Passport本地策略未将用户保存在cookie或会话中
Passport Local Strategy not saving user in cookie or session
我正在尝试将passport与express 4一起使用,并使用本地策略进行身份验证。我正在尝试一个简单的设置,但我遇到了问题。
我正在尝试使用授权中间件功能进行身份验证。。。deserializeUser从未被调用,req.user未定义,会话和cookie中都缺少用户数据。
我的server.js文件:
var express = require('express');
var app = express();
var path = require('path')
var port = process.env.PORT || 3000;
var argv = require('minimist')(process.argv.slice(2));
var dust = require('express-dustjs')
var logger = require('morgan');
var cookieParser = require('cookie-parser');
var bodyParser = require('body-parser');
var session = require('express-session');
var passport = require('passport');
var LocalStrategy = require('passport-local').Strategy;
var methodOverride = require('method-override');
var authService = require('./app/services/auth.js')
var dbConfig = require('./app/config.js')['documentDB'];
var authService = require('./app/services/auth.js');
/*
* DUST JS
*/
// Dustjs settings
dust._.optimizers.format = function (ctx, node) {
return node
}
// Define custom Dustjs helper
dust._.helpers.demo = function (chk, ctx, bodies, params) {
return chk.w('demo')
}
// Use Dustjs as Express view engine
app.engine('dust', dust.engine({
// Use dustjs-helpers
useHelpers: true
}))
/*
* STATIC ASSETS
*/
app.use('/', express.static(__dirname + '/public'));
app.set('view engine', 'dust')
app.set('views', path.resolve(__dirname, './app/views'))
app.use(logger('dev'));
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: false }));
app.use(cookieParser('X+a1+TKXwd26mkiUUwqzqQ=='));
app.use(session({
secret: 'X+a1+TKXwd26mkiUUwqzqQ==',
resave: true,
saveUninitialized: true,
cookie : { secure : true, maxAge : (4 * 60 * 60 * 1000) }
}));
app.use(function(req, res, next) {
res.header("Access-Control-Allow-Origin", "http://localhost:8080");
res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, X-AUTHENTICATION, X-IP, Content-Type, Accept");
res.header("Access-Control-Allow-Credentials", true);
res.header("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS");
next();
});
// Configure Passport authenticated session persistence.
//
// In order to restore authentication state across HTTP requests, Passport needs
// to serialize users into and deserialize users out of the session. The
// typical implementation of this is as simple as supplying the user ID when
// serializing, and querying the user record by ID from the database when
// deserializing.
passport.serializeUser(function(user, cb) {
console.log('serializeUser : ', user);
cb(null, user.id);
});
passport.deserializeUser(function(id, cb) {
console.log('-------------------------------');
console.log('-------------------------------');
console.log('deserializeUser : ', id);
console.log('-------------------------------');
console.log('-------------------------------');
authService.getAccountByID(id, function (err, user) {
if (err) { return cb(err); }
cb(null, user);
});
});
passport.use('local', new LocalStrategy({
usernameField: 'email',
passwordField: 'password'
}, function(username, password, callback) {
authService.authenticate(username, password, function(err, user) {
if (err) {
console.log("ERR >> ", err);
return callback(err, false, err);
}
return callback(err, user);
});
})
);
app.use(passport.initialize());
app.use(passport.session());
app.use(methodOverride());
/*
* ROUTES
*/
app.use('/', require('./app/routes/index.js')(passport));
app.use('/prototypes/', require('./app/routes/prototypes.js'));
app.use('/auth', require('./app/routes/auth')(passport));
/*
* APP START
*/
app.listen(port, function () {
var msg = 'Express started > ';
console.log('Express started >> ');
console.log(' env: ', process.env.NODE_ENV);
}).on('error', function(err){
console.log('ON ERROR >> ');
console.log(err);
});
process.on('uncaughtException', function(err) {
console.log('ON UNCAUGHT EXCEPTION >>');
console.log(err);
});
中间件的功能和路由。
var express = require('express');
var router = express.Router();
var controller = require('../controllers/index.js');
module.exports = function(passport) {
router.get('/', controller.index);
router.get('/test', verifyAuth, function(req, res) {
return res.status(200)
.json({"req.isAuth" : req.isAuth});
});
return router;
};
function verifyAuth(req,res,next) {
console.log('req.cookies : ', req.cookies);
console.log('req.login', req.login);
console.log('req.isAuthenticated : ', req.isAuthenticated);
console.log('req.session', req.session);
console.log('req.user : ', req.user);
if ( !req.isAuthenticated() ) {
res.status( 400 ); // constant defined elsewhere, accessible here
return res.end('Please Login'); // or a redirect in a traditional web app,
} // as opposed to an SPA
next();
}
以下是登录路径:
router.post('/login', function(req, res, next) {
passport.authenticate('local', function(err, user, info) {
if (err || !user) {
return res.send(500, info);
}
req.login(user, function(err) {
if (err) {
return next(err);
console.log('ERROR > ', error);
}
return res.json(200, user);
});
})(req, res, next);
});
我认为您需要将passport逻辑放在app.post();
中,而不仅仅放在app.use()
:中
app.post('/login',
passport.authenticate('local', { failureRedirect: '/login' }),
function(req, res) {
res.redirect('/');
});
在github上查看passport团队的server.js示例:通行证示例
相关文章:
- CORS-服务器端cookie没有保存在chrome浏览器上
- 将用户对样式表的选择保存在cookie中
- Blackberry Webworks:Cookie 未保存在 OS 5 上
- 将数据URI保存在cookie中,以便稍后检索
- Cookie未保存在sencha touch 2应用程序中
- 如果存在Cookie,则JavaScript重定向
- 如果存在cookie,则自动执行Javascript
- Passport本地策略未将用户保存在cookie或会话中
- Node.js Express应用程序:如果存在cookie,则从服务器端向元素添加CSS类
- Chrome扩展api;t检查cookie是否存在
- 如果不存在,请在Angular中设置cookie
- 如果 cookie 存在,则显示倒计时 5 分钟
- 添加只要浏览器打开就持续存在的 cookie
- 根据 Cookie 的存在突出显示按钮
- JavaScript 秒表保存在 cookie 中
- JavaScript 如果 cookie 存在,则执行
- 只有当cookie存在时才添加addClass,否则隐藏
- 如果cookie存在,则不要运行JavaScript代码
- $.cookie()存在,但未被确认
- Jquery cookie 存在多个按钮集的问题