如何在节点js中创建和保存过期的用户令牌?
嗨所以我遇到过这个问题,因为在节点js的加密上创建一个随机令牌。
require('crypto').randomBytes(48, function(ex, buf) {
var token = buf.toString('hex');
});
我想弄清楚如何将它添加到我的路线文件中?我已经在我的mongoose模式中将一个标记字段设置为一个类型字符串。
exports.forgotPasswordPost = function(req, res, next) {
console.log("Forgot Password Post");
if(req.body.email === '') {
console.log('err');
} else {
crypto.randomBytes(48, function(ex, buf) {
var userToken = buf.toString('hex');
console.log(userToken);
User.findOne({email: (req.body.email)}, function(err, usr) {
if(err || !usr) {
console.log('err');
}
console.log(usr);
usr.token = new User({token: userToken});
usr.save(function(err, usr){
res.redirect('login', {title: 'Weblio', message: 'Your token was sent by email. Please enter it on the form below.'});
});
});
});
}
};
猫鼬文件:
var mongoose = require('mongoose'),
Schema = mongoose.Schema,
ObjectId = mongoose.Schema.Types.ObjectId,
bcrypt = require('bcrypt-nodejs'),
SALT_WORK_FACTOR = 10;
var UserSchema = new Schema({
email: { type: String, required: true, lowercase:true, index: { unique: true } },
password: { type: String, required: true },
firstName: {type: String, required: true},
lastName: {type: String, required: true},
phone: {type: Number, required: true},
birthday: {type: Date, required: true},
friendRequest: {type: Object},
notifications: {type: Object},
friend: {type: Object},
date_created: {type: Date},
token: {type: String},
tokenCreated: {type: Date, default: Date.now}
}, {collection: "users"});
UserSchema.methods.hasExpired = function() {
var now = new Date();
return (now - createDate) > 2;
};
module.exports = mongoose.model('User', UserSchema);
这是查询结果:
"token" : "{ token: 'fa9e573e5ec8ed6d7bf53c9296f703b4ea6895c0a5438a0e0c4
b9a43f4db9bce7dd55e82c3188056efdc9ab53b9b5185',\n _id: 51fe1bcaa32f6b300c000001
}"
我刚刚使用它的新用法更新了代码,并且包含了我的mongoose模式......
回答如下:首先,用户令牌应该是Model:
var mongoose = require( 'mongoose' );
var Schema = mongoose.Schema;
var Token = new Schema({
token: {type: String},
createDate: {type: Date, default: Date.now()}
});
Token.methods.hasExpired= function(){
var now = Date.now();
return (now - Date.parse(createDate)) > 604800000; // Date is converted to milliseconds to calculate 7 days it > one day = 24 hours * 60 minutes * 60 seconds *1000 milliseconds * 7 days = 604800000
};
//don't forget to add the token as a field in your user
mongoose.model( 'Token', Token);
接下来,在路由器中,在else子句中,我会将你的findOneAndUpdate更改为findOne,因为你没有更新整个User对象,而只是更新它的属性。
require('crypto').randomBytes(48, function(ex, buf) {
var userToken = buf.toString('hex');
User.findOne({email: (req.body.email)}, function(err, usr) {
if(err || !usr) {
console.log('err');
}
usr.token = new Token(token:userToken);
usr.save(function(err, usr){
res.redirect('recoverPassword', {title: 'Weblio', message:'Your token was sent by email. Please enter it on the form below.'});
};
});
});
在用户发布其令牌的其他路线中,您将执行以下操作:
exports.postToken = function(req, res, next) {
if(req.body.token === '') {
console.log('err');
} else {
User.findOne({email: (req.body.email)}, function(err, usr) {
if(err || !usr) {
console.log('err');
}
if(usr.token == req.body.token && !usr.tokenHasExpired()) {
usr.token = undefined;
usr.tokenCreated = undefined;
usr.save(function(err, usr){
res.redirect('index', {title: 'Weblio', message: 'Here is your password. Please dont lose it again', password: usr.password});
});
} else {
res.redirect('recoverPassword', {title: 'Weblio', message:'The token is not set, or has expired. Though luck!'});
}
});
});
};
如何在节点js中创建和保存过期的用户令牌?
