是的架构验证密码和确认密码不起作用

Posted

技术标签:

【中文标题】是的架构验证密码和确认密码不起作用【英文标题】:Yup schema validation password and confirmPassword doesn't work 【发布时间】:2020-09-03 19:38:13 【问题描述】:
import * as Yup from 'yup';
import User from '../models/User';

class UserController 
async store(req, res) 
const schema = Yup.object().shape(
  name: Yup.string().required(),
  email: Yup.string()
    .email()
    .required(),
  password: Yup.string()
    .required()
    .min(6),
);

if (!(await schema.isValid(req.body))) 
  return res.status(400).json( error: 'Validation fails' );


const userExists = await User.findOne( where:  email: req.body.email  );
if (userExists) 
  return res.status(400).json( error: 'User already exists.' );

const  id, name, email, provider  = await User.create(req.body);
return res.json( id, name, email, provider );


async update(req, res) 
const schema = Yup.object().shape(
  name: Yup.string(),
  email: Yup.string().email(),
  oldPassword: Yup.string().min(6),
  password: Yup.string()
    .min(6)
    .when('oldPassword', (oldPassword, field) =>
      oldPassword ? field.required() : field
    ),
  confirmPassword: Yup.string().when('password', (password, field) =>
    password ? field.required().oneOf([Yup.ref('password')]) : field
  ),
);

if (!(await schema.isValid(req.body))) 
  return res.status(400).json( error: 'Validation fails' );


const  email, oldPassword  = req.body;
const user = await User.findByPk(req.userId);
if (user.email !== email) 
  const userExists = await User.findOne(
    where:  email ,
  );
  if (userExists) 
    return res.status(400).json( error: 'User already exists.' );
  


if (oldPassword && !(await user.checkPassword(oldPassword))) 
  return res.status(401).json( error: 'Password does not match.' );


const  id, name, provider  = await user.update(req.body);

return res.json( id, name, email, provider );
    

export default new UserController();

here it creates a normal user with the password 123456

here it should work, since the old password is the same as the password of the created user, and it should update the new password

我想尝试了解如何让他将当前密码理解为oldpassword并更新密码

【问题讨论】:

【参考方案1】:

试试这个:

import * as Yup from 'yup';

validationSchema: Yup.object(
  password: Yup.string().required('Password is required'),
  passwordConfirmation: Yup.string()
     .oneOf([Yup.ref('password'), null], 'Passwords must match')
);

【讨论】:

目前,当我更改其中一个输入时,仅验证正在更改的输入,这意味着我需要更改两者以具有正确的状态,有什么方法可以强制检查两者什么时候换? @RenanSouza 您可以改用 test() 方法。 Yup.object( password: Yup.string().required('Password is required'), passwordConfirmation: Yup.string() .test('passwords-match', 'Passwords must match', function (value) return this.parent.password === value ) ) @HammedOyedele 请创建一个帖子而不是评论,以便我们对其进行投票,并可能被选为最佳答案。 也许你们还必须为密码确认添加另一个必需的选项。 Yup.object().shape( password: Yup.string().required('Password is required'), passwordConfirmation: Yup.string() .required('Confirm password is required') .oneOf([Yup.ref('password'), null], 'Passwords must match'), );【参考方案2】:

根据@anoNewb 的回答和@Renan 提出的要求,

Yup.object(
  password: Yup.string().required('Password is required'),
  passwordConfirmation: Yup.string()
    .test('passwords-match', 'Passwords must match', function(value)
      return this.parent.password === value
    )
)

【讨论】:

这个解决方案的问题是它会被每个输入调用,不仅是passwordConfirmation的变化,而且传递的值是那个输入的。例如,这失败了:【参考方案3】:

我就是这样做的。

yup.object(
  password: yup
    .string()
    .required('Please enter your password.')
    .min(8, 'Your password is too short.'),
  retypePassword: yup
    .string()
    .required('Please retype your password.')
    .oneOf([yup.ref('password')], 'Your passwords do not match.')
);

【讨论】:

以上是关于是的架构验证密码和确认密码不起作用的主要内容,如果未能解决你的问题,请参考以下文章

JQuery确认密码验证不起作用

Django用户注册验证不起作用

Zend_Dojo 表单密码文本框验证不起作用

护照本地猫鼬中的密码验证器选项不起作用

使用 wshttpbinding 的 WCF 用户名和密码验证不起作用

密码验证在德鲁的手册中不起作用(密码哈希)[重复]