Google-oauth2护照无效

时间:2015-03-13 21:18:38

标签: node.js express google-api google-plus passport.js

我正在尝试使用谷歌和护照实施登录,但我遇到了一些问题。我成功通过谷歌验证,但我的数据没有传递到前端。除了URI和必要的客户端ID和秘密之外,我没有更改原始code中的任何内容。谁能告诉我我失踪了什么?

var express          = require( 'express' )
, app                = express()
, server             = require( 'http' ).createServer( app ) 
, passport         = require( 'passport' )
, util             = require( 'util' )
, bodyParser       = require( 'body-parser' )
, cookieParser     = require( 'cookie-parser' )
, session          = require( 'express-session' )
, RedisStore       = require( 'connect-redis' )( session )
, GoogleStrategy   = require( 'passport-google-oauth2' ).Strategy;
// API Access link for creating client ID and secret:
// https://code.google.com/apis/console/
var GOOGLE_CLIENT_ID      = "307841191614-1shiak514mrjugtbon3dm2if8hbhnvdv.apps.googleusercontent.com"
  , GOOGLE_CLIENT_SECRET  = "fgViegEgHWuoc1X-p63iPmpF";

// Passport session setup.
//   To support persistent login sessions, Passport needs to be able to
//   serialize users into and deserialize users out of the session.  Typically,
//   this will be as simple as storing the user ID when serializing, and finding
//   the user by ID when deserializing.  However, since this example does not
//   have a database of user records, the complete Google profile is
//   serialized and deserialized.
passport.serializeUser(function(user, done) {
  done(null, user);
  console.log("User: "+ user.displayName); // If there is a persistent session, the console logs out the displayName
});

passport.deserializeUser(function(obj, done) {
  done(null, obj);
});


// Use the GoogleStrategy within Passport.
//   Strategies in Passport require a `verify` function, which accept
//   credentials (in this case, an accessToken, refreshToken, and Google
//   profile), and invoke a callback with a user object.
passport.use(new GoogleStrategy({
    clientID:     GOOGLE_CLIENT_ID,
    clientSecret: GOOGLE_CLIENT_SECRET,
    //NOTE :
    //Carefull ! and avoid usage of Private IP, otherwise you will get the device_id device_name issue for Private IP during authentication
    //The workaround is to set up thru the google cloud console a fully qualified domain name such as http://mydomain:3000/ 
    //then edit your /etc/hosts local file to point on your private IP. 
    //Also both sign-in button + callbackURL has to be share the same url, otherwise two cookies will be created and lead to lost your session
    //if you use it.
    callbackURL: "http://127.0.0.1:3000/oauth2callback",
    passReqToCallback   : true
  },
  function(request, accessToken, refreshToken, profile, done) {
    // asynchronous verification, for effect...
    process.nextTick(function () {

      // To keep the example simple, the user's Google profile is returned to
      // represent the logged-in user.  In a typical application, you would want
      // to associate the Google account with a user record in your database,
      // and return that user instead.

      console.log(profile); //logs google profile successfully

      return done(null, profile); 

    });
  }
));

// configure Express
app.set('views', __dirname + '/views');
app.set('view engine', 'ejs');
app.use( express.static(__dirname + '/public'));
app.use( cookieParser()); 
app.use( bodyParser.json());
app.use( bodyParser.urlencoded({
    extended: true
}));
app.use( session({ 
    secret: 'cookie_secret',
    name:   'kaas',
    store:  new RedisStore({
        host: '127.0.0.1',
        port: 6379
    }),
    proxy:  true,
    resave: true,
    saveUninitialized: true
}));
app.use( passport.initialize());
app.use( passport.session());

/*
===
===
===
Here is where the data is not being read. 
*/


app.get('/', function(req, res){
  res.render('index', { user: req.user });
  console.log(req.user); //Output: undefined
});

app.get('/account', ensureAuthenticated, function(req, res){
  res.render('account', { user: req.user });
});

app.get('/login', function(req, res){
  res.render('login', { user: req.user });
});

// GET /auth/google
//   Use passport.authenticate() as route middleware to authenticate the
//   request.  The first step in Google authentication will involve
//   redirecting the user to google.com.  After authorization, Google
//   will redirect the user back to this application at /auth/google/callback
app.get('/auth/google', passport.authenticate('google', { scope: [
       'https://www.googleapis.com/auth/plus.login',
       'https://www.googleapis.com/auth/plus.profile.emails.read'] 
}));

// GET /auth/google/callback
//   Use passport.authenticate() as route middleware to authenticate the
//   request.  If authentication fails, the user will be redirected back to the
//   login page.  Otherwise, the primary route function function will be called,
//   which, in this example, will redirect the user to the home page.
app.get( '/oauth2callback', 
        passport.authenticate( 'google', { 
            successRedirect: '/',
            failureRedirect: '/login'
}));

app.get('/logout', function(req, res){
  req.logout();
  res.redirect('/');
});

server.listen( 3000 );


// Simple route middleware to ensure user is authenticated.
//   Use this route middleware on any resource that needs to be protected.  If
//   the request is authenticated (typically via a persistent login session),
//   the request will proceed.  Otherwise, the user will be redirected to the
//   login page.
function ensureAuthenticated(req, res, next) {
  if (req.isAuthenticated()) { return next(); }
  res.redirect('/login');
}

` 这是一个似乎没有接收任何数据的简单布局。

<% if (!user) { %>
<h2>Welcome! Please log in.</h2>
<% } else { %>
<h2>Hello, <%= user.displayName %>.</h2>
<% } %>

1 个答案:

答案 0 :(得分:1)

您的代码有效,我在我的应用上使用了相同的示例。

我遇到了同样的问题,我意识到我在测试中没有使用有效的帐户。

此API会从Google+个人资料中检索数据。您是否使用带有关联Google+个人资料的有效Google帐户进行身份验证?