[英]Passport Local Strategy not saving user in cookie or session
我正在尝试使用带有 express 4 的护照并使用本地策略进行身份验证。 我正在尝试进行简单的设置,但遇到了问题。
我正在尝试使用授权中间件功能进行身份验证... deserializeUser 从未被调用,req.user 未定义,会话和 cookie 中都缺少用户数据。
我的 server.js 文件:
var express = require('express');
var app = express();
var path = require('path')
var port = process.env.PORT || 3000;
var argv = require('minimist')(process.argv.slice(2));
var dust = require('express-dustjs')
var logger = require('morgan');
var cookieParser = require('cookie-parser');
var bodyParser = require('body-parser');
var session = require('express-session');
var passport = require('passport');
var LocalStrategy = require('passport-local').Strategy;
var methodOverride = require('method-override');
var authService = require('./app/services/auth.js')
var dbConfig = require('./app/config.js')['documentDB'];
var authService = require('./app/services/auth.js');
/*
* DUST JS
*/
// Dustjs settings
dust._.optimizers.format = function (ctx, node) {
return node
}
// Define custom Dustjs helper
dust._.helpers.demo = function (chk, ctx, bodies, params) {
return chk.w('demo')
}
// Use Dustjs as Express view engine
app.engine('dust', dust.engine({
// Use dustjs-helpers
useHelpers: true
}))
/*
* STATIC ASSETS
*/
app.use('/', express.static(__dirname + '/public'));
app.set('view engine', 'dust')
app.set('views', path.resolve(__dirname, './app/views'))
app.use(logger('dev'));
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: false }));
app.use(cookieParser('X+a1+TKXwd26mkiUUwqzqQ=='));
app.use(session({
secret: 'X+a1+TKXwd26mkiUUwqzqQ==',
resave: true,
saveUninitialized: true,
cookie : { secure : true, maxAge : (4 * 60 * 60 * 1000) }
}));
app.use(function(req, res, next) {
res.header("Access-Control-Allow-Origin", "http://localhost:8080");
res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, X-AUTHENTICATION, X-IP, Content-Type, Accept");
res.header("Access-Control-Allow-Credentials", true);
res.header("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS");
next();
});
// Configure Passport authenticated session persistence.
//
// In order to restore authentication state across HTTP requests, Passport needs
// to serialize users into and deserialize users out of the session. The
// typical implementation of this is as simple as supplying the user ID when
// serializing, and querying the user record by ID from the database when
// deserializing.
passport.serializeUser(function(user, cb) {
console.log('serializeUser : ', user);
cb(null, user.id);
});
passport.deserializeUser(function(id, cb) {
console.log('-------------------------------');
console.log('-------------------------------');
console.log('deserializeUser : ', id);
console.log('-------------------------------');
console.log('-------------------------------');
authService.getAccountByID(id, function (err, user) {
if (err) { return cb(err); }
cb(null, user);
});
});
passport.use('local', new LocalStrategy({
usernameField: 'email',
passwordField: 'password'
}, function(username, password, callback) {
authService.authenticate(username, password, function(err, user) {
if (err) {
console.log("ERR >> ", err);
return callback(err, false, err);
}
return callback(err, user);
});
})
);
app.use(passport.initialize());
app.use(passport.session());
app.use(methodOverride());
/*
* ROUTES
*/
app.use('/', require('./app/routes/index.js')(passport));
app.use('/prototypes/', require('./app/routes/prototypes.js'));
app.use('/auth', require('./app/routes/auth')(passport));
/*
* APP START
*/
app.listen(port, function () {
var msg = 'Express started > ';
console.log('Express started >> ');
console.log(' env: ', process.env.NODE_ENV);
}).on('error', function(err){
console.log('ON ERROR >> ');
console.log(err);
});
process.on('uncaughtException', function(err) {
console.log('ON UNCAUGHT EXCEPTION >>');
console.log(err);
});
中间件功能和路由。
var express = require('express');
var router = express.Router();
var controller = require('../controllers/index.js');
module.exports = function(passport) {
router.get('/', controller.index);
router.get('/test', verifyAuth, function(req, res) {
return res.status(200)
.json({"req.isAuth" : req.isAuth});
});
return router;
};
function verifyAuth(req,res,next) {
console.log('req.cookies : ', req.cookies);
console.log('req.login', req.login);
console.log('req.isAuthenticated : ', req.isAuthenticated);
console.log('req.session', req.session);
console.log('req.user : ', req.user);
if ( !req.isAuthenticated() ) {
res.status( 400 ); // constant defined elsewhere, accessible here
return res.end('Please Login'); // or a redirect in a traditional web app,
} // as opposed to an SPA
next();
}
下面是登录路径:
router.post('/login', function(req, res, next) {
passport.authenticate('local', function(err, user, info) {
if (err || !user) {
return res.send(500, info);
}
req.login(user, function(err) {
if (err) {
return next(err);
console.log('ERROR > ', error);
}
return res.json(200, user);
});
})(req, res, next);
});
我相信你需要把护照逻辑app.post(); 不仅在app.use()
app.post('/login',
passport.authenticate('local', { failureRedirect: '/login' }),
function(req, res) {
res.redirect('/');
});
在 github 上查看这个来自Passport团队的 server.js 示例: Passport Example
Sails.js 节点服务器 req.session 始终为空,使用 Passport-local 策略。
[英]Sails.js Node server req.session is always empty, using Passport-local strategy.
如何在passport-twitter策略中使用会话变量req.user
[英]How to use session variable req.user in passport-twitter strategy
如何从Passport.js更改用于本地策略身份验证的用户对象?
[英]How to change user object for local strategy authentication from Passport.js?
使用sailsjs护照身份验证本地策略既不会给出任何错误也不会对用户进行身份验证
[英]Using sailsjs passport Authentication Local strategy is neither giving any error nor authenticating the user
为什么isAuthenticated在成功登录用户后在passport.js本地策略中返回false
[英]Why isAuthenticated return false in passport.js local strategy after successful login the user
错误:未知的身份验证策略“本地”(Express&Passport)
[英]Error: Unknown authentication strategy “local” (Express & Passport)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.