更新用户文档,突然无法登录Node,Express,Mongoose

问题描述 投票:0回答:1

[StackOverflow的第一篇文章,所以我去:我正在为我的朋友创建一个博客。用户可以登录,发布和更新其个人资料。在实施了基本的用户文档(用户配置文件)更新后,仍然需要解决其他问题,发生了一些令人头疼的事情。我不能再使用相同的凭据登录。我已尝试删除了更新用户名的功能,因为我认为这是与该用户登录能力有关的唯一合乎逻辑的事情,但是即使更新映像/生物信息也会导致用户无法登录。

这是我的updateProfile()

exports.updateProfile = async (req, res, next) => {

    var image = req.files.image;
    const data = {};

    if (req.body.username === '' || undefined) {
        delete req.body.username;
    } else {
        data.username = req.body.username.trim();
    }

    if (req.body.email === '' || undefined) {
        delete req.body.email;
    } else {
        data.email = req.body.email.trim();
    }

    if (req.body.bio === '' || undefined) {
        delete req.body.bio;
    } else {
        data.bio = req.body.bio.trim();
    }

    let user = await User.findById(req.session.userID);

    if (!data.username === false) {
        await user.updateOne({ username: data.username });
    }
    if (!data.email === false) await user.updateOne({ email: data.email });
    if (!data.bio === false) await user.updateOne({ bio: data.bio });
    if (image) {
        image.mv(
            path.resolve(__dirname, '..', 'public/img', image.name),
            async (error) => {
                await user.updateOne({ image: '/img/' + image.name });
            }
        );
    }

    const updatedUser = await User.findById(req.session.userID);
    user = updatedUser;

    user.save(function () {
        res.render('profile', {
            user,
        });
    });
};

这是我的用户模型:

const mongoose = require('mongoose');
const Schema = mongoose.Schema;
const bcrypt = require('bcryptjs');
var uniqueValidator = require('mongoose-unique-validator');
const validator = require('validator');

const UserSchema = new Schema({
    username: {
        type: String,
        required: [true, 'Please provide username.'],
        unique: true,
        minlength: [2, 'Name must be longer than one character.'],
    },
    email: {
        type: String,
        required: [true, 'Please provide a email.'],
        lowercase: true,
        unique: true,
        validate: [validator.isEmail, 'Please provide a valid email'],
    },
    password: {
        type: String,
        required: [true, 'Please provide password.'],
        minlength: [2, 'Password must be longer than eight characters.'],
    },
    image: {
        type: String, //PATH IN FILE SYSTEM WHERE IMAGE IS UPLOADED
        default: '/img/default-user-image.png',
    },
    role: {
        type: String,
        enum: ['Neophyte', 'admin'],
        default: 'Neophyte',
    },
    bio: {
        type: String,
        default: `Tell us about yourself...`,
    },
});

UserSchema.plugin(uniqueValidator);

UserSchema.pre('save', function (next) {
    const user = this;
    bcrypt.hash(user.password, 10, (error, hash) => {
        user.password = hash;
        next();
    });
});

const User = mongoose.model('User', UserSchema);

module.exports = User;

现在从字面上看,我正在写这篇文章,我相信UserSchema.pre('save')...是元凶。但是,因为我已经写了这么多文字,并且希望从社区中听到他们认为是推荐的解决方案的信息,或者告诉我我还有路要走,所以请告诉我! bcrypt是否再次通过密码重新加密导致锁定?

最佳!

express validation mongoose model
1个回答
0
投票

您可以检查密码是否被修改,并且仅在使用.isModified()对其进行修改时才对其进行散列处理>

UserSchema.pre('save', function (next) {
    const user = this;
    if (user.isModified('password')) {
        bcrypt.hash(user.password, 10, (error, hash) => {
            user.password = hash;
            next();
        });
    } else {
        next();
    }
});

© www.soinside.com 2019 - 2024. All rights reserved.