我需要破译用户名和密码,但不断从节点收到内部服务器错误
I need to decipher a username and password but keep getting internal server error from node
我很困惑为什么我的节点服务器在尝试从来自 ReactJS 应用程序的 axios post 请求中解密用户名和密码时抛出错误 500。
这是我的 React 代码:
import React from "react";
import { Container, Row, Col, Form, Jumbotron } from "react-bootstrap";
import { Button } from "../styled-components/button";
import { ButtonBase } from "@material-ui/core";
import { Fade } from "react-reveal";
import axios from "axios";
import { createCipheriv, randomBytes } from "crypto";
//create random 16bytes
let iv = "NcRfUjXn2r5u8x/A";
//encryption key that is used
let key = "gVkYp3s6v8y/B?E(H+MbQeThWmZq4t7w";
export default function Login(props) {
//set State for the user application
const [username, setUsername] = React.useState("");
const [password, setPassword] = React.useState("");
//set error message state if data returned is invalid
const [error, setError] = React.useState(false);
//create handlers for state change and assign value to the state
const handleUsernameChange = (e) => {
setUsername(e.target.value);
};
const handlePasswordChange = (e) => {
setPassword(e.target.value);
};
//handle submission to the server
const handleFormSubmit = (e) => {
e.preventDefault();
//start encryption process
let cipher = createCipheriv("aes-256-cbc", key, iv);
//username encryption
let encryptedUsername = cipher.update(username, "utf-8", "hex");
encryptedUsername += cipher.final("hex");
//password encryption process
let encryptedPassword = cipher.update(password, "utf-8", "hex");
encryptedPassword += cipher.final("hex");
console.log(encryptedUsername + " " + encryptedPassword);
//post the encrypted data to the server
axios
.post("/users", {
username: encryptedUsername,
password: encryptedPassword,
})
.then((res) => {
//receive the response from the server and mark the username & password correct/invalid
if (res.data === "invalid") {
setError(true);
//if username and password are valid, then transfer user to the home page and create a session
} else if (
encryptedUsername === res.data[0].username &&
encryptedPassword === res.data[0].password
) {
//window.location = "/home";
}
})
.catch((err) => {
console.log(err);
});
};
return (
<Fade>
<Container style={{ marginTop: "5%" }}>
<Row>
<Col lg={12} style={{ textAlign: "center" }}>
<h3>Please Login to see all your daily To-Do Tasks</h3>
</Col>
<Col lg={12}>
<Form onSubmit={handleFormSubmit}>
<Jumbotron>
<Row>
<Col>
<Form.Label>Username:</Form.Label>
<Form.Control
onChange={handleUsernameChange}
placeholder="Username:"
value={username}
required
></Form.Control>
</Col>
<Col>
<Form.Label>Password:</Form.Label>
<Form.Control
onChange={handlePasswordChange}
placeholder="Password:"
value={password}
required
type="password"
></Form.Control>
</Col>
</Row>
<Row>
<Col>
{error ? (
<Fade>
<b style={{ color: "red" }}>
Invalid username or password
</b>
</Fade>
) : (
<></>
)}
</Col>
</Row>
<Row style={{ marginTop: "5%" }}>
<Col>
<ButtonBase style={{ float: "right" }}>
<Button
color="primary"
style={{ float: "right" }}
type="submit"
>
Login
</Button>
</ButtonBase>
</Col>
</Row>
<Row>
<Col style={{ marginTop: "5%" }}>
<p style={{ float: "right" }}>
Need to register?{" "}
<a href="https://google.com/"> click here</a>
</p>
</Col>
</Row>
</Jumbotron>
</Form>
</Col>
</Row>
</Container>
</Fade>
);
}
现在这是我的 node.js 用于处理该请求的快速代码:
我更新了方法并放置了两个函数以在用户名和密码登陆时调用,我注意到用户名正在记录并且是一个字符串,但是当我在破译后尝试记录我的密码时它显示都是奇怪的字符,所以密码破译方法肯定有问题,因为当我登录我的服务器时密码的typeof是什么,它显示它是一个字符串,并且它显示它与加密密码对应从客户端发送,但是当它通过解密方法时,它会将它加扰并吐出那些奇怪的字符。
const express = require("express");
const router = express.Router();
const connection = require("../database/connection");
const logger = require("../logger/logger");
const crypto = require("crypto");
//create initial vector
let iv = "NcRfUjXn2r5u8x/A";
//create the crypto key for deciphering the username/password
let key = "gVkYp3s6v8y/B?E(H+MbQeThWmZq4t7w";
/* GET users listing. */
router.post("/", function (req, res, next) {
console.log(req.body);
let reqUser = req.body.username;
let reqPass = req.body.pass;
