('crypto');
var AccountSchema = new Schema({
email: {type: String,unique: true,required: true},
username: {type: String,unique: true,required: true},
group:{type:Schema.Types.ObjectId,ref:"Groups",require:false},
hashedPassword: String,
salt: String,
name: {type: String,require:false},
active: {type: Boolean,require:false},
});
/**
* Virtuals
*/
AccountSchema.virtual('password').set(function(password) {
this._password = password;
this.salt = this.makeSalt();
this.hashedPassword = this.encryptPassword(password);
})
.get(function() {
return this._password;
});
AccountSchema.virtual('user_info').get(function () {
return { '_id': this._id, 'username': this.username, 'email': this.email };
});
/**
* Validations
*/
AccountSchema.path('email').validate(function (email) {
var emailRegex = /^([\w-\.]+@([\w-]+\.)+[\w-]{2,4})?$/;
return emailRegex.test(email);
}, 'The specified email is invalid.');
AccountSchema.path('email').validate(function(value, respond) {
respond(true);
}, 'The specified email address is already in use.');
AccountSchema.methods = {
authenticate: function(plainText) {
return this.encryptPassword(plainText) === this.hashedPassword;
},
makeSalt: function() {
return crypto.randomBytes(16).toString('base64');
},
encryptPassword: function(password) {
console.log('encryptPassword')
if (!password || !this.salt) return '';
var salt = new Buffer(this.salt, 'base64');
return crypto.pbkdf2Sync(password, salt, 10000, 64).toString('base64');
}
};
mongoose.model('Account', AccountSchema);
在控制器中
$scope.register = function(form) {
Auth.createUser({
provider : "local",
_id: $scope.userData._id,
email: $scope.userData.email,
username: $scope.userData.name,
level : $scope.userData.level,
group : $scope.userData.group,
name : $scope.userData.name,
password: $scope.userData.password,
active: $scope.userData.active
},
function(err) {
$scope.errors = {};
if (!err) {
$state.go('users');
} else {
angular.forEach(err.errors, function(error, field) {
form[field].$setValidity('mongoose', false);
$scope.errors[field] = error.type;
});
}
}
);
调用createUser func的services.js
/* Services */
app.factory('User', function ($resource) {
return $resource('/auth/users/:id/', {},
{
'update': {
method:'PUT'
}
});
});
app.factory('Session', function ($resource) {
return $resource('/auth/session/');
});
app.factory('Auth', function Auth($location, $rootScope, Session, User, $cookieStore) {
$rootScope.currentUser = $cookieStore.get('user') || null;
$cookieStore.remove('user');
return {
createUser: function(userinfo, callback) {
var cb = callback || angular.noop;
User.save(userinfo,
function(user) {
$rootScope.currentUser = user;
return cb();
},
function(err) {
return cb(err.data);
});
},
currentUser: function() {
Session.get(function(user) {
$rootScope.currentUser = user;
});
}
};
})) 不工作到底是怎么回事?虚拟机也应该在更新时调用。您可以通过在
集合
函数中放置控制台.log
来轻松检查它。您是否存储原始明文密码以进行调试?否则,如果存储原始密码,则散列密码的整个练习将丢失。嗨,不,我没有存储原始密码。我还尝试了set函数中的console.log(),但没有打印任何内容。您是否有实际运行的代码不起作用?是的,我肯定已经添加到了初始问题中。请注意,如果我更新用户名,例如,它就不起作用了,密码字段就不起作用了。