使用Auth0和node.js将身份验证集成到我的应用程序

Question

我正在cloud9环境上开发应用程序。 使用：

• 节点4.43
• 快递4.13.4

我已将我的Demo Auth0帐户集成到我的开发应用程序中。 我能够登录（重定向到我的应用程序的第一页），但是当我打印req.isAuthenticated（）时，我得到了错误。 还req.user是未定义的。

我遵循了node.js的auth0的快速入门。

我附上了主要涉及的三个文件：

app.js：

var express = require('express'),
    app = express(),
    BodyParser = require("body-parser"),
    mongoose = require("mongoose"),
    student = require ("./models/student"),
    students_class = require("./models/class"),
    // =============
    //     auth0
    // =============
    passport = require('passport'),
    strategy = require('./models/setup-passport'),
    cookieParser = require('cookie-parser'),
    session = require('express-session');
    app.use(cookieParser());
    app.use(session({ secret: 'FpvAOOuCcSBLL3AlGxwpNh5x-U46YCRoyBKWJhTPnee2UELMd_gjdbKcbhpIHZoA', resave: false,  saveUninitialized: false }));
    app.use(passport.initialize());
    app.use(passport.session());

    app.get('/login',passport.authenticate('auth0', { failureRedirect: '/url-if-something-fails' }),
  function(req, res) {

    res.send(req.user);
    if (!req.user) {
      throw new Error('user null');
    }
    res.redirect("/", {username: req.user});
  });





mongoose.connect("mongodb://localhost/myapp");

// ============================
//         routes
// ============================

var classRoutes = require("./routes/class"),
    indexRoutes = require("./routes/index"),
    studentRoutes = require("./routes/student"),
    assocRroutes = require ("./routes/assoc");

// ============================================
//         configuring the app
// ============================================
app.set("view engine", "ejs");
app.use(express.static ("public"));
app.use(BodyParser.urlencoded({extended: true}));
app.use(classRoutes);
app.use (indexRoutes);
app.use(studentRoutes);
app.use(assocRroutes);





app.listen(process.env.PORT, process.env.IP, function() {
    console.log('Attendance Server is Running ....');
});

setup-passport.js

var passport = require('passport');
var Auth0Strategy = require('passport-auth0');

var strategy = new Auth0Strategy({
    domain:       'me.auth0.com',
    clientID:     'my-client-id',
    clientSecret: 'FpvAOOuCcSBLL3AlGxwpNh5x-U46YCRoyBKWJhTPnee2UELMd_gjdbKcbhpIHZoA',
    callbackURL:  '/callback'
  }, function(accessToken, refreshToken, extraParams, profile, done) {
    // accessToken is the token to call Auth0 API (not needed in the most cases)
    // extraParams.id_token has the JSON Web Token
    // profile has all the information from the user
    return done(null, profile);
  });

passport.use(strategy);

// This is not a best practice, but we want to keep things simple for now
passport.serializeUser(function(user, done) {
  done(null, user);
});

passport.deserializeUser(function(user, done) {
  done(null, user);
});

module.exports = strategy;

index.js（成功登录后我要重定向到的实际fisrt页面：

var express = require("express");
var passport = require('passport');
var ensureLoggedIn = require('connect-ensure-login').ensureLoggedIn();
var router = express.Router();
var student = require ("../models/student");

//INDEX 

router.get("/callback", function(req, res) {
    student.find({}, function(err, student) {
        console.log(req.isAuthenticated())
        if (err) {
            console.log(err);
        } else {
            res.render("home/index.ejs", {
                students: student
            });
        }

    });
});


module.exports = router;

有什么建议可能会出问题吗？ 我也很奇怪，在app.js上，该指南正在初始化变量策略，但实际上似乎从未使用过它。

撞击

Answer 1

您没有在/callback终结点中调用passport.authenticate() 。 参见比较： https : //auth0.com/docs/quickstart/webapp/nodejs#5-add-auth0-callback-handler

// Auth0 callback handler
app.get('/callback',
  passport.authenticate('auth0', { failureRedirect: '/url-if-something-fails' }),
  function(req, res) {
    if (!req.user) {
      throw new Error('user null');
    }
    res.redirect("/user");
  });