个人中心
文章发布
退出
作者热门文章
- html - 出于某种原因,IE8 对我的 Sass 文件中继承的 html5 CSS 不友好?
- JMeter 在响应断言中使用 span 标签的问题
- html - 在 :hover and :active? 上具有不同效果的 CSS 动画
- html - 相对于居中的 html 内容固定的 CSS 重复背景?
26
4
我正在按照教程尝试 Passport 本地身份验证。一切看起来都很好,但是当我使用 Postman 发出请求时出现此错误:
[nodemon] 1.18.11
[nodemon] to restart at any time, enter `rs`
[nodemon] watching: *.*
[nodemon] starting `node server.js`
body-parser deprecated bodyParser: use individual json/urlencoded middlewares server.js:17:10
(node:6336) DeprecationWarning: current URL string parser is deprecated, and will be removed in a future version. To use the new parser, pass option { useNewUrlParser: true } to MongoClient.connect.
Started listening on PORT: 8080
events.js:167
throw er; // Unhandled 'error' event
^
TypeError: Cannot read property 'password' of undefined
at model.userSchema.methods.validPassword.password [as validPassword] (F:\Web Projects\LocalAuth\userModel.js:20:50)
at F:\Web Projects\LocalAuth\passport.js:34:21
at F:\Web Projects\LT1Kqob5UDEML61gCyjnAcfMXgkdP3wGcgGdBcFel.js:4672:16
at F:\Web Projects\LT1Kqob5UDEML61gCyjnAcfMXgkdP3wGcgGdBcFry.js:4184:12
at process.nextTick (F:\Web Projects\LT1Kqob5UDEML61gCyjnAcfMXgkdP3wGcgGdBcFry.js:2741:28)
at process._tickCallback (internal/process/next_tick.js:61:11)
Emitted 'error' event at:
at F:\Web Projects\LT1Kqob5UDEML61gCyjnAcfMXgkdP3wGcgGdBcFel.js:4674:13
at F:\Web Projects\LT1Kqob5UDEML61gCyjnAcfMXgkdP3wGcgGdBcFry.js:4184:12
at process.nextTick (F:\Web Projects\LT1Kqob5UDEML61gCyjnAcfMXgkdP3wGcgGdBcFry.js:2741:28)
at process._tickCallback (internal/process/next_tick.js:61:11)
[nodemon] app crashed - waiting for file changes before starting...
这是我的用户架构:
const mongoose = require('mongoose');
const bcrypt = require('bcrypt-nodejs');
const Config = require ('./config');
mongoose.connect (Config.dbUrl);
let userSchema = new mongoose.Schema({
local : {
email: String,
password: String,
},
});
userSchema.methods.generateHash = password => {
return bcrypt.hashSync(password, bcrypt.genSaltSync(8), null);
};
userSchema.methods.validPassword = password => {
return bcrypt.compareSync(password, this.local.password);
};
module.exports = mongoose.model('User', userSchema);
这是我的 server.js 文件:
const express = require ('express');
const session = require ('express-session');
const mongoose = require ('mongoose');
const bodyParser = require ('body-parser');
const cookieParser = require ('cookie-parser');
const morgan = require ('morgan');
const flash = require ('connect-flash');
const passport = require ('passport');
const PassHandler = require('./passport');
const app = express ();
const port = process.env.PORT || 8080;
app.use (morgan ('dev'));
app.use (bodyParser ({extended: false}));
app.use (cookieParser ());
app.use (
session ({secret: 'borkar.amol', saveUninitialized: true, resave: true})
);
//Initialize Passport.js
app.use (passport.initialize ());
app.use (passport.session ());
app.use (flash ());
//Global Vars for flash messages
app.use((req, res, next) => {
res.locals.successMessage = req.flash('successMessage');
res.locals.errorMessage = req.flash('errorMessage');
res.locals.error = req.flash('error');
next();
});
PassHandler(passport);
//Middleware to check if the user is logged in.
