时间戳

首页 > 解决方案 > 错误:非法参数:字符串,未定义

string - 错误:非法参数:字符串,未定义

问题描述

登录时匹配用户

     const LocalStrategy = require('passport-local').Strategy;
     const mongoose = require('mongoose');
     const bcrypt = require('bcryptjs');

     // Load User Model
     const User = require('../models/User');

     module.exports = function(passport) {
     passport.use(
      new LocalStrategy({ username: 'username' }, (username,  
          password, done) => {

        // Match User
        User.findOne({ username: username })
            .then(user => {
                if (!user) {
                    return done(null, false, { message: 'username is 
                    not registered' });
                }

                // Match Password
                bcrypt.compare(password, user.hashedPassword, (err, 
                       isMatch) => {
                    if (err) throw err;

                    if (isMatch) {
                        return done(null, user);
                    } else {
                        return done(null, false, { message: 
                        'Password incorrect' });
                    }
                });
            })
            .catch(err => console.error(err))
    })
);

     passport.serializeUser((user, done) => {
         done(null, user.id);
     });

     passport.deserializeUser((id, done) => {
         User.findById(id, (err, user) => {
            done(err, user);
         });
     });
    }

注册用户时验证通过

    User.findOne({ username: username })
        .then(async user => {
            if (user) {
                //User exists
                errors.push({ msg: "username has already taken" });
                res.render('register', {
                    errors,
                    username,
                    password
                });
            } else {

                const salt = await bcrypt.genSalt(10);
                const hashedPassword = await bcrypt.hash(password,               

                salt);


                const newUser = new User({
                    username: username,
                    password: hashedPassword,
                });
                newUser.save()
                    .then(user => {
                        // res.status(201).json(user);
                        req.flash('success_msg', 'You are now  
                        registered')
                        res.redirect('/users/login');
                    })
                    .catch(err => console.log(err));

            }
        })
        .catch(err => {
            console.log(err);
        })
}

../模型/用户

    // Importing modules
    const mongoose = require('mongoose');
    const Schema = mongoose.Schema;


       const UserSchema = new mongoose.Schema({
           username: {
               type: String,
               lowercase: true,
               unique: true,
               // required: [true, "can't be blank"],
               match: [/^[a-zA-Z0-9]+$/, 'is invalid'],
               index: true
          },
          password: {
               type: String,
               required: true
          },
          Date: {
               type: Date,
               default: Date.now
          }

          }, { timestamps: true });


      // export userschema
         module.exports = mongoose.model('User', UserSchema);

为什么它显示错误“错误:非法参数:字符串,未定义”。将密码保存为 DB 中的哈希时抛出相同的错误,现在在比较哈希密码时抛出相同的错误。我检查了文档,格式相同,但我认为存在语法错误。

标签: stringargumentsundefined

解决方案

在 User 数据类型的定义中,只有字段usernamepassword存在。没有字段hashedPassword。但是,您正试图在bcrypt.compare(password, user.hashedPassword ....

您正在此处的字段中存储已加密的密码password

const newUser = new User({
                    username: username,
                    password: hashedPassword,
                });

所以稍后,您还需要从密码字段中读取它:

bcrypt.compare(password, user.password ...

推荐阅读