嗨所以我遇到过这个问题,因为在节点js的加密上创建一个随机令牌。
require('crypto').randomBytes(48, function(ex, buf) {
var token = buf.toString('hex');
});
我想弄清楚如何将它添加到我的路线文件中?我已经在我的mongoose模式中将一个标记字段设置为一个类型字符串。
exports.forgotPasswordPost = function(req, res, next) {
console.log("Forgot Password Post");
if(req.body.email === '') {
console.log('err');
} else {
crypto.randomBytes(48, function(ex, buf) {
var userToken = buf.toString('hex');
console.log(userToken);
User.findOne({email: (req.body.email)}, function(err, usr) {
if(err || !usr) {
console.log('err');
}
console.log(usr);
usr.token = new User({token: userToken});
usr.save(function(err, usr){
res.redirect('login', {title: 'Weblio', message: 'Your token was sent by email. Please enter it on the form below.'});
});
});
});
}
};
猫鼬文件:
var mongoose = require('mongoose'),
Schema = mongoose.Schema,
ObjectId = mongoose.Schema.Types.ObjectId,
bcrypt = require('bcrypt-nodejs'),
SALT_WORK_FACTOR = 10;
var UserSchema = new Schema({
email: { type: String, required: true, lowercase:true, index: { unique: true } },
password: { type: String, required: true },
firstName: {type: String, required: true},
lastName: {type: String, required: true},
phone: {type: Number, required: true},
birthday: {type: Date, required: true},
friendRequest: {type: Object},
notifications: {type: Object},
friend: {type: Object},
date_created: {type: Date},
token: {type: String},
tokenCreated: {type: Date, default: Date.now}
}, {collection: "users"});
UserSchema.methods.hasExpired = function() {
var now = new Date();
return (now - createDate) > 2;
};
module.exports = mongoose.model('User', UserSchema);
这是查询结果:
"token" : "{ token: 'fa9e573e5ec8ed6d7bf53c9296f703b4ea6895c0a5438a0e0c4
b9a43f4db9bce7dd55e82c3188056efdc9ab53b9b5185',\n _id: 51fe1bcaa32f6b300c000001
}"
我刚刚使用它的新用法更新了代码,并且包含了我的mongoose模式......
回答如下:首先,用户令牌应该是Model:
var mongoose = require( 'mongoose' );
var Schema = mongoose.Schema;
var Token = new Schema({
token: {type: String},
createDate: {type: Date, default: Date.now()}
});
Token.methods.hasExpired= function(){
var now = Date.now();
return (now - Date.parse(createDate)) > 604800000; // Date is converted to milliseconds to calculate 7 days it > one day = 24 hours * 60 minutes * 60 seconds *1000 milliseconds * 7 days = 604800000
};
//don't forget to add the token as a field in your user
mongoose.model( 'Token', Token);
接下来,在路由器中,在else子句中,我会将你的findOneAndUpdate更改为findOne,因为你没有更新整个User对象,而只是更新它的属性。
require('crypto').randomBytes(48, function(ex, buf) {
var userToken = buf.toString('hex');
User.findOne({email: (req.body.email)}, function(err, usr) {
if(err || !usr) {
console.log('err');
}
usr.token = new Token(token:userToken);
usr.save(function(err, usr){
res.redirect('recoverPassword', {title: 'Weblio', message:'Your token was sent by email. Please enter it on the form below.'});
};
});
});
在用户发布其令牌的其他路线中,您将执行以下操作:
exports.postToken = function(req, res, next) {
if(req.body.token === '') {
console.log('err');
} else {
User.findOne({email: (req.body.email)}, function(err, usr) {
if(err || !usr) {
console.log('err');
}
if(usr.token == req.body.token && !usr.tokenHasExpired()) {
usr.token = undefined;
usr.tokenCreated = undefined;
usr.save(function(err, usr){
res.redirect('index', {title: 'Weblio', message: 'Here is your password. Please dont lose it again', password: usr.password});
});
} else {
res.redirect('recoverPassword', {title: 'Weblio', message:'The token is not set, or has expired. Though luck!'});
}
});
});
};