const isLoggedIn = (req, res, next) => {
if(req.isAuthenticated()) {
return next();
}
res.status(400).json({ message: 'You are not authenticated to acces this route.' });
}
app.get('/', (req, res) => {
res.json({ message: 'Local Auth API v0.1.0'});
});
app.post('/signup', passport.authenticate('local-signup', {
successRedirect: '/user',
failureRedirect: '/signup',
failureFlash: true,
}));
app.post('/login', passport.authenticate('local-login', {
successRedirect: '/user',
failureRedirect: '/',
failureFlash: true,
}));
app.get('/user', isLoggedIn, (req, res) => {
res.json({ user: req.user, message: "User is logged in."});
});
app.listen (port, () => {
console.log (`Started listening on PORT: ${port}`);
});
这是我正在使用的 Passport 策略:
passport.use (
'local-login',
new LocalStrategy (
{
usernameField: 'email',
passwordField: 'password',
passReqToCallback: true,
},
function (req, email, password, done) {
User.findOne ({'local.email': email}, function (err, user) {
if (err) return done (err);
if (!user)
return done (
null,
{message: 'User not found.'},
req.flash ('errorMessage', 'No user found.')
);
if (!user.validPassword (password))
return done (
null,
{message: 'Invalid email or password.'},
req.flash ('errorMessage', 'Oops! Wrong password.')
);
// all is well, return successful user
return done (null, user);
});
}
)
);
说实话,我不知道出了什么问题。请帮忙。
**更新:**注册路线和注册策略运行良好。只有 /login 路由出现问题。
最佳答案
我遇到了同样的问题。我通过将 validatePassword 方法从用户模式移至 Passport 策略来解决我的问题。密码似乎没有传递到 UserSchema 中的 validatePassword 方法。这是我的 UserSchema.js
// Pulling in required dependencies
const mongoose = require('mongoose');
const bcrypt = require('bcrypt-nodejs');
const Schema = mongoose.Schema;
//Creat UserSchema
const UserSchema = new Schema({
local: {
email: String,
password: String
},
role: {
type: String,
default: 'user',
},
books_downloaded: {
booksId: {
type: Array,
required: false,
},
},
books_needed: {
type: Object,
default: null,
},
created_at: {
type: Date,
default: Date.now,
},
});
// methods=====================================================
// generating a hash
UserSchema.methods.generateHash = (password) => {
return bcrypt.hashSync(password, bcrypt.genSaltSync(8), null);
}
// expose User model to the app
module.exports = mongoose.model('User', UserSchema);
这是我的 Passport 策略
// load all the things we need
const LocalStrategy = require('passport-local').Strategy;
const bcrypt = require('bcrypt-nodejs');
//load up the user model
const User = require('../models/User');
// expose this function to our app
module.exports = passport => {
/**
* passport session setup =======================
* required for persistent login sessions
* serialize and unserialize users out of session
*/
//serialize the user for the session
passport.serializeUser((user, done) => {
done(null, user.id);
});
//deserialize the user
passport.deserializeUser((id, done) => {
User.findById(id, (err, user) => {
done(err, user);
});
});
/**
* LOCAL SIGNUP
* using named strategies
*/
// local signup
passport.use(
'local-signup',
new LocalStrategy(
{
usernameField: 'email',
passwordField: 'password',
passReqToCallback: true,
},
(req, email, password, done) => {
process.nextTick(() => {
// find a user whose email is the same as the forms email
User.findOne({ 'local.email': email }, (err, user) => {
if (err) return done(err);
// check to see if theres already a user with that email
if (user) {
return done(null, false, req.flash('signupMessage', 'That email is already taken.'));
} else {
// if there is no user with that email
// create the user
var newUser = new User();
// set the user's local credentials
newUser.local.email = email;
newUser.local.password = newUser.generateHash(password);
// save the user
newUser.save(err => {
if (err) throw err;
return done(null, newUser);
});
}
});
});
}
)
);
// =========================================================================
// LOCAL LOGIN =============================================================
passport.use(
'local-login',
new LocalStrategy(
{
usernameField: 'email',
passwordField: 'password',
passReqToCallback: true,
},
(req, email, password, done) => {
// checking to see if the user trying to login already exists
User.findOne({ 'local.email': email }, function(err, user) {
// if there are any errors, return the error before anything else
if (err) return done(err);
// if no user is found, return the message
if (!user) return done(null, false, req.flash('loginMessage', 'No
user found.'));
// if the user is found but the password is wrong
let correctPassword =
bcrypt.compareSync(password,user.local.password);
if (!correctPassword)
return done(null, false, req.flash('loginMessage', 'Oops!
