我使用两种策略,一种用于管理员登录,另一种用于学生登录。管理员登录运行良好,但即使我输入了正确的用户名/密码,学生登录也显示"缺少凭据"错误。
我的完整代码是这里
我已经仔细检查了"studenttemp"集合中的字段名称。我用的是前端的车把。
/views/studentlogin.handlebas
<h2 class="page-header"> Student Login </h2>
<form action="/users/studentlogin" method="post">
<input type="text" name="email" id="email" placeholder="Email"> <br>
<input type="password" name="spassword" id="spassword" placeholder="Student Password"> <br> <br>
<button type="submit" class="btn btn-default"> Submit </button>
</form>
app.js
var express = require('express');
var path = require('path');
var cookieParser = require('cookie-parser');
var bodyParser = require('body-parser');
var exphbs = require('express-handlebars');
var expressValidator = require('express-validator');
var flash = require('connect-flash');
var session = require('express-session');
var passport = require('passport');
var LocalStrategy = require('passport-local').Strategy;
var mongo = require('mongodb');
var mongoose = require('mongoose');
var router = express.Router();
//database
mongoose.connect('mongodb://localhost/scientia', { useNewUrlParser: true });
var db = mongoose.connection;
var routes = require('./routes/index');
var users = require('./routes/users');
// Init App
var app = express();
// View Engine
app.set('views', path.join(__dirname, 'views'));
app.engine('handlebars', exphbs({defaultLayout:'layout'}));
app.set('view engine', 'handlebars');
// BodyParser Middleware
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: false }));
app.use(cookieParser());
// Set Static Folder
app.use(express.static(path.join(__dirname, 'public')));
// Express Session
app.use(session({
secret: 'secret',
saveUninitialized: true,
resave: true
}));
// Passport init
app.use(passport.initialize());
app.use(passport.session());
// Express Validator
app.use(expressValidator({
errorFormatter: function(param, msg, value) {
var namespace = param.split('.')
, root = namespace.shift()
, formParam = root;
while(namespace.length) {
formParam += '[' + namespace.shift() + ']';
}
return {
param : formParam,
msg : msg,
value : value
};
}
}));
// Connect Flash
app.use(flash());
// Global Vars
app.use(function (req, res, next) {
res.locals.success_msg = req.flash('success_msg');
res.locals.error_msg = req.flash('error_msg');
res.locals.error = req.flash('error');
res.locals.user = req.user || null;
next()
});
app.use('/', routes);
app.use('/users', users);
// Set Port
app.set('port', (process.env.PORT || 3000));
app.listen(app.get('port'), function(){
console.log('Server started on port '+app.get('port'));
});
/routes/users.js
var express = require('express');
var router = express.Router();
var passport = require('passport');
var LocalStrategy = require('passport-local').Strategy;
//models
var Admin = require('../models/admin');
var Student = require('../models/student');
// Registered
router.get('/admindashboard', function (req, res) {
res.render('admindashboard');
});
router.get('/studentdashboard', function (req, res) {
res.render('studentdashboard');
});
router.get('/home', function (req, res) {
res.render('home');
});
// Login
router.get('/admin/login', function(req, res){
res.render('adminlogin');
});
router.get('/student/login', function(req, res){
res.render('studentlogin');
});
//Registration Form
router.get('/studentregister', function (req, res) {
res.render('studentregister');
});
router.get('/facultyregister', function (req, res) {
res.render('facultyregister');
});
// Register Student
router.post('/studentregister', function (req, res) {
var fname = req.body.fname;
var lname = req.body.lname;
var dname = req.body.dname;
var mname = req.body.mname;
var coerid = req.body.coerid;
var phone = req.body.phone;
var address = req.body.address;
var pincode = req.body.pincode;
var state = req.body.state;
var lateral = req.body.lateral;
var yoj = req.body.yoj;
var branch = req.body.branch;
var email = req.body.email;
var password = req.body.password;
var password2 = req.body.password2;
// Validation
req.checkBody('fname', 'First Name is required').notEmpty();
req.checkBody('lname', 'Last Name is required').notEmpty();
req.checkBody('dname', "Father's Name is required").notEmpty();
req.checkBody('mname', "Mother's Name is required").notEmpty();
req.checkBody('coerid', 'COER ID is required').notEmpty();
req.checkBody('phone', 'Mobile Number is required').notEmpty();
req.checkBody('address', 'Address is required').notEmpty();
req.checkBody('pincode', 'Pincode is required').notEmpty();
req.checkBody('state', 'State is required').notEmpty();
req.checkBody('lateral', 'Are you a lateral Entry student?').notEmpty();
req.checkBody('yoj', 'Year of Joining is required').notEmpty();
req.checkBody('branch', 'Branch/Course is required').notEmpty();
