我在NodeJS中是菜鸟,我在Passport身份验证方面遇到了一些问题。
首先,我必须告诉我在Google和stackoverflow上搜索和重试验证解决方案大约2周,我无法解决这个问题,所以感谢您的每一个回复。
我的应用程序基于MEAN堆栈构建,使用Express.js和Passport进行授权。 我们需要对部分内容进行授权,并允许本地登录和Google登录。
到目前为止我尝试过后,我解决了关于授权的问题和问题,最后我想不到的是
每个授权成功总是在LocalStrategy和GoogleStrategy上返回401
这是我的代码。
应用
app.use(require('morgan')('dev')); //combined
app.use(require('cookie-parser')());
app.use(require('body-parser').urlencoded({ extended: true }));
app.use(require('body-parser').json());
app.use(require('method-override')('_method'));
app.use(require('express-session')({ secret: config.sessionKey, resave: false, saveUninitialized: false, cookie: { secure: true } }));
app.use(passport.initialize());
app.use(passport.session());
app.use('/', require('./app/config/route'));
护照
var passport = require('passport');
var LocalStrategy = require('passport-local').Strategy;
var GoogleStrategy = require('passport-google-oauth').OAuth2Strategy;
var config = require('./config');
var User = require('../models/user');
passport.use('local-signup', new LocalStrategy({
usernameField: 'email',
passwordField: 'password',
passReqToCallback: true
},
function(req, email, password, done) {
process.nextTick(function() {
User.findOne({'email': email}, function(err, user) {
if (err) {
mgHooks.sendError(err);
return done(err);
}
if (user) {
return done(null, {status: config.statusText.NotOk, message: config.talkback.usedEmail});
} else {
var newUser = new User();
newUser.email = email;
newUser.name = req.body.name;
newUser.secret = md5(email);
newUser.password = newUser.generateHash(password);
newUser.save(function(err) {
if (err) {
mgHooks.sendError(err)
throw err;
}
return done(null, {
status: config.statusText.Ok,
message: config.talkback.signupSuccess,
user: newUser.id
});
});
}
});
});
})
);
passport.use('local-login', new LocalStrategy({
usernameField: 'email',
passwordField: 'password',
passReqToCallback: true
},
function(req, email, password, done) {
User.findOne({'email': email}, function(err, user) {
if (err) {
mgHooks.sendError(err);
return done(err);
}
if (!user){
return done(null, {status: config.statusText.NotOk, message: config.talkback.invalidLogin});
}
if (!user.validPassword(password)){
return done(null, {status: config.statusText.NotOk, message: config.talkback.invalidLogin});
}
//Valid, then login
var now = new Date();
user.lastVisited = now;
user.save();
return done(null, {
status: config.statusText.Ok,
message: config.talkback.signupSuccess,
user: user.id
});
});
}));
passport.use(new GoogleStrategy({
clientID: config.google.GOOGLE_CLIENT_ID,
clientSecret: config.google.GOOGLE_CLIENT_SECRET,
callbackURL: config.google.CALLBACK_URL
},
function(accessToken, refreshToken, profile, done) {
User.findOrCreate({provider: profile.provider, uid: profile.id}, function (err, user) {
var updateUser = {
name: profile.displayName,
photo: profile.photos[0].value ,
email: profile.emails[0].value,
_raw: profile._raw
};
User.findOneAndUpdate({provider: profile.provider, uid: profile.id}, updateUser, function(err, doc){
if (err) {
console.log(err);
mgHooks.sendError(err);
}
return done(err, user);
});
});
}
));
passport.serializeUser(function(user, done) {
done(null, user);
});
passport.deserializeUser(function(user, done) {
done(null, user);
});
路线
var express = require('express');
var router = express.Router();
var mongoose = require('mongoose');
var passport = require('passport');
//Authorize function
var auth = function(req, res, next){
if (!req.isAuthenticated())
res.send(401);
else
next();
};
router.get('/', function(req, res, next) {
res.render('index');
});
router.use('/api/auth', auth, require('../controllers/api'));
router.get('/auth/loggedin', function(req, res) {
res.send(req.isAuthenticated() ? req.user : 'unauthorized');
});
router.post('/auth/signup', passport.authenticate('local-signup'), function(req, res){
res.send(req.user);
});
router.post('/auth/login', passport.authenticate('local-login'), function(req, res) {
res.send(req.user);
});
router.post('/auth/logout', function(req, res){
req.logOut();
res.send(200);
});
router.get('/auth/google',
passport.authenticate('google', { scope: ['https://www.googleapis.com/auth/plus.login', 'https://www.googleapis.com/auth/plus.profile.emails.read'] })
);
router.get('/auth/google/callback',
passport.authenticate('google', { failureRedirect: '/#!/login' }),
function(req, res) {
// Successful authentication, redirect home.
res.redirect('/#!/profile');
});
起初我认为是因为中间件的顺序,但是我尝试了我发现的每个教程,但它不起作用。
请帮我弄明白这一点。 非常感谢!!
答案 0 :(得分:0)
更新,我刚刚找到了编写Session-persisted消息中间件的示例,现在可以正常使用了!
app.use(function(req, res, next){
var err = req.session.error,
msg = req.session.notice,
success = req.session.success;
delete req.session.error;
delete req.session.success;
delete req.session.notice;
if (err) res.locals.error = err;
if (msg) res.locals.notice = msg;
if (success) res.locals.success = success;
next();
});