Json Login mit mehreren Benutzer-Login in einer einzigen Login-Seite

Question

Ich versuche, ein Login-Formular mit JSON zu machen, habe ich 3 verschiedene Benutzer auf einer einzigen Login-Seite einloggen, sie sind wie 1. Benutzer 2. Admin 3. Lieferant Dies ist my code. Ich mache das als Testfall, ich werde später die Authentifizierungsdetails auf Serverseite ändern.

<html> 
<head> 
<title> Login Form</title> 
<script> 
    function validate() 
    { 
     var username = document.getElementById("username").value; 
     var password = document.getElementById("password").value; 
     var loginlist = { "User": { 
           "userlist":[{"username":"usr1", "password":"a123"},{"username":"usr2", "password":"a123"},{"username":"usr3", "password":"a123"}], 
           "ID":1 
          }, 
          "Admin": { 
            "adminlist":[{"username":"admin1", "password":"b123"},{"username":"admin2", "password":"b123"},{"username":"admin3", "password":"b123"}], 
            "ID":2 
          }, 
          "Supplier": { 
            "supplierlist":[{"username":"sup1", "password":"c123"},{"username":"sup2", "password":"c123"},{"username":"sup3", "password":"c123"}], 
            "ID":1 
          } 
     }; 
     var logged = false; 
     if(loginlist[0].User.ID === 1){ 
      for(var i =0; i < loginlist[0].User.userlist.length; i++){ 
       if(username == loginlist[0].User.userlist[i].username && password == loginlist[0].User.userlist[i].password){ 
        logged= true; 
       } 
      } 
      if(logged) 
      alert("User login"); 

      else 
      alert("User login fail");    

     } 
     else if(loginlist[0].Admin.ID === 2){ 
      for(var j =0; j < loginlist[0].Admin.adminlist.length; j++){ 
       if(username == loginlist[0].Admin.adminlist[j].username && password == loginlist[0].Admin.adminlist[j].password){ 
        logged= true; 
       } 
      } 
      if(logged) 
      alert("Admin login"); 

      else 
      alert("admin login fail"); 

     } 
     else{ 
      for(var k =0; k < loginlist[0].Supplier.supplierlist.length; k++){ 
       if(username == loginlist[0].Supplier.supplierlist[k].username && password == loginlist[0].Supplier.supplierlist[k].password){ 
        logged= true; 
       } 
      } 
      if(logged) 
      alert("Supplier login"); 

      else 
      alert("supplier login fail"); 

     } 
    } 
</script> 
</head> 
<body> 
<div class="container"> 
<div class="main"> 
<h2>Login Form</h2> 
<form id="form_id" method="post" name="myform"> 
<label>User Name :</label> 
<input type="text" placeholder="Enter username" name="username" id="username"/> 
<label>Password :</label> 
<input type="password" placeholder="Enter Password" name="password" id="password"/> 
<input type="button" value="Login" id="submit" onclick="validate()"/> 
</form> 
</body> 
</html> 

die ich ausprobiert habe. Mein Problem ist, wenn ich etwas in den Benutzernamen und das Passwort eingeben, nichts angezeigt wird, habe ich diese Art von Programm aber mit der Einzelbenutzer-Operation. Ich bin nicht in der Lage, diese mehreren Benutzer in einer einzigen Login-Seite zu erreichen

Answer 1

Ich bin nicht ganz sicher, was der Grund für jeden einzelnen Benutzertyp als separate Arrays ist, könnte es für einen bestimmten Anwendungsfall gut sein, aber es wird Sicherlich ist es einfacher, alle Benutzer in einem einzigen Set zu haben.

Alles in einem Array zu haben und dann einige Funktionen zum Abrufen eines bestimmten Benutzertyps bereitzustellen, wäre ein besserer Ansatz, da Sie sich von Anfang an nicht so sehr um das Ergebnis kümmern müssen. Außerdem sollte man immer mit möglichst viel Rohmaterial arbeiten; obwohl Leute dieses Argument finden könnten.

Es ist normalerweise besser, keinen JavaScript-Code im -Tag des HTML auszulösen, es sei denn, es wird benötigt, da der Code ausgeführt wird, bevor das gesamte Dokument geladen ist. Es ist normalerweise sicherer, den gesamten JavaScript-Code unmittelbar vor dem schließenden Tag <body> zu setzen.

