拿sign.js 的exports.signup为例
exports.signup = function(req,res,next){
var method = req.method.toLowerCase();
if (method === 'get'){
res.render('sign/signup');
return;
}
if(method === 'post'){
var name = sanitize(req.body.name).trim();
name = sanitize(name).xss();
var loginname = name.toLowerCase();
var pass = sanitize(req.body.pass).trim();
pass = sanitize(pass).xss();
var email = sanitize(req.body.email).trim();
email = email.toLowerCase();
email = sanitize(email).xss();
var re_pass = sanitize(req.body.re_pass).trim();
re_pass = sanitize(re_pass).xss();
if(name == '' || pass =='' || re_pass == '' || email ==''){
res.render('sign/signup', {error:'信息不完整。',name:name,email:email});
return;
}
if(name.length < 5){
res.render('sign/signup', {error:'用户名至少需要5个字符。',name:name,email:email});
return;
}
try{
check(name, '用户名只能使用0-9,a-z,A-Z。').isAlphanumeric();
}catch(e){
res.render('sign/signup', {error:e.message,name:name,email:email});
return;
}
if(pass != re_pass){
res.render('sign/signup', {error:'两次密码输入不一致。',name:name,email:email});
return;
}
try{
check(email, '不正确的电子邮箱。').isEmail();
}catch(e){
res.render('sign/signup', {error:e.message,name:name,email:email});
return;
}
User.find({'$or':[{'loginname':loginname},{'email':email}]},function(err,users){
if(err) return next(err);
if(users.length > 0){
res.render('sign/signup', {error:'用户名或邮箱已被使用。',name:name,email:email});
return;
}
// md5 the pass
pass = md5(pass);
// create gavatar
var avatar_url = 'http://www.gravatar.com/avatar/' + md5(email) + '?size=48';
var user = new User();
user.name = name;
user.loginname = loginname;
user.pass = pass;
user.email = email;
user.avatar = avatar_url;
user.active = false;
user.save(function(err){
if(err) return next(err);
mail_ctrl.send_active_mail(email,md5(email+config.session_secret),name,email,function(err,success){
if(success){
res.render('sign/signup', {success:'欢迎加入 ' + config.name + '!我们已给您的注册邮箱发送了一封邮件,请点击里面的链接来激活您的帐号。'});
return;
}
});
});
});
}
};
我觉得是不是应该分解一下? 例如像下面这样
//
// 检测用户信息的有效性
//
function checkUserRegParams(username, password, repasswd, email) {
if ( username == '' ) {
return '用户名不能为空';
}
if ( username.length < 6 ) {
return '用户名至少需要6个字符.';
}
try {
check(username, '用户名只能使用0-9,a-z,A-Z.').isAlphanumeric();
} catch(e) {
return e.message;
}
if ( password == '' ) {
return '密码不能为空';
}
if ( repasswd == '' ) {
return '请输入确认密码';
}
if ( password != repasswd ) {
return '两次密码输入不一致.';
}
if ( email == '' ) {
return '邮箱不能为空';
}
try{
check(email, '邮箱格式不正确.').isEmail();
}catch(e){
return e.message;
}
return null;
}
function findUserByName(username, callback) {
User.findOne({name:username}, function(err, user) { callback(err, uesr) });
}
//
// 检测用户是否存在
//
function isUserExist(username, callback) {
findUserByName(username, function(err, user) {
if (err || user) {
callback(true);
} else {
callback(false);
}
});
}
function md5(str) {
var md5sum = crypto.createHash('md5');
md5sum.update(str);
str = md5sum.digest('hex');
return str;
}
function createUser(username, password, email, callback) {
isUserExist(username, function(isExist) {
if ( isExist ) {
callback('用户名已经被占用.');
} else {
var user = new User();
user.name = username;
user.password = md5(password);
user.email = email;
user.save(function(err) {
if ( err ) {
callback('内部错误,稍后重试,或者联系管理员.');
} else {
callback(null);
}
});
}
});
}
exports.showSignup = function(req, res) {
res.render('sign/signup');
return;
}
exports.doSignup = function(req, res, next) {
var username = sanitize(sanitize(req.body.username).trim()).xss();
var password = sanitize(sanitize(req.body.password).trim()).xss();
var repasswd = sanitize(sanitize(req.body.repasswd).trim()).xss();
var email = sanitize(sanitize(req.body.email).trim().toLowerCase()).xss();
var errMsg = checkUserRegParams(username, password, repasswd, email);
if ( errMsg ) {
res.render('sign/signup', {error:errMsg, username:username, email:email});
return;
}
createUser(username, password, email, function(errMsg){
if ( errMsg ) {
res.render('sign/signup', {error:errMsg, username:username, email:email});
return;
} else {
res.render('sign/signup', {sucess:'注册成功', username:username, email:email});
return;
}
});
}
上面的代码是临时修改的,可能不正确和NodeClub实际环境可能有出入。只是表达一个想法。 这样看起来代码要简单点,而且以后扩充起来要稍微容易点,这个只是基本的,我觉得更近一步是不是可以把数据库相关的操作再稍微封装一下,例如上面的createUser那样,然后单独独立出来,这样以后就算数据库的结构有变化 可以直接只修改这一层,所有的控制器都直接调用就好了,把控制器这层变薄一点,耦合性稍微低一些。我不太懂Web开发也不太懂nodejs等,只是说说个人看法。还有就是不懂git怎么用不知道怎么提交代码
9 回复
