Graphql Mutation 更新了用户数据,但更改了密码,注销后我无法登录
Graphql Mutation Updates the User Data, but changes the password and I cannot login after logging out
我是初学者,如果这看起来一团糟,我深表歉意。
每次我 运行 突变时,我都会检查 mlab 并且它有效......用户已更新但在我注销后......我无法重新登录。我在想也许密码在我更新时被重新哈希用户...但我不确定如何修复它。也许密码需要与查询一起发送...我正在发送 ID? local.password 不在道具中...
这是我的 server.js
const express = require('express');
const path = require('path');
const bodyParser = require('body-parser');
const graphqlHTTP = require('express-graphql');
const graphqlSchema = require('./server/GQL/schema.js');
//added for auth start
const morgan = require('morgan');
const session = require('express-session');
const MongoStore = require('connect-mongo')(session);
const dbConnection = require('./server/db');
const passport = require('./server/passport');
const cors = require('cors');
const app = express();
// allow cross-origin requests
app.use(cors());
const port = process.env.PORT || 5000;
// ===== Middleware ====
app.use(morgan('dev'));
app.use(
bodyParser.urlencoded({
extended: false,
})
);
app.use(bodyParser.json());
app.use(
session({
secret: process.env.APP_SECRET || 'this is the default passphrase',
store: new MongoStore({ mongooseConnection: dbConnection }),
resave: false,
saveUninitialized: false,
})
);
// ===== Passport ====
app.use(passport.initialize());
app.use(passport.session()); // will call the deserializeUser
// bind express with graphql
app.use('/graphql', cors(), (req, res, next) =>{
console.log(req.session);
return graphqlHTTP({
schema: graphqlSchema,
graphiql: true,
context: { user: req.user },
tracing: true,
cacheControl: true,
formatError: error => ({
message: error.message,
locations: error.locations,
stack: error.stack ? error.stack.split('\n') : [],
path: error.path,
}),
})(req, res, next);
});
// API calls
app.get('/api/hello', (req, res) => {
res.send({ express: 'Hello From Express' });
});
app.get('/api/goodbye', (req, res) => {
res.send({ express: 'Goodbye From Express' });
});
if (process.env.NODE_ENV === 'production') {
// Serve any static files
app.use(express.static(path.join(__dirname, 'client/build')));
// Handle React routing, return all requests to React app
app.get('*', function(req, res) {
res.sendFile(path.join(__dirname, 'client/build', 'index.html'));
});
}
app.use('/auth', require('./server/auth'));
app.listen(port, () => console.log(`Listening on port ${port}`));
我将 graphql-mongoose-compose 用于我的模式:
然后我有一个看起来像这样的突变:
mutation userUpdateById($id: MongoID!, $firstName: String, $lastName: String,
$username: String, $email: String,$bio: String,
$phone: String, $street: String, $city: String,
$state: String,$zipcode: String, $country: String){
userUpdateById(record: {
firstName: $firstName,
lastName: $lastName,
local: {
username: $username,
email: $email,
}
bio: $bio,
phone: $phone,
address:{
street: $street,
city: $city,
state: $state,
zipcode: $zipcode,
country:$country,
}
_id: $id,
})...
`
那么我有以下几种保存用户的方法:
UserSchema.methods = {
checkPassword: function(inputPassword) {
return bcrypt.compareSync(inputPassword, this.local.password);
},
hashPassword: plainTextPassword => {
return bcrypt.hashSync(plainTextPassword, 10);
},
};
// Define hooks for pre-saving
userSchema.pre('save', function(next) {
if (!this.local.password) {
console.log('=======NO PASSWORD PROVIDED=======');
next();
} else {
this.local.password = this.hashPassword(this.local.password);
next();
}
});
问题出在由 graphql-compose-mongoose 组成的突变 "userUpdateById" 突变更新了文档的所有字段。它目前是 gcm 存储库中的一个未解决问题。另一位用户建议使用 "userUpdateMany" 并将用户 _id 传递到过滤器字段作为足够的解决方法;但是,有效负载仅告诉您更新的用户数。如果您只是通过查询获取数据,这不是什么大问题。我试过了。
我是初学者,如果这看起来一团糟,我深表歉意。 每次我 运行 突变时,我都会检查 mlab 并且它有效......用户已更新但在我注销后......我无法重新登录。我在想也许密码在我更新时被重新哈希用户...但我不确定如何修复它。也许密码需要与查询一起发送...我正在发送 ID? local.password 不在道具中...