req.checkBody('email', 'Email is required').notEmpty();
req.checkBody('email', 'Email is not valid').isEmail();
req.checkBody('password', 'Password is required').notEmpty();
req.checkBody('password2', 'Passwords do not match').equals(req.body.password);
var errors = req.validationErrors();
if (errors) {
res.render('studentregister', {
errors: errors
});
}
else {
//checking for email and username are already taken
Student.findOne({ phone: phone
}, function (err, mobile) {
Student.findOne({ coerid: coerid
}, function (err, id) {
Student.findOne({ email: {
"$regex": "^" + email + "\b", "$options": "i"
}}, function (err, mail) {
if (id || mail || mobile) {
res.render('studentregister', {
id: id,
mail: mail,
mobile : mobile
});
}
else {
var newUser = new Student({
fname : fname,
lname : lname,
dname : dname,
mname : mname,
coerid : coerid,
phone : phone,
address : address,
pincode : pincode,
state : state,
lateral : lateral,
yoj :yoj,
branch : branch,
email : email,
password : password
});
Student.createUser(newUser, function (err, user) {
if (err) throw err;
//console.log(user);
});
req.flash('success_msg', 'You are registered and can now login');
res.redirect('/users/student/login');
}
});
});
});
}
});
passport.use('admin-local', new LocalStrategy(
function (username, password, done) {
Admin.getUserByUsername(username, function (err, user) {
if (err) throw err;
if (!user) {
return done(null, false, { message: 'Unknown User' });
}
Admin.comparePassword(password, user.password, function (err, isMatch) {
if (err) throw err;
if (isMatch) {
return done(null, user);
} else {
return done(null, false, { message: 'Invalid password' });
}
});
});
}));
passport.serializeUser(function (user, done) {
done(null, user.id);
});
passport.deserializeUser(function (id, done) {
Admin.getUserById(id, function (err, user) {
done(err, user);
});
});
//Check Student Login Credentials
passport.use('student-local', new LocalStrategy(
function (email, password, done) {
Student.getUserByUsername(email, function (err, user) {
if (err) throw err;
if (!user) {
return done(null, false, { message: 'Unknown User' });
}
Student.comparePassword(password, user.password, function (err, isMatch) {
if (err) throw err;
if (isMatch) {
return done(null, user);
} else {
return done(null, false, { message: 'Invalid password' });
}
});
});
}));
passport.serializeUser(function (user, done) {
done(null, user.id);
});
passport.deserializeUser(function (id, done) {
Student.getUserById(id, function (err, user) {
done(err, user);
});
});
//post
router.post('/adminlogin',
passport.authenticate('admin-local', { successRedirect: '/users/admindashboard', failureRedirect: '/users/admin/login', failureFlash: true }),
function (req, res) {
res.redirect('/');
});
router.post('/studentlogin',
passport.authenticate('student-local', { successRedirect: '/users/studentdashboard', failureRedirect: '/users/student/login', failureFlash: true }),
function (req, res) {
res.redirect('/');
});
//logout
router.get('/logout', function (req, res) {
req.logout();
req.flash('success_msg', 'You are logged out');
res.redirect('/users/home');
});
module.exports = router;
models/student.js
var mongoose = require('mongoose');
var bcrypt = require('bcryptjs');
var UserSchema = new mongoose.Schema({
fname: {
type: String,
required: true,
},
lname: {
type: String,
required: true,
},
dname: {
type: String,
required: true,
},
mname: {
type: String,
required: true,
},
coerid: {
type: Number,
required: true,
unique:true,
trim:true
},
phone: {
type: Number,
required: true,
unique:true,
trim:true
},
address: {
type: String,
required: true,
},
pincode: {
type: Number,
required: true,
trim:true
},
state: {
type: String,
required: true,
},
lateral: {
type: String,
required: true,
},
yoj: {
type: Number,
required: true,
},
branch: {
type: String,
required: true,
},
email: {
type: String,
required: true,
trim:true,
unique:true
},
password: {
type: String,
required: true,
}
});
var Student = module.exports = mongoose.model('studenttemp', UserSchema);
module.exports.createUser = function(newUser, callback){
bcrypt.genSalt(10, function(err, salt) {
bcrypt.hash(newUser.password, salt, function(err, hash) {
newUser.password = hash;
newUser.save(callback);
});
});
}
module.exports.getUserByUsername = function(email, callback){
var query = {email: email};
Student.findOne(query, callback);
}
module.exports.getUserById = function(id, callback){
Student.findById(id, callback);
}
module.exports.comparePassword = function(candidatePassword, hash, callback){
bcrypt.compare(candidatePassword, hash, function(err, isMatch) {
if(err) throw err;
callback(null, isMatch);
});
}
在/views/studentlogin.handlebas文件中,我必须严格地将两个输入字段的名称和id设置为"username"one_answers"password",而不是"email"one_answers"spassword"。