我正在制作一个登录系统并使用bcrypt来散列密码。但是现在当我尝试登录时,我收到此错误,指出未定义 ReferenceError:哈希。如果有人能帮助我并告诉我在哪里以及如何声明哈希,我将不胜感激。 这是我的登录名.js代码。
var mysql = require('mysql');
var express = require('express');
var session = require('express-session');
var bodyParser = require('body-parser');
var bcrypt= require('bcrypt');
var path = require('path');
var connection = mysql.createConnection({
host : 'localhost',
user : 'root',
password : 'sahoolat1',
database : 'fyp_sahoolat'
});
var app = express();
app.use(session({
secret: 'secret',
resave: true,
saveUninitialized: true
}));
app.use(bodyParser.urlencoded({extended : true}));
app.use(bodyParser.json());
app.get('/', function(request, response) {
response.sendFile(path.join(__dirname + '/welcome.html'));
});
app.post('/auth', function(request, response) {
var number = request.body.number;
var password = request.body.pwd;
if (number && password) {
bcrypt.compare(password, hash, function(err, result) {
connection.query('SELECT fyp_helpers.Mobile_number AS number FROM fyp_helpers WHERE Mobile_number = ? AND Password = ? UNION SELECT fyp_employers.Employer_Contact AS number FROM fyp_employers WHERE Employer_Contact = ? AND Employer_Password = ?', [number, password, number, password], function(error, results, fields) {
if (error) {
console.error("An error occurred:", error);
response.send('Oops, something went wrong!');
} else if (results.length > 0) {
request.session.loggedin = true;
request.session.number = number;
response.redirect('/home');
} else {
response.send('Incorrect Username and/or Password!');
}
response.end();
});
});
}
else {
response.send('Please enter Username and Password!');
response.end();
}
});
app.get('/home', function(request, response) {
if (request.session.loggedin) {
response.send('Welcome back, ' + request.session.number + '!');
} else {
response.send('Please login to view this page!');
}
response.end();
});
app.listen(3000);
这是完整的错误:
ReferenceError: hash is not defined
at C:Userspalwashasahoolat-masterlogin.js:29:31
at Layer.handle [as handle_request] (C:Userspalwashasahoolat-masternode_modulesexpresslibrouterlayer.js:95:5)
at next (C:Userspalwashasahoolat-masternode_modulesexpresslibrouterroute.js:137:13)
at Route.dispatch (C:Userspalwashasahoolat-masternode_modulesexpresslibrouterroute.js:112:3)
at Layer.handle [as handle_request] (C:Userspalwashasahoolat-masternode_modulesexpresslibrouterlayer.js:95:5)
at C:Userspalwashasahoolat-masternode_modulesexpresslibrouterindex.js:281:22
at Function.process_params (C:Userspalwashasahoolat-masternode_modulesexpresslibrouterindex.js:335:12)
at next (C:Userspalwashasahoolat-masternode_modulesexpresslibrouterindex.js:275:10)
at jsonParser (C:Userspalwashasahoolat-masternode_modulesbody-parserlibtypesjson.js:101:7)
at Layer.handle [as handle_request] (C:Userspalwashasahoolat-masternode_modulesexpresslibrouterlayer.js:95:5)
bcrypt.compare(password, hash, callback)
bcrypt.compare期望 3 个参数
-
输入的密码,在您的情况下
request.body.pwd -
您正在与通常存储在数据库中的密码
request.body.pwd进行比较 -
比较后将调用的回调
在您的情况下,您没有提供任何散列密码,这就是显示错误的原因
请在此处查看文档 https://www.npmjs.com/package/bcrypt
我建议使用以下代码来验证密码
if (number && password) {
var sql = `SELECT
fyp_helpers.Mobile_number AS number,
fyp_helpers.Password AS Password
FROM fyp_helpers
WHERE Mobile_number = ?
UNION
SELECT
fyp_employers.Employer_Contact AS number ,
fyp_employers.Employer_Password AS Employer_Password
FROM fyp_employers
WHERE Employer_Contact = ?`;
connection.query(sql, [number, number], function (error, results, fields) {
if (results.length > 0) {
var hashedPassword = result[0].Password;
bcrypt.compare(password, hashedPassword, function (cryptErr, cryptResult) {
if (cryptResult) {
request.session.loggedin = true;
request.session.number = number;
response.redirect('/home');
} else {
response.send('Incorrect Password!');
console.log(cryptErr);
}
response.end();
});
} else {
response.send('User not registered');
}
});
}
希望这有帮助