我对后端开发非常陌生,如果这是一个初学者的问题,我很抱歉。基本上,我一直在尝试为用户创建一个简单、无身份验证(目前(、无模板的api,并将其链接到前端。我不知道从哪里开始,我一直被困在登录页面上(同时还计划在之后创建一个注册和个人资料页面(。
app.js
const express = require('express');
const app = express();
const mongoose = require('mongoose');
const User = require('./models/user');
mongoose.connect('mongodb://localhost:27017/user',
{
useNewUrlParser:true,
useUnifiedTopology:true
});
mongoose.connection.on('error', ()=> {
console.log('connection error')
});
mongoose.connection.once('open', () => {
console.log('We are now connected to our local MongoDB server')
});
app.use(express.json())
app.use(express.urlencoded({extended:true}))
const userRoutes = require('./routes/user')
app.use('/api/users', userRoutes);
//server initialization
app.listen(4000, ()=>{
console.log('Now listening for requests on port 4000')
});
路由器
const express = require('express');
const router = express.Router();
const UserController = require('../controllers/user')
//retrieve all users
router.get('/', UserController.getAllUser);
//retrieve 1 user
router.get('/:userID', (req, res) => {
UserController.getUser(req.params.userID).then(result => res.send(result))
})
//create new user
router.post('/', (req, res) => {
UserController.register(req.body).then(result => {
if (result) {
res.send(result)
} else {
return res.status(500).json({
message: 'server error'
})
}
})
})
//update user
router.put('/:userID', (req, res) => {
UserController.updateUser(req.body, req.params.userID).then(result => res.send(result))
})
//delete user
router.delete("/:id", UserController.delete);
module.exports = router
控制器
const User = require('../models/user.js');
//retrieve all users
module.exports.getAllUser = (req, res) => {
User.find()
.sort({ name: -1 })
.then((users) => {
res.status(200).send(users);
})
.catch((err) => {
res.status(500).send({
message: err.message || "Error Occured",
});
});
}
//retrieve 1 user
module.exports.getUser = (userID) => {
return User.findById(userID).then((user, err)=> {
return (err)? true : false
})
}
//create new user
module.exports.register = (userInfo) =>{
let newUser = new User({
firstName: userInfo.firstName,
lastName: userInfo.lastName,
email: userInfo.email,
password: userInfo.password,
isAdmin: userInfo.isAdmin,
mobileNo: userInfo.mobileNo,
enrollments: [
{courseId: userInfo.courseId},
{enrolledOn: userInfo.enrolledOn},
{status: userInfo.status}
]
})
return newUser.save().then((user, err)=>{
return (err) ? false : user
})
}
//update user
module.exports.updateUser = (userUpdateInfo, userID) => {
let userUpdates = {
firstName: userUpdateInfo.firstName,
lastName: userUpdateInfo.lastName,
email: userUpdateInfo.email,
password: userUpdateInfo.password,
isAdmin: userUpdateInfo.isAdmin,
mobileNo: userUpdateInfo.mobileNo,
enrollments: [
{courseId: userUpdateInfo.courseId},
{enrolledOn: userUpdateInfo.enrolledOn},
{status: userUpdateInfo.status}
]
}
const options = {
new: true,
upsert: true
}
return User.findByIdAndUpdate(userID, userUpdates, options).then((userUpdated, err) => {
return (err) ? false : userUpdated
})
}
//delete user
module.exports.delete = (req, res) => {
User.findByIdAndRemove(req.params.id)
.then((user) => {
if (!user) {
return res.status(404).send({
message: "User not found ",
});
}
res.send({ message: "User deleted successfully!" });
})
.catch((err) => {
return res.status(500).send({
message: "Could not delete user ",
});
});
};
html(表单(
<form class="border border-secondary p-5 rounded-lg index-form">
<div class="form-group">
<label for="login-email">Email address</label>
<input type="email" class="form-control form-control-lg" id="login-email">
</div>
<div class="form-group">
<label for="login-password">Password</label>
<input type="password" class="form-control form-control-lg" id="login-password">
</div>
<button type="submit" class="btn btn-primary" id="login">Log-in</button>
<button type="submit" class="btn btn-primary" id="register">Register</button>
</form>
查看本教程https://jasonwatmore.com/post/2018/06/14/nodejs-mongodb-simple-api-for-authentication-registration-and-user-management。在开始将前端请求与后端连接之前,您需要非常了解后端的工作方式。Postman是开发和测试API的一个非常好的工具。在您开始从前端发出这些请求之前,它将允许您测试这些API点,以确保它们有效。此外,我建议您在进行这些调用时避免使用控制器,直到您对事情的实际工作方式有了充分的了解,然后,您可以在以后的路由中集成这些控制器。快乐的编码。
以下是常见步骤:
1.将密码和电子邮件发送到后端
2.查看电子邮件是否存在
否然后返回无效的凭证
是然后检查前端的密码是否与数据库
3.如果密码相同,则向他们提供一个密钥(这是授权生效的地方,因此您需要决定是否想要使用session_id或jwt(
这是它在后端代码中想要的
module.exports.login = async(req,res) => {
const {email, password} = req.body; // STEP 1
let user = await User.findOne({email}) //STEP 2
//checking if the user exist
if(!user){
return res.send("Invalid Credentials");
}
//check if the password are the same
if(user.password !== password){
return res.send("Invalid Credentials");
}
//this is where you apply your session and jwt key
res.send("LOGIN") //STEP 3
}
如果您是身份验证和授权概念的新手,我建议您从JWT开始。