我有这样的代码:
passport.serializeUser(function (user, done) {
console.log('serializing user ' +user._id);
return done(null, user._id);
});
passport.deserializeUser(function (id, done) {
console.log(id);
Users.findById(id, function (err, user) {
console.log('deserialize user ' +id);
done(err, user);
});
});
passport.use('login', new LocalStrategy({
passReqToCallback: true
},
function (req, username, password, done) {
Users.findOne({username: username}, function (err, user) {
if(err){
return done(err);
}
if(!user){
console.log('User Not Found with username '+username);
return done(null, false);
}
if(!isValidPassword(user, password)){
console.log('Invalid Password');
return done(null, false); // redirect back to login page
}
return done(null, user);
}
);
})
);
passport.use('signup', new LocalStrategy({
passReqToCallback: true
},
function (req, username, password, done) {
Users.findOne({username: username}, function (err, user) {
if(err){
return done(err);
}
if(user){
console.log('User already exists with username: '+username);
return done('User already exists', false);
}
else{
var newUser = new Users();
newUser.username = username;
newUser.password = createHash(password);
newUser.save(function (err) {
if(err){
console.log('Error in Saving user: '+err);
throw err;
}
console.log(newUser.username +' Registered Successfully');
return done(null, newUser);
});
}
});
})
);
var isValidPassword = function (user, password){
return bCrypt.compareSync(password, user.password);
};
var createHash = function (password){
return bCrypt.hashSync(password,bCrypt.genSaltSync(10), null);
};
问题是,当客户注册新用户并注册成功时。客户端将自动进行身份验证。 如何使客户端在他/她登录之前仍然没有经过身份验证?
所以我想要的流程是: 1.客户注册新ID 2.客户在登录前仍未通过身份验证 3.客户登录 4.客户端现在已通过身份验证