2

我有一个后端路由,它从中获取所有用户数据并将其作为 json 返回。我想过滤所有这些数据以不转发散列密码。我怎样才能做到这一点?我当前的代码:

router.get("/", isLoggedIn, (req, res, next) => {
  User.findById(req.user._id)
    .then((user) => {
      console.log("Fetching user data, remove password", user);
      res.status(200).json(user);
    })
    .catch((err) => {
      console.log(err);
      res.status(500).json({ errorMessage: err.message });
    });
})

;

4

4 回答 4

2

如果您正在使用mongoose,您可以使用Query.prototype.select()函数来过滤属性:

router.get("/", isLoggedIn, (req, res, next) => {
  User.findById(req.user._id).select("-password") //--> prefixing a path with - will flag that path as excluded
    .then((user) => {
      res.status(200).json(user);
    })
    .catch((err) => {
      console.log(err);
      res.status(500).json({ errorMessage: err.message });
    });
})
于 2021-02-18T15:26:31.343 回答
1

方法一:删除属性

router.get("/", isLoggedIn, (req, res, next) => {
  User.findById(req.user._id)
    .then((user) => {
      delete user.password;
      res.status(200).json(user);      
    })
    .catch((err) => {
      console.log(err);
      res.status(500).json({ errorMessage: err.message });
    });
})

方法2:创建一个覆盖密码属性的新对象

router.get("/", isLoggedIn, (req, res, next) => {
  User.findById(req.user._id)
    .then((user) => {
      user = Object.assign({}, user, {password: null});

      res.status(200).json(user);      
    })
    .catch((err) => {
      console.log(err);
      res.status(500).json({ errorMessage: err.message });
    });
})

方法3:这是一个Mongoose文件?您需要先将其转换为标准对象

let filteredUser = user.toObject();
delete filteredUser.password;
res.status(200).json(filteredUser);
于 2021-02-18T15:11:25.027 回答
0

如果我运行此代码:const { password, ...data } = user;...数据正在打印如下:

{
      '$__': InternalCache {
        strictMode: true,
        selected: {},
        shardval: undefined,
        saveError: undefined,
        validationError: undefined,
        adhocPaths: undefined,
        removing: undefined,
        inserting: undefined,
        saving: undefined,
        version: undefined,
        getters: {},
        _id: 602e8ecd9ffbba1c133db8ce,
        populate: undefined,
        populated: undefined,
        wasPopulated: false,
        scope: undefined,
        activePaths: StateMachine {
          paths: [Object],
          states: [Object],
          stateNames: [Array]
        },
        pathsToScopes: {},
        cachedRequired: {},
        session: undefined,
        '$setCalled': Set {},
        ownerDocument: undefined,
        fullPath: undefined,
        emitter: EventEmitter {
          _events: [Object: null prototype] {},
          _eventsCount: 0,
          _maxListeners: 0,
          [Symbol(kCapture)]: false
        },
        '$options': { skipId: true, isNew: false, willInit: true, defaults: true }
      },
      isNew: false,
      errors: undefined,
      '$locals': {},
      '$op': null,
      _doc: {
        profilePic: '',
        _id: 602e8ecd9ffbba1c133db8ce,
        username: 'mnblski5000',
        email: 'xxi@gmail.com',
        password: '$2b$10$i.sbWZuPF1dro.5OAegfie5BeyrHvH5vHWWbnWI9isRDDczkoy2eK',
        createdAt: 2021-02-18T15:59:09.899Z,
        updatedAt: 2021-02-18T15:59:09.899Z,
        __v: 0
      },
      '$init': true
于 2021-02-18T16:05:45.197 回答
0 
router.get("/", isLoggedIn, (req, res, next) => {
  User.findById(req.user._id)
    .then((user) => {
      const filteredUser = {...user, password: undefined};

      res.status(200).json(filteredUser);
    })
    .catch((err) => {
      console.log(err);
      res.status(500).json({ errorMessage: err.message });
    });
})
于 2021-02-18T17:03:56.883 回答