我正在创建密码重置功能,但我的数据库似乎没有更新用户密码,当提交新密码表单时,我收到 404。
这是我的表单发布路线
// Token URL :post
router.post('/users/reset/:token', (req, res, next) => {
if(req.body.password === req.body['password-confirm']) {
next();
return;
}
req.flash('error', 'Passwords do not match!');
res.redirect('back');
User.findOne({
resetPasswordToken: req.params.token,
resetPasswordExpires: { $gt: Date.now() }
}, function(err, user) {
if(!user) {
req.flash('error', ' Password reset is invalid or has expired');
res.redirect(302, '/login');
}
const setPassword = promisify(user.setPassword, user);
setPassword(req.body.password);
user.resetPasswordToken = undefined;
user.resetPasswordExpires = undefined;
const updatedUser = user.save();
req.login(updatedUser);
req.flash('success_msg', 'Your password has been reset successfully! You are now logged in!');
res.redirect('/dashboard');
});
});
这是 mongodb 调试打开的日志
Thu Jan 25 2018 20:06:23 GMT+0000 (GMT): GET /users/forgot
Thu Jan 25 2018 20:06:24 GMT+0000 (GMT): GET /favicon.ico
Thu Jan 25 2018 20:06:26 GMT+0000 (GMT): POST /users/forgot
Mongoose: users.findOne({ email: 'ben@benbagley.co.uk' }, { fields: {} })
{ email: 'user@website.co.uk' }
Mongoose: users.update({ _id: ObjectId("5a5c6740b9e210087e098fd6") }, { '$set': { resetPasswordExpires: new Date("Thu, 25 Jan 2018 21:06:26 GMT"), resetPasswordToken: '566c509df009f6f43c3d2b5f324764173bd2d251' } })
Message sent: <ceef6d47-4d91-0a3c-a4e1-1a8f090365e1@website.co.uk>
Preview URL: https://ethereal.email/message/WlVWjq0qIgpSmhJbWmo4xEK5Zwpruz6bAAAAp8kW.z.4aFEFOL5zp93OWds
Thu Jan 25 2018 20:06:28 GMT+0000 (GMT): GET /users/login
Thu Jan 25 2018 20:06:29 GMT+0000 (GMT): GET /favicon.ico
Thu Jan 25 2018 20:06:45 GMT+0000 (GMT): GET /users/reset/566c509df009f6f43c3d2b5f324764173bd2d251
Mongoose: users.findOne({ resetPasswordExpires: { '$gt': new Date("Thu, 25 Jan 2018 20:06:45 GMT") }, resetPasswordToken: '566c509df009f6f43c3d2b5f324764173bd2d251' }, { fields: {} })
Thu Jan 25 2018 20:06:45 GMT+0000 (GMT): GET /favicon.ico
Thu Jan 25 2018 20:06:53 GMT+0000 (GMT): POST /users/reset/566c509df009f6f43c3d2b5f324764173bd2d251
Thu Jan 25 2018 20:06:53 GMT+0000 (GMT): GET /favicon.ico
当我单击电子邮件中生成的链接时,它会转到密码重置,没有任何问题。只是表单未提交。
这是一个gif of the issue
最佳答案
试试这个:
router.post('/users/reset/:token', (req, res, next) => {
// if passwords don't match, flash error and send back to form
if (req.body.password != req.body['password-confirm']) {
req.flash('error', 'Passwords do not match!');
res.redirect('/users/change-password'); // insert actual form URL
return; // we're done handling the route, exit function
}
// if we get to here, the passwords match
User.findOne({
resetPasswordToken: req.params.token,
resetPasswordExpires: {
$gt: Date.now()
}
}, function(err, user) {
if (!user) {
req.flash('error', ' Password reset is invalid or has expired');
res.redirect(302, '/login');
}
const setPassword = promisify(user.setPassword, user);
setPassword(req.body.password);
user.resetPasswordToken = undefined;
user.resetPasswordExpires = undefined;
const updatedUser = user.save();
req.login(updatedUser);
req.flash('success_msg', 'Your password has been reset successfully! You are now logged in!');
res.redirect('/dashboard');
});
});
关于javascript - 数据库不更新用户密码重置,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/48451070/