MongoDBを使用してノードJSのパスワードを忘れました

3890 ワード

この記事では、サインアップアプリケーションに進みます.この部分では、パスワードを覚えたり、メッセージを送信したり、パスワードをリセットしたりすることができません.あなたが準備したイベントでは、我々は開始する必要があります!
最初の重要性の問題として、過去の部分では、私はnodemailerではなく、mailgunを利用しました.しかし、私は電子メール戦略を送信するために見たとき、私はnodemailerを見て、区別のためだけにそれを使用したい.
リセット秘密の単語には、ユーザーモデルで文字列変数が必要です.私も日付変数を作ります、しかし、あなたがそれを通過することができるように、私はそれを利用しません.文字列変数はresetpasswordtokenと命名されます.我々はクリプトと呼ばれる束を必要とする、我々は上にそれを必要とします.
ユーザーモデルでは、getRetsetPasswordTokenという名前の戦略を作成します
`` const resettoken = crypto .random bytes ( 20 )tostring (' hex ');


**bold**

Presently, we need to hash token and set to resetPasswordToken field, set terminate and return resetToken. The entire code about getResetPasswordToken is here: 

For getting sends I will utilize mailgun, make a record and get a few definitions. 

We'll make a middleware named sendEmail. In this, we need nodemailer, so we'll stop the worker and introduce nodemailer with: 

npm introduce nodemailer 
We'll require it, top of middleware. 
On the nodemailer site, we'll duplicate these codes: 
I change a few sections as I need. In createTransport, you can see host, port and auth are unique in relation to the site. For these, we'll go to .env record and make SMTP_HOST, SMTP_PORT, SMTP_EMAIL, SMTP_PASSWORD. In mailgun, we can see these parts, I don't share them obviously. 

Presently, we need a strategy named forgotPassword. With this strategy, we'll take an email and send a solicitation.



クライアントを予測します.FindOn ({ email : req . body . email });




In the event that the client doesn't exist, we'll make a blunder. These are like my past articles, so I don't clarify.



ユーザ名.getResetPasswordThen () ;ユーザーを待ちます.save ({ validateBeforeSave : false })



With this, we have two factors in the data set, they will annihilate when we reset the secret key. 

We'll make a message like this: 

'You are accepting this email since you (or another person) has mentioned the reset of a secret word. Kindly make a PUT solicitation to: \n\n ${resetUrl}' 

So when messages are gone, this will clarify why it has gone. 

Presently, we make an attempt get. 

attempt {await sendEmail({email: user.email,subject: 'Secret word reset token',message})res.status(200).json({ achievement: valid, data:'Email sent' });} get (mistake) {console.log(err);user.getResetPasswordToken = undefined;user.resetPasswordExpire = undefined;await user.save({ validateBeforeSave: bogus })return next(new ErrorResponse('Email couldn't be sent', 500))} 

This strategy is done, at long last, we'll make the resetPassword work. We'll get hashed token with: 

const resetPasswordToken = crypto.createHash('sha256').update(req.params.resetToken).digest('hex'); 
We'll make a client, and utilize the findOne technique. In this: 

const client = anticipate User.findOne({resetPasswordToken,resetPasswordExpire: { $gt: Date.now() }}); 
On the off chance that the client not exists, we'll make a mistake. Presently, we need to set another secret key, and obliterate resetPasswordToken and resetPasswordExpire, at that point save the client and sendTokenResponse:



ユーザ.パスワード= REQ.ボディ.パスワードユーザ.resetpasswordtoken = undefined ;ユーザ.resetpasswordexpire = undefined ;ユーザーを待ちます.SAVE () ;ユーザID .getd () ;sendtokenresponse ( user , 200 , res , id );


In courses/auth.js, we'll require forgotPassword and resetPassword capacities and use them down in the getMe work:


ルータPOST ('/forgotpassword ', forgotpassword );
ルータプット('/resetpassword/: resettoken ', resetpassword );


Hope you liked the post then like, share and comment.