我尝试实施TwitterStrategy就像在Facebook中完成的那样: Token based, sessionless auth using express and passport
但是express仍然希望我使用会话中间件:
{"message":"OAuthStrategy requires session support. Did you forget app.use(express.session(...))?"
有人可以提供详细的例子吗?
答案 0 :(得分:1)
早前在gihub
报道的Passport推特中间件问题Any OAuth 1.0 strategy requires sessions. OAuth 2 requires it if state is enabled (which is highly recommended).
A temporary secret is stored in the session to prevent cross site scripting attacks.