通行證js：用戶未定義，req.isAuthenticated（）為假

Question

注意：有很多類似的問題，但是我已經遍歷了所有問題，沒有一種解決方案有效。

嗨，我已經嘗試過網絡上的所有解決方案，但錯誤仍然存​​在。

我正在構建一個簡單的CRUD應用程序，並且目前正在與passportjs的req.isAuthenticated（）掙扎。 用戶肯定已通過身份驗證，因為passport.authenticate中的console.log（req.user）返回用戶對象，而req.session.passport具有用戶ID。

但是，在重定向之后，即使重定向是異步的，用戶也是未定義的，並且req.session.passport為空。 好像會話已重置。

這是代碼：

app.js

 var express = require('express'); var path = require('path'); var bodyParser = require('body-parser'); var session = require('express-session'); var passport = require('passport'); var flash = require('connect-flash'); var index = require('./routes/index'); var users = require('./routes/users'); var app = express(); app.use(bodyParser.json()); app.use(bodyParser.urlencoded({ extended: false })); app.set('view engine', 'ejs'); app.set('views', path.join(__dirname, 'views')); app.use(express.static(path.join(__dirname, 'public'))); app.use('/bootstrap', express.static(path.join(__dirname + '/node_modules/bootstrap/dist'))); app.use(session({ secret: 'keyboard cat', resave: true, saveUninitialized: true, cookie: { maxAge: 5 * 60 * 1000 } })); app.use(passport.initialize()); app.use(passport.session()); app.use(flash()); app.use(function(req, res, next) { res.locals.messages = require("express-messages")(req, res); next(); }); app.get('*', function(req, res, next) { console.log(req.method, ":", req.url); res.locals.user = req.user || null; next(); }); app.use("/", index); app.use("/users", users); var port = 4000; app.listen(port); module.exports = app; 

index.js

 var express = require('express'); var router = express.Router(); router.get('/', isLoggedIn, function(req, res) { if (req.user) { console.log(req.user.username); } res.render('homepage'); }); function isLoggedIn(req, res, next) { console.log("passport: ", req.session.passport); //passport:{} if (req.isAuthenticated()) { return next(); } res.redirect('/users/login'); } module.exports = router; 

