string - 错误:非法参数:字符串,未定义
问题描述
登录时匹配用户
const LocalStrategy = require('passport-local').Strategy;
const mongoose = require('mongoose');
const bcrypt = require('bcryptjs');
// Load User Model
const User = require('../models/User');
module.exports = function(passport) {
passport.use(
new LocalStrategy({ username: 'username' }, (username,
password, done) => {
// Match User
User.findOne({ username: username })
.then(user => {
if (!user) {
return done(null, false, { message: 'username is
not registered' });
}
// Match Password
bcrypt.compare(password, user.hashedPassword, (err,
isMatch) => {
if (err) throw err;
if (isMatch) {
return done(null, user);
} else {
return done(null, false, { message:
'Password incorrect' });
}
});
})
.catch(err => console.error(err))
})
);
passport.serializeUser((user, done) => {
done(null, user.id);
});
passport.deserializeUser((id, done) => {
User.findById(id, (err, user) => {
done(err, user);
});
});
}
注册用户时验证通过
User.findOne({ username: username })
.then(async user => {
if (user) {
//User exists
errors.push({ msg: "username has already taken" });
res.render('register', {
errors,
username,
password
});
} else {
const salt = await bcrypt.genSalt(10);
const hashedPassword = await bcrypt.hash(password,
salt);
const newUser = new User({
username: username,
password: hashedPassword,
});
newUser.save()
.then(user => {
// res.status(201).json(user);
req.flash('success_msg', 'You are now
registered')
res.redirect('/users/login');
})
.catch(err => console.log(err));
}
})
.catch(err => {
console.log(err);
})
}
../模型/用户
// Importing modules
const mongoose = require('mongoose');
const Schema = mongoose.Schema;
const UserSchema = new mongoose.Schema({
username: {
type: String,
lowercase: true,
unique: true,
// required: [true, "can't be blank"],
match: [/^[a-zA-Z0-9]+$/, 'is invalid'],
index: true
},
password: {
type: String,
required: true
},
Date: {
type: Date,
default: Date.now
}
}, { timestamps: true });
// export userschema
module.exports = mongoose.model('User', UserSchema);
为什么它显示错误“错误:非法参数:字符串,未定义”。将密码保存为 DB 中的哈希时抛出相同的错误,现在在比较哈希密码时抛出相同的错误。我检查了文档,格式相同,但我认为存在语法错误。
解决方案
在 User 数据类型的定义中,只有字段username
和password
存在。没有字段hashedPassword
。但是,您正试图在bcrypt.compare(password, user.hashedPassword ...
.
您正在此处的字段中存储已加密的密码password
:
const newUser = new User({
username: username,
password: hashedPassword,
});
所以稍后,您还需要从密码字段中读取它:
bcrypt.compare(password, user.password ...