Mongoose MODEL update() vs save() Unicorn Meta Zoo #1: Why another podcast? Announcing the arrival of Valued Associate #679: Cesar Manara Data science time! April 2019 and salary with experience The Ask Question Wizard is Live!Mongoose, update() vs save()How to embed bcrypt into mongose API call?How can I update NodeJS and NPM to the next versions?How do I update/upsert a document in Mongoose?How do I update Node.js?What is the “__v” field in MongooseHow do I update each dependency in package.json to the latest version?What is the --save option for npm install?Does MongooseJS return a new fresh result object on save()?Mongoose: findOneAndUpdate doesn't return updated documentCreating and updating documents synchronously with mongooseMongoose middleware post/pre hooks for save/update/remove
What was Apollo 13's "Little Jolt" after MECO?
Protagonist's race is hidden - should I reveal it?
Mistake in years of experience in resume?
Error: Syntax error. Missing ')' for CASE Statement
What is /etc/mtab in Linux?
A strange hotel
How to count in linear time worst-case?
Why didn't the Space Shuttle bounce back into space as many times as possible so as to lose a lot of kinetic energy up there?
Where did Arya get these scars?
What is this word supposed to be?
Why isn't everyone flabbergasted about Bran's "gift"?
Second order approximation of the loss function (Deep learning book, 7.33)
Co-worker works way more than he should
Additive group of local rings
Is there any hidden 'W' sound after 'comment' in : Comment est-elle?
c++ diamond problem - How to call base method only once
How to open locks without disable device?
How can I wire a 9-position switch so that each position turns on one more LED than the one before?
Did the Roman Empire have penal colonies?
Does Mathematica have an implementation of the Poisson Binomial Distribution?
Could Neutrino technically as side-effect, incentivize centralization of the bitcoin network?
What is a 'Key' in computer science?
Are all CP/M-80 implementations binary compatible?
Is Diceware more secure than a long passphrase?
Mongoose MODEL update() vs save()
Unicorn Meta Zoo #1: Why another podcast?
Announcing the arrival of Valued Associate #679: Cesar Manara
Data science time! April 2019 and salary with experience
The Ask Question Wizard is Live!Mongoose, update() vs save()How to embed bcrypt into mongose API call?How can I update NodeJS and NPM to the next versions?How do I update/upsert a document in Mongoose?How do I update Node.js?What is the “__v” field in MongooseHow do I update each dependency in package.json to the latest version?What is the --save option for npm install?Does MongooseJS return a new fresh result object on save()?Mongoose: findOneAndUpdate doesn't return updated documentCreating and updating documents synchronously with mongooseMongoose middleware post/pre hooks for save/update/remove
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty height:90px;width:728px;box-sizing:border-box;
There were a question about update()
vs save()
, but it was targeting some different stuff (I guess, purely related mongoose.Schema
methods, but not to the actual document)
I have a following scenario, where user logs in to website:
- I need to load document (find it by
userModel.email
) - Check if a
userModel.password
hash matches to what was recieved - Update
userModel.lastLogin
timestamp - Append authorization event to
userModel.myEvents[]
array
So I am wondering - what is a proper way to go?
1)
let foundUser = userModel.findOne( email: recievedEmail );
if(foundUser.password != recievedPassword)
return res.status(400).json(e: "invalid pass");
foundUser.lastLogin = new Date();
foundUser.myEvents.push(authEvent)
foundUser.save();
2)
let foundUser = userModel.findOne( email: recievedEmail );
if(foundUser.password != recievedPassword)
return res.status(400).json(e: "invalid pass");
foundUser.update(
$push: myEvents: authEvent ,
$set: lastLogin: new Date()
);
foundUser.save();
3)
let foundUser = userModel.findOne( email: recievedEmail );
if(foundUser.password != recievedPassword)
return res.status(400).json(e: "invalid pass");
userModel.updateOne(_id: foundUser._id, {$push: ...
// seems no save is required here?
4)
// I am doing it wrong, and you have faster/higher/stronger variant?
node.js mongodb mongoose passwords authorization
add a comment |
There were a question about update()
vs save()
, but it was targeting some different stuff (I guess, purely related mongoose.Schema
methods, but not to the actual document)
I have a following scenario, where user logs in to website:
- I need to load document (find it by
userModel.email
) - Check if a
userModel.password
hash matches to what was recieved - Update
userModel.lastLogin
timestamp - Append authorization event to
userModel.myEvents[]
array
So I am wondering - what is a proper way to go?
