登录时Bcrypt密码比较失败

Question

当我尝试使用定义的url登录时，在加密比较密码时，它会失败。

登录路径：-

router.post('/:compId/administration/login' , (req, res, next) => {

    Admin.find({'admins.email': req.body.email},{ companyID: req.params.compId })
    .exec()
    .then(admin => {
        if(admin.admins.length < 1) {
            return res.status(401).json({
                message: "Auth failed. admin not found."
            })
        }
        bcryptt.compare(req.body.password, admin.admins.password, (err, result) =>{
            if (err) {
                return res.json({
                message: "Auth failed. Check email and password"
                });             
            }                   
            if (result && admin.admins.verified === "true"){
                const adminEmaill = "xyz@info.com";
                const role2 = admin.admins.email===adminEmaill? "superadmin" : "admin";
                const token = jwt.sign( 
                    {
                        email: admin.admins.email,
                        phoneNo: admin.admins.phoneNumber,
                        role2,
                        comID: admin.admins.companyID
                    },
                    process.env.JWT_KEY,
                    {
                        expiresIn : "1h"
                    });
                    return res.status(200).json({
                    message: "Auth Successful",
                    token : token
                    }); 
            }
            else{
                console.log("admin is not verified");   
                return res.json({
                message: "Admin is not verified"
                }); 
            }
        });
    })
    .catch(err =>{
        if (err.code == 500)
                    res.status(500).send(["Something went wrong in login"]);
            else
            return next(err);
    }); 
});

在响应时，它不是在验证我的用户并在响应中抛出message: "Auth failed. Check email and password"。

我认为定义密码路径时出现错误。

我的模型：-

var adminSchema = new mongoose.Schema({
    companyName : {
                type: String,
                required: "Company  name can't be empty.",
                required: false
                },  
    companyID:  {
                type: String,
                },              
    admins:     {
                        email :     {
                                    type: String,
                                    required: "Email can't be empty.",
                                    unique: true
                                    },
                        password:   {
                                    type: String,
                                    required: "Password name can't be empty."
                                    },
                        firstName : {
                                    type: String,
                                    required: "First name can't be empty."
                                    },
                        lastName : {
                                    type: String,
                                    required: "Last name can't be empty."
                                    },  
                        phoneNumber :   {
                                    type: String,
                                    required: "Reqired for further contact. Can't be empty."
                                    },
                        verified: String,                               
                        role: String,
                        emailResetTokenn: String,
                        saltSecret: String,
                        users:[ userSchema ]    
    }           
});


adminSchema.pre('save', function (next){
    bcryptt.genSalt(10, (err, salt) => {
        bcryptt.hash(this.admins.password, salt, (err, hash) => {
            this.admins.password = hash ;
            this.admins.saltSecret = salt;
            next();
        });
    });
});

我不明白为什么要得到这个？我的密码定义正确吗？嵌套对象中有密码时该怎么办？

Answer 1

您需要在猫鼬模型上调用findOne方法。

 Admin.findOne({'admins.email': req.body.email, companyID: req.params.compId}) ...

find方法的结果是一个数组