sudomarcma
e563f17283
- 添加JWT认证中间件保护API端点 - 在登录流程中使用bcrypt哈希密码和JWT令牌 - 配置HTTPS服务器使用自签名证书 - 更新前端API调用以包含认证令牌
39 lines
1.1 KiB
JavaScript
39 lines
1.1 KiB
JavaScript
import mysql from 'mysql2/promise'
|
|
import bcrypt from 'bcrypt'
|
|
import dotenv from 'dotenv'
|
|
|
|
dotenv.config({ path: '../.env' })
|
|
|
|
async function hashPasswords() {
|
|
const db = await mysql.createConnection({
|
|
host: process.env.DB_HOST,
|
|
user: process.env.DB_USER,
|
|
password: process.env.DB_PASSWORD,
|
|
database: process.env.DB_NAME,
|
|
port: process.env.DB_PORT,
|
|
})
|
|
|
|
try {
|
|
const [workers] = await db.execute('SELECT id, password_hash FROM workers')
|
|
|
|
for (const worker of workers) {
|
|
if (worker.password_hash && !worker.password_hash.startsWith('$2b$')) {
|
|
const saltRounds = 10
|
|
const hashedPassword = await bcrypt.hash(worker.password_hash, saltRounds)
|
|
await db.execute('UPDATE workers SET password_hash = ? WHERE id = ?', [
|
|
hashedPassword,
|
|
worker.id,
|
|
])
|
|
console.log(`Hashed password for worker with ID: ${worker.id}`)
|
|
}
|
|
}
|
|
|
|
console.log('Password hashing complete.')
|
|
} catch (error) {
|
|
console.error('Error hashing passwords:', error)
|
|
} finally {
|
|
await db.end()
|
|
}
|
|
}
|
|
|
|
hashPasswords() |