Hapi.js用户身份验证与mongodb问题

时间:2019-03-11 09:10:26

标签: javascript node.js mongodb authentication hapijs

现在,为了进行用户验证,我直接在代码中对用户名和密码进行了硬编码。但是我想使用数据库用户名和密码来动态地做到这一点。作为,我是hapi.js的新手,这对我来说似乎很困难。这是我的代码:

app.js

const auth = require('hapi-auth-basic');
const hapi = require('hapi'); 

mongoose.connect('mongodb://localhost:27017/db', { 
 useNewUrlParser: true }, (err) => {
   if (!err) { console.log('Succeeded.') }
   else { console.log(`Error`)}
 });

const StudentModel = mongoose.model('Student', {
  username: String,
  password: String
});

const user = {
   name: 'jon',
   password: '123'
};
 const validate = async (request, username, password, h) => {

let isValid = username === user.name && password === user.password;
    return { 
        isValid: isValid, 
        credentials: {
            name: user.name
          } 
       };
   };

 const init = async () => {

     await server.register(auth);
     server.auth.strategy('simple', 'basic', {validate});
     server.auth.default('simple');

   server.route({
      method: 'GET',
      path: '/',
      handler: async (request, h) => {
           return 'welcome';
      }
 });
 }

我尝试通过如下更改 validate 来做到这一点:

const validate = async (request, username, password, h) => {

let isValid = username === request.payload.name && password === request.payload.password;
    return { 
        isValid: isValid, 
        credentials: {
            name: request.payload.name
        } 
    };
 };

但是我很自然地收到类型错误“名称”。我该如何修改?

1 个答案:

答案 0 :(得分:0)

在这里,获取用户并签入验证方法

const validate = async (request, username, password, h) => {    
    // fetch user here 
    const user = await StudentModel.findOne({username, password}).exec();    
    // user doesn't exist
    if(!user) return {isValid: false}

    // just make sure here user really exists
    return {
        isValid: true,
        credentials: {
                name: user.name
        }
    }    
}