Ich bemerkte auch, dass Sie die validate Funktion auf Knopf klicken Sie auf. Es ist ein Problem, wenn Sie das Formular über eine andere Methode übermitteln (z. B. drücken Sie , geben Sie in einem fokussierten Eingabefeld ein). Ich habe dem Formular selbst einen Ereignis-Listener hinzugefügt, der alle üblichen Sendefälle behandeln sollte.

Ich habe das Benutzer-Array nur eine Ebene haben, die alle Benutzer enthält. Jeder Benutzer hat einen Typ, der verwendet wird, um den Typ des Benutzers zu bestimmen (normaler Benutzer, Administrator, Benutzer usw.).

Ich habe jede Zeile des folgenden Codes kommentiert.

Dieses Skript sollte NICHT in irgendeiner Art von Produktion verwendet werden. Es ist gefährlich, da alle Überprüfungen nur auf der Client- und der Client-Seite durchgeführt werden. Verwenden Sie IMMER serverseitige Prüfungen, vorzugsweise auch in Testskripts!

Klicken Sie auf die Schaltfläche Run Snippet unten, um das Skript hier zu testen.

Sie können die Benutzernamen und Kennwörter aus dem Array am Anfang des JavaScript-Skripts finden.

// store the IDs of all logged in users in here 
 
var loggedusers = []; 
 

 
// server should handle everything below... 
 
// users array, which contains all users in the system 
 
// on the server-side this could be an array returned by a MySQL database table, for example 
 
var users = [{ 
 
    // ID of the user 
 
    id: 1, 
 
    // username of the user 
 
    username: 'user1', 
 
    // password of the user, note that this should obviously be hashed on the server-side 
 
    // for PHP back-end: preferably hashed with 'password_hash' and compared using 'password_verify' if using PHP version 5.5 or newer 
 
    password: 'a', 
 
    // type of the user, currently using 'user', 'admin' and 'supplier', but technically it could be _anything_ 
 
    type: 'user' 
 
}, { 
 
    id: 2, 
 
    username: 'admin1', 
 
    password: 'b', 
 
    type: 'admin' 
 
}, { 
 
    id: 3, 
 
    username: 'supplier1', 
 
    password: 'c', 
 
    type: 'supplier' 
 
}]; 
 
// ... up to this point, never store this data on the client-side (especially highly sensitive information like hashes, salts, or even worse like plain text passwords like above). 
 

 
/** 
 
* null|Object getUserByProperty (mixed key, mixed value [ , boolean strict = false, boolean multiple = false, boolean case_insensitive = false ]) 
 
* 
 
* Gets a user by a property key, value and various settings. 
 
* 
 
* @param mixed key Property key to look for. 
 
* @param mixed value Property value to look for. 
 
* @param boolean strict (optional) Should the comparison be type strict? 
 
* @param boolean multiple (optional) Should it return all results, rather than the first result? 
 
* @param boolean case_insensitive (optional) Should it ignore character case? 
 
* 
 
* @return null|Object Returns the user object, or null, if not found. 
 
*/ 
 
function getUserByProperty(key, value, strict, multiple, case_insensitive) { 
 
    // prepare a result array 
 
    var result = []; 
 

 
    // loop through all of our users 
 
    for (var index in users) { 
 
    // get the user we are iterating through now 
 
    var user = users[index]; 
 

 
    // check if the user has the specified property 
 
    if (typeof user[key] != 'undefined') { 
 
     // get the property value 
 
     var compare = user[key]; 
 

 
     // doing something case insensitive 
 
     if (case_insensitive) { 
 
     // if the property value is a string 
 
     if (typeof compare == 'string') 
 
     // we want to turn it to lower case 
 
      compare = compare.toLowerCase(); 
 

 
     // if the specified value is a string 
 
     if (typeof value == 'string') 
 
     // we want to turn it to lower case 
 
      value = value.toLowerCase(); 
 
     } 
 

 
     // if specified value is not defined, or values match 
 
     if (typeof value == 'undefined' || ((strict && compare === value) || (!strict && compare == value))) { 
 
     // if we want multiple results 
 
     if (multiple) { 
 
      // the result will be appended to the result array 
 
      result.push(user); 
 
     } else { 
 
      // otherwise we just return it 
 
      return user; 
 
     } 
 
     } 
 
    } 
 
    } 
 

 
    // return the results or null, if nothing was found (for single match search) 
 
    return multiple ? result : null; 
 
} 
 

 
/** 
 
* null|Object getUserById (number id) 
 
* 
 
* Gets a user with the specified ID. 
 
