如何在節點js中創建並保存過期的用戶令牌？

Question

嗨，所以我遇到過這個問題，用於在節點js的crypto上創建一個隨機令牌。

require('crypto').randomBytes(48, function(ex, buf) { 
    var token = buf.toString('hex'); 
}); 

我想弄清楚如何將它添加到我的路線文件在這裏？我已經將我的貓鼬模式中的令牌字段設置爲類型字符串。

exports.forgotPasswordPost = function(req, res, next) { 
    console.log("Forgot Password Post"); 
    if(req.body.email === '') { 
     console.log('err'); 
    } else { 
    crypto.randomBytes(48, function(ex, buf) { 
     var userToken = buf.toString('hex'); 
     console.log(userToken); 
     User.findOne({email: (req.body.email)}, function(err, usr) { 
      if(err || !usr) { 
       console.log('err');    
      } 
      console.log(usr); 
      usr.token = new User({token: userToken}); 
      usr.save(function(err, usr){ 
       res.redirect('login', {title: 'Weblio', message: 'Your token was sent by email. Please enter it on the form below.'}); 
      }); 
     }); 
    }); 
    } 
}; 

貓鼬文件：

var mongoose = require('mongoose'), 
    Schema = mongoose.Schema, 
    ObjectId = mongoose.Schema.Types.ObjectId, 
    bcrypt = require('bcrypt-nodejs'), 
    SALT_WORK_FACTOR = 10; 



var UserSchema = new Schema({ 
    email: { type: String, required: true, lowercase:true, index: { unique: true } }, 
    password: { type: String, required: true }, 
    firstName: {type: String, required: true}, 
    lastName: {type: String, required: true}, 
    phone: {type: Number, required: true}, 
    birthday: {type: Date, required: true}, 
    friendRequest: {type: Object}, 
    notifications: {type: Object}, 
    friend: {type: Object}, 
    date_created: {type: Date}, 
    token: {type: String}, 
    tokenCreated: {type: Date, default: Date.now} 
}, {collection: "users"}); 


UserSchema.methods.hasExpired = function() { 
    var now = new Date(); 
    return (now - createDate) > 2; 
}; 

module.exports = mongoose.model('User', UserSchema); 

這是查詢結果：

 "token" : "{ token: 'fa9e573e5ec8ed6d7bf53c9296f703b4ea6895c0a5438a0e0c4 
b9a43f4db9bce7dd55e82c3188056efdc9ab53b9b5185',\n _id: 51fe1bcaa32f6b300c000001 
}" 

我剛剛更新了我對它的新的使用的代碼，包括我的貓鼬架構太..

Answer 1

首先，用戶令牌應該是一個型號：

var mongoose = require('mongoose'); 
var Schema = mongoose.Schema; 

var Token = new Schema({ 
    token: {type: String}, 
    createDate: {type: Date, default: Date.now} 
}); 

Token.methods.hasExpired= function(){ 
    var now = new Date(); 
    return (now - createDate) > 7; //token is a week old 
}; 

//don't forget to add the token as a field in your user 

mongoose.model('Token', Token); 

接下來，在路由器中，else子句中，我會改變你的findOneAndUpdate到findOne，因爲你沒有更新整個User對象，而只是它的屬性。

require('crypto').randomBytes(48, function(ex, buf) { 
    var userToken = buf.toString('hex'); 
    User.findOne({email: (req.body.email)}, function(err, usr) { 
      if(err || !usr) { 
       console.log('err');    
      } 
      usr.token = new Token(token:userToken); 
      usr.save(function(err, usr){ 
       res.redirect('recoverPassword', {title: 'Weblio', message:'Your token was sent by email. Please enter it on the form below.'}); 
      }; 
     }); 
}); 

在不同的路線，你的用戶張貼他的道理，你會做到以下幾點：

exports.postToken = function(req, res, next) { 
    if(req.body.token === '') { 
     console.log('err'); 
    } else { 
     User.findOne({email: (req.body.email)}, function(err, usr) { 
      if(err || !usr) { 
       console.log('err');    
      } 
      if(usr.token == req.body.token && !usr.tokenHasExpired()) { 
       usr.token = undefined; 
       usr.tokenCreated = undefined; 
       usr.save(function(err, usr){ 
        res.redirect('index', {title: 'Weblio', message: 'Here is your password. Please dont lose it again', password: usr.password}); 
      }); 
      } else { 
       res.redirect('recoverPassword', {title: 'Weblio', message:'The token is not set, or has expired. Though luck!'}); 
      } 
     }); 
    }); 
};