即使密码和电子邮件正确,我仍然收到此错误“密码无效”,这毫无意义,请帮助我解决这个问题我认为我正在比较散列密码和纯文本密码,但我不知道如何解决它
app.post('/login0', (req, res) => {
const { email, password } = req.body;
const sql = "SELECT * FROM user WHERE email = ?";
const values = [email];
db.query(sql, values, (err, result) => {
if (err) {
console.error("Database error: ", err);
return res.status(500).json({ message: "Login failed: Database error" });
}
if (result.length > 0) {
const storedPassword = result[0].password;
if (bcrypt.compareSync(password, storedPassword)) {
console.log("Password match, login successful");
return res.status(200).json({ message: "Login successful", user: result[0] });
} else {
console.log("Invalid password");
return res.status(401).json({ message: "Invalid password" });
}
} else {
console.log("Account not found");
return res.status(401).json({ message: "Account not found" });
}
});
});
密码以散列形式存储在数据库中
app.post('/add_user', (req, res) => {
console.log("Post request on /add_user");
const { name, lastname, email, password, address, number } = req.body;
bcrypt.genSalt(10, (err, salt) => {
if (err) {
console.error('Error generating salt:', err);
res.status(500).send('Server error');
return;
}
bcrypt.hash(password, salt, (err, hashedPassword) => {
if (err) {
console.error('Error hashing password:', err);
res.status(500).send('Server error');
return;
}
const sql = "INSERT INTO user (name, lastname, email, password, address, number) VALUES (?, ?, ?, ?, ?, ?)";
const values = [name, lastname, email, hashedPassword, address, number];
db.query(sql, values, (err, result) => {
if (err) {
console.error('Error inserting into database:', err);
res.status(500).send('Server error');
return;
}
console.log("User added successfully");
res.status(200).send('User added successfully');
});
});
});
});
在我看来,总是使用try-catch,
看你做对了,只检查从数据库获取密码是否正确,其余都可以
检查一次并让我知道是否完成