stackoom
  简体   繁体   中英

with passport.js make strategy what use req.params instead req.body

 原文  2016-06-04 18:49:04       node.js/ express/ passport.js

Question

I make this strategy where I try auth by url parameters. It call from java code.

url looks like: http://localhost/mc/download/filename/user@server.com/secretpass

this strategy: 

passport.use('mc-login', new LocalStrategy({
    passReqToCallback : true // allows us to pass back the entire request to the callback
},
function(req, email, password, done) { // callback with email and password from our form

    // find a user whose email is the same as the forms email
    // we are checking to see if the user trying to login already exists
    User.findOne({ 'local.email' :  req.params.uname }, function(err, user) {
        // if there are any errors, return the error before anything else
        if (err)
            return done(err);

        // if no user is found, return the message
        if (!user)
            return done(null, false, req.flash('loginMessage', 'No user found.')); // req.flash is the way to set flashdata using connect-flash

        // if the user is found but the password is wrong
        if (!user.validPassword(req.params.upass))
            return done(null, false, req.flash('loginMessage', 'Oops! Wrong password.')); // create the loginMessage and save it to session as flashdata

        // all is well, return successful user
        return done(null, user);
    });

}));

I try call it in this code: 

app.get('/mc/download/:fname/:uname/:upass',

        function(req, res, next) {
      passport.authenticate('mc-login', function(err, user, info) {
        if (err) { return next(err); }
        if (!user) { return res.redirect('/login'); }
        req.logIn(user, function(err) {
          if (err) { return next(err); }
          return res.redirect('/users/' + user.username);
        });
      })(req, res, next);
    }

    ,function(req, res){
    ...

but in info variable it return the [stack=undefined,name="BadRequestError",message="Missing credentials"] and user is empty

How make strategy what allow to auth with req.params variables

1 answers

solution1
 1 ACCPTED  2016-06-04 20:28:13

LocalStrategy requires a username and password to be present in either req.query or req.body . If any of those aren't present, the strategy verification handler won't get called (which is why even with passReqToCallback it doesn't work).

You can trick Passport into thinking they were set by adding an extra middleware that populates the username and password from the URL parameters: 

app.get(
  '/mc/download/:fname/:uname/:upass',
  function(req, res, next) {
    // Populate username and password before passing it on to Passport.
    req.query.username = req.params.uname;
    req.query.password = req.params.upass;
    next();
  },
  function(req, res, next) {
    passport.authenticate('mc-login', function(err, user, info) {
      if (err) { return next(err); }
      if (!user) { return res.redirect('/login'); }
      req.logIn(user, function(err) {
        if (err) { return next(err); }
        return res.redirect('/users/' + user.username);
      });
    })(req, res, next);
  }
);

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Node.js: req.params vs req.body Express deprecated req.param(name): Use req.params, req.body, or req.query instead Express: req.params vs req.body (JSON) Using req.params as input for passport.authenticate() in passport.js (using Express 4.0) Can't get data from req.body but get data from req.params req.body undefined after authenticating with passport jwt strategy How to bind or pass req parameter to Passport.js JWT Strategy? How to add user in req.body using passport js? Use collection get from req.params - node.js How to pass/use req.params to front-end js
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM