Node.js 验证NodeJS中的哈希密码
我从几个星期开始学习NodeJS。我正在构建我的第一个应用程序,用户可以在其中注册一个帐户并使用他们的凭据登录。当用户注册帐户时,密码将被散列。我正在使用NPM的密码哈希。对密码进行散列可以正常工作。问题在于用户登录时验证密码。这是我的代码: 注册:Node.js 验证NodeJS中的哈希密码,node.js,hash,Node.js,Hash,我从几个星期开始学习NodeJS。我正在构建我的第一个应用程序,用户可以在其中注册一个帐户并使用他们的凭据登录。当用户注册帐户时,密码将被散列。我正在使用NPM的密码哈希。对密码进行散列可以正常工作。问题在于用户登录时验证密码。这是我的代码: 注册: router.post('/register', function(req, res, next) { req.getConnection(function (err, connection) { var data = {
router.post('/register', function(req, res, next) {
req.getConnection(function (err, connection) {
var data = {
username: req.body.username,
password: passwordHash.generate(req.body.password),
mail: req.body.mail,
hometown: req.body.hometown
};
connection.query("INSERT INTO users set ? ", [data], function(err, results) {
res.redirect('/secret/login');
});
});
});
router.post('/login', function(req, res, next) {
var user_login = req.body.username;
var password_login = req.body.password;
req.getConnection(function(err, connection) {
if (err) throw err;
connection.query('SELECT * FROM users WHERE username = ?', [user_login], function(err, results) {
if(results[0] && passwordHash.verify(password_login, results[0].password)) {
req.session.regenerate(function(){
req.session.login = true;
req.session.username = user_login;
req.session.data = results[0];
res.redirect(req.baseUrl);
});
} else {
console.log(results[0]); // true
res.redirect(req.baseUrl);
}
});
});
});
"ejs": "^2.3.4",
"express": "^4.13.3",
"express-myconnection": "^1.0.4",
"multer": "^1.1.0",
"mysql": "^2.9.0",
"password-hash": "^1.2.2"
登录并验证哈希密码:
router.post('/register', function(req, res, next) {
req.getConnection(function (err, connection) {
var data = {
username: req.body.username,
password: passwordHash.generate(req.body.password),
mail: req.body.mail,
hometown: req.body.hometown
};
connection.query("INSERT INTO users set ? ", [data], function(err, results) {
res.redirect('/secret/login');
});
});
});
router.post('/login', function(req, res, next) {
var user_login = req.body.username;
var password_login = req.body.password;
req.getConnection(function(err, connection) {
if (err) throw err;
connection.query('SELECT * FROM users WHERE username = ?', [user_login], function(err, results) {
if(results[0] && passwordHash.verify(password_login, results[0].password)) {
req.session.regenerate(function(){
req.session.login = true;
req.session.username = user_login;
req.session.data = results[0];
res.redirect(req.baseUrl);
});
} else {
console.log(results[0]); // true
res.redirect(req.baseUrl);
}
});
});
});
"ejs": "^2.3.4",
"express": "^4.13.3",
"express-myconnection": "^1.0.4",
"multer": "^1.1.0",
"mysql": "^2.9.0",
"password-hash": "^1.2.2"
我也试过了
console.log(passwordHash.verify(password_login, results[0].password));
当我使用其中一个注册帐户的用户名和密码登录时,console.log中的布尔响应每次都是“false”。
我在网上找不到答案,所以我在这里问。我希望有人能帮我解决这个问题
我正在使用这些模块:
router.post('/register', function(req, res, next) {
req.getConnection(function (err, connection) {
var data = {
username: req.body.username,
password: passwordHash.generate(req.body.password),
mail: req.body.mail,
hometown: req.body.hometown
};
connection.query("INSERT INTO users set ? ", [data], function(err, results) {
res.redirect('/secret/login');
});
});
});
router.post('/login', function(req, res, next) {
var user_login = req.body.username;
var password_login = req.body.password;
req.getConnection(function(err, connection) {
if (err) throw err;
connection.query('SELECT * FROM users WHERE username = ?', [user_login], function(err, results) {
if(results[0] && passwordHash.verify(password_login, results[0].password)) {
req.session.regenerate(function(){
req.session.login = true;
req.session.username = user_login;
req.session.data = results[0];
res.redirect(req.baseUrl);
});
} else {
console.log(results[0]); // true
res.redirect(req.baseUrl);
}
});
});
});
"ejs": "^2.3.4",
"express": "^4.13.3",
"express-myconnection": "^1.0.4",
"multer": "^1.1.0",
"mysql": "^2.9.0",
"password-hash": "^1.2.2"
验证哈希密码时我做错了什么 我发现了问题。。密码以varchar(50)的形式保存在我的数据库中。。必须是瓦查尔(88)。感谢阅读和回答 从控制台开始。登录
password\u登录
和结果[0]。密码
以查看您实际得到的信息。我做到了。。password\u login提供登录表单中填写的密码(字符串,非散列)和结果[0]。password将散列密码作为字符串提供。我已解决了此问题,感谢您的帮助!如果你感兴趣的话,我已经把答案贴出来了。