我尝试使用PassportJS对我网站上的请求进行身份验证,但它无效。当我尝试登录时没有发生任何事情。我使用MYSQL数据库存储用户数据,但我没有找到相关的教程。
APP.JS:
var session = require('express-session');
var routes = require('./routes');
var sha1 = require('sha1');
var cookieParser = require('cookie-parser');
var bodyParser = require('body-parser');
var flash = require('connect-flash');
var RedisStore = require('connect-redis')(session);
var passport = require('passport');
var LocalStrategy = require('passport-local').Strategy;
app.use(cookieParser()); // read cookies (needed for auth)
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({
extended: true
}));
app.use(session({
store: new RedisStore({
host: '127.0.0.1',
port: 6379,
prefix: 'sess'
}),
resave: true,
saveUninitialized: true,
secret: 'xxxxxxx'
}));
app.use(passport.initialize());
app.use(passport.session());
app.use(flash());
passport.use('local-login', new LocalStrategy({
usernameField: 'email',
passwordField: 'password'
},
function(username, password, done){
var connection = mysql.createConnection(
{
host : sql.host,
user : sql.user,
password : sql.password,
database : sql.db_users
}
);
console.log(username);
console.log(password);
connection.connect();
var queryUserCheck = 'SELECT userID, email, password, users WHERE email = "' + username + '"';
connection.query(queryUserCheck, function(err, rows, field) {
if(err){
res.status(500).end(err);
console.log(err);
connection.end();
}else{
user = rows[0];
userID = rows[0].userID;
console.log('Checkpoint 1');
if(!user) { return done(null, false, {message: 'The user is not exist'});}
else if(sha1(password) != user.password) { return done(null, false, {message: "Wrong password"});}
else{
console.log('Checkpoint 2');
return done(null, user);}
connection.end();
}
});
}
));
passport.serializeUser(function(user, done) {
console.log('serializeUser');
done(null, user.id);
});
passport.deserializeUser(function(id, done) {
User.findById(id, function(err, user) {
done(err, user);
});
});
routes.init(app, passport);
我实际上并不是真正了解上述2功能。我知道需要在会话中附加和取消用户,但我是否需要更改这些功能上的任何内容以使其自定义或只是保持原样?
路由器:
exports.init = function(app, passport){
app.post('/login', login);
app.get('/logout', logout);
app.get('/userinfo', checkAuth, require('./users/users/userDetails'));
function login(req, res, next){
passport.authenticate('local-login', function(err, user, info){
if(err){
return next(err);
}
console.log('Authentication is successfull');
});
}
function logout(req, res){
if(req.isAuthenticated()){
req.logout();
req.session.messages = "Log out successfully";
}
res.writeHead(200, { 'Content-Type': 'application/json'});
res.end(true);
}
function checkAuth(req, res, next){
if(req.isAuthenticated) return next();
else{
res.status(401).end("Not Authorized!");
}
}
};
有人可以帮助我错过了吗?非常感谢你。