[英]node.JS Express passport stuck in infinte loop on auth check
My node.JS passport authentification check is stuck in an infinite loop if I return 400 status for requests which are not authentified:如果我为未验证的请求返回 400 状态,我的 node.JS 护照验证检查将陷入无限循环:
//ensure authentification
function authorizeApi(req, res, next) {
if (req.isAuthenticated()) {
return next();
}
else res.status(400).json({
message : "User Not Authenticated",
user : null
})
}
// retrieve logged in user profile
router.post("/login/success",authorizeApi, (req, res) => {
...
res.json({
success: true,
message: "user has successfully been authenticated",
user: req.user,
cookies: req.cookies
});
}
app.use(bodyParser.json({ limit: "50mb", extended: true }));
app.use(bodyParser.urlencoded({ extended: true }));
app.use("/auth", authRoutes);
If I return only the profile for users which are authentificated I get a request from the client which remains in pending...如果我只返回经过身份验证的用户的配置文件,我会收到来自客户端的请求,该请求仍处于待处理状态......
EDIT: After user is logged in loop ends and back-end returns the user profile info.编辑:用户登录后循环结束,后端返回用户个人资料信息。
My client application is build in React.我的客户端应用程序是用 React 构建的。 The function that gets the user profile is a fetch inside:获取用户资料的function是里面的一个fetch:
login();
}, [])
// gets login details
function login() {
fetch(config.baseURL + config.baseLOCATION + "/auth/login/success/", {
method: "POST",
credentials: "include",
headers: {
Accept: "application/json",
"Content-Type": "application/json",
"Access-Control-Allow-Credentials": true,
}
})
.then(response => {
if (response.status === 200) return response.json();
throw new Error("failed to authenticate user");
})
.then(responseJson => {
sessionStorage.setItem('exp', responseJson.user.exp);
....
dispatch({
type: UPDATE_PROFILE,
payload: {
role: responseJson.user.roles,
....
}
});
}
)
.catch(error => {
setState({
authenticated: false,
error: "Failed to authenticate user"
});
console.log(error);
_handleLogoutClick();
});
}
UPDATE: The issue is being generated from the frontend client.更新:问题是从前端客户端生成的。
I have updated the client request:我已经更新了客户请求:
.then(response => {
if (response.status) return response.json();
})
.then(responseJson => {
if(responseJson.success === true) {
...
}
else {
...
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.