Passport auth在本地工作,但不在远程服务器上工作

时间:2017-02-07 16:58:44

标签: node.js express oauth oauth-2.0 passport.js

我对这个问题感到很疯狂。我刚刚将Passport js与Google oAuth 2.0策略一起设置,它在我的本地Express 4服务器上运行良好。

但是当我尝试在我的Amazon服务器上运行它时,每次调用 req.isAuthenticated()都会返回false,并且 req.user 未定义。我无法弄清楚出了什么问题。

passport.serializeUser(function(user, done) {
   console.log("serializeUser " + user.id);
   done(null, user.id);
});

passport.deserializeUser(function(id, done) {
   console.log("deserializeUser: " + id);
   User.find({_id: id}, function (error, user) {
       if (error || !user) {
           done(error, null);
       } else {
           done(null, user);
       }
   });
});

passport.use(new GoogleStrategy({
    clientID: config.google.clientID,
    clientSecret: config.google.clientSecret,
    callbackURL: config.google.callbackURL
},
function(accessToken, refreshToken, profile, done) {

    process.nextTick(function () {

        if(profile._json.domain === 'xxx'){

            var query = {googleId: profile.id};
            var options = {upsert: true, new: true, setDefaultsOnInsert: true };

            // Find the document
            User.findOneAndUpdate(query, query , options, function (error, user) {
                if (error) {
                    return done(error);
                }
                return done(null, user);
            });
        }else{
            return done(new Error("Invalid host domain"));
        }
    });

}
));

router.get('/auth/google',
    passport.authenticate('google', { scope: ['https://www.googleapis.com/auth/plus.login', 'https://www.googleapis.com/auth/userinfo.email'] }));

router.get('/auth/google/callback',
    passport.authenticate('google', { failureRedirect: '/login' }), function(req, res) {
        res.redirect('/');
});

router.get('/login', ensureAuthenticated, function(req, res){
     console.log("User is Authenticated");
});

function ensureAuthenticated(req, res, next) {

   console.log("USER " + req.user);

   if (req.isAuthenticated()) {
      console.log("Authorized");
      return next();
   } else {
      console.log("Not authorized");
      res.sendStatus(401);
   }

}

这就是Express服务器conf。

/ Express
var app = express();
app.use(cookieParser('xxx'));

app.use(bodyParser.json({limit: '100mb'}));
app.use(bodyParser.urlencoded({limit: '100mb', extended: true}));

// Used for production build
app.use(express.static(path.join(__dirname, 'public')));

app.use(session({
    store: sessionStore, //var sessionStore = new MemoryStore();
    secret: 'xxx',
    resave: true,
    saveUninitialized: true,
    cookie: {
        secure: false,
        path: '/',
        httpOnly: true,
        maxAge: new Date(Date.now() + 3600000),
    }
}));

// Compress responses
app.use(compression());

app.use(passport.initialize());
app.use(passport.session());

routes(app);

Similar problem

请帮忙!

2 个答案:

答案 0 :(得分:1)

我认为我的问题是通过将会话存储切换到MongoStore而不是MemoryStore来解决的。我希望将来为你们中的某些人节省一些时间。

 // Express
var app = express();
app.use(cookieParser('xxx'));

app.use(bodyParser.json({limit: '100mb'}));
app.use(bodyParser.urlencoded({limit: '100mb', extended: true}));

// Used for production build
app.use(express.static(path.join(__dirname, 'public')));

app.use(session({
    cookieName: 'session',
    duration: 30 * 60 * 1000,
    activeDuration: 5 * 60 * 1000,
    store: new MongoStore({
        mongooseConnection: mongoose.connection,
        touchAfter: 24 * 3600 // time period in seconds
    }),
    secret: 'xxx',
    saveUninitialized: false, // don't create session until something stored
    resave: false, //don't save session if unmodified
    cookie: {
        secure: false,
        path: '/',
        httpOnly: true,
        maxAge: new Date(Date.now() + 3600000),
    }
}));

答案 1 :(得分:0)

您是否已将amazon服务器添加到授权重定向URI列表中?请参阅以下内容:https://developers.google.com/adwords/api/docs/guides/authentication#oauth2_playground

确保将您的Amazon重定向URI添加到Google的控制台以进行身份​​验证