function decryptUsername() {
//create decipcher API
let decipher = crypto.createDecipheriv("aes-256-cbc", key, iv);
//decipher the username before sending it to MySQL
let decryptedUsername = decipher.update(reqUser, "hex", "utf-8");
decryptedUsername += decipher.final("utf-8");
console.log(decryptedUsername);
return decryptedUsername;
}
function decryptPassword() {
//create decipcher API
let decipher = crypto.createDecipheriv("aes-256-cbc", key, iv);
//decipher the password before sending it to MySQL
let decryptedPassword = decipher.update(reqPass, "hex", "utf-8");
decryptedPassword += decipher.final("utf-8");
console.log(typeof decryptedPassword);
return decryptedPassword;
}
let username = decryptUsername(reqUser);
console.log(username);
let password = decryptPassword(reqPass);
//Establish connection to MySQL Database
connection.getConnection((err) => {
if (err) throw err;
//MySQL database query to check username & password exists
connection.query(
"SELECT username, password FROM users WHERE username = ? AND password = ?",
[username, password],
function (err, results) {
if (results.length === 0) {
//log the credentails that are invalid/un-authenticated
logger.log({
level: "error",
message: `failed user login: username: ${username} password: ${password}`,
});
//send invalid response to let the server know that credentials are incorrect
res.send("invalid");
} else {
//logger to log access control to the access.log file
logger.log({
level: "info",
message: `user ${username} logged in at:`,
});
//send response to user
console.log(results);
res.send(results);
}
}
);
});
});
module.exports = router;
我的加密数据也被正确发送,服务器端和客户端共享静态密钥和初始化向量,但是当我在服务器端尝试解密时,它只是抛出错误 500
任何帮助将不胜感激:)
这是服务器错误的片段POST /users 500
这是当我console.log(解密)
logging the decipher method
Strange characters that it is spitting out
首先,
- 您应该使用 useEffect 进行所有休息调用。如果你需要制作方法,我有一个示例库,我可以分享。
- 服务器路由上的 /users 路径在哪里?
- 你最后应该有 res.send。日志记录也需要在上面。否则,您将在 server-side.
上得到一个 warning/error
- 你怎么知道 decipher 给出了 500 错误?您看到任何错误信息了吗?
所以我发现导致我的加密密码被解析为奇怪字符的问题,我必须为每个加密和解密方法创建一个模块,将值传递给解密模块,然后 return值,现在它工作得很好
我很困惑为什么我的节点服务器在尝试从来自 ReactJS 应用程序的 axios post 请求中解密用户名和密码时抛出错误 500。
这是我的 React 代码:
import React from "react";
import { Container, Row, Col, Form, Jumbotron } from "react-bootstrap";
import { Button } from "../styled-components/button";
import { ButtonBase } from "@material-ui/core";
import { Fade } from "react-reveal";
import axios from "axios";
import { createCipheriv, randomBytes } from "crypto";
//create random 16bytes
let iv = "NcRfUjXn2r5u8x/A";
//encryption key that is used
let key = "gVkYp3s6v8y/B?E(H+MbQeThWmZq4t7w";
export default function Login(props) {
//set State for the user application
const [username, setUsername] = React.useState("");
const [password, setPassword] = React.useState("");
//set error message state if data returned is invalid
const [error, setError] = React.useState(false);
//create handlers for state change and assign value to the state
const handleUsernameChange = (e) => {
setUsername(e.target.value);
};
const handlePasswordChange = (e) => {
setPassword(e.target.value);
};
//handle submission to the server
const handleFormSubmit = (e) => {
e.preventDefault();
//start encryption process
let cipher = createCipheriv("aes-256-cbc", key, iv);
//username encryption
let encryptedUsername = cipher.update(username, "utf-8", "hex");
encryptedUsername += cipher.final("hex");
//password encryption process
let encryptedPassword = cipher.update(password, "utf-8", "hex");
encryptedPassword += cipher.final("hex");
console.log(encryptedUsername + " " + encryptedPassword);
//post the encrypted data to the server
axios
.post("/users", {
username: encryptedUsername,
password: encryptedPassword,
})
.then((res) => {
//receive the response from the server and mark the username & password correct/invalid
if (res.data === "invalid") {
setError(true);
//if username and password are valid, then transfer user to the home page and create a session
} else if (
encryptedUsername === res.data[0].username &&
