2017-01-09 80 views
0

我正在使用NodeJS的身份驗證API系統。 /Signup API端點工作正常,但/authenticate不是。每次我打電話給/authenticate端點時,即使提供了有效的用戶,我也會得到error message: 'Could not authenticate user'; 以下是我的代碼。請告訴我,我在做什麼錯在這裏我的API路由不工作; NodeJS

var express = require("express"); 
var mongoose = require("mongoose"); 

var User = require("../models/user"); 

module.exports = function (router) { 
    router.post('/signup', function (req,res) { 
     var user = new User(); 
     user.local.username = req.body.username; 
     user.local.email = req.body.email; 
     user.local.password = req.body.password; 

     if (req.body.username == null || req.body.username == '' || req.body.email == null || req.body.email == '' || req.body.password == null || req.body.password == '') { 
      res.json({success:false, message:'Ensure username, email and password were provided'}); 
     } else { 
      user.save(function (err, data) { 

       if (err) res.json({success:false, message:'Username or Email already exists!'}); 
         // console.log(err.errors) 
       res.json({success:true, message:'New user created', data:data}); 
       console.log(data) 
      }); 
     } 
    }) 

    router.post('/authenticate', function (req,res) { 
     User.findOne({username: req.body.username}).exec(function (err,user) { 
      if(err) 
       return res.send(err); 

      if (!user) { 
       res.json({success:false, message: 'Could not authenticate user'}); 
      } else if(user){ 
       var validPassword = user.comparePassword(req.body.password) 
       if (!validPassword) { 
        res.json({success:false, message: 'Could not authenticate password'}); 
       } else{ 
        res.json({success:true, message: 'User authenticated'}); 
       } 
      } 
     }); 
    }); 
} 

編輯
用戶模型:

var mongoose = require('mongoose'); 
var Schema = mongoose.Schema; 
var bcrypt = require('bcrypt-nodejs'); 

// define the schema for our user model 
var userSchema = new Schema({ 

    local   : { 
     username  : {type:String,unique:true,required:true, lowercase:true}, 
     email  : {type:String,unique:true,required:true, lowercase:true}, 
     password  : String 
    }, 

    created_at  : {type:Date, default:Date.now}, 
    updated_at  : {type:Date, default:Date.now} 

}); 

userSchema.pre('save', function(next){ 
    var user = this;  
    var now = new Date();  
    user.updated_at = now;  
    if(!user.created_at){   
     user.created_at = now  
    }   
    bcrypt.hash(user.local.password, null, null, function (err, hash) { 
     if(err) return next(err) 
     user.local.password = hash; 
     next();  }) 

}); 

// checking if password is valid 
userSchema.methods.comparePassword = function(password) { 
    return bcrypt.compareSync(password, this.local.password); }; 

// create the model for users and expose it to our app 
module.exports = mongoose.model('User', userSchema); 
+0

我認爲你的密碼處理是問題 - 你能展示用戶模型嗎?特別是預鉤子和comparePassword? – Zlatko

+0

你是否收到req.body.password的密碼? – Lazyexpert

+0

,你確定你正在嘗試讀取的mongo文檔結構與保存的相同嗎? – Lazyexpert

回答

1

剛纔看到的錯誤的,你有裏面的本地用戶名。

router.post('/authenticate', function (req,res) { 
    User.findOne({'local.username': req.body.username}).exec(function (err,user) { 
     if(err) 
      return res.send(err); 
     else{ 
      } 
    }); 
+0

哦,你是的。感謝你的殺手憧憬。 – AllJs