1)
let foundUser = userModel.findOne( email: recievedEmail );
if(foundUser.password != recievedPassword)
return res.status(400).json(e: "invalid pass");
foundUser.lastLogin = new Date();
foundUser.myEvents.push(authEvent)
foundUser.save();
2)
let foundUser = userModel.findOne( email: recievedEmail );
if(foundUser.password != recievedPassword)
return res.status(400).json(e: "invalid pass");
foundUser.update(
$push: myEvents: authEvent ,
$set: lastLogin: new Date()
);
foundUser.save();
3)
let foundUser = userModel.findOne( email: recievedEmail );
if(foundUser.password != recievedPassword)
return res.status(400).json(e: "invalid pass");
userModel.updateOne(_id: foundUser._id, {$push: ...
// seems no save is required here?
4)
// I am doing it wrong, and you have faster/higher/stronger variant?
node.js mongodb mongoose passwords authorization
add a comment |
There were a question about update()
vs save()
, but it was targeting some different stuff (I guess, purely related mongoose.Schema
methods, but not to the actual document)
I have a following scenario, where user logs in to website:
- I need to load document (find it by
userModel.email
) - Check if a
userModel.password
hash matches to what was recieved - Update
userModel.lastLogin
timestamp - Append authorization event to
userModel.myEvents[]
array
So I am wondering - what is a proper way to go?
1)
let foundUser = userModel.findOne( email: recievedEmail );
if(foundUser.password != recievedPassword)
return res.status(400).json(e: "invalid pass");
foundUser.lastLogin = new Date();
foundUser.myEvents.push(authEvent)
foundUser.save();
2)
let foundUser = userModel.findOne( email: recievedEmail );
if(foundUser.password != recievedPassword)
return res.status(400).json(e: "invalid pass");
foundUser.update(
$push: myEvents: authEvent ,
$set: lastLogin: new Date()
);
foundUser.save();
3)
let foundUser = userModel.findOne( email: recievedEmail );
if(foundUser.password != recievedPassword)
return res.status(400).json(e: "invalid pass");
userModel.updateOne(_id: foundUser._id, {$push: ...
// seems no save is required here?
4)
// I am doing it wrong, and you have faster/higher/stronger variant?
node.js mongodb mongoose passwords authorization
There were a question about update()
vs save()
, but it was targeting some different stuff (I guess, purely related mongoose.Schema
methods, but not to the actual document)
I have a following scenario, where user logs in to website:
- I need to load document (find it by
userModel.email
) - Check if a
userModel.password
hash matches to what was recieved - Update
userModel.lastLogin
timestamp - Append authorization event to
userModel.myEvents[]
array
So I am wondering - what is a proper way to go?
1)
let foundUser = userModel.findOne( email: recievedEmail );
if(foundUser.password != recievedPassword)
return res.status(400).json(e: "invalid pass");
foundUser.lastLogin = new Date();
foundUser.myEvents.push(authEvent)
foundUser.save();
2)
let foundUser = userModel.findOne( email: recievedEmail );
if(foundUser.password != recievedPassword)
return res.status(400).json(e: "invalid pass");
foundUser.update(
$push: myEvents: authEvent ,
$set: lastLogin: new Date()
);
foundUser.save();
3)
let foundUser = userModel.findOne( email: recievedEmail );
if(foundUser.password != recievedPassword)
return res.status(400).json(e: "invalid pass");
userModel.updateOne(_id: foundUser._id, {$push: ...
// seems no save is required here?
4)
// I am doing it wrong, and you have faster/higher/stronger variant?
node.js mongodb mongoose passwords authorization
node.js mongodb mongoose passwords authorization
edited Mar 22 at 17:19
xakepp35
asked Mar 22 at 15:52
xakepp35xakepp35
860620
860620
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
First of all, you don't need to call foundUser.save() when you are using foundUser.update() method.
And, all the above methods are almost equally efficient as there are two calls being made to the database. So, it comes down to your personal preference.
And, one more method with just one call to the database can be executed in this manner:-
let foundUser = await userModel.findOneAndUpdate(
email: recievedEmail, password: hashedPassword ,
$set: lastLogin: new Date() , $push: myEvents: authEvent
);
In this method, if a user with given email and password exists, that user will be updated and corresponding updated document will be returned in a foundUser
variable. So you don't have to perform an additional check on password: If findOneAndUpdate()
returns a document, it means password and email matched. You have just to check for null or undefined on the returned document for no match.
"First of all, you don't need to call foundUser.save() when you are using foundUser.update() method." In that case NOTHING is updated in the database, I tried.
