我正在尝试学习一些 Express.js,现在我有一些表单从 React 前端发送到我的 Express 服务器,我正在将这些数据插入到 MongoDB 架构中。在一些在线教程之后,我尝试使用 bcrypt 散列插入的 pin 代码(顺便说一句,这不是一个系统),但是数据总是被清楚地保存,没有加密,使用控制台日志我也看到了 pin代码没有散列。
我的散列代码驻留在我的 mongoDB 模型中,这是模型
const mongoose = require('mongoose');
const bcrypt = require('bcrypt');
const Schema = mongoose.Schema;
// Creates the needed schema
let userSchema = new Schema({
name: String,
created_at: Date,
updated_at: Date,
balance: Number,
address: String,
ssn: Number,
bankNumber: Number,
cards: [
{
formType: String, // Visa eller Mastercard
cardNumber: Number,
cvc: Number,
expirationDate: Date,
pin: Number,
status: Boolean,
}
],
whitdrawal: [
{
amount: Number,
date: Date,
reason: String
}
]
});
// Inserts
userSchema.pre('save', function(next) {
const currentDate = new Date();
// 10 defines salt rounds
let pin = this.cards[0].pin
bcrypt.hash(pin, 10, function(err,hash){
if(err){
return next(err);
}
pin = hash;
})
this.updated_at = currentDate;
this.date = currentDate;
this.pin = pin;
console.log("Pin is " + pin)
if (!this.created_at) this.created_at = currentDate;
next();
});
// Creates model for schema
const AtmUser = mongoose.model('AtmUser', userSchema);
// Export so it is available for the rest of the application
module.exports = AtmUser;
它将数据很好地保存到架构中,只是不加密 pin。在 userSchema.pre 工作中从服务器设置日期。
我很乐意发布任何额外的代码。
最佳答案
问题是 bcrypt.hash(..., function(err, hash) { ... }) 回调提供的回调异步
因此
this.updated_at = currentDate;
this.date = currentDate;
this.pin = pin;
console.log("Pin is " + pin)
// etc
将在
之前执行pin = hash;
有机会跑。
三个选项
正确使用回调,将所有依赖于hash的代码放在回调中
userSchema.pre('save', function(next) {
const currentDate = new Date();
// 10 defines salt rounds
let pin = this.cards[0].pin;
bcrypt.hash(pin, 10, (err, pin) => {
if (!err) {
this.updated_at = currentDate;
this.date = currentDate;
this.pin = pin;
console.log("Pin is " + pin)
if (!this.created_at) this.created_at = currentDate;
}
next(err);
})
});
上面没有箭头函数(但是你在代码中使用了let,所以我希望你应该知道箭头函数——以防万一)
userSchema.pre('save', function(next) {
const currentDate = new Date();
// 10 defines salt rounds
let pin = this.cards[0].pin;
let _this = this; // save _this for the callback
bcrypt.hash(pin, 10, function(err, pin) {
if (!err) {
_this.updated_at = currentDate;
_this.date = currentDate;
_this.pin = pin;
console.log("Pin is " + pin)
if (!_this.created_at) _this.created_at = currentDate;
}
next(err);
})
});
或者,使用 Promises
userSchema.pre('save', function(next) {
const currentDate = new Date();
// 10 defines salt rounds
let pin = this.cards[0].pin
bcrypt.hash(pin, 10).then((pin) => {
this.updated_at = currentDate;
this.date = currentDate;
this.pin = pin;
console.log("Pin is " + pin)
if (!this.created_at) this.created_at = currentDate;
next();
}).catch((err) => {
next(err);
})
});
最后,使用异步/等待
userSchema.pre('save', async function(next) {
const currentDate = new Date();
// 10 defines salt rounds
let pin = this.cards[0].pin
try {
pin = await bcrypt.hash(pin, 10);
} catch(err) {
return next(err);
}
this.updated_at = currentDate;
this.date = currentDate;
this.pin = pin;
console.log("Pin is " + pin)
if (!this.created_at) this.created_at = currentDate;
next();
});
还有第四种选择,但没有充分的理由同步.hash
关于javascript - Bcrypt 不散列,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/52892064/