在React(ES6)中访问Passport的req.user? API调用返回req.user为未定义
[英]Accessing Passport's req.user within React (ES6)? API call returns req.user as undefined
问题描述
I'm making an app using React Starter Kit that uses Passport for authentication. 
我正在使用使用Passport进行身份验证的React Starter Kit制作一个应用程序。 I'm at the stage now where I'm trying to access the req.user object in the front end, but I'm having trouble passing that req.user object into the React/ES6 environment. 我现在处于尝试访问前端req.user对象的阶段,但是我无法将那个req.user对象传递到React / ES6环境中。
I tried to pass the object as a prop and as context , to no avail. 我试图将对象作为prop和context传递,但毫无用处。 At this point, I decided to make an API endpoint where I can return the value of req.user as JSON, however req.user is being returned as undefined , despite it working fine under get('*') . 在这一点上,我决定创建一个API端点,在其中可以将req.user的值返回为JSON,尽管req.user在get('*')下get('*')正常工作,但是req.user返回值为undefined 。
This is the GET call I made, that is returning undefined : 这是我进行的GET调用,返回的是undefined :
server.get('/user', (req, res) => {
console.info('user: ', req.user);
});
While 而
server.get('*', async (req, res, next) => {
console.info('*: ', req.user);
// ... the rest of the React Starter Kit rendering code
does return an object for req.user as it should, which leaves me confused. 确实为req.user返回了一个对象,这让我感到困惑。 Is the passport session restricted to certain urls or something? 护照会议是否仅限于某些网址或其他内容?
Middleware: 中间件:
server.use(express.static(path.join(__dirname, 'public')));
server.use(cookieParser());
server.use(session({
secret: 'keyboard cat',
cookie: { httpOnly: false },
resave: true,
saveUninitialized: true,
}));
server.use(passport.initialize());
server.use(passport.session());
And serialize/deserialize are as simple as they get: 序列化/反序列化非常简单:
passport.serializeUser((user, done) => {
console.log('serializeUser');
done(null, user);
});
passport.deserializeUser((obj, done) => {
console.log('deserializeUser');
done(null, obj);
});
I know there are similar SO threads about req.user being undefined, but none seem to have my situation where it's only sometimes undefined based on where it's requested. 我知道关于req.user的定义也有类似的SO线程,但似乎没有一个情况是我有时只是根据请求的位置而未定义。 Thanks for reading and any suggestions you have. 感谢您的阅读和任何建议。 Cheers! 干杯!
EDIT: Here's the auth flow 编辑:这是身份验证流程
[initial app load with fresh server instance...]
in (*) passport FALSE
indexPage mounting...
in (/user) passport FALSE
[click login button and successfully login]
serializeUser
deserializeUser
in (*) passport is TRUE
indexPage mounting...
in (/user) passport FALSE
I did some further testing, and noticed something interesting when triggering the API call with the Chrome console. 我做了一些进一步的测试,并在使用Chrome控制台触发API调用时发现了一些有趣的东西。 I'm using fetch to do this by the way - I do fetch('/user') then log the response in componentDidMount method. 我正在使用fetch来做到这一点-我先进行fetch('/user')然后将响应记录在componentDidMount方法中。 Now, when I do this in the Chrome console: fetch(/*) , the terminal console logs in (*) passport is false again. 现在,当我在Chrome控制台中执行此操作时: fetch(/*) ,终端控制台再次登录in (*) passport is false 。
So the problem seems to be that passport is altogether disappearing after the initial render. 因此,问题似乎在于护照在首次渲染后完全消失了。 An issue with cookies maybe? Cookie可能有问题吗? I'm going to investigate further and see what I can find. 我将进一步调查,看看能找到什么。
1 个解决方案
解决方案1
6 已采纳 2016-01-12 20:57:37
When using fetch() , much like with XMLHttpRequest() , you need to tell the browser explicitly that any credentials (like session cookies, which Passport needs in order to identify the active session) need to be sent along with the request: 使用fetch()时fetch()与XMLHttpRequest()一样XMLHttpRequest() ,您需要明确告知浏览器,所有凭据(例如会话cookie,Passport用来标识活动会话都需要)必须与请求一起发送:
fetch('/user', { credentials : 'same-origin' }).then(...);
The various values that you can use are documented here . 此处记录了可以使用的各种值。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.