这是我的 server.js
const express = require('express');
const path = require('path');
const bodyParser = require('body-parser');
const graphqlHTTP = require('express-graphql');
const graphqlSchema = require('./server/GQL/schema.js');
//added for auth start
const morgan = require('morgan');
const session = require('express-session');
const MongoStore = require('connect-mongo')(session);
const dbConnection = require('./server/db');
const passport = require('./server/passport');
const cors = require('cors');
const app = express();
// allow cross-origin requests
app.use(cors());
const port = process.env.PORT || 5000;
// ===== Middleware ====
app.use(morgan('dev'));
app.use(
bodyParser.urlencoded({
extended: false,
})
);
app.use(bodyParser.json());
app.use(
session({
secret: process.env.APP_SECRET || 'this is the default passphrase',
store: new MongoStore({ mongooseConnection: dbConnection }),
resave: false,
saveUninitialized: false,
})
);
// ===== Passport ====
app.use(passport.initialize());
app.use(passport.session()); // will call the deserializeUser
// bind express with graphql
app.use('/graphql', cors(), (req, res, next) =>{
console.log(req.session);
return graphqlHTTP({
schema: graphqlSchema,
graphiql: true,
context: { user: req.user },
tracing: true,
cacheControl: true,
formatError: error => ({
message: error.message,
locations: error.locations,
stack: error.stack ? error.stack.split('\n') : [],
path: error.path,
}),
})(req, res, next);
});
// API calls
app.get('/api/hello', (req, res) => {
res.send({ express: 'Hello From Express' });
});
app.get('/api/goodbye', (req, res) => {
res.send({ express: 'Goodbye From Express' });
});
if (process.env.NODE_ENV === 'production') {
// Serve any static files
app.use(express.static(path.join(__dirname, 'client/build')));
// Handle React routing, return all requests to React app
app.get('*', function(req, res) {
res.sendFile(path.join(__dirname, 'client/build', 'index.html'));
});
}
app.use('/auth', require('./server/auth'));
app.listen(port, () => console.log(`Listening on port ${port}`));
我将 graphql-mongoose-compose 用于我的模式:
然后我有一个看起来像这样的突变:
mutation userUpdateById($id: MongoID!, $firstName: String, $lastName: String,
$username: String, $email: String,$bio: String,
$phone: String, $street: String, $city: String,
$state: String,$zipcode: String, $country: String){
userUpdateById(record: {
firstName: $firstName,
lastName: $lastName,
local: {
username: $username,
email: $email,
}
bio: $bio,
phone: $phone,
address:{
street: $street,
city: $city,
state: $state,
zipcode: $zipcode,
country:$country,
}
_id: $id,
})...
`
那么我有以下几种保存用户的方法:
UserSchema.methods = {
checkPassword: function(inputPassword) {
return bcrypt.compareSync(inputPassword, this.local.password);
},
hashPassword: plainTextPassword => {
return bcrypt.hashSync(plainTextPassword, 10);
},
};
// Define hooks for pre-saving
userSchema.pre('save', function(next) {
if (!this.local.password) {
console.log('=======NO PASSWORD PROVIDED=======');
next();
} else {
this.local.password = this.hashPassword(this.local.password);
next();
}
});
问题出在由 graphql-compose-mongoose 组成的突变 "userUpdateById" 突变更新了文档的所有字段。它目前是 gcm 存储库中的一个未解决问题。另一位用户建议使用 "userUpdateMany" 并将用户 _id 传递到过滤器字段作为足够的解决方法;但是,有效负载仅告诉您更新的用户数。如果您只是通过查询获取数据,这不是什么大问题。我试过了。