[英]node.JS Express passport stuck in infinte loop on auth check
如果我為未驗證的請求返回 400 狀態,我的 node.JS 護照驗證檢查將陷入無限循環:
//ensure authentification
function authorizeApi(req, res, next) {
if (req.isAuthenticated()) {
return next();
}
else res.status(400).json({
message : "User Not Authenticated",
user : null
})
}
// retrieve logged in user profile
router.post("/login/success",authorizeApi, (req, res) => {
...
res.json({
success: true,
message: "user has successfully been authenticated",
user: req.user,
cookies: req.cookies
});
}
app.use(bodyParser.json({ limit: "50mb", extended: true }));
app.use(bodyParser.urlencoded({ extended: true }));
app.use("/auth", authRoutes);
如果我只返回經過身份驗證的用戶的配置文件,我會收到來自客戶端的請求,該請求仍處於待處理狀態......
編輯:用戶登錄后循環結束,后端返回用戶個人資料信息。
我的客戶端應用程序是用 React 構建的。 獲取用戶資料的function是里面的一個fetch:
login();
}, [])
// gets login details
function login() {
fetch(config.baseURL + config.baseLOCATION + "/auth/login/success/", {
method: "POST",
credentials: "include",
headers: {
Accept: "application/json",
"Content-Type": "application/json",
"Access-Control-Allow-Credentials": true,
}
})
.then(response => {
if (response.status === 200) return response.json();
throw new Error("failed to authenticate user");
})
.then(responseJson => {
sessionStorage.setItem('exp', responseJson.user.exp);
....
dispatch({
type: UPDATE_PROFILE,
payload: {
role: responseJson.user.roles,
....
}
});
}
)
.catch(error => {
setState({
authenticated: false,
error: "Failed to authenticate user"
});
console.log(error);
_handleLogoutClick();
});
}
更新:問題是從前端客戶端生成的。
我已經更新了客戶請求:
.then(response => {
if (response.status) return response.json();
})
.then(responseJson => {
if(responseJson.success === true) {
...
}
else {
...
}
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.