Mongoose 预保存中间件不会触发/将哈希密码保存到数据库

问题描述 投票:0回答:3

我正在尝试在 next.js 项目中的 mongoose 中使用 bcrypt 预先保存密码并对其进行哈希处理,但密码仍未经过哈希处理。我尝试了 stackoverflow 中的每个链接,但没有解决它,密码仍然保存为未哈希值。 猫鼬版本:6.9.1

这是我的 users.model 文件:

import {
  models,
  model,
  Schema,
} from 'mongoose';
import bcrypt from 'bcrypt';

const UserSchema: Schema = new Schema({
  email: {
    type: String,
    required: true,
    unique: true,
  },
  password: {
    type: String,
    required: true,
  },
  displayName: {
    type: String,
    required: true,
  },
  role: {
    type: String,
  },
});

UserSchema.pre('save', function (next) {
  console.log('Pre-Save Hash has fired.');
  let user = this;
  bcrypt.genSalt(10, (err, salt) => {
    if (err) console.error(err);
    bcrypt.hash(user.password, salt, (err, hash) => {
      user.password = hash;
      next();
    });
  });
});

const UserModel = models.Users || model('Users', UserSchema, 'users');

export default UserModel;

这是我添加的功能文件:

import dbConnect from '@/utils/mongodb';
import UserModel from '@/models/user.model';
import { NextApiRequest, NextApiResponse } from 'next';
import { MongoError } from 'mongodb';
export default async function handler(
  req: NextApiRequest,
  res: NextApiResponse
) {
  // const { email, password } = req.query;
  try {
    dbConnect();
    const query = req.body;
    const newUser = new UserModel(query);
    const addedUser= await newUser.save(function (err: MongoError) {
      if (err) {
        throw err;
      }
    });
    res.status(200).json(addedUser);
  } catch (error) {
    console.error(error);
    res.status(500).json({ message: 'Internal server error' });
  }
}

我看不到“预保存哈希已触发”。在我的控制台中也..

mongodb mongoose next.js
3个回答
0
投票
// You need to add user.isModified("password")
userSchema.pre("save", function (next) {
  var user = this;
  if (user.isModified("password")) {
    bcrypt.genSalt(SALT_I, (err, salt) => {
      if (err) {
        return next(err);
      }
      bcrypt.hash(user.password, salt, (err, hash) => {
        if (err) {
          return next(err);
        }
        user.password = hash;
        next();
      });
    });
  } else {
    next();
  }
});
userSchema.methods.comparePassword = function (candidatePassword, cb) {
  bcrypt.compare(candidatePassword, this.password, (err, isMatch) => {
    if (err) return cb(err);
    cb(null, isMatch);
  });
};



// to make register end point
import mongoose from "mongoose";
import User from "../../../models/User";

const dbConnect = async () => {
  mongoose
    .connect("mongodb://localhost:27017/test")
    .then(() => {
      console.log("Connected to mongoDb");
    })
    .catch((error) => {
      console.log(error);
    });
};
export default async function handler(req, res) {
  try {
    await dbConnect();
    const query = req.body;
    const newUser = new User(query);
    await newUser.save(function (err, result) {
      if (err) {
        throw err;
      } else {
        res.status(200).json(result);
      }
    });
  } catch (error) {
    console.error(error);
    res.status(500).json({ message: "Internal server error" });
  }
}
0
投票

谢谢大家。 问题出在我的 dbconnect 文件中!

0
投票
userSchema.pre('save', async function (next) {
    const user = this;
    if (user.isModified('password')) {
        user.password = await bcrypt.hash(user.password, 8)
    }
    next()
})

您还可以使用 async wait 和简写语法来完成此操作

最新问题
© www.soinside.com 2019 - 2024. All rights reserved.