护照当地猫鼬req.user未定义
[英]passport local mongoose req.user undefined
问题描述
I'm currently encountering the following problem during implementation of passport js with the passport local mongoose plugin. 
我目前在使用护照本地猫鼬插件实施护照js时遇到以下问题。 Account creation and logging in is working correctly. 帐户创建和登录正常。 However, after I have logged in passport never identifies me as a user that is logged in. 但是,在我登录后,passport永远不会将我标识为已登录的用户。
I have used the following pieces of code: 我使用了以下代码:
In my user model: 在我的用户模型中:
User.plugin(passportLocalMongoose);
In app.js (this order of inclusion is correct?): 在app.js中(此包含顺序正确吗?):
app.use(logger('dev'));
app.use(express.static(path.join(__dirname, 'public')));
app.use(cookieParser('keyboard cat'));
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: false }));
app.use(session({ secret: 'keyboard cat' }));
app.use(passport.initialize());
app.use(passport.session());
passport.use(new LocalStrategy(User.authenticate()));
passport.serializeUser(User.serializeUser());
passport.deserializeUser(User.deserializeUser());
In my routes: 在我的路线中:
router.post('/login', passport.authenticate('local'), function(req, res) {
res.json({ loggedIn: true });
});
which returns true, but the following keeps returning false (after logging in): 返回true,但以下内容始终返回false(登录后):
req.isAuthenticated()
Can anyone enlighten me what the cause may be? 谁能启发我原因呢?
Thanks! 谢谢!
2 个解决方案
解决方案1
1 2015-11-05 23:17:08
You probably want to try an Express middelware, as was suggested in the comments. 如评论中所建议的,您可能想要尝试Express中间件。
For example: 例如:
function isAuthenticated(req, res, next) {
if(req.isAuthenticated()) {
return next()
} else {
// redirect users to login page
}
}
app.get('/anypage', isAuthenticated, function(req, res) {
// some reoute logic
})
解决方案2
1 2017-01-04 00:13:28
From the looks of it, your order is fine. 从外观上看,您的订单很好。 The most important part of the order is to have passport.initialize() and passport.session() come after your express-session configuration. 该命令中最重要的部分是在您的express-session配置之后添加passport.initialize()和passport.session() 。
As for the issue with the initial authentication working, but subsequent requests showing an unauthenticated user, the issue could very well be because of cookies. 至于初始身份验证正常运行的问题,但随后的请求显示未经身份验证的用户,则问题很可能是由于Cookie所致。 I have run into a similar issue before, and the problem was in the way the HTTP requests were being made from the client. 我之前也遇到过类似的问题,问题出在从客户端发出HTTP请求的方式上。
If you are using the ES6 fetch API, then you will want to make sure to pass in an key credentials to the options object with a value of "include" . 如果使用的是ES6 fetch API,则需要确保将密钥credentials传递给选项对象,该选项的值为"include" 。
For example: 例如:
fetch('/restricted', {
method: 'get',
credentials: 'include'
});
The fetch API will not send credentials in cookies unless you specify it to. 除非您指定fetch API,否则fetch API不会在Cookie中发送凭据。 Hope this helps. 希望这可以帮助。
Additional resources: https://developers.google.com/web/updates/2015/03/introduction-to-fetch 其他资源: https : //developers.google.com/web/updates/2015/03/introduction-to-fetch
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.