我建立了一个基本应用程序,让用户在role是company的地方注册,然后我希望公司创建像manager,team lead这样的子用户,hr等。这样的想法是子用户将链接到我的公司用户。目前,我设置了/register路由来处理初始注册。现在,我希望能够将newUser.role设置为manager,并将newUser.companyID设置为req.user.companyID。
我正在为此使用护照JS,并且想知道当我打算使用/user/create作为我的第二个POST路线来调用此护照策略时,应该如何改变我的注册策略以处理此问题。还是我最好创建另一种可以处理这些子用户的策略?
护照注册策略:
passport.use('signup', new LocalStrategy({
usernameField: 'email',
passReqToCallback : true
},
function(req, email, password, done) {
User.findOne({ email: req.body.email }, function(err, existingUser) {
if(err){
console.log(err);
}
if (existingUser) {
req.flash('form', {
email: req.body.email
});
return done(null, false, req.flash('error', 'An account with that email address already exists.'));
}
// edit this portion to accept other properties when creating a user.
var user = new User({
email: req.body.email,
password: req.body.password, // user schema pre save task hashes this password
role: 'company'
});
user.save(function(err) {
if (err) return done(err, false, req.flash('error', 'Error saving user.'));
var token = new Token({ _userId: user._id, token: crypto.randomBytes(16).toString('hex') });
token.save(function (err) {
if (err) return done(null, false, req.flash('error', err.message));
var email = req.body.email;
// Send the email for the token
var message = 'Hello,\n\n' + 'Please verify your account by clicking the link: \nhttp:\/\/' + req.headers.host + '\/user/confirmation\/' + token.token + '\/' + email + '\n';
sendEmail('"Site name" noreply@domain.com', user.email, 'Account Verification Token', message);
});
var time = 14 * 24 * 3600000;
req.session.cookie.maxAge = time; //2 weeks
req.session.cookie.expires = new Date(Date.now() + time);
req.session.touch();
return done(null, user, req.flash('success', 'A verification email has been sent to ' + user.email + '. Verfication token expires in 12 hours.'));
});
});
})
);