From 2fa73925d5dae4cf78cf534ea4ccac152047d843 Mon Sep 17 00:00:00 2001 From: gengjiawen Date: Sun, 5 Feb 2017 14:39:13 +0800 Subject: [PATCH] switch to bcrypt --- .gitignore | 3 ++- package.json | 5 +++-- server/controllers/user.js | 5 +++-- server/schema/user.js | 2 +- sql/user.sql | 8 +++++--- src/components/Login.vue | 22 ++++++++++------------ 6 files changed, 24 insertions(+), 21 deletions(-) diff --git a/.gitignore b/.gitignore index 0cb9dbbf..21885f4e 100644 --- a/.gitignore +++ b/.gitignore @@ -3,4 +3,5 @@ node_modules/ dist/ npm-debug.log img/ -.vscode/ \ No newline at end of file +.vscode/ +.idea/ diff --git a/package.json b/package.json index 7035f0f2..7150b3fa 100644 --- a/package.json +++ b/package.json @@ -6,10 +6,12 @@ "private": true, "scripts": { "dev": "node build/dev-server.js", - "build": "node build/build.js" + "build": "node build/build.js", + "server": "node app.js" }, "dependencies": { "axios": "^0.15.3", + "bcryptjs": "^2.4.0", "element-ui": "^1.1.2", "koa": "^1.2.4", "koa-bodyparser": "^2.3.0", @@ -19,7 +21,6 @@ "koa-logger": "^1.3.0", "koa-router": "5.4", "koa-static": "^2.0.0", - "md5": "^2.2.1", "mysql": "^2.12.0", "sequelize": "^3.29.0", "stylus": "^0.54.5", diff --git a/server/controllers/user.js b/server/controllers/user.js index a9f8e646..14a29472 100644 --- a/server/controllers/user.js +++ b/server/controllers/user.js @@ -1,5 +1,6 @@ const user = require('../models/user.js'); const jwt = require('koa-jwt'); +const bcrypt = require('bcryptjs'); const getUserInfo = function* (){ const id = this.params.id; // 获取url里传过来的参数里的id @@ -13,7 +14,7 @@ const postUserAuth = function* (){ const userInfo = yield user.getUserByName(data.name); console.log(this.request) if(userInfo != null){ // 如果查无此用户会返回null - if(userInfo.password != data.password){ + if(!bcrypt.compareSync(data.password, userInfo.password)){ this.body = { success: false, // success标志位是方便前端判断返回是正确与否 info: '密码错误!' @@ -43,4 +44,4 @@ module.exports = { router.get('/user/:id', getUserInfo); // 定义url的参数是id router.post('/user', postUserAuth); } -} \ No newline at end of file +} diff --git a/server/schema/user.js b/server/schema/user.js index 6601bac6..4736d0b7 100644 --- a/server/schema/user.js +++ b/server/schema/user.js @@ -13,7 +13,7 @@ module.exports = function(sequelize, DataTypes) { allowNull: false }, password: { - type: DataTypes.CHAR(32), + type: DataTypes.CHAR(128), allowNull: false } }, { diff --git a/sql/user.sql b/sql/user.sql index e14da37b..15001e1c 100644 --- a/sql/user.sql +++ b/sql/user.sql @@ -20,15 +20,17 @@ USE `todolist`; CREATE TABLE IF NOT EXISTS `user` ( `id` int(11) NOT NULL AUTO_INCREMENT, `user_name` char(50) NOT NULL, - `password` char(32) NOT NULL, + `password` char(128) NOT NULL, PRIMARY KEY (`id`) ) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=utf8; -- 正在导出表 todolist.user 的数据:~0 rows (大约) DELETE FROM `user`; /*!40000 ALTER TABLE `user` DISABLE KEYS */; -INSERT INTO `user` (`id`, `user_name`, `password`) VALUES - (1, 'molunerfinn', '202cb962ac59075b964b07152d234b70'); +INSERT INTO `user` (`user_name`, `password`) VALUES + ('molunerfinn', '$2a$10$x3f0Y2SNAmyAfqhKVAV.7uE7RHs3FDGuSYw.LlZhOFoyK7cjfZ.Q6'); +INSERT INTO `user` (`user_name`, `password`) VALUES + ('admin', '$2a$10$x3f0Y2SNAmyAfqhKVAV.7uE7RHs3FDGuSYw.LlZhOFoyK7cjfZ.Q6'); /*!40000 ALTER TABLE `user` ENABLE KEYS */; /*!40101 SET SQL_MODE=IFNULL(@OLD_SQL_MODE, '') */; diff --git a/src/components/Login.vue b/src/components/Login.vue index ed7d6486..7d728abc 100644 --- a/src/components/Login.vue +++ b/src/components/Login.vue @@ -2,16 +2,16 @@ - 欢迎登录 + 欢迎登录 - - @@ -23,8 +23,6 @@