小贝子编程

我在尝试使用 ARC 测试登录时遇到错误。我正在使用NodeJS,Express,JWT和AtlasMongoDB



我正在尝试使用Nodejs、Express、JWT和MongoDB Atlas实现一个登录系统。用户被手动输入到";data.js";文件,并显示在MongoDB Atlas中,但当我尝试使用高级REST客户端(ARC(进行身份验证时,我会收到以下错误:

{
"message": "Invalid email or password"
}

以下是代码:

index.js:

import express from 'express';
import mongoose from 'mongoose';
import seedRouter from './routes/seedRoutes.js';
import productRouter from './routes/productRoutes.js';
import userRouter from './routes/userRoutes.js';
mongoose
.connect(
'mongodb+srv://e-shopper123456:SimWkjLCoKjwCAlZ@e-shopper.ms9xt.mongodb.net/fsb?retryWrites=true&w=majority'
)
.then(() => {
console.log('Successfully connected to the database.');
})
.catch((err) => {
console.log(err.message);
});
const app = express();
const PORT = 3001;
app.use(express.json());
app.use(express.urlencoded({ extended: true }));
app.use('/api/seed', seedRouter);
app.use('/api/products', productRouter);
app.use('/api/users', userRouter);
app.use((err, req, res, next) => {
res.status(500).send({ message: err.message });
});
app.listen(PORT, () => {
console.log(`Server listening on port: [${PORT}]`);
});

data.js

import bcrypt from 'bcryptjs';
const data = {
users: [
{
name: 'Matthew',
email: 'matthew@test.com',
password: bcrypt.hashSync('123456'),
},
{
name: 'James',
email: 'james@test.com',
password: bcrypt.hashSync('123456'),
},
],
products: [
{
// _id: '1',
slug: 'Playstation 5 Disc Version',
name: 'Playstation 5 Disc Version',
description: '',
image: '/images/playstation5.jpeg',
price: 499.99,
countInStock: 0,
rating: 4,
numReviews: 30,
},
{
// _id: '2',
slug: 'Microsoft Xbox Series X Digital Edition 1TB',
name: 'Microsoft Xbox Series X Digital Edition 1TB',
description: 'This is a Microsoft console.',
image: '/images/xboxseriesx.jpeg',
price: 919,
countInStock: 4,
rating: 3.5,
numReviews: 10,
},
{
// _id: '3',
slug: 'Call of Duty®: Vanguard - Standard Edition',
name: 'Call of Duty®: Vanguard - Standard Edition',
description:
'The world continues to sink in the world’s largest and bloodiest conflict, but the seemingly desperate course of World War II is finally beginning to turn for the better. Now a handful of those chosen must rise to complete their task and change the face of war once and for all.',
image: '/images/callofduty.jpeg',
price: 59.99,
countInStock: 5,
rating: 4.5,
numReviews: 12,
},
{
// _id: '4',
slug: 'Football Manager 2022',
name: 'Football Manager 2022',
description: '',
image: '/images/footballmanager.jpeg',
price: 54.99,
countInStock: 8,
rating: 5,
numReviews: 15,
},
{
// _id: '5',
slug: 'World of Warcraft®: Shadowlands - Base Edition',
name: 'World of Warcraft®: Shadowlands - Base Edition',
description: '',
image: '/images/worldofwarcraft.jpeg',
price: 19.99,
countInStock: 10,
rating: 5,
numReviews: 20,
},
],
};
export default data;

utils.js

import jwt from 'jsonwebtoken';
export const generateToken = (user) => {
return jwt.sign(
{
_id: user._id,
name: user.name,
email: user.email,
},
'RANDOM_TOKEN',
{
expiresIn: '48h',
}
);
};

型号->user.js

import mongoose from 'mongoose';
const userSchema = new mongoose.Schema(
{
name: { type: String, required: true },
email: {
type: String,
required: [true, 'Please provide an email'],
match:
/[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)*@(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?/,
},
password: { type: String, required: [true, 'Please provide a password'] },
},
{
timestamps: true,
}
);
const user = mongoose.model('user', userSchema);
export default user;

路线->userRoutes.js

import express from 'express';
import bcrypt from 'bcryptjs';
import User from '../models/user.js';
import expressAsyncHandler from 'express-async-handler';
import { generateToken } from '../utils.js';
const userRouter = express.Router();
userRouter.post(
'/login',
expressAsyncHandler(async (req, res) => {
await User.findOne({ email: req.body.email }).then((user) => {
if (user) {
if (bcrypt.compareSync(req.body.paswword, user.password)) {
res.send({
_id: user._id,
name: user.name,
email: user.email,
token: generateToken(user),
});
return;
}
}
res.status(401).send({ message: 'Invalid email or password' });
});
})
);
export default userRouter;

你有一个错过的咒语:req.body.paswword, user.password

顺便说一下,您需要对收到的密码进行哈希处理,方法与将其保存在数据库中的方式相同。

所以你应该这样做:

bcrypt.compareSync(bcrypt.hashSync(req.body.password), user.password)

相关内容

最新更新


热门标签:

javascript python java c# php android html jquery c++ css ios sql mysql arrays asp.net json python-3.x ruby-on-rails .net sql-server django objective-c excel regex ruby linux ajax iphone xml vba spring asp.net-mvc database wordpress string postgresql wpf windows xcode bash git oracle list vb.net multithreading eclipse algorithm macos powershell visual-studio image forms numpy scala function api selenium