我正在寻找一种使用mongoose将帐户保存到MongoDB的好方法。
我的问题是:密码是异步哈希的。设置器将无法在这里工作,因为它只能同步工作。
我考虑了两种方法:
创建模型的实例,并将其保存在哈希函数的回调中。
在“保存”上创建一个预钩子
这个问题有什么好的解决办法吗?
mongodb博客上有一篇很棒的文章,详细介绍了如何实现用户身份验证。
http://blog.mongodb.org/post/32866457221/password-authentication-with- mongoose-part-1
直接从上面的链接复制以下内容:
var mongoose = require('mongoose'), Schema = mongoose.Schema, bcrypt = require('bcrypt'), SALT_WORK_FACTOR = 10; var UserSchema = new Schema({ username: { type: String, required: true, index: { unique: true } }, password: { type: String, required: true } }); UserSchema.pre('save', function(next) { var user = this; // only hash the password if it has been modified (or is new) if (!user.isModified('password')) return next(); // generate a salt bcrypt.genSalt(SALT_WORK_FACTOR, function(err, salt) { if (err) return next(err); // hash the password using our new salt bcrypt.hash(user.password, salt, function(err, hash) { if (err) return next(err); // override the cleartext password with the hashed one user.password = hash; next(); }); }); }); UserSchema.methods.comparePassword = function(candidatePassword, cb) { bcrypt.compare(candidatePassword, this.password, function(err, isMatch) { if (err) return cb(err); cb(null, isMatch); }); }; module.exports = mongoose.model('User', UserSchema);
var mongoose = require(mongoose), User = require('./user-model'); var connStr = 'mongodb://localhost:27017/mongoose-bcrypt-test'; mongoose.connect(connStr, function(err) { if (err) throw err; console.log('Successfully connected to MongoDB'); }); // create a user a new user var testUser = new User({ username: 'jmar777', password: 'Password123'; }); // save user to database testUser.save(function(err) { if (err) throw err; }); // fetch user and test password verification User.findOne({ username: 'jmar777' }, function(err, user) { if (err) throw err; // test a matching password user.comparePassword('Password123', function(err, isMatch) { if (err) throw err; console.log('Password123:', isMatch); // -> Password123: true }); // test a failing password user.comparePassword('123Password', function(err, isMatch) { if (err) throw err; console.log('123Password:', isMatch); // -> 123Password: false }); });