时间戳

首页 > 解决方案 > Node.js 应用程序中基于角色的登录

javascript - Node.js 应用程序中基于角色的登录

问题描述

我目前正在尝试开发基于角色的管理。如果此时创建了一个用户,则“1”将存储在“Admin”的数据库中。如果是普通用户,这里会输入一个“2”。我希望从数据库中读取它并进行区分,以便显示相应的起始页面。

是)我有的:

用户.js:

const express = require('express');
const router = express.Router();
const bcrypt = require('bcryptjs');
const passport = require('passport');
// Load User model
const User = require('../DB/models/User');
const { forwardAuthenticated } = require('../DB/config/auth');

//User Models
//const User = require('../DB/models/user');

// Login Page
router.get('/login', (req, res) => res.render('login'));

//New User MA
router.get ('/neuerUser_MA', (req, res) => res.render ('neuerUser_MA'));

// Register
router.post('/neuerUSer_MA', (req, res) => {
    const { username, admin, password, password2 } = req.body;
    let errors = [];

    if (password != password2) {
        errors.push({ msg: 'Passwords do not match' });
    }

    if (password.length < 6) {
        errors.push({ msg: 'Password must be at least 6 characters' });
    }

    if (errors.length > 0) {
        res.render('neuerUser_MA', {
            errors,
            username,
            admin,
            password,
            password2
        });
    } else {
        User.findOne({email: email}).then(user => {
            if (user) {
                errors.push({msg: 'Email or Username already exists'});
                res.render('neuerUser_MA', {
                    errors,
                    username,
                    admin,
                    password,
                    password2
                });
            } else {
                const newUser = new User({
                    username,
                    admin,
                    password
                });

                bcrypt.genSalt(10, (err, salt) => {
                    bcrypt.hash(newUser.password, salt, (err, hash) => {
                        if (err) throw err;
                        newUser.password = hash;
                        newUser
                            .save()
                            .then(user => {
                                req.flash(
                                    'success_msg',
                                    'You are now registered and can log in'
                                );
                                res.redirect('/users/login');
                            })
                            .catch(err => console.log(err));
                    });
                });
            }
        });
    }
});

// HOW I TRIED THE LOGIN:
router.post('/login', (req, res, next) => {
    if(User.admin=="1"){
    passport.authenticate('local', {
        successRedirect: '/buchungen/startseite_breuninger',
        failureRedirect: '/users/login',
        failureFlash: true
    })(req, res, next);
    }
    else {
        passport.authenticate('local', {
            successRedirect: '/buchungen/startseite_spediteur',
            failureRedirect: '/users/login',
            failureFlash: true
        })(req, res, next);
    }
});

module.exports = router;

但是从数据库中读取不起作用。无论“Admin”下存储什么值,else{} 中的起始页都会始终显示。

也许我的方法太简单了。我仍然是初学者;)现在已经感谢您的帮助!

标签: javascriptnode.jsexpressauthentication

解决方案

您可以通过像这样更改路由器方法来实现目标

router.post(
'/login',
passport.authenticate('local', {
  failureRedirect: '/login'
}), (req, res) => {
  if (req.user.admin == "1") {
    res.redirect('/buchungen/startseite_breuninger');
  }
  else {
    res.redirect('/buchungen/startseite_spediteur');
  }
});

推荐阅读