– xakepp35
Mar 22 at 16:46
It returns a promise. Do you await for the result?
– cEeNiKc
Mar 22 at 16:51
this is not required. i use Robo3T and see that its NEVER updated (without save). because foundUser is a document, and not a model. However, you proposed much better way of doing it, so that is the answer.
– xakepp35
Mar 22 at 16:53
Robo3t does not use mongoose. You cannot execute mongoose commands in robo3t
– cEeNiKc
Mar 22 at 16:53
1
You can execute queries by appending .exec() at end of the query too. If findOneAndUpdate returns a document, it means password and email matched. So just check for null or undefined on the returned document for no match.
– cEeNiKc
Mar 22 at 17:04
|
show 8 more comments
Your Answer
StackExchange.ifUsing("editor", function ()
StackExchange.using("externalEditor", function ()
StackExchange.using("snippets", function ()
StackExchange.snippets.init();
);
);
, "code-snippets");
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "1"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55303400%2fmongoose-model-update-vs-save%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
First of all, you don't need to call foundUser.save() when you are using foundUser.update() method.
And, all the above methods are almost equally efficient as there are two calls being made to the database. So, it comes down to your personal preference.
And, one more method with just one call to the database can be executed in this manner:-
let foundUser = await userModel.findOneAndUpdate(
email: recievedEmail, password: hashedPassword ,
$set: lastLogin: new Date() , $push: myEvents: authEvent
);
In this method, if a user with given email and password exists, that user will be updated and corresponding updated document will be returned in a foundUser
variable. So you don't have to perform an additional check on password: If findOneAndUpdate()
returns a document, it means password and email matched. You have just to check for null or undefined on the returned document for no match.
"First of all, you don't need to call foundUser.save() when you are using foundUser.update() method." In that case NOTHING is updated in the database, I tried.
– xakepp35
Mar 22 at 16:46
It returns a promise. Do you await for the result?
– cEeNiKc
Mar 22 at 16:51
this is not required. i use Robo3T and see that its NEVER updated (without save). because foundUser is a document, and not a model. However, you proposed much better way of doing it, so that is the answer.
– xakepp35
Mar 22 at 16:53
Robo3t does not use mongoose. You cannot execute mongoose commands in robo3t
– cEeNiKc
Mar 22 at 16:53
1
You can execute queries by appending .exec() at end of the query too. If findOneAndUpdate returns a document, it means password and email matched. So just check for null or undefined on the returned document for no match.
– cEeNiKc
Mar 22 at 17:04
|
show 8 more comments
First of all, you don't need to call foundUser.save() when you are using foundUser.update() method.
And, all the above methods are almost equally efficient as there are two calls being made to the database. So, it comes down to your personal preference.
And, one more method with just one call to the database can be executed in this manner:-
let foundUser = await userModel.findOneAndUpdate(
email: recievedEmail, password: hashedPassword ,
$set: lastLogin: new Date() , $push: myEvents: authEvent
);
In this method, if a user with given email and password exists, that user will be updated and corresponding updated document will be returned in a foundUser
variable. So you don't have to perform an additional check on password: If findOneAndUpdate()
returns a document, it means password and email matched. You have just to check for null or undefined on the returned document for no match.
"First of all, you don't need to call foundUser.save() when you are using foundUser.update() method." In that case NOTHING is updated in the database, I tried.
– xakepp35
Mar 22 at 16:46
It returns a promise. Do you await for the result?
– cEeNiKc
Mar 22 at 16:51
this is not required. i use Robo3T and see that its NEVER updated (without save). because foundUser is a document, and not a model. However, you proposed much better way of doing it, so that is the answer.
– xakepp35
Mar 22 at 16:53
Robo3t does not use mongoose. You cannot execute mongoose commands in robo3t
– cEeNiKc
Mar 22 at 16:53
1
You can execute queries by appending .exec() at end of the query too. If findOneAndUpdate returns a document, it means password and email matched. So just check for null or undefined on the returned document for no match.
– cEeNiKc
Mar 22 at 17:04
|
show 8 more comments
First of all, you don't need to call foundUser.save() when you are using foundUser.update() method.
And, all the above methods are almost equally efficient as there are two calls being made to the database. So, it comes down to your personal preference.
