2

我正在制作一个登录系统并使用 bcrypt 来散列密码。但是现在当我尝试登录时,我收到了这个错误,上面写着ReferenceError: hash is not defined。如果有人能帮助我并告诉我在哪里以及如何声明哈希,我将不胜感激。这是我的 login.js 代码。

var mysql = require('mysql');
var express = require('express');
var session = require('express-session');
var bodyParser = require('body-parser');
var bcrypt= require('bcrypt');
var path = require('path');
var connection = mysql.createConnection({
    host     : 'localhost',
    user     : 'root',
    password : 'sahoolat1',
    database : 'fyp_sahoolat'
});
var app = express();
app.use(session({
    secret: 'secret',
    resave: true,
    saveUninitialized: true
}));
app.use(bodyParser.urlencoded({extended : true}));
app.use(bodyParser.json());
app.get('/', function(request, response) {
    response.sendFile(path.join(__dirname + '/welcome.html'));
});
app.post('/auth', function(request, response) {
    var number = request.body.number;
    var password = request.body.pwd;
    
    if (number && password) {
        bcrypt.compare(password, hash, function(err, result) {
        connection.query('SELECT fyp_helpers.Mobile_number AS number FROM fyp_helpers WHERE Mobile_number = ? AND Password = ? UNION SELECT fyp_employers.Employer_Contact AS number FROM fyp_employers WHERE Employer_Contact = ? AND Employer_Password = ?', [number, password, number, password], function(error, results, fields) {
            if (error) {
                console.error("An error occurred:", error);
                response.send('Oops, something went wrong!');
            } else if (results.length > 0) {
                request.session.loggedin = true;
                request.session.number = number;
                response.redirect('/home');
            } else {
                 response.send('Incorrect Username and/or Password!');
            }           
            response.end();
        });

    });
}
        else {
        response.send('Please enter Username and Password!');
        response.end();
    }

});
app.get('/home', function(request, response) {
    if (request.session.loggedin) {
        response.send('Welcome back, ' + request.session.number + '!');
    } else {
        response.send('Please login to view this page!');
    }
    response.end();
});
app.listen(3000);

这是完整的错误:

ReferenceError: hash is not defined
    at C:\Users\palwasha\sahoolat-master\login.js:29:31
    at Layer.handle [as handle_request] (C:\Users\palwasha\sahoolat-master\node_modules\express\lib\router\layer.js:95:5)
    at next (C:\Users\palwasha\sahoolat-master\node_modules\express\lib\router\route.js:137:13)
    at Route.dispatch (C:\Users\palwasha\sahoolat-master\node_modules\express\lib\router\route.js:112:3)
    at Layer.handle [as handle_request] (C:\Users\palwasha\sahoolat-master\node_modules\express\lib\router\layer.js:95:5)
    at C:\Users\palwasha\sahoolat-master\node_modules\express\lib\router\index.js:281:22
    at Function.process_params (C:\Users\palwasha\sahoolat-master\node_modules\express\lib\router\index.js:335:12)
    at next (C:\Users\palwasha\sahoolat-master\node_modules\express\lib\router\index.js:275:10)
    at jsonParser (C:\Users\palwasha\sahoolat-master\node_modules\body-parser\lib\types\json.js:101:7)
    at Layer.handle [as handle_request] (C:\Users\palwasha\sahoolat-master\node_modules\express\lib\router\layer.js:95:5)
4

1 回答 1

2

bcrypt.compare(password, hash, callback)

bcrypt.compare需要 3 个参数

  1. request.body.pwd在您的情况下输入的密码

  2. 您要与之比较的密码request.body.pwd通常存储在数据库中

  3. 比较后调用的回调

在您的情况下,您没有提供任何散列密码,这就是显示错误的原因

请在此处查看文档https://www.npmjs.com/package/bcrypt

我建议使用以下代码来验证密码

    if (number && password) {
    var sql = `SELECT 
            fyp_helpers.Mobile_number AS number,
            fyp_helpers.Password AS  Password
        FROM fyp_helpers 
        WHERE Mobile_number = ? 
    UNION 
        SELECT 
            fyp_employers.Employer_Contact AS number ,
            fyp_employers.Employer_Password AS Employer_Password
        FROM fyp_employers 
        WHERE Employer_Contact = ?`;
    connection.query(sql, [number, number], function (error, results, fields) {
        if (results.length > 0) {
            var hashedPassword = result[0].Password;
            bcrypt.compare(password, hashedPassword, function (cryptErr, cryptResult) {
                if (cryptResult) {
                    request.session.loggedin = true;
                    request.session.number = number;
                    response.redirect('/home');
                } else {
                    response.send('Incorrect Password!');
                    console.log(cryptErr);
                }
                response.end();
            });
        } else {
            response.send('User not registered');
        }
    });
}

希望这可以帮助

于 2020-06-26T11:43:16.307 回答