是否可以将用户密码放入激活电子邮件中?
我有一个电子邮件模板,我想输入密码,以便用户知道初始密码。
但是密码属性是直接散列的并且不以明文形式提供,因此我可以将其放入电子邮件中。我也不想拥有额外的属性(property),例如清除密码,然后将存储在数据库中(即使可能是很短的时间)。我搜索了 transient 属性,但目前似乎不可能。
有什么提示可以帮助我归档包含初始密码的激活电子邮件吗?
最佳答案
对于某人来说,我所做的就是如何解决同样的问题:
首先,为了能够创建没有密码的用户,我在保存用户之前生成了一个用户。
User.observe('before save', function(ctx, next) {
var model = (ctx.instance) ? ctx.instance : ctx.data;
if (!model.password) {
//generate short random password
model.password = Math.random().toString(36).slice(-8);
}
next();
});
然后我实现了自己的方法来激活用户:
/**
*
* Activates the user account and sets the new password.
*
*/
User.activate = function(credentials, cb) {
//check if email and token was provided
if (!credentials.email || !credentials.verificationToken) {
var crednetialsErr = "Email or token are invalid. Please check your inputs.";
return cb(crednetialsErr, false);
}
//find the user with the given informations
User.findOne({
where: {
and: [
{email: credentials.email},
{verificationToken: credentials.verificationToken}
]
}
}, function(err, user) {
if (err) {
//error occured while find the user object
return cb(err, false);
}
if (!user) {
//no user was found
var crednetialsErr = "Email or verificationToken are invalid. Please check your inputs.";
return cb(crednetialsErr, false);
}
//set the new password
user.password = credentials.password;
user.save(function(err, user) {
var redirectUrl = '/';
if (err) {
cb(err, false);
}
//confirms the user account and activates it
User.confirm(user.id, credentials.verificationToken, redirectUrl, function(err) {
cb(err, true);
});
});
});
};
/**
*
* Description of the new activate remote function.
*
*/
User.remoteMethod(
'activate',
{
description: 'Activates the user and sets the given password',
accepts: [
{
arg: 'credentials',
type: 'object',
required: true,
http: {
source: 'body'
},
description: 'Must contains \'email\',\'verificationToken\' and \'password\' key.'
},
],
returns: {arg: "success", type: 'bool'},
http: {
verb: "post"
}
}
);
关于javascript - 密码在激活邮件中,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/34849417/