问题描述
我对身份验证和授权很陌生,我正在尝试登录并注册用户以访问我的 api。我设法完成了注册处理程序并成功存储了用户信息和 Bcrypt。但是我仍然无法访问它们以通过我的登录端点处理程序登录它们。 这是我到目前为止编写的代码。
ser.write(tiltChannel); //Send the tilt servo ID
ser.write(servoTiltPosition); //Send the updated tilt position.
ser.write(panChannel); //Send the Pan servo ID
ser.write(servoPanPosition); //Send the updated pan position.
delay(1);
if (process.env.NODE_ENV !== 'production') {
require('dotenv').config();
}
const express = require('express');
const app = express();
const bcrypt = require('bcrypt');
const passport = require('passport');
const flash = require('express-flash');
const session = require('express-session');
const methodoverride = require('method-override');
const ejs = require('ejs');
const middle = require('./middlewares/middleware');
const mongoose = require('mongoose');
const usersDb = require('./db/db');
const initializePassport = require('./passport-config');
mongoose.connect(process.env.DATABASE_URL,{
useUnifiedTopology: true,useNewUrlParser: true,});
const db = mongoose.connection;
db.on('error',(error) => console.error(error));
db.once('open',() => console.log('DATABASE IS AVAILABLE'));
initializePassport(
passport,(name) => usersDb.find((user) => user.name === name),(password) => usersDb.find((user) => user.password === password)
);
app.set('view engine','ejs');
// app.use(express.json());
app.use(express.urlencoded({ extended: false }));
app.use(flash());
app.use(
session({
secret: process.env.SESSION_SECRET,resave: false,saveUninitialized: false,})
);
app.use(passport.initialize());
app.use(passport.session());
app.use(methodoverride('_method'));
// app.get('/users',async (req,res) => {
// try {
// users = await usersDb.find();
// res.json(users);
// } catch (err) {
// res.status(500).json({ message: err.message });
// }
// });
app.get('/',middle.checkAuthenticated,(req,res) => {
res.render('index.ejs',{ name: req.user.name },{ users });
});
app.get('/login',middle.checkNotAuthenticated,res) => {
res.render('login.ejs');
});
app.post(
'/login',passport.authenticate('local',{
successRedirect: '/',failureRedirect: '/login',failureFlash: true,})
);
app.get('/register',res) => {
res.render('register.ejs');
});
app.post('/register',res) => {
try {
const hashedPassword = await bcrypt.hash(req.body.password,10);
user = await new usersDb({
name: req.body.name,password: hashedPassword,score: req.body.score,dateSignedUp: req.body.dateSignedUp,lastPlayed: req.body.lastPlayed,});
user.save(function (err,user) {
if (err) return console.error(err);
console.log(`user ${user.name} registered successfully`);
});
res.redirect('/login');
} catch {
res.redirect('/register');
}
});
app.delete('/logout',res) => {
req.logout();
res.redirect('/login');
});
app.listen(3000);
就我调试到现在为止,我在询问时无法与数据库通信
const localStrategy = require('passport-local').Strategy;
const bcrypt = require('bcrypt');
const usersDb = require('./db/db');
function initialize(passport,getUserByName) {
const authenticateUser = async (name,password,done) => {
const user = usersDb.findOne({ name: name });
if (user == null) {
return done(null,false,{ message: 'no user with that name' });
}
try {
if (
await bcrypt.compare(password,user.password,function (err,result) {
result = true;
})
) {
return done(null,user);
} else {
return done(null,{ message: 'password incorrect' });
}
} catch (e) {
return done(e);
}
};
passport.use(new localStrategy({ usernameField: 'name' },authenticateUser));
passport.serializeUser((user,done) => done(null,user.id));
passport.deserializeUser((id,done) => {
User.findById(id,user) {
done(err,user);
});
});
}
module.exports = initialize;
任何帮助将不胜感激。
非常感谢您阅读所有代码。
解决方法
因此您可以在查找名称后添加一个承诺,以便它等待结果并将其存储在响应中
usersDb.findOne({姓名:姓名}) .then(user => console.log(user)) // 记录结果
另一种方法是你可以传递一个函数:
usersDb.findOne({ name: name },(err,result) => { 如果(错误)抛出错误;
if (!user) return done(null,false,{ message: '没有那个名字的用户' });
//这里你可以把剩下的代码添加到小鸡,如果密码正确
})