* 
 
* @param number id ID of user to get. 
 
* 
 
* @return null|Object Returns the user object, or null, if not found. 
 
*/ 
 
function getUserById(id) { 
 
    return getUserByProperty('id', id); 
 
} 
 

 
/** 
 
* null|Object getUserByUsername (string username [ , boolean case_insensitive = false ]) 
 
* 
 
* Gets a user with the specified username. 
 
* 
 
* @param string username Username of user to get. 
 
* @param boolean case_insensitive Should character case be ignored? 
 
* 
 
* @return null|Object Returns the user object, or null, if not found. 
 
*/ 
 
function getUserByUsername(username, case_insensitive) { 
 
    return getUserByProperty('username', username, false, false, case_insensitive); 
 
} 
 

 
/** 
 
* boolean|array getUsersByType (string type [ , boolean case_insensitive = false ]) 
 
* 
 
* Gets all users with the specified type. 
 
* 
 
* @param string type Type of user to look for. 
 
* @param boolean case_insensitive Should character case be ignored? 
 
* 
 
* @return array Returns the an array of user objects. 
 
*/ 
 
function getUsersByType(type, case_insensitive) { 
 
    return getUserByProperty('type', type, false, true, case_insensitive); 
 
} 
 

 
/** 
 
* boolean|Object login (string username, string password) 
 
* 
 
* Provides the functionality to be able to log in on a user. 
 
* 
 
* @param string username Username of the user to log in on. 
 
* @param string password Password of the user to log in on. 
 
* 
 
* @return boolean|Object Returns the user object, or false, if login was not successful. 
 
*/ 
 
function login(username, password) { 
 
    // checks whether username and password have been filled in 
 
    if (typeof username == 'string' && typeof password == 'string' && username.length > 0 && password.length > 0) { 
 
    // prepare a variable to store the user object, if any is received 
 
    var loggeduser; 
 

 
    // server should handle everything below... 
 
    // iterate through all users in the 'users' array (or database table perhaps, on server-side) 
 
    for (var index in users) { 
 
     // grab the property value with the property 
 
     var user = users[index]; 
 

 
     // check if username and password match 
 
     if (username === user.username && password === user.password) 
 
     // set value of 'loggeduser' to the property value (user) 
 
     loggeduser = user; 
 
    } 
 
    // ... up to this point, and the user returned from the server should be set in to 'loggeduser' 
 
    // make sure highly sensitive information is not returned, such as hash, salt or anything 
 

 
    // check whether the user is set 
 
    if (typeof loggeduser != 'undefined') { 
 
     // save the ID of the user to the 'loggedusers' array 
 
     loggedusers[loggeduser.id] = true; 
 

 
     // update the logged in list 
 
     updatelist(); 
 

 
     // return the received user object 
 
     return loggeduser; 
 
    } 
 
    } 
 

 
    return false; 
 
} 
 

 
/** 
 
* boolean logout (number userid) 
 
* 
 
* Provides the functionality to be able to log out from a user. 
 
* 
 
* @param number userid ID of the user to log out of. 
 
* 
 
* @return boolean Returns a boolean representing whether the log out was successful or not. 
 
*/ 
 
function logout(userid) { 
 
    // check whether the ID is actually logged in 
 
    if (loggedusers[userid]) { 
 
    // temporary array, which we will be filling 
 
    var temporary = []; 
 

 
    // let's loop through logged users 
 
    for (var id in loggedusers) 
 
    // ignore our user 
 
     if (id != userid) 
 
     // let's put this user to the array 
 
     temporary[id] = true; 
 

 
     // we replace the 'loggedusers' array with our new array 
 
    loggedusers = temporary; 
 

 
    // update the logged in list 
 
    updatelist(); 
 

 
    // we have successfully logged out 
 
    return true; 
 
    } 
 

 
    // we have not successfully logged out 
 
    return false; 
 
} 
 

 
/** 
 
* boolean updatelist (void) 
 
* 
 
* Provides the functionality to update the #logged-in-list element 
 
* with the logged in users names and logout links. 
 
* 
 
* @return boolean Returns a boolean representing whether the update was successful or not. 
 
