身份验证正常进行,但是每当我输入错误的电子邮件地址时,我的服务器就会崩溃

时间:2019-04-23 06:12:59

标签: node.js reactjs oracledb

每当我输入错误的电子邮件地址时,服务器就会崩溃,我理解了这个问题,但是谁能告诉我如何解决这个问题。 问题:在此仅对密码进行身份验证,如果密码错误,则会给我正确的错误,即“电子邮件或地址不正确”,但是当我尝试使用错误的电子邮件地址时却没有给出此错误。 因此,从总结的角度来看,我也需要对电子邮件地址进行身份验证。

Logins.js(API)

 var oracledb = require('oracledb');
var bcrypt = require('bcrypt');
var jwt = require('jsonwebtoken');
var config = require(__dirname + '../../config.js');
import { Redirect } from 'react-router'
// var redirect = require("express-redirect");
// var express = require("express");
//var passport = require('passport');
//var LocalStrategy = require('passport-local').Strategy;
//var history = require('history');
//import post from './users';
//var cors = require('cors');
// var history = require('browser-history');
// var app = express();
// redirect(app);
// const targetBaseUrl = '/Signup';

function post(req, res, next) {
    console.log('oye')
    oracledb.getConnection(
        config.database,
        function(err, connection){
            if (err) {
                console.log('haha')
                return next(err);
                // console.log(err);
            }
            console.log('fuha')

            connection.execute(
                'select id as "id", ' +
                '   email as "email", ' +
                '   password as "password", ' +
                '   role as "role" ' +
                'from jsao_users ' +
                'where email = :email',
                {
                    email: req.body.email.toLowerCase()
                },
                {
                    outFormat: oracledb.OBJECT
                },
                function(err, results){
                    var user;
                    console.log('huo')
                    console.log(err)
                    //console.log(results)
                        console.log(results.rows[0])
``````````````````````````````````````````````````````````````````````
                    if (results.rows[0] === undefined) {
                        console.log('hiiiiiii')
                        return <Redirect to='/Signup'  />
                        // app.redirect(targetBaseUrl);
                        // history.push("/Main");
                    }
``````````````````````````````````````````````````````````````````
                    //     else {connection.release(function(err) {
                    //         console.log('hy')
                    //         if (err) {
                    //             console.log('joker')
                    //             console.error(err.message);
                    //         }
                    //     });

                    //     return next(err);
                    //     // console.log(err);
                    // }

                    user = results.rows[0];
                    //debugger;

                    console.log(user)
                    bcrypt.compare(req.body.password,user.password, function(err, pwMatch) {
                        var payload;

                        if (err) {
                            console.log('wrong');
                            return next(err);
                        }

                        /*if (result == true) {
                            //res.redirect('http://localhost:3000/Main');
                            //res.end();
                        } 

                        else {
                         res.send('Incorrect password');
                         //res.redirect('/Signin');
                         //res.end();
                        }

                        /*if(req.body.password != user.password){
                            res.json({success: false, message: 'passwords do not match'});
                        }*/
                        /*if(req.body.password == user.password) {
                            this.props.history.push("/Main");
                        }*/
                        if(pwMatch) {
                             //this.props.history.push("/Main");
                             console.log("password matched");
                        }
                        else {
                            res.status(401).send({message: 'Invalid email or password.'});
                            return;
                        }

                        payload = {
                            sub: user.email,
                            role: user.role
                        };

                        res.status(200).json({
                            user: user,
                            token: jwt.sign(payload, config.jwtSecretKey, {expiresIn: "60m" }),

                        });
                    });
                    //res.status(404).end();
                    connection.release(function(err) {
                        if (err) {
                            console.error(err.message);
                        }
                    }); 

                });
        }
    );
}

module.exports.post = post;



Signin.js (Front-end)

import React, { Component } from "react";
import { Button, FormGroup, FormControl, ControlLabel } from "react-bootstrap";
import axios from 'axios';
import "./Signin.css";

class Signin extends Component {
  constructor(props) {
    super(props);

    this.state = {
      email: "",
      password: ""
    };
  }

  validateForm() {
    return this.state.email.length > 0 && this.state.password.length > 0;
  }

  handleChange = event => {
    this.setState({
      [event.target.id]: event.target.value
    });
  }
```````````````````````````````````````````````````````````````
  handleSubmit = event => {
    event.preventDefault();
    const user = {
        email: this.state.email,
        password : this.state.password
      };
  // API CALL
      axios.post(`http://localhost:4000/api/logins`, user)
        .then(res => {
          console.log(res);
          console.log(res.data);
          //console.log("successful");
        })
        //this.props.history.push("/Main");
  }
`````````````````````````````````````````````````````````````````````
  render() {
    return (
      <div className="Login">
        <form onSubmit={this.handleSubmit}>
          <FormGroup controlId="email" bsSize="large">
            <ControlLabel>Email</ControlLabel>
            <FormControl
              autoFocus
              type="email"
              value={this.state.email}
              onChange={this.handleChange}
            />
          </FormGroup>
          <FormGroup controlId="password" bsSize="large">
            <ControlLabel>Password</ControlLabel>
            <FormControl
              value={this.state.password}
              onChange={this.handleChange}
              type="password"
            />
          </FormGroup>
          <Button
            block
            bsSize="large"
            disabled={!this.validateForm()}
            type="submit"
          >
            Login
          </Button>
        </form>
      </div>
    );
  }
}

export default Signin;


The expected result for the wrong email address is "Invalid email or password"
But instead getting this error:
C:\Users\anura\Desktop\reactApp\eclaims\src\Backend\routes\logins.js:49
                    bcrypt.compare(req.body.password,user.password, function(err, pwMatch) {
                                                          ^

TypeError: Cannot read property 'password' of undefined
    at C:\Users\anura\Desktop\reactApp\eclaims\src\Backend\routes\logins.js:49:59
    at fetchRowsCb (C:\Users\anura\Desktop\reactApp\eclaims\src\Backend\node_modules\oracledb\lib\connection.js:109:7)
[nodemon] app crashed - waiting for file changes before starting...

2 个答案:

答案 0 :(得分:0)

该应用程序崩溃是因为您没有引发异常并在找不到用户时出错,并立即返回,因为电子邮件无效,用户变量为null,您无法读取null或未定义的属性密码

if (err) {
   connection.release(function(err) {
      if (err) {
         console.error(err.message);
      }
   });
   // MUST RETURN HERE !!!
   //return next(err);
   console.log(err);
}

user = results.rows[0];
// user IS NULL HERE, CANNOT READ PROPERTY OF NULL OR UNDERFINED

//debugger;
bcrypt.compare(req.body.password,user.password, function(err, pwMatch) {

答案 1 :(得分:0)

在您的callback中,如果在db中找不到条目,​​则检查空值。

function(err, results){
  var user;
  ...

  // put check for empty value if no entries found
  if (results.length === 0) {
    res.status(401).send({message: 'Invalid email or password.'});
  } else {
    // rest of your code
    user = results.rows[0];
    //debugger;
    bcrypt.compare(req.body.password,user.password, function(err, pwMatch) {
      var payload;
    }
    ...
  }
}