密码重置在环回3.0中不起作用

时间:2019-04-01 13:50:32

标签: node.js loopbackjs

我一直在尝试在使用nodejs和loopback版本3.0的项目中实现重置密码功能。回送为user.js中的此重置密码功能提供了内置方法。 当我运行项目并测试重置密码时,它运行时没有出现任何错误,但未收到电子邮件。

这是环回提供的用于密码重置功能的内置方法。

 User.resetPassword = function(options, cb) {
    // console.log("options : "+options);
    // console.log("cb : "+cb);
    cb = cb || utils.createPromiseCallback();
    var UserModel = this;
    var ttl = UserModel.settings.resetPasswordTokenTTL || DEFAULT_RESET_PW_TTL;
    options = options || {};
    if (typeof options.email !== 'string') {
      var err = new Error(g.f('Email is required'));
      err.statusCode = 400;
      err.code = 'EMAIL_REQUIRED';
      cb(err);
      return cb.promise;
    }

    try {
      if (options.password) {
        UserModel.validatePassword(options.password);
      }
    } catch (err) {
      return cb(err);
    }
    var where = {
      email: options.email,
    };
    if (options.realm) {
      where.realm = options.realm;
    }
    UserModel.findOne({where: where}, function(err, user) {
      if (err) {
        return cb(err);
      }
      if (!user) {
        err = new Error(g.f('Email not found'));
        err.statusCode = 404;
        err.code = 'EMAIL_NOT_FOUND';
        return cb(err);
      }
      // create a short lived access token for temp login to change password
      // TODO(ritch) - eventually this should only allow password change
      if (UserModel.settings.emailVerificationRequired && !user.emailVerified) {
        err = new Error(g.f('Email has not been verified'));
        err.statusCode = 401;
        err.code = 'RESET_FAILED_EMAIL_NOT_VERIFIED';
        return cb(err);
      }

      if (UserModel.settings.restrictResetPasswordTokenScope) {
        const tokenData = {
          ttl: ttl,
          scopes: ['reset-password'],
        };
        user.createAccessToken(tokenData, options, onTokenCreated);
      } else {
        // We need to preserve backwards-compatibility with
        // user-supplied implementations of "createAccessToken"
        // that may not support "options" argument (we have such
        // examples in our test suite).
        user.createAccessToken(ttl, onTokenCreated);
      }

      function onTokenCreated(err, accessToken) {
        if (err) {
          return cb(err);
        }
        cb();
        UserModel.emit('resetPasswordRequest', {
            email: options.email,
            accessToken: accessToken,
            user: user,
            options: options,
          }
        );
      }
    });

    return cb.promise;
  };

When i enter the email from loopback api for password reset it gives no errors in the console but the email is not working.

在此过程中将调用方法resetPassword。该方法内部的控制台日志如下所示。

{ email: '**********@gmail.com',
  authorizedRoles: { '$everyone': true } }
[Function: callback]

让我感到困惑的是验证电子邮件方法正在起作用 该文件也内置在user.js中。发送验证电子邮件后,控制台中将显示以下内容。

mx resolved:  [ { exchange: 'alt1.gmail-smtp-in.l.google.com', priority: 10 },
  { exchange: 'alt2.gmail-smtp-in.l.google.com', priority: 20 },
  { exchange: 'gmail-smtp-in.l.google.com', priority: 5 },
  { exchange: 'alt4.gmail-smtp-in.l.google.com', priority: 40 },
  { exchange: 'alt3.gmail-smtp-in.l.google.com', priority: 30 } ]
MX connection created:  alt1.gmail-smtp-in.l.google.com
recv gmail.com>220 mx.google.com ESMTP 1si9238203plw.390 - gsmtp
send gmail.com>EHLO gmail.com
recv gmail.com>250-mx.google.com at your service, [112.135.5.40]
recv gmail.com>250-SIZE 157286400
recv gmail.com>250-8BITMIME
recv gmail.com>250-STARTTLS
recv gmail.com>250-ENHANCEDSTATUSCODES
recv gmail.com>250-PIPELINING
recv gmail.com>250 SMTPUTF8
send gmail.com>MAIL FROM:<hasikasadaruwan.mgtuk@gmail.com>
recv gmail.com>452 (IP, Sender) first encounter.

如果有人帮助我解决这个问题,那将是一个很大的帮助,我已经被困在这里好几天了。             提前感谢。

1 个答案:

答案 0 :(得分:2)

您必须像这样在扩展模型中处理resetPasswordRequest端点。

MyUser.on("resetPasswordRequest", function(info) {
console.log(info.email); // the email of the requested user
console.log(info.accessToken.id); // the temp access token to allow password reset

var url = "http://**********";
var html =
  'Click <a href="' +
  url +
  "?access_token=" +
  info.accessToken.id +
  '">here</a> to reset your password.</br><h2>Link will be expired in 15 minutes.';
//'here' in above html is linked to : 'http://<host:port>/reset-password?access_token=<short-lived/temporary access token>'
MyUser.app.models.Email.send(
  {
    to: info.email,
    from: senderAddress,
    subject: "Password reset",  
    html: html
  },
  function(err) {
    if (err) return console.log("> error sending password reset email");
    console.log("> sending password reset email to:", info.email);
  }
);  });

提供表单的URL。在该表单上提交,使用reset-password端点。 查看此参考:loopback-example-user-management

这对我有用。谢谢!