*/ 
 
function updatelist() { 
 
    // get the #logged-in-list element 
 
    var list_element = document.getElementById('logged-in-list'); 
 

 
    // check the element exists 
 
    if (list_element) { 
 
    // get the #logged-in element 
 
    var list_container_element = document.getElementById('logged-in'); 
 

 
    // check the element exists and that we should be changing the styles 
 
    if (list_container_element) 
 
    // if there are no logged in users, "hide" the element, otherwise "show" it 
 
     list_container_element.style.visibility = loggedusers.length === 0 ? 'hidden' : 'visible'; 
 

 
    // we take the first child with a while loop 
 
    while (list_element.firstChild) 
 
    // remove the child, and it will repeat doing so until there is no firstChild left for the list_element 
 
     list_element.removeChild(list_element.firstChild); 
 

 
    // we loop through every logged in user 
 
    for (var id in loggedusers) { 
 
     // get the user by ID 
 
     var user = getUserById(id); 
 

 
     // check if that user is a user 
 
     if (user) { 
 
     // we create necessary elements to cover our logout functionality 
 
     var p = document.createElement('P'); 
 
     p.innerText = user.username; 
 
     var a = document.createElement('A'); 
 
     a.userid = id; 
 
     a.href = '#'; 
 
     a.innerHTML = '(logout)'; 
 

 
     // we bind an onclick event listener to the link 
 
     a.addEventListener('click', function(e) { 
 
      e.preventDefault(); 
 

 
      // we will now execute the logout function for this user ID 
 
      logout(e.srcElement.userid); 
 
     }); 
 

 
     // we append the link to the paragraph element 
 
     p.appendChild(a); 
 

 
     // we append the paragraph to the list element 
 
     list_element.appendChild(p); 
 
     } 
 
    } 
 

 
    return true; 
 
    } 
 

 
    return false; 
 
} 
 

 
// add a new 'onsubmit' event listener to the '#login-form' node 
 
// this will be triggered each time the form is submitted via any method 
 
document.getElementById('login-form').addEventListener('submit', function(e) { 
 
    // prevent default browser behavior 
 
    e.preventDefault(); 
 

 
    // find the username and password nodes 
 
    var username_element = e.srcElement.elements.username; 
 
    var password_element = e.srcElement.elements.password; 
 

 
    // check whether these elements return right stuff 
 
    if (username_element && password_element) { 
 
    // get the values of username and password 
 
    username = username_element.value; 
 
    password = password_element.value; 
 

 
    // execute the 'login' function with the username and password filled in on the client 
 
    var user = login(username, password); 
 

 
    // check whether the login was successful 
 
    if (user !== false) { 
 
     // reset the username input field 
 
     username_element.value = ''; 
 

 
     // reset the password input field 
 
     password_element.value = ''; 
 

 
     // alert the client that login was successful 
 
     alert('Logged in as ' + user.username + '.'); 
 
    } else { 
 
     // reset the password input field 
 
     password_element.value = ''; 
 

 
     // alert the client that login was not successful 
 
     alert('Invalid username and/or password.'); 
 
    } 
 
    } 
 
});

<!DOCTYPE html> 
 
<html> 
 

 
<head> 
 
    <meta charset="utf-8" /> 
 
    <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1" /> 
 
    <meta name="viewport" content="width=device-width, initial-scale=1.0" /> 
 

 
    <title>Login Form</title> 
 
</head> 
 

 
<body> 
 
    <div style="visibility: hidden;" id="logged-in"> 
 
    <p><strong>Logged in as:</strong> 
 
    </p> 
 
    <div id="logged-in-list"></div> 
 
    </div> 
 

 
    <form id="login-form"> 
 
    <h2>Login Form</h2> 
 

 
    <label for="username">Username:</label> 
 
    <input type="text" placeholder="Enter username..." id="username" /> 
 

 
    <label for="password">Password:</label> 
 
    <input type="password" placeholder="Enter password..." id="password" /> 
 

 
    <input type="submit" value="Login" /> 
 
    </form> 
 

 
    <!-- the JavaScript code should go as contents of this tag --> 
 
    <script></script> 
 
</body> 
 

 
</html>

bitte an jemand diesen Code verwenden, beschreiben Sie dies nicht, unter keinen Umständen in der Produktion. Always Führen Sie serverseitige Validierungen und Vergleiche durch, zusammen mit clientseitigen Überprüfungen, bevor die serverseitigen Überprüfungen eine unnötige Verarbeitung auf dem Server verhindern.

Hoffe das hilft dir!