基本认证与护照和快递

时间:2015-12-20 07:45:22

标签: javascript node.js express passport.js

我一定错过了一些内容,但根据我发现的所有教程,您可以使用expresspassport + {{1}对节点应用程序进行基本身份验证}。我知道这不符合最佳做法,我只是想让POC继续下去:

passport-local

奇怪的是,我甚至没有在'use strict' var express = require('express'); var passport = require('passport'); var LocalStrategy = require('passport-local').Strategy var app = express(); var users = { 'user': 'secretpass'}; passport.use(new LocalStrategy( function(username, password, done) { console.log('Username:', username, 'password:', password); if (!users[username] || users[username] != password) { console.log('Username:', username, 'password:', password); return done (null, false); } return done(null, {username: username}); } )); app.use(passport.initialize()); app.get('/', function (req, res) { res.send ('GET request to root'); }); app.post('/', function (req, res) { res.send ('POST request to root'); }); app.get('/unauthorized', function (req, res) { res.status(200).send('GET Forbidden'); }); app.post('/unauthorized', function (req, res) { res.status(200).send('Post Forbidden'); }); app.post('/webhook', passport.authenticate('local', { successRedirect: '/', failureRedirect: '/unauthorized'}), function (req, res) { res.send ('authenticated!'); } ); var server = app.listen(8081, function() { console.log('Server listening at', server.address().address, 'on port', server.address().port); }); 构造函数中获取那些console.log()语句来向我显示任何内容,所以我猜我真的错过了一些东西。我尝试使用DHC和Postman发送POST请求,

  • 将基本身份验证字段设置为用户名和密码,
  • 使用username:password @ url method,
    • 格式
  • 将表单数据和密码作为表单数据发送

2 个答案:

答案 0 :(得分:3)

对于基本身份验证,您需要passport-http,而不是passport-local(用于通过表单数据进行身份验证)。

试试这个:

var BasicStrategy = require('passport-http').BasicStrategy;
...
passport.use(new BasicStrategy(...));
...
app.post('/webhook', 
  passport.authenticate('basic', {
    session         : false,
    successRedirect : '/',
    failureRedirect : '/unauthorized'
  }), function (req, res) {
    // FWIW, this isn't useful because it's never reached, because Passport
    // will always issue a redirect (either to / or to /unauthorized)
    res.send ('authenticated!');
  }
);

答案 1 :(得分:0)

使用password-http模块进行基本身份验证

var express = require('express');
var passport = require('passport');
var app = express();
var BasicStrategy = require('passport-http').BasicStrategy;
passport.use(new BasicStrategy(
   function (username, password, done) {
      //perform auth here for user.
      //use done(null,false) if auth fails

      done(null, {
         user: "xyz"
      });


   }
));

app.get('/app', passport.authenticate('basic', {
   session: false
}), (req, res) => {
   console.log("Hello");

   res.send('ok');
});

app.listen(4000, (err, res) => {
   console.log(err, res);
   console.log('server is launched');
})
相关问题
最新问题