【发布时间】:2021-01-11 15:05:12
【问题描述】:
每当我忘记密码并发送密码重置链接时,我都会成功,这是我的代码。
router.put('/forgotpassword', async (req, res) => {
const { email } = req.body;
const errors = validationResult(req);
if (!errors.isEmpty()) {
return res.status(400).json({ errors: errors.array() });
}
try {
let user = await User.findOne({ email });
if (!user) {
return res.status(400).json({
errors: [{ msg: `User with that email doesn't exist` }],
});
}
const token = jwt.sign({ _id: user._id }, resetUserPassword, {
expiresIn: '1m',
});
const emailData = {
from: emailFrom,
to: email,
subject: 'Password Reset Link',
html: `
<h1> Please Click the Link to Reset your password </h1>
<p>${PORT}/auth/resetpassword/${token}</p>`,
};
return User.updateOne({ resetUserPassword: token }, (err) => {
if (err) {
console.log('RESET PASSWORD LINK ERROR');
return res.status(400).json({
err: 'Error in resetting the password',
});
} else {
sgMail
.send(emailData)
.then((sent) => {
// console.log('SIGNUP EMAIL SENT', sent)
return res.json({
message: `Email has been sent to ${email}. Follow the instruction to activate your account`,
});
})
.catch((err) => {
// console.log('SIGNUP EMAIL SENT ERROR', err)
return res.json({
message: err.message,
});
});
}
});
} catch (error) {
console.error(err.message);
res.status(500).send('Server error');
}});
我已成功通过电子邮件收到。
例如:http://本地主机:5000 / API / AUTH /重置/ eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJfaWQiOiI1ZjZkOTllZmFkNDRhZDNhMjBkMDYyNDQiLCJpYXQiOjE2MDEwMjM1NTUsImV4cCI6MTYwMTAyMzYxNX0.sZ0YEUwRDbgcw6O90QLSdguki0y6juCbXDiePWCX1hY P>
这是我在邮递员中使用的链接
但是,我担心的是我总是在邮递员中收到此错误
我知道我的错误在链接中,但我无法确定它是否起作用。因此,对于这个问题,我也无法确定密码更新是否有效。所以简而言之我有两个问题。
这是我的密码重置代码
router.put(
'/reset',
[
check(
'newPassword',
'Please enter a password with 6 or more characters'
).isLength({ min: 6 }),
],
async (req, res) => {
const { resetPassword, newPassword } = req.body;
const errors = validationResult(req);
if (!errors.isEmpty()) {
return res.status(400).json({ errors: errors.array() });
}
try {
if (resetPassword) {
jwt.verify(resetPassword, resetUserPassword, function (err) {
if ((err, decoded)) {
return res.status(400).json({
err: 'Expired Link. Please try again',
});
}
});
}
User.findOne(
{
resetPassword,
},
(err, user) => {
if (err || !user) {
return res.status(400).json({
error: 'Something went wrong. Try later',
});
}
const updatedFields = {
password: newPassword,
resetPassword: '',
};
user = _.extend(User, updatedFields);
user.save((err, result) => {
if (err) {
return res.status(400).json({
error: 'Error resetting user password',
});
}
res.json({
message: `Great! Now you can login with your new password`,
});
});
}
);
} catch (error) {
console.error(err.message);
res.status(500).send('Server error');
}
});
我的路线
注意:auth 路由是有效的,因为我尝试使用 get - res.send('Auth Route');
这是我的用户数据库
【问题讨论】:
标签: node.js rest express postman