我正在尝试使用本教程https://scotch.io/tutorials/easy-node-authentication-setup-and-local设置我的MEAN堆栈的身份验证。 我已经设置了护照来处理身份验证,但是我已经使用了快速路由。
我为登录,注册和注销设置了路由:
// =====================================
// LOGIN ===============================
// =====================================
// show the login form
app.get('/login', function(req, res) {
// render the page and pass in any flash data if it exists
res.render('../public/login.ejs', { message: req.flash('loginMessage') });
});
// process the login form
app.post('/login', passport.authenticate('local-login', {
successRedirect : '/#home', // redirect to the secure profile section
failureRedirect : '/login', // redirect back to the signup page if there is an error
failureFlash : true // allow flash messages
}));
// =====================================
// SIGNUP ==============================
// =====================================
// show the signup form
app.get('/signup', function(req, res) {
// render the page and pass in any flash data if it exists
res.render('signup.ejs', { message: req.flash('signupMessage') });
});
// process the signup form
app.post('/signup', passport.authenticate('local-signup', {
successRedirect : '/profile', // redirect to the secure profile section
failureRedirect : '/signup', // redirect back to the signup page if there is an error
failureFlash : true // allow flash messages
}));
// =====================================
// LOGOUT ==============================
// =====================================
app.get('/logout', function(req, res) {
req.logout();
res.redirect('/login');
});
我设置了一个只能在用户登录时访问的个人资料页面的路由:
// =====================================
// PROFILE SECTION =====================
// =====================================
// we will want this protected so you have to be logged in to visit
// we will use route middleware to verify this (the isLoggedIn function)
app.get('/profile', isLoggedIn, function(req, res) {
res.render('profile.ejs', {
user : req.user // get the user out of session and pass to template
});
});
这使用以下函数作为中间件:
// route middleware to make sure a user is logged in
function isLoggedIn(req, res, next) {
// if user is authenticated in the session, carry on
if (req.isAuthenticated())
return next();
// if they aren't redirect them to the home page
res.redirect('/login');
}
到配置文件页面的路由工作完美。 问题是我创建了一个路由,它将捕获对站点的所有其他请求,并在用户未登录时将用户重定向到登录页面,如下所示:
app.get('*', isLoggedIn, function(req, res) {
res.render('../public/index.ejs', {
user : req.user // get the user out of session and pass to template
});
});
捕获所有路线不起作用。如果我发出任何其他请求,除了/ profile,我可以在不登录的情况下访问该页面。
我真的很感激有关如何让所有路线上线的建议! TIA!