我被卡住了。
使用Passport的Featherjs可以使用本地策略进行身份验证而不启用会话吗?
当我启用会话时,第一个请求未被授权,但第二个请求是因为使用了第一个请求的cookie。我不想要使用cookies。
我设置了我的代码:
var hooks = require('feathers-hooks');
var bodyParser = require('body-parser');
var session = require('express-session');
var passport = require('passport');
var feathers = require('feathers');
var feathersPassport = require('feathers-passport');
var LocalStrategy = require('passport-local').Strategy;
var app = feathers();
var LocalStrategy = require('passport-local').Strategy;
passport.use(new LocalStrategy(function (username, password, done) {
done(null, "userid here");
}));
//Use the id to serialize the user
passport.serializeUser(function (user, done) {
done(null, user);
});
// Deserialize the user retrieving it form the user service
passport.deserializeUser(function (id, done) {
done(null, "userid here");
});
var myService = {
find: function (params, callback) {
if (params.user) {
console.log('yeh');
}
else {
callback('not authorized', null);
}
}
};
// A shared session store must be provided.
//TODO This MemoryStore is not recommended for production
var store = new session.MemoryStore();
// Initialize the application
app.configure(feathers.rest())
.configure(hooks())
.configure(feathersPassport({
secret: 'feathers-rocks',
store: store
}));
app.use(bodyParser.urlencoded({extended: true}));
app.use('/should/be/protected', passport.authenticate('local', {session: true}), myService);
app.listen(4000);
答案 0 :(得分:1)
feathers-passport实际上已被弃用。 Feathers绝对支持没有会话的身份验证(实际上它现在正式支持)。有一个叫做羽毛认证的新模块。您可能需要查看http://docs.feathersjs.com/authentication/readme.html。