1.安装bcryptjs
npm install --save bcryptjs
使用bcrypt模块的两种方式:
sync同步方式实例:
var bcrypt = require('bcrypt');router.post('/', checkNotLogin, function(req, res, next){let password = req.fields.password//生成salt的迭代次数const saltRounds = 10;//随机生成saltconst salt = bcrypt.genSaltSync(saltRounds);//获取hash值var hash = bcrypt.hashSync(password, salt);password = hash;storeUInfo();function storeUInfo(){let user = {name: name,password: password, gender: gender,avatar: avatar,bio: bio}UserModel.create(user).then(function(result){user = result.ops[0]delete user.passwordres.redirect('/posts')}).catch(function(e){if(e.message.match('duplicate key')){req.flash('error','用户名已被占用')return res.redirect('/signup')}next(e)})} //POST /signin 用户登录
router.post('/', checkNotLogin, function(req, res, next){const password = req.fields.passwordUserModel.getUserByName(name).then(function(user){//检查密码是否匹配const pwdMatchFlag =bcrypt.compareSync(password, user.password);if(pwdMatchFlag){...res.redirect('/posts') //匹配成功跳转到主页}else{...return res.redirect('back') //匹配失败返回之前的页面}}).catch(next)
})
异步方式实例:
var bcrypt = require('bcrypt');//POST /signup用户注册
router.post('/', checkNotLogin, function(req, res, next){let password = req.fields.password //生成加密密码const saltRounds = 10;bcrypt.genSalt(saltRounds, function(err, salt){bcrypt.hash(password,salt, function(err, hash){//异步生成密码需要将存储等操作放在其回调函数中进行password = hash;storeUInfo();})})//存储用户信息function storeUInfo(){let user = {name: name,password: password, gender: gender,avatar: avatar,bio: bio}//用户信息写入数据库UserModel.create(user).then(function(result){user = result.ops[0];delete user.passwordres.redirect('/posts')}).catch(function(e){if(e.message.match('duplicate key')){req.flash('error','用户名已被占用')return res.redirect('/signup')}next(e)})
} //POST /signin 用户登录
router.post('/', checkNotLogin, function(req, res, next){const password = req.fields.passwordUserModel.getUserByName(name).then(function(user){//检查密码是否匹配bcrypt.compare(password, user.password,function(err,res){const pwdMatchFlag = res;tryLogin(pwdMatchFlag);})// 尝试登录function tryLogin(pwdMatchFlag){if(pwdMatchFlag){...res.redirect('/posts') //匹配成功跳转到主页}else{...return res.redirect('back') //匹配失败返回之前的页面}}}).catch(next)
})