req.session.passport為空：req.user未定義

Question

之前我曾問過類似的問題，但我注意到它在Javascript部分中。 對於現在可能出了什么問題，我也有更具體的想法。

基本上，req.session.passport在我的日志中為空。 每當我開始在網站上瀏覽時，req.user都將變為未定義狀態，因為該會話不再具有Passport的登錄用戶。

我想知道是否有人知道如何解決這個問題？ 也許這只是Passport的配置錯誤，還是整個Express設置？

App.js：

var express = require("express"),
    bodyParser = require("body-parser"),
    mongodb = require("mongodb"),
    mongoose = require("mongoose"),
    uriUtil = require("mongodb-uri"),
    morgan = require("morgan"),
    session = require("express-session"),
    passport = require("passport"),
    flash = require("connect-flash"),
    ip = "hidden",
    port = process.env.PORT || 80

var app = express()
app.disable("x-powered-by")
app.use(bodyParser.json())
app.use(bodyParser.urlencoded({
    extended: true
}))

app.use(morgan("dev")); // log every request to the console

// required for passport
app.use(session({
    secret: "hidden",
    key: 'asdasdasd', 
    cookie: { maxAge: 60000, secure: false },
    resave: true,
    saveUninitialized: false
})); // session secret
app.use(passport.initialize());
app.use(passport.session()); // persistent login sessions
app.use(flash()); // use connect-flash for flash messages stored in session

app.set("view engine", "jade")
app.use(express.static(__dirname + "/views"))

require("./includes/passport")(passport)
require("./includes/subject")
require("./includes/user")

Passport.js：

var LocalStrategy = require("passport-local").Strategy,
    User = require("./user"),
    bCrypt = require('bcrypt-nodejs')

module.exports = function(passport) {

    // used to serialize the user for the session
    passport.serializeUser(function(user, done) {
        done(null, user._id);
    });

    // used to deserialize the user
    passport.deserializeUser(function(id, done) {
        User.findById(id, function(err, user) {
            done(err, user);
        });
    });

    // =========================================================================
    // LOCAL SIGNUP ============================================================
    // =========================================================================
    // we are using named strategies since we have one for login and one for signup
    // by default, if there was no name, it would just be called "local"

    passport.use('signup', new LocalStrategy({
        // by default, local strategy uses username and password, we will override with email
        usernameField : "email",
        passwordField : "password",
        passReqToCallback : true // allows us to pass back the entire request to the callback
    },
    function(req, email, password, done) {

        // asynchronous
        // User.findOne wont fire unless data is sent back
        process.nextTick(function() {

            // find a user whose email is the same as the forms email
            // we are checking to see if the user trying to login already exists
            User.findOne({ "email" :  email }, function(err, user) {
                // if there are any errors, return the error
                if (err)
                    return done(err);

                // check to see if theres already a user with that email
                if (user) {
                    return done(null, false, req.flash("message", "Dit e-mail-adres is al bezet"));
                } else {

                    // if there is no user with that email
                    // create the user
                    var newUser = new User();

                    // set the user's local credentials
                    newUser.email = email;
                    newUser.password = createHash(password);
                    newUser.firstname = req.param('firstname');
                    newUser.lastname = req.param('surname');
                    newUser.year = parseInt(req.param('year'));
                    newUser.study = req.param('study');
                    newUser.courses = req.param('courses');
                    newUser.phone = req.param('phone');
                    newUser.availability = req.param('availability');
                    newUser.description = req.param('descText');

                    // save the user
                    newUser.save(function(err) {
                        if (err)
                            throw err;
                        return done(null, newUser);
                    });
                }

            });    

        });
    }));

    // =========================================================================
    // LOCAL LOGIN =============================================================
    // =========================================================================
    // we are using named strategies since we have one for login and one for signup
    // by default, if there was no name, it would just be called 'local'

    passport.use("login", new LocalStrategy({
        // by default, local strategy uses username and password, we will override with email
        usernameField : "email",
        passwordField : "password",
        passReqToCallback : true // allows us to pass back the entire request to the callback
    },
    function(req, email, password, done) { // callback with email and password from our form

        // find a user whose email is the same as the forms email
        // we are checking to see if the user trying to login already exists
        User.findOne({ "email" :  email }, function(err, user) {

            // if there are any errors, return the error before anything else
            if (err)
                return done(err);

            // if no user is found, return the message
            if (!user) {
                console.log('No user found with email ' + email)
                return done(null, false, req.flash('message', 'Gebruiker niet gevonden')); // req.flash is the way to set flashdata using connect-flash
            }

            if (!isValidPassword(user, password)){
                console.log('Incorrect Password');
                return done(null, false, req.flash('message', 'Onjuist wachtwoord')); // redirect back to login page
            }

            // all is well, return successful user
            return done(null, user);
        });

    }));

    var isValidPassword = function(user, password){
        return bCrypt.compareSync(password, user.password);
    }

    // Generates hash using bCrypt
    var createHash = function(password){
        return bCrypt.hashSync(password, bCrypt.genSaltSync(10), null);
    }

};

路線：

api.post("/signup", passport.authenticate("signup", {
    successRedirect: "/profile",
    failureRedirect: "/",
    failureFlash: true
}))

api.post("/login", passport.authenticate("login", {
    successRedirect: "/profile",
    failureRedirect: "/login"//,
    failureFlash: true
}))

router.get("/", function(req, res) {
    // serve index.html

    res.render("index", {
        title: 'Home',
        user: req.user,
        message: req.flash("message") 
    })
})

它可以在登錄后直接訪問的頁面上運行，我對此進行了如下控制：

router.get("/profile", isLoggedIn, function(req, res) {
    res.render("profile", {
        title: 'Gebruikersprofiel van ' + req.user.firstname + " " + req.user.lastname,
        user: req.user // get the user out of session and pass to template
    })
})
function isLoggedIn(req, res, next) {
    console.log(req.session)
    // if user is authenticated in the session, carry on
    if (req.isAuthenticated())
        return next()

    // if they aren't redirect them to the home page
    res.redirect("/login")
}

到目前為止，我已經嘗試添加中間件以將req.user添加到req.session，並在登錄POST中執行相同的操作。 另外，我嘗試更改了在app.js中初始化中間件的順序。 我使用的是沒有CookieParser的新的快速會話版本，因為我讀到不再需要CookieParser。

如果有人能以任何方式幫助我，將不勝感激！ 我被困了一段時間（其他人也是如此）。

Answer 1

問題不是我在設置會話或總體上設置Passport時犯了錯，而是在我的鏈接中。 我在某處讀到有人不小心在多個域中工作（他的平台顯然是多服務器），這使我今天早上通過鏈接查看。

顯然，我是通過www鏈接到我的網站。 有前綴，但會話在沒有www的地方初始化。 在網址前面。 我在餅干里看到了。 因此，解決方案是通過具有www的網站來始終保持鏈接。 前綴無處不在。