我在nodejs应用程序中登录时遇到问题。当我进行身份验证时,即使我输入了错误的用户,我也有我的页面主页呈现:
这是我的身份验证代码:
app.post('/auth', urlencodedParser, function(req, res) {
var username = "'" + req.body.usernames + "'";
var password = "'" + req.body.passwords + "'";
var client = new Client(conString);
client.connect();
if (username && password) {
client.query('SELECT * FROM Utilisateur WHERE username = ? AND password = ?', [username, password],function(err, results) {
if (err) {
console.log('error running the authentication:', err);
}
results = JSON.parse("[{},{}]")
if (results.length > 0) {
req.session.loggedin = true
req.session.username = username
res.render('home')
}
});
}
});
使用sql库而不是客户端。
app.post('/auth', urlencodedParser, function(req, res) {
var username = "'" + req.body.usernames + "'";
var password = "'" + req.body.passwords + "'";
var mysql = require('mysql');
var con = mysql.createConnection({
host: "localhost",
user: "yourusername",
password: "yourpassword",
database: "mydb"
});
if (username && password) {
con.connect(function(err) {
if (err) throw err;
con.query('SELECT * FROM Utilisateur WHERE username = ? AND password = ?', [username, password],function(err, results) {
if (err) {
console.log('error running the authentication:', err);
}
results = JSON.parse("[{},{}]")
if (results.length > 0) {
req.session.loggedin = true
req.session.username = username
res.render('home')
}
});
});
}
});