在Node / Vuejs App中处理用户登录的逻辑
[英]Logic for Handling User Login in Node/Vuejs App
问题描述
I am building a webapp in Vuejs and I've run into the same issue again. 
我正在Vuejs中构建一个Webapp,但又遇到了同样的问题。
In short, I'm allowing users to register using their Twitch account (Login with Twitch), and it works great. 简而言之,我允许用户使用其Twitch帐户(使用Twitch登录)进行注册,并且效果很好。 My question is more about the general architecture of a single-page application in regards to logging in with a third-party service. 我的问题更多是关于单页应用程序在使用第三方服务登录方面的一般体系结构。
My stack is Nodejs, Vuejs for the frontend, and connect-mongo for handling session in my Mongo database. 我的堆栈是Nodejs,Vuejs是前端,而connect-mongo用于处理Mongo数据库中的会话。
My questions are a bit more general: 我的问题比较笼统:
1) once the user logs in with Twitch, I've got an access_token and a refresh_token, along with a profile object. 1)一旦用户使用Twitch登录,我就会获得一个access_token和refresh_token以及一个配置文件对象。 What am I supposed to do with these things? 这些东西我该怎么办? Create a user object in my database with the tokens? 在我的数据库中使用令牌创建用户对象?
2) connect-mongo is working properly - it's setting up a record in my Mongo db sessions table. 2)connect-mongo正常运行-它在我的Mongo db sessions表中设置了一条记录。 Again - am I supposed to do anything with this data or is it purely managing user logins behind the scenes? 再说一次-我应该对这些数据做任何事情还是纯粹在后台管理用户登录?
3) I'd like to use this logged in state on the frontend (for example, kicking a user back to the login page if they try to access a members-only page) - from the perspective of the frontend, what can I "check" to know if the user is logged in? 3)我想在前端使用此登录状态(例如,如果用户尝试访问仅会员页面,则将其踢回登录页面)-从前端的角度来看,我可以“检查”以了解用户是否已登录? There are tons of cookies set from the Twitch login, but I have no idea what any of them mean. Twitch登录设置了很多cookie,但我不知道它们是什么意思。
4) If their login has expired, how do I force them to login again? 4)如果他们的登录已过期,如何强制他们再次登录?
One more piece of information is that I'm not pulling any information about them when they aren't on the site. 另外一条信息是,当它们不在站点上时,我不会提取有关它们的任何信息。 The Twitch login is purely to get their profile to customize their experience. Twitch登录纯粹是为了获得其个人资料以自定义其体验。
I've seen a hundred flow charts of the Oauth login process, but none of them are laid out in layman's terms. 我已经看到了一百个Oauth登录过程的流程图,但是没有一个以外行的术语列出。 At least none that I've found - it seems like dozens of handshakes are occurring but I have no idea what's actually happening in the context of my app after they login. 至少没有发现-似乎发生了数十次握手,但我不知道他们登录后在我的应用程序上下文中实际发生了什么。 Lots of random strings of characters and tokens flying around, not much in the way of explanation. 许多随机的字符串和标记串在周围飞来飞去,没有太多的解释方式。
Here is my server code currently: https://github.com/gedrick/multitwitch/blob/master/server.js 这是当前我的服务器代码: https : //github.com/gedrick/multitwitch/blob/master/server.js
around line 70 is where I hit the "I copied sample code and now have no idea what's happening" train of thought. 在70号线附近,我点击了“我复制了示例代码,现在不知道发生了什么”的思路。
These are some general questions and any and all help to understand how to authenticate and manage user logins is SUPER appreciated. 这些是一些一般性问题,对理解如何验证和管理用户登录名的所有帮助对SUPER表示赞赏。 Everything I've tried for weeks has sadly ended in frustration. 可悲的是,我已经尝试了数周的一切都以沮丧告终。 Thank you for reading! 感谢您的阅读!
1 个解决方案
解决方案1
0 2019-02-05 23:18:59
I hope this isn't considered cheating, but I put together a full demo of Passport signin / authentication. 我希望这不会被认为是作弊,但我整理了Passport登录/身份验证的完整演示。 It uses Mongo to store the user and their tokens. 它使用Mongo来存储用户及其令牌。
https://github.com/gedrick/vue-node-passport https://github.com/gedrick/vue-node-passport
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.