帆+护照+基本认证

Question

in passport js, basic strategy, the following code sample provides a function for verifying the identity of a user.

passport.use(new BasicStrategy(
  function(userid, password, done) {
    User.findOne({ username: userid }, function (err, user) {
      if (err) { return done(err); }
      if (!user) { return done(null, false); }
      if (!user.verifyPassword(password)) { return done(null, false); }
      return done(null, user);
    });
  }
));

Question is where (which file) in a Sails application should this code be placed? I suppose same applies for a custom verification function?

Answer 1

1. create AuthController under controllers directory

2. then write code to make passport handle login process

    login: function(req, res) { passport.authenticate('local', function(err, user, info) { if ((err) || (!user)) { return res.send({ message: info.message, user: user }); } req.logIn(user, function(err) { if (err) res.send(err); return res.send({ message: info.message, user: user }); }); })(req, res); 

3. this line passport.authenticate('local' will read configuration from passport.js inside config.js which will be like this :-

   passport.use(new LocalStrategy({ usernameField: 'email', passwordField: 'password' }, function(email, password, done) {

    User.findOne({ email: email }, function (err, user) { if (err) { return done(err); } if (!user) { return done(null, false, { message: 'Incorrect email.' }); } bcrypt.compare(password, user.password, function (err, res) { if (!res) return done(null, false, { message: 'Invalid Password' }); var returnUser = { email: user.email, createdAt: user.createdAt, id: user.id }; return done(null, returnUser, { message: 'Logged In Successfully' }); }); }); 

4. add these line into route.js :- 'post /login': 'AuthController.login'