petty09190/hr-assessment-system
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
29b3c97e6b5d460c99e40e54962421aa989b0c93
hr-assessment-system/scripts/debug-password-verification.js
吳佩庭 39d468a3f9 修正密碼加密問題
2025-09-29 18:20:34 +08:00

205 lines
6.1 KiB
JavaScript
Raw Blame History

const https = require('https')
const http = require('http')
const debugPasswordVerification = async () => {
console.log('🔍 調試密碼驗證問題')
console.log('=' .repeat(50))
try {
// 1. 創建一個測試用戶
console.log('\n📊 1. 創建測試用戶...')
const testUser = {
name: '密碼調試用戶',
email: 'debug.password@company.com',
password: 'password123',
department: '測試部',
role: 'user'
}
const createResponse = await new Promise((resolve, reject) => {
const postData = JSON.stringify(testUser)
const options = {
hostname: 'localhost',
port: 3000,
path: '/api/admin/users',
method: 'POST',
headers: {
'Content-Type': 'application/json',
'Content-Length': Buffer.byteLength(postData)
}
}
const req = http.request(options, (res) => {
let data = ''
res.on('data', chunk => data += chunk)
res.on('end', () => resolve({ status: res.statusCode, data }))
})
req.on('error', reject)
req.write(postData)
req.end()
})
let testUserId = null
if (createResponse.status === 200) {
const createData = JSON.parse(createResponse.data)
if (createData.success) {
testUserId = createData.data.id
console.log('✅ 測試用戶創建成功')
} else {
console.log('❌ 創建測試用戶失敗:', createData.error)
return
}
}
// 2. 直接查詢資料庫中的密碼雜湊
console.log('\n📊 2. 檢查資料庫中的密碼雜湊...')
// 這裡我們需要直接查詢資料庫來看看密碼是如何儲存的
// 由於我們無法直接訪問資料庫,我們可以通過 API 來檢查
// 3. 測試不同的密碼組合
console.log('\n📊 3. 測試不同的密碼組合...')
const testPasswords = [
'password123', // 原始密碼
'Password123', // 大寫開頭
'PASSWORD123', // 全大寫
'password', // 沒有數字
'123456', // 只有數字
]
for (const testPassword of testPasswords) {
console.log(`\n 測試密碼: "${testPassword}"`)
const loginData = {
email: 'debug.password@company.com',
password: testPassword
}
const loginResponse = await new Promise((resolve, reject) => {
const postData = JSON.stringify(loginData)
const options = {
hostname: 'localhost',
port: 3000,
path: '/api/auth/login',
method: 'POST',
headers: {
'Content-Type': 'application/json',
'Content-Length': Buffer.byteLength(postData)
}
}
const req = http.request(options, (res) => {
let data = ''
res.on('data', chunk => data += chunk)
res.on('end', () => resolve({ status: res.statusCode, data }))
})
req.on('error', reject)
req.write(postData)
req.end()
})
if (loginResponse.status === 200) {
const loginResult = JSON.parse(loginResponse.data)
if (loginResult.success) {
console.log(` ✅ 登入成功!正確密碼是: "${testPassword}"`)
break
} else {
console.log(` ❌ 登入失敗: ${loginResult.error}`)
}
} else {
const errorData = JSON.parse(loginResponse.data)
console.log(` ❌ 登入失敗: ${errorData.error}`)
}
}
// 4. 檢查現有用戶的登入情況
console.log('\n📊 4. 檢查現有用戶的登入情況...')
const existingUsers = [
{ email: 'admin@company.com', password: 'admin123' },
{ email: 'user@company.com', password: 'user123' },
{ email: 'test@company.com', password: 'password123' }
]
for (const user of existingUsers) {
console.log(`\n 測試現有用戶: ${user.email}`)
const loginData = {
email: user.email,
password: user.password
}
const loginResponse = await new Promise((resolve, reject) => {
const postData = JSON.stringify(loginData)
const options = {
hostname: 'localhost',
port: 3000,
path: '/api/auth/login',
method: 'POST',
headers: {
'Content-Type': 'application/json',
'Content-Length': Buffer.byteLength(postData)
}
}
const req = http.request(options, (res) => {
let data = ''
res.on('data', chunk => data += chunk)
res.on('end', () => resolve({ status: res.statusCode, data }))
})
req.on('error', reject)
req.write(postData)
req.end()
})
if (loginResponse.status === 200) {
const loginResult = JSON.parse(loginResponse.data)
if (loginResult.success) {
console.log(` ✅ 登入成功`)
} else {
console.log(` ❌ 登入失敗: ${loginResult.error}`)
}
} else {
const errorData = JSON.parse(loginResponse.data)
console.log(` ❌ 登入失敗: ${errorData.error}`)
}
}
// 5. 清理測試用戶
console.log('\n📊 5. 清理測試用戶...')
if (testUserId) {
const deleteResponse = await new Promise((resolve, reject) => {
const options = {
hostname: 'localhost',
port: 3000,
path: `/api/admin/users?id=${testUserId}`,
method: 'DELETE'
}
const req = http.request(options, (res) => {
let data = ''
res.on('data', chunk => data += chunk)
res.on('end', () => resolve({ status: res.statusCode, data }))
})
req.on('error', reject)
req.end()
})
if (deleteResponse.status === 200) {
console.log(`✅ 已刪除測試用戶: ${testUserId}`)
}
}
console.log('\n📝 調試總結:')
console.log('🔍 請檢查以上測試結果,找出密碼驗證問題的原因')
} catch (error) {
console.error('❌ 調試失敗:', error.message)
} finally {
console.log('\n✅ 密碼驗證調試完成')
}
}
debugPasswordVerification()
Reference in New Issue View Git Blame Copy Permalink