我正在尝试为我的第一个面向公众的节点应用程序设置基本身份验证。我有两种护照策略:1)Facebook和2)Twitter。我不打算至少暂时包含电子邮件/密码系统,直到我了解安全隐患。 我已经能够让他们以开箱即用的方式工作,并在Mongoose中创建新用户。
我现在想要重复扣除社交帐户用户。因此,每当有新用户通过twitter auth进入时,我想将它们重定向到收集电子邮件的页面。我正在保存作为会话变量返回的令牌和配置文件对象,并在将表单作为隐藏字段提交时将在该页面上重复使用它们。
但是我无法理解如何使用Passport实现此方面。这是我到目前为止的代码,其中包含对我要对每个部分做什么的评论。基本上我正在检查twitter用户是否是旧用户,如果不是我正在设置我将在/ addemail页面上重用的会话变量,初始化用户对象(以便Serialize,Deserialize函数有一些行为(不确定我理解)什么序列化/反序列化实际上。)现在如果用户是新用户,会话变量NewTwitterUser为true,我在auth / callback url中检查它以将用户重定向到适当的页面。但这不起作用。
//basic modules and setup
var express = require('express')
, passport = require('passport')
, mongoose = require('mongoose')
, http = require('http')
, util = require('util')
, TwitterStrategy = require('passport-twitter').Strategy
, FacebookStrategy = require('passport-facebook').Strategy
, path = require('path');
var app = express();
//Mongodb setup
var Schema = mongoose.Schema;
var ObjectId = Schema.ObjectId;
var UserSchema = new Schema({
provider: String,
uid: String,
fb_uid: String,
twitter_uid: String,
name: String,
first_name: String,
gender: String,
fb_username: String,
twitter_username: String,
profile_pic: String,
email: String,
location: String,
birthday: String,
created: {type: Date, default: Date.now}
});
var User = mongoose.model('User', UserSchema);
mongoose.connect('MongoHQ db connection here')'
//User Authentication - Twitter
passport.use(new TwitterStrategy({
consumerKey: 'KEY',
consumerSecret : 'SECRET',
callbackURL: "CALLBACKURL",
passReqToCallback: true
},
function(req, token, tokenSecret, profile, done){
User.findOne({twitter_uid: profile.id}, function(err, user){
if (err) {
console.log('this is an error 1' + err);
return done(err);}
if(user){
console.log('this user' + user);
done(null, user);
} else {
console.log('this is a new user');
req.session.token = token;
req.session.tokenSecret = tokenSecret;
req.session.profile = profile;
req.session.newtwitteruser = true;
var user = new User();
user.uid = profile.id;
done(null, user);
/* This part is commented and is the default code I had if I needed to simply create a Twitter User right here.
var user = new User();
user.provider = profile.provider;
user.uid = profile.id;
user.twitter_uid = profile.id;
user.name = profile.displayName;
user.first_name = profile.displayName[0];
user.twitter_username = profile._json.screen_name;
user.profile_pic = profile._json.profile_image_url;
user.location = profile._json.location;
user.save(function(err){
if(err) {throw err;}
else {done(null, user);}
});*/
}
});
}
));
//User Authentication - Facebook
passport.use(new FacebookStrategy({
clientID: 'ID',
clientSecret: 'SECRET',
callbackURL: "URL"
},
function(accessToken, refreshToken, profile, done){
User.findOne({fb_uid: profile.id}, function(err, user){
if (err) {return done(err);}
if(user){
done(null, user);
} else {
var user = new User();
user.provider = profile.provider;
user.uid = profile.id;
user.fb_uid = profile.id;
user.name = profile.displayName;
user.first_name = profile._json.first_name;
user.gender = profile._json.gender;
user.fb_username = profile._json.username;
user.profile_pic = 'https://graph.facebook.com/' + profile.id + '/picture';
user.email = profile._json.email;
user.location = profile._json.location.name;
user.birthday = profile._json.birthday;
user.save(function(err){
if(err) {throw err;}
else {done(null, user);}
});
}
})
}
));
passport.serializeUser(function(user, done) {
done(null, user.uid);
});
passport.deserializeUser(function(uid, done) {
User.findOne({uid: uid}, function (err, user) {
done(err, user);
});
});
//app configurations
app.configure(function(){
app.set('port', process.env.PORT || 3000);
app.set('views', __dirname + '/views');
app.set('view engine', 'jade');
app.use(express.bodyParser());
app.use(express.methodOverride());
app.use(express.cookieParser("freecookie"));
app.use(express.session({secret:"freecookie"}));
app.use(express.static(path.join(__dirname, 'public')));
app.use(express.errorHandler());
app.use(passport.initialize());
app.use(passport.session());
app.use(app.router);
});
//Basic Routing
app.get('/', function(req, res){
res.render('home', {title: 'App Title', user: req.user});
});
app.get('/auth/twitter', passport.authenticate('twitter'));
app.get('/auth/twitter/callback',
passport.authenticate('twitter', {failureRedirect: '/login' }),
function(req, res) {
if (req.session.newtwitteruser){
res.redirect('/addemail');}
else {res.redirect('/');}
});
app.get('/addemail', function(req, res){
if (req.session.newtwitteruser){
res.render('email', {title: 'Add your Email'});}
else {res.redirect('/');}
});
app.get('/auth/facebook', passport.authenticate('facebook', {scope: ['email', 'user_location', 'user_birthday'] }));
app.get('/auth/facebook/callback',
passport.authenticate('facebook', { successRedirect: '/', failureRedirect: '/login' }));
app.get('/logout', function(req, res){
req.logout();
res.redirect('/');
});
//create the server
var server = http.createServer(app);
server.listen(app.get('port'));
//Checks if a request is authenticated
function ensureAuthenticated(req, res, next) {
if (req.isAuthenticated()) { return next(); }
res.redirect('/login')
}
答案 0 :(得分:6)
我首先会将成功登录重定向到您的Twitter路径中的addemail功能:
app.get('/auth/twitter', passport.authenticate('twitter'));
app.get('/auth/twitter/callback',
passport.authenticate('twitter', { successRedirect: '/addemail',
failureRedirect: '/' }));
然后,在您的addemail功能中,我会检查他们是否已经收到了电子邮件,之后您可以将它们重定向到适当的位置。
app.get('/addemail', function(req, res){
if (req.user.email){
res.render('email', {title: 'Add your Email'});}
else {res.redirect('/');}
});