[英]How to open a socket connection when a user is authorized to be added to the session?
我正在嘗試建立一個快速服務器,在該服務器上,使用本地護照進行用戶身份驗證時將啟動套接字連接。 我在配置護照的文件的最后一行出現錯誤“ TypeError:對象不是函數”。
這是我的passport.js文件:
var LocalStrategy = require('passport-local').Strategy;
var Player = require('../app/models/playerModel.js');
module.exports = function(passport) {
passport.serializeUser(function(player, done) {
done(null, player.id);
});
passport.deserializeUser(function(id, done) {
Player.findById(id, function(err, player) {
done(err, player);
});
});
//login
passport.use('local-login', new LocalStrategy({
usernameField : 'username',
passwordField : 'password',
passReqToCallback : true
},
function(req, username, password, done) { // callback with username and password from our form
// find a user whose username is the same as the forms username
// we are checking to see if the user trying to login already exists
Player.findOne({ 'local.username' : username }, function(err, player) {
// if there are any errors, return the error before anything else
if (err)
return done('test' + err);
// if no user is found, return the message
if (!player)
return done(null, false, console.log('No user found.'));
// if the user is found but the password is wrong
if (!player.validPassword(password))
return done(null, false, console.log('Oops! Wrong password.'));
// THIS IS THE LINE THAT THROWS THE ERROR
return done(null, player);
});
}));
};
這是我的server.js文件:
var
express = require('express'), // framework
http = require('http'),
io = require('socket.io'),
mongoose = require('mongoose'), // object modeling for mongodb
passport = require('passport'), // user authentication and authorization
passportSocketIo = require('passport.socketio'),
routes = require('./app/routes.js'),
configDB = require('./config/database.js'),
MemoryStore = express.session.MemoryStore,
sessionStore = new MemoryStore(),
app = express(),
server = http.createServer(app),
port = process.env.PORT || 8080;
mongoose.connect(configDB.url); // connect to our database
require('./config/passport')(passport); // pass passport for configuration
app.configure(function() {
// set up our express application
app.use(express.logger('dev')); // log every request to the console
app.use(express.cookieParser()); // read cookies (needed for auth)
app.use(express.bodyParser()); // get information from html forms
app.use(express.methodOverride()); // used for creating RESTful services
app.use(express.static( __dirname + '/app')); // defines root directory for static files
// required for passport
app.use(express.session({ secret: 'secret', key: 'express.sid' , store: sessionStore})); // session secret
app.use(passport.initialize());
app.use(passport.session()); // persistent login sessions
});
routes.configRoutes(app, server, passport); // load our routes and pass in our app and fully configured passport
server.listen(port);
io = io.listen(server);
io.set('authorization', passportSocketIo.authorize({
cookieParser: express.cookieParser,
key: 'express.sid', // the name of the cookie where express/connect stores its session_id
secret: 'session_secret', // the session_secret to parse the cookie
store: sessionStore,
success: onAuthorizeSuccess, // *optional* callback on success - read more below
fail: onAuthorizeFail, // *optional* callback on fail/error - read more below
}));
function onAuthorizeSuccess(data, accept){
console.log('successful connection to socket.io');
accept(null, true);
}
function onAuthorizeFail(data, message, error, accept){
if(error)
throw new Error(message);
accept(null, false);
}
我的route.js中處理登錄的部分:
app.get('/login', function(req, res) {
console.log("log in");
});
// process the login form
app.post('/login', passport.authenticate('local-login', {
successRedirect : '/', // redirect to the secure profile section
failureRedirect : '/test', // redirect back to the signup page if there is an error
failureFlash : true // allow flash messages
}));
如果我注釋掉io.set('authorization'函數,則用戶似乎在進行身份驗證。我認為所有功能都使用護照身份驗證功能來建立套接字連接。為什么突然不這樣做嘗試啟動套接字連接時進行身份驗證?
我認為我不完全了解身份驗證的工作方式。 當我提交登錄表單時,我將帖子發送到“ dirname / login”,該帖子在我的route.js文件中處理。 Passport.authenticate是接收到該帖子時要運行的回調,然后該回調在我的數據庫中搜索播放器,並且如果接收到正確的用戶名和密碼,播放器對象將被序列化並添加到會話中。 socket.io進入哪里? io.set('authorization'函數是否添加偵聽器以查看用戶何時通過身份驗證?
很抱歉,我是Node的新手,我並不完全了解該過程。
在這里找到答案! 顯然,由於socketio嘗試使用護照的較舊版本,我只需要在password.socketio index.js文件中更改一行。
更改此:
var defaults = {
passport: require('passport'),
key: 'connect.sid',
secret: null,
store: null,
success: function(data, accept){accept(null, true)},
fail: function(data, message, critical, accept){accept(null, false)}
};
對此:
var defaults = {
passport: null,
key: 'connect.sid',
secret: null,
store: null,
success: function(data, accept){accept(null, true)},
fail: function(data, message, critical, accept){accept(null, false)}
};
然后將使用的通行證obj傳遞給io授權函數:
io.set('authorization', passportSocketIo.authorize({
passport: passport,
cookieParser: express.cookieParser,
key: 'express.sid', // the name of the cookie where express/connect stores its session_id
secret: 'session_secret', // the session_secret to parse the cookie
store: sessionStore,
success: onAuthorizeSuccess, // *optional* callback on success - read more below
fail: onAuthorizeFail, // *optional* callback on fail/error - read more below
}));
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.