stackoom
  简体   繁体   中英

PassportJS Facebook login isAuthenticated returns false even though authentication succeeds

 原文  2014-01-26 16:08:08       javascript/ node.js/ passport.js

Question

For some reason on my NodeJS Express app, when authenticating via the PassportJS library with Facebook, regardless of the fact that the authentication succeeds and returns profile data, calls to request.isAuthenticated() always return false .

I've declared my authentication callback to redirect on success to the /profile route, which it does successfully: 

app.get('/auth/facebook/callback', passport.authenticate('facebook', { successRedirect: '/profile', failureRedirect: '/' }));

This route is declared with a function that verifies authentication before deciding whether to continue processing the request:

app.get('/profile', ensureAuthenticated, user.list);

The definition of this function is as follows: 

function ensureAuthenticated(req, res, next) {
    if (req.isAuthenticated()) { return next(); }
    return res.redirect('/')
}

As you can see everything's fairly simple. I'm not doing anything particularly special here.

Stepping through PassportJS's code revealed that it does not store user data in the request unless you specify the assignProperty in the options dict when declaring the authenticate middleware. It's this same property it attempts to access when calling isAuthenticated() , so because it never stores this data, it's always claiming I'm not authenticated.

Unfortunately, specifying this key screws up Express's route matching, which results in a 404 error handling the callback URL, as the code that checks assignProperty immediately moves onto processing the next available route.

I've added the code in its entirety to pastie . I'd appreciate any help anyone can provide on this.

1 answers

solution1
 7 ACCPTED  2014-01-26 16:29:02

Try moving the cookieParser and session middleware to before the Passport middleware: 

app.use(express.cookieParser());
app.use(express.session({ secret: '--- OMMITTED ---' }));
app.use(passport.initialize());
app.use(passport.session());

The reason for this is that Express executes middleware in order of declaration. In your current situation, a request hits the Passport middleware before the cookie/session middleware (on which the Passport middleware relies).

(the same goes for the bodyParser() middleware by the way, although your routes don't currently rely on it)

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question passportjs req.isAuthenticated() returns False because passport.deserializeUser() never runs in certain browsers passportjs: user undefined, req.isAuthenticated() is false req.isAuthenticated() always false, PassportJs + nodeJS + dynamoDb Passport Authentication req.isAuthenticated is always false Why is my form still submitting even though it returns false? JSP submits the form even though js returns false tabulator table.getRow() returns false even though there is data in the table RegExp.test returns false even though it should be true Form still submits even though validation returns false Form is still submitted even though listener function returns false
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM