问题描述
我正在尝试向我构建的仪表板添加更改密码选项。我的表单具有三个输入,currentPassword,newPassword,confirmNewPassword。这是您针对数据库的标准检查当前密码,如果匹配,则使用新密码进行更新。
无论我做什么,我都无法使代码在匹配成功的地方运行(bcrypt.compare之后的代码)。我知道我使用了正确的密码。我不知道我在做什么错。感谢帮助。
router.post("/changepassword",ensureAuthenticated,(req,res) => {
const { currentPassword,newPassword,confirmNewPassword } = req.body;
const userID = req.user.userID;
let errors = [];
//Check required fields
if (!currentPassword || !newPassword || !confirmNewPassword) {
errors.push({ msg: "Please fill in all fields." });
}
//Check passwords match
if (newPassword !== confirmNewPassword) {
errors.push({ msg: "New passwords do not match." });
}
//Check password length
if (newPassword.length < 6 || confirmNewPassword.length < 6) {
errors.push({ msg: "Password should be at least six characters." });
}
if (errors.length > 0) {
res.render("changepassword",{
errors,name: req.user.name,});
} else {
//VALIDATION PASSED
//Ensure current password submitted matches
User.findOne({ userID: userID }).then(user => {
//encrypt newly submitted password
bcrypt.compare(currentPassword,user.password,(err,isMatch) => {
if (err) throw err;
if (isMatch) {
console.log(user.password);
//Update password for user with new password
bcrypt.genSalt(10,salt) =>
bcrypt.hash(newPassword,salt,hash) => {
if (err) throw err;
user.password = hash;
user.save();
})
);
req.flash("success_msg","Password successfully updated!");
res.redirect("/dashboard");
} else {
//Password does not match
errors.push({ msg: "Current password is not a match." });
res.render("changepassword",{
errors,});
}
});
});
}
});
解决方法
尝试使用异步等待语法
router.post("/changepassword",ensureAuthenticated,async (req,res) => {
const { currentPassword,newPassword,confirmNewPassword } = req.body;
const userID = req.user.userID;
let errors = [];
//Check required fields
if (!currentPassword || !newPassword || !confirmNewPassword) {
errors.push({ msg: "Please fill in all fields." });
}
//Check passwords match
if (newPassword !== confirmNewPassword) {
errors.push({ msg: "New passwords do not match." });
}
//Check password length
if (newPassword.length < 6 || confirmNewPassword.length < 6) {
errors.push({ msg: "Password should be at least six characters." });
}
if (errors.length > 0) {
res.render("changepassword",{
errors,name: req.user.name,});
} else {
//VALIDATION PASSED
//Ensure current password submitted matches
User.findOne({ userID: userID }).then(async (user) => {
//encrypt newly submitted password
// async-await syntax
const isMatch = await bcrypt.compare(currentPassword,user.password);
if (isMatch) {
console.log(user.password);
//Update password for user with new password
bcrypt.genSalt(10,(err,salt) =>
bcrypt.hash(newPassword,salt,hash) => {
if (err) throw err;
user.password = hash;
user.save();
})
);
req.flash("success_msg","Password successfully updated!");
res.redirect("/dashboard");
} else {
//Password does not match
errors.push({ msg: "Current password is not a match." });
res.render("changepassword",{
errors,});
}
});
}
});
,
我弄清楚是什么。 const userID应该已经设置为等于req.user.id。然后,在我的猫鼬中,我应该一直使用_id作为查询。
router.post("/changepassword",(req,res) => {
const { currentPassword,confirmNewPassword } = req.body;
const userID = req.user.id;
let errors = [];
//Check required fields
if (!currentPassword || !newPassword || !confirmNewPassword) {
errors.push({ msg: "Please fill in all fields." });
}
//Check passwords match
if (newPassword !== confirmNewPassword) {
errors.push({ msg: "New passwords do not match." });
}
//Check password length
if (newPassword.length < 6 || confirmNewPassword.length < 6) {
errors.push({ msg: "Password should be at least six characters." });
}
if (errors.length > 0) {
res.render("changepassword",{
errors,});
} else {
//VALIDATION PASSED
//Ensure current password submitted matches
User.findOne({ _id: userID }).then(user => {
//encrypt newly submitted password
bcrypt.compare(currentPassword,user.password,isMatch) => {
if (err) throw err;
if (isMatch) {
//Update password for user with new password
bcrypt.genSalt(10,salt) =>
bcrypt.hash(newPassword,hash) => {
if (err) throw err;
user.password = hash;
user.save();
})
);
req.flash("success_msg","Password successfully updated!");
res.redirect("/dashboard");
} else {
//Password does not match
errors.push({ msg: "Current password is not a match." });
res.render("changepassword",{
errors,});
}
});
});
}
});