不使用会话时Passport.js策略失败
[英]Passport.js strategy fails when not using session
问题描述
I'm trying to figure out how to integrate a Oauth strategy(github) to my application which uses express and websockets. 
我试图弄清楚如何将Oauth策略(github)集成到使用express和websockets的应用程序中。
I'm following this guide which explains how to use JWT tokens instead of using the default passport sessions 我正在遵循本指南,该指南说明了如何使用JWT令牌而不是使用默认的护照会话
https://blog.hyphe.me/token-based-authentication-with-node/ https://blog.hyphe.me/token-based-authentication-with-node/
this is the code i have so far 这是我到目前为止的代码
app.use(passport.initialize())
app.get('/auth/github',passport.authenticate('github',{session:false}),serialize, generateToken, respond)
app.get('/auth/github/callback',passport.authenticate('github',{failureRedirect:'/'}),
function(req,res){
res.redirect('/')
}
)
When i try to login via github - i get the below error 当我尝试通过github登录时-出现以下错误
Error: Failed to serialize user into session
at pass (/home/avernus/Desktop/experiments/oauth/node_modules/passport/lib/authenticator.js:271:19)
at Authenticator.serializeUser (/home/avernus/Desktop/experiments/oauth/node_modules/passport/lib/authenticator.js:289:5)
at IncomingMessage.req.login.req.logIn (/home/avernus/Desktop/experiments/oauth/node_modules/passport/lib/http/request.js:50:29)
at Strategy.strategy.success (/home/avernus/Desktop/experiments/oauth/node_modules/passport/lib/middleware/authenticate.js:235:13)
at verified (/home/avernus/Desktop/experiments/oauth/node_modules/passport-oauth2/lib/strategy.js:177:20)
at Strategy._verify (/home/avernus/Desktop/experiments/oauth/passport.js:13:12)
at /home/avernus/Desktop/experiments/oauth/node_modules/passport-oauth2/lib/strategy.js:193:24
at /home/avernus/Desktop/experiments/oauth/node_modules/passport-github/lib/strategy.js:174:7
at passBackControl (/home/avernus/Desktop/experiments/oauth/node_modules/oauth/lib/oauth2.js:125:9)
at IncomingMessage.<anonymous> (/home/avernus/Desktop/experiments/oauth/node_modules/oauth/lib/oauth2.js:143:7)
I'm not sure where exactly the problem is 我不确定问题出在哪里
this is my github strategy 这是我的github策略
passport.use(new githubStrategy({
clientID:'********',
clientSecret:'*******',
callbackURL:'http://localhost:3000/auth/github/callback'
},
function(accessToken,refreshToken,profile,done){
console.log('accessToken: ',accessToken,' refreshToken: ',refreshToken,' profile: ',profile)
return done(null,profile)
}
))
I'm able to successfully get the profile from github 我可以从github成功获取个人资料
the serialize function 序列化功能
function serialize(req, res, next) {
db.updateOrCreate(req.user, function(err, user){
if(err) {return next(err);}
// we store the updated information in req.user again
req.user = {
id: user.id
};
next();
});
}
2 个解决方案
解决方案1
2 2016-06-20 13:14:08
from my experience passportjs with oauth always requires sessions to operate, despite the session: false option. 根据我的经验,即使使用session:false选项,使用带有oauth的passwordjs始终需要运行会话。
i believe the underlying oauth library dependencies look for sessions no matter what. 我相信底层的oauth库依赖项无论如何都会寻找会话。 its quite frustrating. 它非常令人沮丧。
edit: to add more detail to this, the example you are linking to uses the default strategy, which is not oauth based. 编辑:为此添加更多细节,您链接到的示例使用默认策略,该策略不是基于oauth的。 in this instance you could opt out of using sessions. 在这种情况下,您可以选择不使用会话。 you are using the github strategy which uses oauth thus requires sessions 您正在使用使用oauth的github策略,因此需要会话
解决方案2
1 2016-07-01 13:23:56
Aren't you missing the {session:false} option in your callback? 您是否在回调中缺少{session:false}选项?
app.get('/auth/github/callback',passport.authenticate('github',{failureRedirect:'/', session: false}),
function(req,res){
res.redirect('/')
})
Im guessing right here because I've never worked with Strategies that requires a callback. 我在这里猜测是因为我从未使用过需要回调的策略。 But i would imagine that passport tries to serialize the user in the callback as thats the point where you receive the profile from Github. 但是我会想象护照会尝试在回调中序列化用户,因为那是您从Github接收个人资料的地方。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.