# 🏅 Day 27 - 登入功能 延續前一天,在註冊時將密碼加密後儲存至資料庫,當使用者要進行登入時我們就需要將密碼解密來比對與使用者輸入的密碼是否符合 **密碼解密** `bcrypt.compare()` ```javascript // 尋找資料庫符合接收到的使用者資料,因 password 欄位在 Schema 通常設定為不顯示,因此可使用 select() 將密碼顯示出來 const user = await User.findOne({ email }).select('+password'); // email 為使用者輸入時的信箱 bcrypt.compare(password, user.password); // 第一個參數是接收到的密碼,第二個參數是由資料庫找出的該 user 的密碼,為雜湊加密的字串 ``` ### 參考資源 - [bcryptjs - compare](https://github.com/dcodeIO/bcrypt.js#compares-hash-callback-progresscallback) - [mongoose select()](https://mongoosejs.com/docs/api/query.html#:~:text=When%20using%20string%20syntax%2C%20prefixing%20a%20path%20with%20%2D%20will%20flag%20that%20path%20as%20excluded.%20When%20a%20path%20does%20not%20have%20the%20%2D%20prefix%2C%20it%20is%20included.%20Lastly%2C%20if%20a%20path%20is%20prefixed%20with%20%2B%2C%20it%20forces%20inclusion%20of%20the%20path%2C%20which%20is%20useful%20for%20paths%20excluded%20at%20the%20schema%20level.) 題目 --- 實做登入功能 POST `/users/sign_in`,依照下方需求完整程式碼: - 若有 Email、Password 有欄位未填寫,使用 `appError()` 自訂錯誤訊息:`帳號密碼不可為空` - 使用 bcryptjs `compare()` 比對密碼是否與資料庫中的密碼符合 - 若未比對成功,使用 `appError()` 自訂錯誤訊息:`帳號或密碼錯誤,請重新輸入!` ```javascript= router.post('/sign_in', handleErrorAsync(async (req, res, next) => { const { email, password } = req.body; ... res.status(200).json({ status: 'success' }); })); ``` ## 回報流程 將答案寫在 CodePen 並複製 CodePen 連結貼至底下回報就算完成了喔! 解答位置請參考下圖(需打開程式碼的部分觀看) ![](https://i.imgur.com/vftL5i0.png) <!-- 解答: ```javascript= router.post('/sign_in', handleErrorAsync(async (req, res, next) => { const { email, password } = req.body; if (!email || !password) { next(appError(400, '帳號密碼不可為空', next)); } const user = await User.findOne({ email }).select('+password'); const auth = await bcrypt.compare(password, user.password); if (!auth) { next(appError(400, '帳號或密碼錯誤,請重新輸入!', next)); } res.status(200).json({ status: 'success' }); })); ``` --> 回報區 --- <!-- 將答案貼至下方表格內,格式: | Discord 暱稱 | [CodePen](連結) | --> | Discord | CodePen / 答案 | |:-------------:|:-----------------:| | xxx | [CodePen]() | | 2魚 | [CodePen](https://codepen.io/ijrekmsn-the-sans/pen/LYvKymP) | | 苡安 | [hackmd](https://hackmd.io/@L7K9-66lSeagS28AP0_GjQ/S1u6MlofC) | | william威良 | [hackmd](https://codepen.io/snowman12320/pen/GRaRQJY?editors=1010) | | Aida | [CodePen](https://codepen.io/ada23410/pen/JjqjpJp?editors=0010) | | wei | [CodePen](https://hackmd.io/@xu7yoa5cSsqaron7h9XhUw/B19LaIofR) | | Chia Pin | [CodePen](https://codepen.io/joker-cat/pen/PovoxEG) | | jenny7532 | [CodePen](https://codepen.io/wei-chen-wu/pen/jOoERxe) | | runweiting | [CodePen](https://codepen.io/weiting14/pen/LYoVpRJ) | | william_hsu | [CodePen](https://codepen.io/william8815/pen/GRaJNOB) | | ej_chuang | [CodePen](https://codepen.io/EJChuang/pen/wvbaZee) | | Hank | [CodePen](https://codepen.io/tw1720/pen/RwmwPPe) | | Tiya | [CodePen](https://codepen.io/Tiya_blank/pen/rNbQPbY) | | zaoannihao | [CodePen](https://codepen.io/ckhwdvrx-the-solid/pen/jOobgZa)| | Mei | [CodePen](https://codepen.io/l_umei/pen/JjqGaYB)| |lobinda|[HackMD](https://hackmd.io/@Lobinda/S1UXfFKQR)| | Fabio20 | [CodePen](https://codepen.io/pen/?editors=1010) |