[英]User authentication using Passport.js, express-session and express-mysql-session
我正在嘗試使用Node.js,Express,Passport.js和MySql數據庫創建用戶身份驗證。 我能夠注冊用戶(為了便於閱讀而從代碼中排除),並且能夠登錄(我從通行證獲得了succesRedirect)-但是我無法序列化用戶,並且我很確定我的會議有問題。
運行代碼時,出現以下錯誤:
錯誤:無法將用戶序列化為會話
這是我的代碼:
var express = require('express'), app = express(), bodyParser = require('body-parser'), mysql = require('mysql'), generator = require('generate-password'), cookieParser = require('cookie-parser'), expressValidator = require('express-validator'), session = require('express-session'), passport = require('passport'), MySQLStore = require('express-mysql-session')(session), LocalStrategy = require('passport-local').Strategy, bcrypt = require('bcrypt'); const saltRounds = 10; app.set("view engine", "ejs"); app.use(express.static(__dirname + "/public")); app.use(bodyParser.urlencoded({extended: true})); app.use(expressValidator()); app.use(cookieParser()); var options = { host : 'localhost', user : 'MY-USER', database : "c9", password : "", multipleStatements: true }; var sessionStore = new MySQLStore(options); app.use(session({ secret: 'dfsfjdssdvsdvawdslepsv', resave: true, store: sessionStore, saveUninitialized: true })); app.use(passport.initialize()); app.use(passport.session()); //Start MYSQL database var connection = mysql.createConnection({ host : 'localhost', user : 'MY-USER', database : "c9", password : "", multipleStatements: true }); connection.connect(function(err){ if(!err) { console.log("Database is connected ..."); } else { console.log("Error connecting database ..."); } }); app.get("/", isAuthenticated, function(req, res, next){ res.render('dashboard'); }); //show login form app.get("/login", function(req, res){ res.render("login"); }); //login app.post("/login", passport.authenticate( 'local', { successRedirect: '/', failureRedirect: '/login' })); //create new user app.post("/users", function(req, res){ var today = new Date(); //generate password + salt var password = generator.generate({ length: 8, numbers: true, symbols: false }); var salt = bcrypt.genSaltSync(saltRounds); var hash = bcrypt.hashSync(password, salt); console.log(salt); //create user object var user = { first_name : req.body.first_name, last_name : req.body.last_name, email : req.body.email, password : hash, salt : salt, created : today, modified : today, user_role : req.body.user_role }; //check if email already exists in database connection.query('SELECT email FROM users WHERE email=?', user.email, function(error, results, fields){ if(error) { throw error; } if(results.length > 0) { //email already exists in database res.redirect("/"); return; } else { //email does not exist from before //add user to database connection.query('INSERT INTO users SET ?', user, function(err, result) { if(err) throw err; connection.query('SELECT LAST_INSERT_ID() as user_id', function(error, results, fields){ if(error) throw error; }); //Send registration email res.redirect("users"); }); } }); }); passport.serializeUser(function(user, done){ done(null, user.id); }); passport.deserializeUser(function(id, done){ connection.query('SELECT * FROM users WHERE id = ?', id, function (err, rows){ done(err, rows[0]); }); }); //Authenticate users passport.use(new LocalStrategy( function(username, password, done) { connection.query('SELECT password, salt FROM users WHERE email = ?', [username], function(err, results, fields){ //DB error if(err) {done(err)}; //no user was found if(results.length === 0) { done(null, false); } var salt = results[0].salt; if(bcrypt.hashSync(password, salt) === results[0].password) { //Success return done(null, true); } else { //Wrong password return done(null, false); } }); } )); function isAuthenticated(req, res, next) { if (req.isAuthenticated()) return next(); res.redirect('/login'); } app.listen(process.env.PORT, process.env.IP, function(){ console.log("Server started..."); });
在我看來,我正在做的正是我從其他教程和文檔中所能讀到的內容。 誰能看到我失敗的地方?
用戶數據庫如下所示:
CREATE TABLE `users` ( `id` int(11) NOT NULL AUTO_INCREMENT, `first_name` varchar(100) COLLATE utf8_unicode_ci NOT NULL, `last_name` varchar(100) COLLATE utf8_unicode_ci NOT NULL, `email` varchar(100) COLLATE utf8_unicode_ci NOT NULL, `password` varchar(255) COLLATE utf8_unicode_ci NOT NULL, `salt` varchar(255) COLLATE utf8_unicode_ci NOT NULL, `created` datetime NOT NULL, `modified` datetime NOT NULL, `user_role` varchar(100) NOT NULL, PRIMARY KEY (`id`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;
會話數據庫如下所示:
CREATE TABLE IF NOT EXISTS `sessions` ( `session_id` varchar(128) COLLATE utf8mb4_bin NOT NULL, `expires` int(11) unsigned NOT NULL, `data` text COLLATE utf8mb4_bin, PRIMARY KEY (`session_id`) ) ENGINE=InnoDB
找到了問題。
passport.serializeUser(function(user, done){ done(null, user.id); });
應該獲取並發送一個用戶ID。 在我的代碼中,它花了一個用戶。
現在解決了!
使用passport.js,mysql和express-session保持登錄狀態
[英]Persisting login states with passport.js, mysql, and express-session
Express會話-我正在使用expression-session和express-mysql-session存儲在數據庫中
[英]Express-session - I am Using expression-session and express-mysql-session for storing in database
如何使用express-session和express-mysql-session創建登錄端點
[英]How to create login endpoint using express-session and express-mysql-session
使用NodeJS,Express-Session和Passport的身份驗證失敗
[英]Authentication with NodeJS, Express-Session and Passport fails
Express-mysql-session阻止護照deserializeUser運行
[英]Express-mysql-session preventing passport deserializeUser from running
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.