And, one more method with just one call to the database can be executed in this manner:-
let foundUser = await userModel.findOneAndUpdate(
email: recievedEmail, password: hashedPassword ,
$set: lastLogin: new Date() , $push: myEvents: authEvent
);
In this method, if a user with given email and password exists, that user will be updated and corresponding updated document will be returned in a foundUser
variable. So you don't have to perform an additional check on password: If findOneAndUpdate()
returns a document, it means password and email matched. You have just to check for null or undefined on the returned document for no match.
First of all, you don't need to call foundUser.save() when you are using foundUser.update() method.
And, all the above methods are almost equally efficient as there are two calls being made to the database. So, it comes down to your personal preference.
And, one more method with just one call to the database can be executed in this manner:-
let foundUser = await userModel.findOneAndUpdate(
email: recievedEmail, password: hashedPassword ,
$set: lastLogin: new Date() , $push: myEvents: authEvent
);
In this method, if a user with given email and password exists, that user will be updated and corresponding updated document will be returned in a foundUser
variable. So you don't have to perform an additional check on password: If findOneAndUpdate()
returns a document, it means password and email matched. You have just to check for null or undefined on the returned document for no match.
edited Mar 22 at 17:22
xakepp35
860620
860620
answered Mar 22 at 16:40
cEeNiKccEeNiKc
36129
36129
"First of all, you don't need to call foundUser.save() when you are using foundUser.update() method." In that case NOTHING is updated in the database, I tried.
– xakepp35
Mar 22 at 16:46
It returns a promise. Do you await for the result?
– cEeNiKc
Mar 22 at 16:51
this is not required. i use Robo3T and see that its NEVER updated (without save). because foundUser is a document, and not a model. However, you proposed much better way of doing it, so that is the answer.
– xakepp35
Mar 22 at 16:53
Robo3t does not use mongoose. You cannot execute mongoose commands in robo3t
– cEeNiKc
Mar 22 at 16:53
1
You can execute queries by appending .exec() at end of the query too. If findOneAndUpdate returns a document, it means password and email matched. So just check for null or undefined on the returned document for no match.
– cEeNiKc
Mar 22 at 17:04
|
show 8 more comments
"First of all, you don't need to call foundUser.save() when you are using foundUser.update() method." In that case NOTHING is updated in the database, I tried.
– xakepp35
Mar 22 at 16:46
It returns a promise. Do you await for the result?
– cEeNiKc
Mar 22 at 16:51
this is not required. i use Robo3T and see that its NEVER updated (without save). because foundUser is a document, and not a model. However, you proposed much better way of doing it, so that is the answer.
– xakepp35
Mar 22 at 16:53
Robo3t does not use mongoose. You cannot execute mongoose commands in robo3t
– cEeNiKc
Mar 22 at 16:53
1
You can execute queries by appending .exec() at end of the query too. If findOneAndUpdate returns a document, it means password and email matched. So just check for null or undefined on the returned document for no match.
– cEeNiKc
Mar 22 at 17:04
"First of all, you don't need to call foundUser.save() when you are using foundUser.update() method." In that case NOTHING is updated in the database, I tried.
– xakepp35
Mar 22 at 16:46
"First of all, you don't need to call foundUser.save() when you are using foundUser.update() method." In that case NOTHING is updated in the database, I tried.
– xakepp35
Mar 22 at 16:46
It returns a promise. Do you await for the result?
– cEeNiKc
Mar 22 at 16:51
It returns a promise. Do you await for the result?
– cEeNiKc
Mar 22 at 16:51
this is not required. i use Robo3T and see that its NEVER updated (without save). because foundUser is a document, and not a model. However, you proposed much better way of doing it, so that is the answer.
– xakepp35
Mar 22 at 16:53
this is not required. i use Robo3T and see that its NEVER updated (without save). because foundUser is a document, and not a model. However, you proposed much better way of doing it, so that is the answer.
– xakepp35
Mar 22 at 16:53
Robo3t does not use mongoose. You cannot execute mongoose commands in robo3t
– cEeNiKc
Mar 22 at 16:53
Robo3t does not use mongoose. You cannot execute mongoose commands in robo3t
– cEeNiKc
Mar 22 at 16:53
1
1
You can execute queries by appending .exec() at end of the query too. If findOneAndUpdate returns a document, it means password and email matched. So just check for null or undefined on the returned document for no match.
– cEeNiKc
Mar 22 at 17:04
You can execute queries by appending .exec() at end of the query too. If findOneAndUpdate returns a document, it means password and email matched. So just check for null or undefined on the returned document for no match.
– cEeNiKc
Mar 22 at 17:04
|
show 8 more comments
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55303400%2fmongoose-model-update-vs-save%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown