如何解决如何在登录和重定向时验证用户和管理员的角色-MEAN Stack
我一直在尝试验证令牌中用户的角色,并且还在登录时将管理员重定向到管理员的仪表板。对于用户验证和令牌生成,它可以完美工作,但是角色授权目前是头疼的事。
这些是我的路线:
attributeChangedCallback这是我的用户控制器
const router = express.Router();
const ctrlUser = require('../controllers/user.controller');
const ctrlMember = require('../controllers/member.controller');
const jwtHelper = require('../config/jwtHelper');
// General Registration and Authentication
router.post('/register',ctrlUser.register);
router.post('/authenticate',ctrlUser.authenticate);
//If User Role Is Equal To Admin then.......
router.get('/admin');
// Member => localhost:3000/api/.......
router.get('/user/members',ctrlMember.get);
router.post('/user/members/register',ctrlMember.register);
router.get('/user/members/:id',ctrlMember.getID);
router.put('/user/members/:id',ctrlMember.put);
router.delete('/user/members/:id',ctrlMember.delete);
module.exports = router;
这是我的用户模型
const mongoose = require('mongoose');
const passport = require('passport');
const User = mongoose.model('User');
module.exports.register = (req,res,next) => {
var user = new User();
user.username = req.body.username;
user.email = req.body.email;
user.password = req.body.password;
if (req.body.username == null || req.body.username == "" || req.body.password == null || req.body.password == "" || req.body.email == null || req.body.email == "" ){
res.status(422).send(['Ensure Username,Email and Password were provided.']);
}else{
user.save((err,doc) => {
if (!err)
res.send(doc);
else {
if (err.code == 11000)
res.status(422).send(['Duplicate email address found.']);
else
return next(err);
}
});
}
}
module.exports.authenticate = (req,next) => {
// call for passport authentication
passport.authenticate('local',(err,user,info) => {
// error from passport middleware
if (err) return res.status(400).json(err);
// registered user
else if (user) return res.status(200).json({ "token": user.generateJwt() });
// unknown user or wrong password
else return res.status(404).json(info);
})(req,res);
next();
}
module.exports.authenticateadmin = (role) => (req,next) => {
// call for passport authentication
if(req.user.role !== role){
res.status(422).send(['You are not an Admin.']);
}else if(req.user.role == role){
res.status(422).send(['You are an Admin.']);
}
}
这是我的jwtHelper,其中包括嵌入到令牌中的用户ID和角色
const mongoose = require('mongoose');
const bcrypt = require('bcryptjs');
const jwt = require('jsonwebtoken');
var userSchema = new mongoose.Schema({
username: {
type: String,required: 'Username can\'t be empty'
},email: {
type: String,required: 'Email can\'t be empty',unique: true
},password: {
type: String,required: 'Password can\'t be empty',minlength: [4,'Password must be at least 4 character long']
},role: {
type: String,default: 'user',enum: ['user','admin']
},saltSecret: String
});
// Custom validation for email
userSchema.path('email').validate((val) => {
emailRegex = /^(([^<>()\[\]\\.,;:\s@"]+(\.[^<>()\[\]\\.,;:\s@"]+)*)|(".+"))@((\[[0-9]{1,3}\.[0-9]{1,3}\])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/;
return emailRegex.test(val);
},'Invalid e-mail.');
// Events
userSchema.pre('save',function (next) {
bcrypt.genSalt(10,salt) => {
bcrypt.hash(this.password,salt,hash) => {
this.password = hash;
this.saltSecret = salt;
next();
});
});
});
// Methods
userSchema.methods.verifyPassword = function (password) {
return bcrypt.compareSync(password,this.password);
};
userSchema.methods.generateJwt = function () {
return jwt.sign({ _id: this._id,role: this.role},process.env.JWT_SECRET,{
expiresIn: process.env.JWT_EXP
});
}
mongoose.model('User',userSchema);
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。