Wrong password.'));
// If all is well, return successful user
return done(null, user);
});
}
)
);
};
关于javascript - Mongoose 模式无法读取未定义的属性 'password',我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/55780440/
26
4
0
当我保存4条记录时,我需要将它们一一保存,所以我的代码是 a.save(function(){ b.save(function(){ c.save(function(){ d.save(f
Mongoose在版本4.2.7中创建了一个新的单个子文档功能(documentation和feature request),允许使用单个嵌入式子文档架构,其行为方式与一对多子文档的行为相同。 在父级
Mongoose 版本 >= 4.0 有一个时间戳选项,当 timestamps 设置为 时,该选项会为架构创建 updatedAt 和 createdAt 字段正确。 http://mongoose
我注意到某些图书馆喜欢 mock 鹅 ( https://github.com/mccormicka/Mockgoose/blob/master/test/index.spec.js ) 使用 req
我正在与 Mongoose 合作。我见过很多开发者发出以下命令: mongoose.Promise = global.Promise; 然后我很好奇 mongoose.Promise 的原始值是什么。
当我运行与数据库大量连接和断开连接的测试时,我收到以下警告。 (node) warning: possible EventEmitter memory leak detected. 11 connec
我可以在 Mongoose 的子文档数组中填充动态引用(使用“refPath”)虚拟字段吗? 数据结构如下 Group - Members -> User 代码:模型/模式 let MemberSc
我正在我的应用程序中做一些测试,看看内存缓存是否真的在工作。但是,由于 memory-cache 显然没有公开“命中”事件,我无法判断是否真的从缓存中获取数据。所以我试着看看当应用程序实际从数据库中获
我是 nestjs 的新手。我使用 @nestjs/mongoose,我需要在我的类模式中引用嵌套对象中的几个字段,但我不知道该怎么做。 dietDays 对象必须包含一个日期字段和包含对 Meal
我是 mongodb 的新手,我有一个这样的数据模型 { last_updated: Date.now(), csgo_items:[ {name: 'name', p
这是我的方案: var documentSchema = mongoose.Schema({ 'facts': [{ 'type': { type: String, requi
我想删除多个 _ids = ['123', '234', '345']; _ids.forEach(_id => { await model.deleteOne({ _id }); }); 有没有
我有一个像这样的 Mongoose 模式: var Address = { doorNo:String, city:String, state:String, coun
我的文档包含一个名为 clients 的字段那应该包含一组客户端ID。 { "first_name":"Nick", "last_name":"Parsons", "email":"nic
我遇到了以下我无法理解的代码行,尽管有很多教程提供了与 populate 的示例相关的信息。但没有一个能解释它究竟意味着什么。这是一个例子 var mongoose = require('mongoo
我有一个具有多个唯一性的架构,如下所示: var userSchema = new mongoose.Schema({ user: { type: String, unique:
我有一个 Mongoose 模式,其中有 4 个子模式。我一直在关注这里的文档https://github.com/LearnBoost/mongoose关于嵌入文档 var scenarios =
我希望每个字符串属性都默认设置为 true。有办法吗? ?? mongoose.Schema.String -> default { trim: true } var schema = new Sch
我有这个代码 var ClientSchema = new Schema({ name: {type: String, required: true, trim: true} }); var Cl
许多教程告诉您在您的 userSchema 页面中使用 bycrypt。保存新用户后,它会附带加密密码。伟大的。然而,我想,当我用某些东西编辑用户时,它也会重新哈希密码,导致无法登录。你能给我一个解决
我是一名优秀的程序员,十分优秀!