如何通过 Restful 对 Mongoose 请求进行用户验证
How to do user validation on a Mongoose request through Restful
所以我想首先找到用户想要删除的评论,然后检查用户名是否匹配以验证用户是否有权执行此操作(我知道用户名不是最安全的方法这是仅用于测试版)。
这就是我现在拥有的
// Deleting One
router.delete('/delete/:id', (req, res) => {
const voter = req.body.voter;
const id = req.params.id;
var sendContent = {};
Comments.findById({_id: id}, (error, result) => {
console.log(`${voter} and ${result.user}`)
if(voter !== result.user) {
sendContent.msg = 'You can\'t delete someone else\'s Comment';
sendContent.code = 500;
res.send(sendContent);
} else {
sendContent.msg = 'Currently in Test Mode but this is where the comment would be deleted';
sendContent.code = 500;
res.send(sendContent);
}
result.save()
})
})
是否有 result.delete() 函数或其他东西?可能是一个愚蠢的问题,但在此先感谢。
不,您需要使用 remove 或其他一些 delete/find-and-remove 函数。
// Deleting One
router.delete('/delete/:id', (req, res) => {
const voter = req.body.voter;
const id = req.params.id;
var sendContent = {};
Comments.findById({_id: id}, (error, result) => {
console.log(`${voter} and ${result.user}`)
if(voter !== result.user) {
sendContent.msg = 'You can\'t delete someone else\'s Comment';
sendContent.code = 500;
res.send(sendContent);
} else {
sendContent.msg = 'Currently in Test Mode but this is where the comment would be deleted';
sendContent.code = 500;
Comments.remove({_id: id}, (err, deleted) =>
!err && console.log('comment deleted')
res.send(sendContent)
);
}
})
})
所以我想首先找到用户想要删除的评论,然后检查用户名是否匹配以验证用户是否有权执行此操作(我知道用户名不是最安全的方法这是仅用于测试版)。
这就是我现在拥有的
// Deleting One
router.delete('/delete/:id', (req, res) => {
const voter = req.body.voter;
const id = req.params.id;
var sendContent = {};
Comments.findById({_id: id}, (error, result) => {
console.log(`${voter} and ${result.user}`)
if(voter !== result.user) {
sendContent.msg = 'You can\'t delete someone else\'s Comment';
sendContent.code = 500;
res.send(sendContent);
} else {
sendContent.msg = 'Currently in Test Mode but this is where the comment would be deleted';
sendContent.code = 500;
res.send(sendContent);
}
result.save()
})
})
是否有 result.delete() 函数或其他东西?可能是一个愚蠢的问题,但在此先感谢。
不,您需要使用 remove 或其他一些 delete/find-and-remove 函数。
// Deleting One
router.delete('/delete/:id', (req, res) => {
const voter = req.body.voter;
const id = req.params.id;
var sendContent = {};
Comments.findById({_id: id}, (error, result) => {
console.log(`${voter} and ${result.user}`)
if(voter !== result.user) {
sendContent.msg = 'You can\'t delete someone else\'s Comment';
sendContent.code = 500;
res.send(sendContent);
} else {
sendContent.msg = 'Currently in Test Mode but this is where the comment would be deleted';
sendContent.code = 500;
Comments.remove({_id: id}, (err, deleted) =>
!err && console.log('comment deleted')
res.send(sendContent)
);
}
})
})