【发布时间】:2019-12-08 09:07:50
【问题描述】:
我想用 jwt 创建登录,但 bcrypt 比较不起作用。 我将节点连接到我的数据库并将 db 对象放入 req. req.body.password 和 user.passwordHash 的类型都是字符串。
const express = require('express');
const bcrypt = require('bcryptjs');
const jwt = require('jwt-simple');
const joi = require('joi');
const authHelper = require('./authHelper');
const router = express.Router();
router.post('/', (req, res, next) => {
const schema = {
email: joi.string().email().min(7).max(50).required(),
password: joi.string().regex(/^(?=.*[0-9])(?=.*[!@#$%^&*])[a-zA-Z0-9!@#$%^&*]{7,15}$/).required()
};
joi.validate(req.body, schema, (err) => {
if(err)
return next(new Error('Invalid field: password 7 to 15 (one number, one specail character)'));
req.db.collection.findOne({ type: 'USER_TYPE', email: req.body.email }, (err, user) => {
if(err)
return next(err);
if(!user)
return next(new Error('User was not found'));
bcrypt.compare(user.passwordHash, req.body.password, (err, match) => {
if(match) {
try {
const token = jwt.encode({
authorized: true,
sessionIP: req.ip,
sessionUA: req.headers['user-agent'],
userId: user._id.toHexString(),
displayName: user.displayName
}, process.env.JWT_SECRET);
res.status(201).json({
displayName: user.displayName,
userId: user._id,
token: token,
msg: 'Authorized'
});
}
catch(err) {
return next(err);
}
}
else {
return next(new Error('Wrong password'));
}
});
});
});
});
希望你能解决我的问题:)
【问题讨论】: