我正在制作一个登录系统,并使用bcrypt来散列密码。 但是现在当我尝试登录时,我得到了一个错误,说referenceerror:hash不是定义的。如果有人能帮助我,告诉我在哪里以及如何声明hash,我将非常感谢。 这是我的login.js代码。
var mysql = require('mysql');
var express = require('express');
var session = require('express-session');
var bodyParser = require('body-parser');
var bcrypt= require('bcrypt');
var path = require('path');
var connection = mysql.createConnection({
host : 'localhost',
user : 'root',
password : 'sahoolat1',
database : 'fyp_sahoolat'
});
var app = express();
app.use(session({
secret: 'secret',
resave: true,
saveUninitialized: true
}));
app.use(bodyParser.urlencoded({extended : true}));
app.use(bodyParser.json());
app.get('/', function(request, response) {
response.sendFile(path.join(__dirname + '/welcome.html'));
});
app.post('/auth', function(request, response) {
var number = request.body.number;
var password = request.body.pwd;
if (number && password) {
bcrypt.compare(password, hash, function(err, result) {
connection.query('SELECT fyp_helpers.Mobile_number AS number FROM fyp_helpers WHERE Mobile_number = ? AND Password = ? UNION SELECT fyp_employers.Employer_Contact AS number FROM fyp_employers WHERE Employer_Contact = ? AND Employer_Password = ?', [number, password, number, password], function(error, results, fields) {
if (error) {
console.error("An error occurred:", error);
response.send('Oops, something went wrong!');
} else if (results.length > 0) {
request.session.loggedin = true;
request.session.number = number;
response.redirect('/home');
} else {
response.send('Incorrect Username and/or Password!');
}
response.end();
});
});
}
else {
response.send('Please enter Username and Password!');
response.end();
}
});
app.get('/home', function(request, response) {
if (request.session.loggedin) {
response.send('Welcome back, ' + request.session.number + '!');
} else {
response.send('Please login to view this page!');
}
response.end();
});
app.listen(3000);
这是完全错误:
ReferenceError: hash is not defined
at C:\Users\palwasha\sahoolat-master\login.js:29:31
at Layer.handle [as handle_request] (C:\Users\palwasha\sahoolat-master\node_modules\express\lib\router\layer.js:95:5)
at next (C:\Users\palwasha\sahoolat-master\node_modules\express\lib\router\route.js:137:13)
at Route.dispatch (C:\Users\palwasha\sahoolat-master\node_modules\express\lib\router\route.js:112:3)
at Layer.handle [as handle_request] (C:\Users\palwasha\sahoolat-master\node_modules\express\lib\router\layer.js:95:5)
at C:\Users\palwasha\sahoolat-master\node_modules\express\lib\router\index.js:281:22
at Function.process_params (C:\Users\palwasha\sahoolat-master\node_modules\express\lib\router\index.js:335:12)
at next (C:\Users\palwasha\sahoolat-master\node_modules\express\lib\router\index.js:275:10)
at jsonParser (C:\Users\palwasha\sahoolat-master\node_modules\body-parser\lib\types\json.js:101:7)
at Layer.handle [as handle_request] (C:\Users\palwasha\sahoolat-master\node_modules\express\lib\router\layer.js:95:5)
bcrypt.compare(密码,哈希,回调)
Bcrypt.compare需要3个参数
>
输入的密码,在您的情况下为request.body.pwd
正在与通常存储在数据库中的request.body.pwd进行比较的密码
比较后将调用的回调
在您的情况下,您没有提供任何散列密码,这就是显示错误的原因
请查看此处的文档https://www.npmjs.com/package/bcrypt
我建议使用以下代码验证密码
if (number && password) {
var sql = `SELECT
fyp_helpers.Mobile_number AS number,
fyp_helpers.Password AS Password
FROM fyp_helpers
WHERE Mobile_number = ?
UNION
SELECT
fyp_employers.Employer_Contact AS number ,
fyp_employers.Employer_Password AS Employer_Password
FROM fyp_employers
WHERE Employer_Contact = ?`;
connection.query(sql, [number, number], function (error, results, fields) {
if (results.length > 0) {
var hashedPassword = result[0].Password;
bcrypt.compare(password, hashedPassword, function (cryptErr, cryptResult) {
if (cryptResult) {
request.session.loggedin = true;
request.session.number = number;
response.redirect('/home');
} else {
response.send('Incorrect Password!');
console.log(cryptErr);
}
response.end();
});
} else {
response.send('User not registered');
}
});
}
希望这有帮助
