我已经开始构建我的第一个NodeJs应用程序了。我是AdonisJs的框架。
我创建了一个简单的用户注册页面,用户可以从该页面成功注册。之后,当我进入登录页面以记录该用户时,它的request.auth.attempt(email, password)
方法不会对现有用户进行身份验证。这是我到目前为止编码的内容:
authenticator: 'session',
/*
|--------------------------------------------------------------------------
| Session Authenticator
|--------------------------------------------------------------------------
|
| Session authenticator will make use of sessions to maintain the login
| state for a given user.
|
*/
session: {
serializer: 'Lucid',
model: 'App/Model/User',
scheme: 'session',
uid: 'email',
password: 'password'
},
const Route = use('Route')
// Register
Route.get('register', 'AuthController.showRegisterPage')
Route.post('register', 'AuthController.register')
// Login
Route.get('login', 'AuthController.showLoginPage')
Route.post('login', 'AuthController.login')
// Logout
Route.get('logout', 'AuthController.logout')
/**
* Handle user registration
*/
* register(request, response) {
// validate form input
const rules = {
name: 'required',
username: 'required|unique:users',
email: 'required|email|unique:users',
password: 'required|confirmed|min:6'
}
const messages = {
'name.required': 'Name field is required.',
'username.required': 'Username field is required.',
'username.unique': 'Username field must have a unique value.',
'email.required': 'Email field is required.',
'email.unique': 'Email field must have a unique value.',
'password.required': 'Password field is required.',
'password.confirmed': 'Password/Confirm Password fields does not match.'
}
const validation = yield Validator.validateAll(request.all(), rules, messages)
// show error messages upon validation fail
if (validation.fails()) {
yield request
.withAll()
.andWith({ errors: validation.messages() })
.flash()
return response.redirect('back')
}
const user = new User()
user.name = request.input('name')
user.username = request.input('username')
user.email = request.input('email')
user.password = yield Hash.make(request.input('password'))
yield user.save()
yield response.sendView('auth.register', {message: {type: 'success', text: 'Registration successful. You can login now.'} })
}
/**
* Handle user authentication
*/
* login(request, response) {
const email = request.input('email')
const password = request.input('password')
// validate form input
const rules = {
email: 'required|email',
password: 'required'
}
const messages = {
'email.required': 'Email field is required.',
'password.required': 'Password field is required.'
}
const validation = yield Validator.validateAll(request.all(), rules, messages)
// show error messages upon validation fail
if (validation.fails()) {
yield request
.withAll()
.andWith({ errors: validation.messages() })
.flash()
return response.redirect('back')
}
try {
yield request.auth.attempt(email, password)
response.route('/')
} catch (e) {
yield response.sendView('auth.login', {message: {type: 'error', text: 'Invalid credentials. Please try again.'} })
}
}
'use strict'
const Lucid = use('Lucid')
const Hash = use('Hash')
class User extends Lucid {
static boot () {
super.boot()
/**
* Hashing password before storing to the
* database.
*/
this.addHook('beforeCreate', function * (next) {
this.password = yield Hash.make(this.password)
yield next
})
}
apiTokens () {
return this.hasMany('App/Model/Token')
}
}
module.exports = User
每次我尝试登录时,它总是在登录方法中执行catch
部分。我不知道发生了什么。有人请帮助我。
答案 0 :(得分:2)
这是因为您要两次哈希密码。
如果您查看User
模型,可以使用bcrypt
对密码进行哈希处理,然后再将其创建到数据库中。
在注册工作流程中,您还要对密码进行哈希处理。
const user = new User()
user.name = request.input('name')
user.username = request.input('username')
user.email = request.input('email')
user.password = yield Hash.make(request.input('password')) // here
yield user.save().
这就是为什么它不起作用 您必须删除控制器方法上的散列部分。
请注意,Adonis 4.0已经发布,所以如果你开始一个新项目,你可能想要使用这个版本,而不是使用3.2。