对象继续显示密码我试图隐藏它

时间:2016-10-05 02:16:54

标签: javascript mongodb mongoose passwords

所以我试图隐藏密码对象以免显示。这是我的代码,我使用bcrypt来密码。我隐藏了返回对象但是我没有得到预期的结果。我做错了什么,请帮忙。非常感谢。 谢谢。 

var express = require('express')
var router = express.Router()
var User = require('../Models/User.js')
var bcrypt = require('bcrypt')


router.get('/:resource', function(req, res, next){
  var resource = req.params.resource

  if (resource == 'user'){
    User.find(null, function(err, users){
      if(err) {
        res.json({
          confimration: 'error',
          message: err
        })
        return
      }

        res.json({
          confimration: 'success',
          message: users
        })
        return
    })
  }
})

router.post('/:resource', function(req, res, next){
  var resource = req.params.resource
  var data = req.body
  var password = data.password
  var hashed = bcrypt.hashSync(password, 10)
  data['password'] = hashed

  if(resource == "user") {
    User.create(data, function(err, user){
      if(err){
        res.json({
          confirmation: 'fail',
          message: err
        })
        return
      }
      res.json({
        confirmation: 'success',
        result: user
      })
      return
    })
  }
})

    module.exports = router



   var mongoose = require('mongoose')

    var UserSchema = new mongoose.Schema({
      firstName: {type: String, lowercase: true, trim: true, default: ''},
      lastName: {type: String, lowercase: true, trim: true, default: ''},
      email: {type: String, lowercase: true, trim: true, default: ''},
      city: {type: String, default: ''},
      password: {type: String, default: ''},
      timestamp: {type:Date, default: Date.now}
    })

    UserSchema.methods.summary = function() {
      var summary = {
        firstName: this.firstName,
        lastName: this.lastName,
        email: this.email,
        timestamp: this.timestamp,
        id: this._id,
        city: this.city
      }
      return summary
    }

    module.exports = mongoose.model('UserSchema', UserSchema)

{
_id: "57f460235805b52762605df2",
__v: 0,
timestamp: "2016-10-05T02:06:27.829Z",
password: "$2a$10$DIHrMO8WcRmOkIVj93SSQ.LFe5vPYH6R3xrfsSuql.v2jfU2mcO.C",
city: "new york",
email: "4",
lastName: "4",
firstName: "4"
}

1 个答案:

答案 0 :(得分:0)

对于router.get,您可以使用投影字段。我不知道为什么你有空。但是此find搜索用户集合中的所有文档,并排除返回的每个文档的密码字段。这有助于router.get吗?

  if (resource == 'user'){
    User.find({},{password: 0}, function(err, users){
      if(err) {
        res.json({
          confimration: 'error',
          message: err
        })
        return
      }

        res.json({
          confimration: 'success',
          message: users
        })
        return
    })
  }
相关问题
最新问题