即使身份验证成功,PassportJS Facebook登录isAuthenticated也会返回false
[英]PassportJS Facebook login isAuthenticated returns false even though authentication succeeds
问题描述
For some reason on my NodeJS Express app, when authenticating via the PassportJS library with Facebook, regardless of the fact that the authentication succeeds and returns profile data, calls to request.isAuthenticated() always return false . 
出于某种原因,在我的NodeJS Express应用程序上,当使用Facebook通过PassportJS库进行身份验证时,无论身份验证成功并返回配置文件数据,对request.isAuthenticated()调用始终返回false 。
I've declared my authentication callback to redirect on success to the /profile route, which it does successfully: 我已经声明我的身份验证回调将成功重定向到/profile路由,它成功完成:
app.get('/auth/facebook/callback', passport.authenticate('facebook', { successRedirect: '/profile', failureRedirect: '/' }));
This route is declared with a function that verifies authentication before deciding whether to continue processing the request: 使用在确定是否继续处理请求之前验证身份验证的函数声明此路由:
app.get('/profile', ensureAuthenticated, user.list);
The definition of this function is as follows: 该功能的定义如下:
function ensureAuthenticated(req, res, next) {
if (req.isAuthenticated()) { return next(); }
return res.redirect('/')
}
As you can see everything's fairly simple. 你可以看到一切都很简单。 I'm not doing anything particularly special here. 我这里没有做任何特别特别的事。
Stepping through PassportJS's code revealed that it does not store user data in the request unless you specify the assignProperty in the options dict when declaring the authenticate middleware. 逐步通过PassportJS的代码显示它不会在请求中存储用户数据,除非您在声明身份验证中间件时在选项dict中指定assignProperty 。 It's this same property it attempts to access when calling isAuthenticated() , so because it never stores this data, it's always claiming I'm not authenticated. 它是在调用isAuthenticated()时尝试访问的同一属性,因为它从不存储这些数据,它总是声称我没有经过身份验证。
Unfortunately, specifying this key screws up Express's route matching, which results in a 404 error handling the callback URL, as the code that checks assignProperty immediately moves onto processing the next available route. 不幸的是,指定此密钥会assignProperty Express的路由匹配,这会导致404错误处理回调URL,因为检查assignProperty的代码会立即转移到处理下一个可用路由。
I've added the code in its entirety to pastie . 我已经将代码全部添加到了pastie中 。 I'd appreciate any help anyone can provide on this. 我很感激任何人都能提供的任何帮助。
1 个解决方案
解决方案1
7 已采纳 2014-01-26 16:29:02
Try moving the cookieParser and session middleware to before the Passport middleware: 尝试将cookieParser和session中间件移到Passport中间件之前:
app.use(express.cookieParser());
app.use(express.session({ secret: '--- OMMITTED ---' }));
app.use(passport.initialize());
app.use(passport.session());
The reason for this is that Express executes middleware in order of declaration. 原因是Express按声明顺序执行中间件。 In your current situation, a request hits the Passport middleware before the cookie/session middleware (on which the Passport middleware relies). 在您当前的情况下,请求在cookie /会话中间件(Passport中间件所依赖的)之前访问Passport中间件。
(the same goes for the bodyParser() middleware by the way, although your routes don't currently rely on it) (顺便说一句, bodyParser()中间件也是如此,尽管你的路线当前并不依赖它)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.