users.js

 var express = require('express'); var router = express.Router(); var mongojs = require('mongojs'); var db = mongojs('usersDB', ['users']); var bcrypt = require('bcryptjs'); var passport = require('passport'), LocalStrategy = require('passport-local').Strategy;​ router.get('/login', function(req, res) { res.render('login'); });​ router.get('/signup', function(req, res) { res.render('signup'); });​ router.post('/signup', function(req, res) { db.users.findOne({ username: req.body.name }, function(err, user) { if (err) { return done(err); } if (user) { console.log("nope"); req.flash("error", "Username taken. Choose a different username."); return res.redirect('/users/signup'); } var password = req.body.password; bcrypt.genSalt(10, function(err, salt) { if (err) { return done(err); } bcrypt.hash(password, salt, function(err, hash) { if (err) { return done(err); } var user = { username: req.body.name, email: req.body.email, phone: req.body.phone, password: hash } db.users.insert(user, function(err, result) { if (err) { return done(err); } console.log("registered", user) res.render("homepage", { user: user }); }); }); }); }); }); //sorry for the callback hell..works fine​​ passport.serializeUser(function(user, done) { return done(null, user._id); });​ passport.deserializeUser(function(id, done) { db.users.findOne({ id: mongojs.ObjectId(id) }, function(err, user) { return done(err, user); }); });​ passport.use('loginStrategy', new LocalStrategy({ passReqToCallback: true, usernameField: 'username', passwordField: 'password' }, function(req, username, password, done) { db.users.findOne({ username: username }, function(err, user) { if (err) { return done(err); } if (!user) { return done(null, false, req.flash('error', "Invalid username.")); } bcrypt.compare(password, user.password, function isMatch(err, isMatch) { if (err) { return done(err); } if (!isMatch) { return done(null, false, req.flash('error', "Oops. Incorrect password.")); } return done(null, user, req.flash('success', "Welcome " + user.username + ", you are now logged in.")); }); }); }​));​ router.post('/login', function(req, res, next) { passport.authenticate('loginStrategy', function(err, user, info) { if (info) { req.flash('error', info.message); } if (err) { return next(err); } if (!user) { return res.redirect('/users/login'); } req.logIn(user, function(err) { if (err) { return next(err); } //callback redirect after saving session. req.session.save(function() { console.log(req.session.passport); //{ user: 59ceb263dae7a4270087ae57 } res.redirect('/'); }); }); })(req, res, next); });​ router.get('/logout', function(req, res) { req.logout(); res.redirect('/users/login'); });​ module.exports = router;  var express = require('express'); var router = express.Router(); var mongojs = require('mongojs'); var db = mongojs('usersDB', ['users']); var bcrypt = require('bcryptjs'); var passport = require('passport'), LocalStrategy = require('passport-local').Strategy;​ router.get('/login', function(req, res) { res.render('login'); });​ router.get('/signup', function(req, res) { res.render('signup'); });​ router.post('/signup', function(req, res) { db.users.findOne({ username: req.body.name }, function(err, user) { if (err) { return done(err); } if (user) { console.log("nope"); req.flash("error", "Username taken. Choose a different username."); return res.redirect('/users/signup'); } var password = req.body.password; bcrypt.genSalt(10, function(err, salt) { if (err) { return done(err); } bcrypt.hash(password, salt, function(err, hash) { if (err) { return done(err); } var user = { username: req.body.name, email: req.body.email, phone: req.body.phone, password: hash } db.users.insert(user, function(err, result) { if (err) { return done(err); } console.log("registered", user) res.render("homepage", { user: user }); }); }); }); }); }); //sorry for the callback hell..works fine​​ passport.serializeUser(function(user, done) { return done(null, user._id); });​ passport.deserializeUser(function(id, done) { db.users.findOne({ id: mongojs.ObjectId(id) }, function(err, user) { return done(err, user); }); });​ passport.use('loginStrategy', new LocalStrategy({ passReqToCallback: true, usernameField: 'username', passwordField: 'password' }, function(req, username, password, done) { db.users.findOne({ username: username }, function(err, user) { if (err) { return done(err); } if (!user) { return done(null, false, req.flash('error', "Invalid username.")); } bcrypt.compare(password, user.password, function isMatch(err, isMatch) { if (err) { return done(err); } if (!isMatch) { return done(null, false, req.flash('error', "Oops. Incorrect password.")); } return done(null, user, req.flash('success', "Welcome " + user.username + ", you are now logged in.")); }); }); }​));​ router.post('/login', function(req, res, next) { passport.authenticate('loginStrategy', function(err, user, info) { if (info) { req.flash('error', info.message); } if (err) { return next(err); } if (!user) { return res.redirect('/users/login'); } req.logIn(user, function(err) { if (err) { return next(err); } //callback redirect after saving session. req.session.save(function() { console.log(req.session.passport); //{ user: 59ceb263dae7a4270087ae57 } res.redirect('/'); }); }); })(req, res, next); });​ router.get('/logout', function(req, res) { req.logout(); res.redirect('/users/login'); });​ module.exports = router; 

我真的很感謝您的幫助，因為這似乎是一個常見的錯誤，但是沒有一種變通辦法適合我。

Answer 1

這似乎與您用來存儲用戶憑據的方法有關。 請注意，Chrome和IE對於本地存儲和會話存儲有不同的怪癖。 在chrome中嘗試此操作，Passport JS會將響應存儲在本地或會話存儲中-您應該詢問那些存儲機制，以驗證用戶的憑據在其中。

在chrome中，轉到F12調試工具，然后查看會話和本地存儲：

請告知我們您使用的瀏覽器，以及使用Chrome是否會有所作為。