encryptedPassword === res.data[0].password
) {
//window.location = "/home";
}
})
.catch((err) => {
console.log(err);
});
};
return (
<Fade>
<Container style={{ marginTop: "5%" }}>
<Row>
<Col lg={12} style={{ textAlign: "center" }}>
<h3>Please Login to see all your daily To-Do Tasks</h3>
</Col>
<Col lg={12}>
<Form onSubmit={handleFormSubmit}>
<Jumbotron>
<Row>
<Col>
<Form.Label>Username:</Form.Label>
<Form.Control
onChange={handleUsernameChange}
placeholder="Username:"
value={username}
required
></Form.Control>
</Col>
<Col>
<Form.Label>Password:</Form.Label>
<Form.Control
onChange={handlePasswordChange}
placeholder="Password:"
value={password}
required
type="password"
></Form.Control>
</Col>
</Row>
<Row>
<Col>
{error ? (
<Fade>
<b style={{ color: "red" }}>
Invalid username or password
</b>
</Fade>
) : (
<></>
)}
</Col>
</Row>
<Row style={{ marginTop: "5%" }}>
<Col>
<ButtonBase style={{ float: "right" }}>
<Button
color="primary"
style={{ float: "right" }}
type="submit"
>
Login
</Button>
</ButtonBase>
</Col>
</Row>
<Row>
<Col style={{ marginTop: "5%" }}>
<p style={{ float: "right" }}>
Need to register?{" "}
<a href="https://google.com/"> click here</a>
</p>
</Col>
</Row>
</Jumbotron>
</Form>
</Col>
</Row>
</Container>
</Fade>
);
}
现在这是我的 node.js 用于处理该请求的快速代码:
我更新了方法并放置了两个函数以在用户名和密码登陆时调用,我注意到用户名正在记录并且是一个字符串,但是当我在破译后尝试记录我的密码时它显示都是奇怪的字符,所以密码破译方法肯定有问题,因为当我登录我的服务器时密码的typeof是什么,它显示它是一个字符串,并且它显示它与加密密码对应从客户端发送,但是当它通过解密方法时,它会将它加扰并吐出那些奇怪的字符。
const express = require("express");
const router = express.Router();
const connection = require("../database/connection");
const logger = require("../logger/logger");
const crypto = require("crypto");
//create initial vector
let iv = "NcRfUjXn2r5u8x/A";
//create the crypto key for deciphering the username/password
let key = "gVkYp3s6v8y/B?E(H+MbQeThWmZq4t7w";
/* GET users listing. */
router.post("/", function (req, res, next) {
console.log(req.body);
let reqUser = req.body.username;
let reqPass = req.body.pass;
function decryptUsername() {
//create decipcher API
let decipher = crypto.createDecipheriv("aes-256-cbc", key, iv);
//decipher the username before sending it to MySQL
let decryptedUsername = decipher.update(reqUser, "hex", "utf-8");
decryptedUsername += decipher.final("utf-8");
console.log(decryptedUsername);
return decryptedUsername;
}
function decryptPassword() {
//create decipcher API
let decipher = crypto.createDecipheriv("aes-256-cbc", key, iv);
//decipher the password before sending it to MySQL
let decryptedPassword = decipher.update(reqPass, "hex", "utf-8");
decryptedPassword += decipher.final("utf-8");
console.log(typeof decryptedPassword);
return decryptedPassword;
}
let username = decryptUsername(reqUser);
console.log(username);
let password = decryptPassword(reqPass);
//Establish connection to MySQL Database
connection.getConnection((err) => {
if (err) throw err;
//MySQL database query to check username & password exists
connection.query(
"SELECT username, password FROM users WHERE username = ? AND password = ?",
[username, password],
function (err, results) {
if (results.length === 0) {
//log the credentails that are invalid/un-authenticated
logger.log({
level: "error",
message: `failed user login: username: ${username} password: ${password}`,
});
//send invalid response to let the server know that credentials are incorrect
res.send("invalid");
} else {
//logger to log access control to the access.log file
logger.log({
level: "info",
message: `user ${username} logged in at:`,
});
//send response to user
console.log(results);
res.send(results);
}
}
);
});
});
module.exports = router;
我的加密数据也被正确发送,服务器端和客户端共享静态密钥和初始化向量,但是当我在服务器端尝试解密时,它只是抛出错误 500
任何帮助将不胜感激:)
这是服务器错误的片段POST /users 500
这是当我console.log(解密)
logging the decipher method
Strange characters that it is spitting out
首先,
- 您应该使用 useEffect 进行所有休息调用。如果你需要制作方法,我有一个示例库,我可以分享。
- 服务器路由上的 /users 路径在哪里?
- 你最后应该有 res.send。日志记录也需要在上面。否则,您将在 server-side. 上得到一个 warning/error
- 你怎么知道 decipher 给出了 500 错误?您看到任何错误信息了吗?
所以我发现导致我的加密密码被解析为奇怪字符的问题,我必须为每个加密和解密方法创建一个模块,将值传递给解密模块,然后 return值,现在它工作得很好