好吧,不知怎的,这个问题还没有被提出,也没有人对此问题做出解释:如何登录用户 - 用户 a - 显示他的特定用户信息?我正在使用 Express js 和 PUG 模板引擎。
用户 - 用户 A - 在表单输入中输入用户信息,该输入存储在 mongoDB 中并在表单内检索(例如 value=user_info[name]) - 就完成了。但是,这个用户数据应该如何只显示给-用户A。
我认为,这在某种程度上与 sessionId 有关 - 类似于 app.js:req.session.userId = user._id ??! - 但我不清楚程序。我希望有人能够揭开这个谜团,并提供一个可执行的行动计划。
由于互联网上的任何解释/教程等都没有涵盖这个问题,因此它可能对 future 的读者也有帮助。预先非常感谢。
index.js - 路由/身份验证
var express = require('express');
var router = express.Router();
var User = require('../models/user');
var mid = require('../middleware');
var passport = require('passport');
// GET /dashboard
router.get('/dashboard', mid.requiresLogin, function(req, res, next) {
User.findById(req.session.userId)
.exec(function (error, user) {
if (error) {
return next(error);
} else {
return res.render('dashboard', { title: 'Dashboard', name: user.username });
}
});
});
// GET /logout
router.get('/logout', function(req, res, next){
if (req.session) {
// delete session object
req.session.destroy(function(err){
if(err){
return next(err);
} else {
return res.redirect('/');
}
});
}
});
// GET /login
router.get('/login', mid.loggedOut, function(req, res, next) {
return res.render('login', { title: 'Log In'});
});
// POST /login
router.post('/login', function(req, res, next) {
if (req.body.email && req.body.password) {
User.authenticate(req.body.email, req.body.password, function (error, user) {
if (error || !user) {
var err = new Error('Wrong email or password.');
err.status = 401;
return next(err);
} else {
req.session.userId = user._id;
return res.redirect('/dashboard');
}
});
} else {
var err = new Error('Email and password are required.');
err.status = 401;
return next(err);
}
});
// GET /register
router.get('/register', mid.loggedOut, function(req, res, next) {
return res.render('register', { title: 'Sign Up' });
});
// POST /register
router.post('/register', function(req, res, next) {
if (req.body.username &&
req.body.email &&
req.body.password &&
req.body.confirmPassword) {
// confirm that user typed same password twice
if (req.body.password !== req.body.confirmPassword) {
var err = new Error('Passwords do not match.');
err.status = 400;
return next(err);
}
// create object with form input
var userData = {
username: req.body.username,
email: req.body.email,
password: req.body.password
};
// use schema's `create` method to insert document into Mongo
User.create(userData, function (error, user) {
if (error) {
return next(error);
} else {
req.session.userId = user._id;
return res.redirect('/dashboard');
}
});
} else {
var err = new Error('All fields required.');
err.status = 400;
return next(err);
}
});
app.js - 提示:某些代码被注释掉且不相关
var express = require('express');
var bodyParser = require('body-parser');
var mongoose = require('mongoose');
var session = require('express-session')
var MongoStore = require('connect-mongo')(session);
var User = require('./models/user');
var User_info = require('./models/user_info');
var app = express();
// mongodb connection
mongoose.connect("mongodb://localhost:27017/socialempireclub");
var db = mongoose.connection;
// mongo error
db.on('error', console.error.bind(console, 'connection error:'));
// use sessions for tracking logins
app.use(session({
secret: 'treehouse loves you',
resave: true,
saveUninitialized: false,
store: new MongoStore({
mongooseConnection: db
})
}));
// make user ID available in templates
app.use(function (req, res, next){
res.locals.currentUser = req.session.userId;
next();
});
// parse incoming requests
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: false }));
// serve static files from /public
app.use(express.static(__dirname + '/public'));
// view engine setup
app.set('view engine', 'pug');
app.set('views', __dirname + '/views');
// include routes
var routes = require('./routes/index');
app.use('/', routes);
/*app.post('/new', function(req, res){
new User_info({
firstName: req.body.firstName,
lastName: req.body.lastName,
streetAddress: req.body.streetAddress,
city: req.body.city,
state: req.body.state,
zip: req.body.zip,
country: req.body.country
}).save(function(err, User_info){
if(err) res.json(err);
else res.redirect('/profileretrieve');
});
});*/
/*app.get('/profileretrieve', function(req, res){
User_info.find({}, function(err, docs){
if(err) res.json(err);
else res.render('profileretrieve', {user_infos: docs});
});
});*/
/*app.get('/user_info/:id', function(req, res){
User_info.find({_id: req.params.id}, function(err, docs){
if(err) res.json(err);
else res.render('show', {user_infos: docs[0]});
});
});*/
// catch 404 and forward to error handler
app.use(function(req, res, next) {
var err = new Error('File Not Found');
err.status = 404;
next(err);
});
// error handler
// define as the last app.use callback
app.use(function(err, req, res, next) {
res.status(err.status || 500);
res.render('error', {
message: err.message,
error: {}
});
});
// listen on port 3000
app.listen(3000, function () {
console.log('Express app listening on port 3000');
});
user.js - 架构 1
var mongoose = require('mongoose');
var bcrypt = require('bcrypt');
var UserSchema = new mongoose.Schema({
username: {
type: String,
unique: true,
required: true,
trim: true
},
email: {
type: String,
unique: true,
required: true,
trim: true
},
password: {
type: String,
required: true
}
});
// authenticate input against database documents
UserSchema.statics.authenticate = function(email, password, callback) {
User.findOne({ email: email })
.exec(function (error, user){
if (error) {
return callback(error);
} else if ( !user ) {
var err = new Error('User not found.');
err.status = 401;
return callback(err);
}
bcrypt.compare(password, user.password, function(error, result){
if (result === true) {
return callback(null, user);
} else {
return callback();
}
})
});
}
// hash password before saving to database
UserSchema.pre('save', function(next){
var user = this;
bcrypt.hash(user.password, 10, function(err, hash){
if (err) {
return next(err);
}
user.password = hash;
next();
})
});
var User = mongoose.model('User', UserSchema);
module.exports = User;
用户信息.js
var mongoose = require('mongoose');
var UserinfoSchema = new mongoose.Schema({
firstName: String,
lastName: String,
streetAddress: String,
city: String,
state: String,
zip: String,
country: String
});
var User_info = mongoose.model('User_info', UserinfoSchema);
module.exports = User_info;
最佳答案
我设置它的方式是,我有 RESTful 端点来加载用户信息,并且每个路由在从前端调用时都会检查 session 信息。所以:
var User = require('./models/user');
var router = require('express').Router();
// hand-rolled middleware function
function ensureAuth(req, res, next) {
// isAuthenticated() is a Passport.js method on the request object
if (req.isAuthenticated()) {
next();
} else {
return res.json(401, {error: 'user must be logged in.'});
}
}
// get logged in user
router.get('/user', ensureAuth, function (req, res) {
// req.user should be defined here because of the ensureAuth middleware
var id = req.user.id;
User.findOne({_id: id}, function (err, user) {
if (err) return res.json(400, {message: `user ${id} not found.`});
// make sure you omit sensitive user information
// on this object before sending it to the client.
res.json(user);
});
});
// other routes or whatever
module.exports = router;
关于javascript - Express js + mongodb 显示登录用户的特定信息,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/39443459/