时间戳

首页 > 解决方案 > 未使用 jwt 登录以返回身份验证失败

node.js - 未使用 jwt 登录以返回身份验证失败

问题描述

自从我试图解决这个问题以来已经有几个小时了,但无法找到解决方案。

我创建了loginroute ,我想在其中传递用户/管理员所在的整个对象的详细信息。不知何故,它是嵌套结构,所以我无法弄清楚。我可以用单一的模式结构来做到这一点。

登录路径:-

router.post('/:compId/admin/login' , (req, res, next) => {

        Admin.find({ 'admins.email': req.body.email} , {companyID: req.params.compId})
        .exec()
        .then(admin => {
            if(admin.admins.length < 1) {
                return res.status(401).json({
                    message: "Auth failed. admin not found."
                })
            }
            else{
                    console.log("nothing happened");    
                }
            bcryptt.compare(req.body.admins.password, admin.admins[0].password, (err, result) =>{
                if (err) {
                    return res.json({
                    message: "Auth failed. Check email and password"
                    });             
                }                   
                if (result && admin.admins[0].verified === "true"){
                    const adminEmaill = "ggh@xyz.com";                                                  //assaigning a user to admin 
                    const role2 = admin.admins[0].email===adminEmaill? "superadmin" : "admin";                  //check user id as admin or user
                    const token = jwt.sign( 
                        {
                            email: admin.admins[0].email,
                            phoneNo: admin.admins[0].phoneNumber,
                            role2,
                            comID: admin[0].companyID
                        },
                        process.env.JWT_KEY,
                        {
                            expiresIn : "1h"
                        });
                        return res.status(200).json({
                        message: "Auth Successful",
                        token : token
                        }); 
                }
                else{
                    console.log("admin is not verified");   
                    return res.json({
                    message: "Admin is not verified"
                    }); 
                }
            });
        })
        .catch(err =>{
            if (err.code == 500)
                        res.status(500).send(["Something went wrong in login"]);
                else
                return next(err);
        }); 
    });

我的控制器:-

var admin = new Admin();
    admin.companyName = req.body.companyName;
    admin.address = req.body.address;
    admin.contactDetails  = req.body.contactDetails;
    admin.admins = {
                    email : req.body.email,
                    password: req.body.password, 
                    firstName : req.body.firstName, 
                    lastName : req.body.lastName,
                    phoneNumber : req.body.phoneNumber,
                    designation : req.body.designation,
                    role : "admin",
                    verified :"false",
                    users: []
    };

这是我的文件:-

[{
    "admins": {
        "email": "angjun.34@test-mail.info",
        "password": "$2a$10$QgCJ4IaYXZK9JZIkLv2X9O/wnFpn0LEhFQujBco0M0TF2.X7OgDmW",
        "firstName": "hdsdsds",
        "lastName": "Ghodsdsdsh",
        "phoneNumber": "4544343",
        "designation": "Software Engineer",
        "role": "admin",
        "verified": "false",
        "users": [],
        "emailResetTokenn": "247c6e6794d15a311670da0bb13a4a8bf773b0e7f7b5dde0e555f421e2aef22f",
        "emailExpires": "2019-05-22T15:05:43.974Z",
        "saltSecret": "$2a$10$QgCJ4IaYXZK9JZIkLv2X9O"
    },
    "_id": "5ce510e7aca42c4c74fd9085",
    "companyName": "TEST",
    "address": "UAE",
    "contactDetails": "54534454",
    "companyID": "1223365",
    "__v": 0
},
{
    "admins": {
        "email": "groham.224@test-mail.info",
        "password": "$2a$10$QgCJ9O/wnFpn0LEhFco0M0TF2.X7OgDmW",
        "firstName": "hdsdsds",
        "lastName": "Ghodsdsdsh",
        "phoneNumber": "4544343",
        "designation": "Software Engineer",
        "role": "admin",
        "verified": "false",
        "users": [],
        "emailResetTokenn": "247c6e6794d15a311670da0bb13a4a8bf773b0e7f7b5dde0e555f421e2aef22f",
        "emailExpires": "2019-05-22T15:05:43.974Z",
        "saltSecret": "$2a$10$QgCJ4IaYXZK9JZIkLv2X9O"
    },
    "_id": "5ce510e7aca42c4c74fd9085",
    "companyName": "RESTFUL Pvt Ltd",
    "address": "UK",
    "contactDetails": "54534454",
    "companyID": "155165",
    "__v": 0
}]

编辑:-通过更改 url 路由尝试此操作,但在此处获取身份验证失败响应。

bcryptt.compare(req.body.password, admin.admins.password, (err, result) =>{
                if (err) {
                    return res.json({
                    message: "Auth failed. Check email and password"
                    });             
                }

标签: node.jsexpressmongooseloginmongoose-schema

解决方案

如果没有有关您遇到什么错误的更多信息,调试起来并不容易。我看到的一个潜在问题是这一行:

if (result && admin.admins[0].verified === "true"){

如果admins.verified您的文档的属性是布尔值,那么上述行将始终解析为 false 并回退到该else子句。因此,如果是这种情况,请删除引号:

if (result && admin.admins[0].verified === true){

推荐阅读