我是服务器端编程的新手,我试图了解如何在服务器端发送数据,在集合中查找文档并将其与该数据进行比较,然后发送状态根据客户是否存在,回到客户端。
这是通过/login发布请求在服务器端发送的内容:
{"email":"johndoe@gmail.com","password":"pass"}
这是我想要在我的数据库中的users集合中进行比较的文档:
{
"_id" : ObjectId("580bcf9874ae28934705c0fc"),
"email" : "johndoe@gmail.com",
"password" : "pass"
}
这是我的服务器端脚本(我猜测的区域有问题,上面有评论):
var express = require("express");
var app = express();
var bodyParser = require("body-parser");
var fs = require("fs");
var mongoose = require("mongoose");
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({extended: false}));
app.use(express.static("./public"));
mongoose.connect('mongodb://localhost:27017', function (err, db) {
app.post("/login", function(req, res) {
var emailRegex = /^(([^<>()\[\]\\.,;:\s@"]+(\.[^<>()\[\]\\.,;:\s@"]+)*)|(".+"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/;
var userInDb;
// ***** HERE 1 ******
db.collection("users").findOne( {"email": req.body["email"], "password": req.body["password"]} ).toArray(function(err, results) {
userInDb = results;
db.close();
});
// ***** HERE 2 ******
var emailInDb = userInDb["email"];
var passwordInDb = userInDb["password"];
if (!req.body["email"] || !req.body["password"]) {
res.sendStatus(403);
} else if ( !emailRegex.test(req.body["email"])) {
res.sendStatus(403);
} else if ( (req.body["email"] != emailInDb) && (req.body["password"] != passwordInDb) ) {
res.sendStatus(403);
} else {
res.sendStatus(200);
}
});
});
我还尝试了以下代替&#34; HERE 1&#34;部分:
var findUser = function (db, callback) {
var users = db.collection("users");
users.findOne({"email": req.body["email"], "password": req.body["password"]}).toArray(function(err, results) {
userInDb = results;
callback(results);
});
===================编辑========================
以下是实施以下内容后的样子:
mongoose.connect('mongodb://localhost:27017', function (err, db) {
app.post("/login", function(req, res) {
var emailRegex = /^(([^<>()\[\]\\.,;:\s@"]+(\.[^<>()\[\]\\.,;:\s@"]+)*)|(".+"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/;
var userInDb;
if (!req.body["email"] || !req.body["password"]) {
return res.sendStatus(403);
} else if ( !emailRegex.test(req.body["email"])) {
return res.sendStatus(403);
} else {
db.collection("users").findOne( {"email": req.body["email"], "password": req.body["password"]}, function(err, results) {
if(err || !result) {
return res.sendStatus(403);
} else {
userInDb = results;
db.close();
return res.sendStatus(200);
}
});
}
});
});
但我在终端中收到此错误:
POST request for '/login' - {"email":"johndoe@gmail.com","password":"pass"}
TypeError: Cannot read property 'collection' of undefined at app.js:30:6
这是第30行的内容:
db.collection("users").findOne( {"email": req.body["email"], "password": req.body["password"]}, function(err, results) {
集合是否需要存储在安装MongoDB时设置的/db/data/文件夹以外的其他位置,是否需要mongoose.connect直接访问users集合或其他内容?
答案 0 :(得分:0)
findOne是一个异步函数,你必须把这里的代码放在回调函数2上,如下所示:
db.collection("users").findOne( {"email": req.body["email"], "password": req.body["password"]} ).toArray(function(err, results) {
// ***** HERE 2 ******
var emailInDb = userInDb["email"];
var passwordInDb = userInDb["password"];
.....
});
然后,您忘记检查错误和结果,
db.collection("users").findOne( {"email": req.body["email"], "password": req.body["password"]} ).toArray(function(err, results) {
if(err || !result)
res.sendStatus(403);
// ***** HERE 2 ******
var emailInDb = userInDb["email"];
var passwordInDb = userInDb["password"];
.....
});
然后,你用toArray函数调用findOne,为什么?你只需要1个结果,你不需要改变它。此外,您不能将结果用作数组,因此请将其替换为
db.collection("users").findOne( {"email": req.body["email"], "password": req.body["password"]}, function(err, results) {
if(err || !result)
return res.sendStatus(403);
// ***** HERE 2 ******
var emailInDb = userInDb["email"];
var passwordInDb = userInDb["password"];
.....
});
最后,在mongo调用之前进行控制,以防止无用的数据库调用,无需检查(req.body [&#34; email&#34;]!= emailInDb)&amp;&amp; (req.body [&#34;密码&#34;]!= passwordInDb),因为它已在mongo查询中完成。
最终代码:
var emailInDb = userInDb["email"];
var passwordInDb = userInDb["password"];
if (!req.body["email"] || !req.body["password"]) {
return res.sendStatus(403);
} else if ( !emailRegex.test(req.body["email"])) {
return res.sendStatus(403);
} else {
db.collection("users").findOne( {"email": req.body["email"], "password": req.body["password"], function(err, results) {
if(err || !result)
return res.sendStatus(403);
else
{
userInDb = results;
db.close();
return res.sendStatus(200);
}
});
});
}
其他优化:
您不需要将您的呼叫置于mongo db connect回调中。
在db
中哈希密码================编辑============= 不要使用db.collection
文件app.js
var mongoose = require("mongoose");
var User = require("./models/User");
mongoose.connect('mongodb://localhost:27017');
app.post("/login", function(req, res) {
var emailRegex = /^(([^<>()\[\]\\.,;:\s@"]+(\.[^<>()\[\]\\.,;:\s@"]+)*)|(".+"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/;
var userInDb;
if (!req.body["email"] || !req.body["password"]) {
return res.sendStatus(403);
} else if ( !emailRegex.test(req.body["email"])) {
return res.sendStatus(403);
} else {
Users.findOne( {"email": req.body["email"], "password": req.body["password"]}, function(err, results) {
if(err || !results) {
return res.sendStatus(403);
} else {
return res.sendStatus(200);
}
});
}
});
app.listen(....
文件模型/ User.js
var mongoose = require('mongoose');
var userSchema = new mongoose.Schema({
// auth fields
email: {type: String, unique: true, lowercase: true },
password: {type: String, default: ""}
... other fields
});
module.exports = mongoose.model('User', userSchema);