我有一个登录和用户注册表,用户名,电子邮件,名称和密码添加到我的mongodb,但当我检查数据库时,它不盐密码。此外,当我登录到我的 Jmeter 板时,我得到以下错误:“NoSaltValueStoredError:无法进行身份验证。我添加了一个salt方法,但仍然得到这个错误:“添加用户失败。”下面。我把所有的代码放在一个文件index.js中。我做错了什么?
/* EXPRESS SETUP */
const express = require('express');
const app = express();
const passport = require('passport')
app.use(express.static(__dirname));
const bodyParser = require('body-parser');
const bcrypt = require('bcryptjs');
//const bcrypt = require('bcrypt');
const expressSession = require('express-session')({
secret: 'secret',
resave: false,
saveUninitialized: false
});
var saltRounds = 10;
//const { username } = await UserDetails.authenticate()('username', 'password');
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: true }));
app.use(expressSession);
const port = process.env.PORT || 3000;
app.listen(port, () => console.log('App listening on port ' + port));
/* PASSPORT SETUP */
//const passport = require('passport');
app.use(passport.initialize());
app.use(passport.session());
//const bcrypt = require('bcrypt');
//const SALT_WORK_FACTOR = 10;
/* MONGOOSE SETUP */
const mongoose = require('mongoose');
const passportLocalMongoose = require('passport-local-mongoose');
mongoose.connect('mongodb://localhost/MyDatabase',
{ useNewUrlParser: true, useUnifiedTopology: true });
const Schema = mongoose.Schema;
const UserDetail = new Schema({
_id: mongoose.Schema.Types.ObjectId,
//username: String,
//email: String,
//name: String,
//password: String
username: {type: String, registered:true},
email: {type: String, registered:true},
name: {type: String, registered:true},
password: {type: String, registered:false}
});
UserDetail.plugin(passportLocalMongoose);
const UserDetails = mongoose.model('userInfo', UserDetail, 'userInfo');
/* PASSPORT LOCAL AUTHENTICATION */
passport.use(UserDetails.createStrategy());
passport.serializeUser(UserDetails.serializeUser());
passport.deserializeUser(UserDetails.deserializeUser());
/* ROUTES */
const connectEnsureLogin = require('connect-ensure-login');
app.post('/login', (req, res, next) => {
passport.authenticate('local',
(err, user, info) => {
if (err) {
return next(err);
}
if (!user) {
return res.redirect('/login?info=' + info);
}
req.logIn(user, function(err) {
if (err) {
return next(err);
}
return res.redirect('/');
});
})(req, res, next);
});
app.get('/register',
/* (req, res) => { res.send('html/register.html') */
(req, res) => res.sendFile('html/register.html',
{ root: __dirname })
);
app.post("/register", (req, res) => {
UserDetails.find({"email": req.body.email})
.then(
async result => {
console.log(result.length);
if (result.length !== 0) {
res.json({
message: 'Email already exists',
status: false
})
} else {
var myData = new UserDetails(req.body);
myData._id = new mongoose.Types.ObjectId()
password = myData.password
const salt = await bcrypt.genSalt(saltRounds);
const hashPassword = await bcrypt.hash(password, salt);
console.log(hashPassword);
myData.password = hashPassword;
}
//UserDetails.register({username:'roy', active: false}, 'roy');
myData.save()
.then(
result => {
res.json({
message: 'User register success',
status: true,
send:(myData)
})
}
)
.catch(
error => {
res.json({
message: ' User Register faileddddddd',
status: false,
})
}
)
}
)
.catch(
error => {
res.json({
message: ' User Register fail',
status: false,
})
}
)
});
app.get('/login',
(req, res) => res.sendFile('html/login.html',
{ root: __dirname })
);
app.get('/',
connectEnsureLogin.ensureLoggedIn(),
(req, res) => res.sendFile('html/index.html', {root: __dirname})
);
app.get('/private',
connectEnsureLogin.ensureLoggedIn(),
(req, res) => res.sendFile('html/private.html', {root: __dirname})
);
app.get('/user',
connectEnsureLogin.ensureLoggedIn(),
(req, res) => res.send({user: req.user})
);
/*
app.post('/login', passport.authenticate('local'),
(req, res) => {
var token = authenticate.getToken({_id:req.user._id})
//res.send(req.user)
//req.logOut()
res.redirect('/')
});
*/
//Handling user login
app.post("/login", passport.authenticate("local", {
successRedirect: "/index",
failureRedirect: "/login"
}), function (req, res) {
});
app.post('/logout',
(req, res) => {
req.logOut()
res.redirect('/login')
});
/* REGISTER SOME USERS */
/*
UserDetails.register({username:'paul', active: false}, 'paul');
UserDetails.register({username:'jay', active: false}, 'jay');
UserDetails.register({username:'roy', active: false}, 'roy');
*/
2条答案
按热度按时间lztngnrs1#
最好使用async/await,像这样:
登录时:
1.通过电子邮件查找用户
1.如果找到用户,则访问其hasedPassword
1.使用becrypt的函数比较如下
gcmastyq2#
我只是在我的项目中修复了相同的错误消息。我调出了MongoDB数据库中的所有用户,其中一些用户缺少一个salt键/值。显然,这些用户是在我存储salt键/值之前在项目中创建的,或者在我的数据库方案中有它们。我从我的数据库中删除了这些用户,并重新注册了以前不起作用的相同的样本/测试用户名,然后它开始工作。