我正在关注其中一个Udemy教程,我陷入了最后一点登录过程。我可以注册新用户但无法登录。我输入电子邮件地址和密码。按下提交按钮,无论电子邮件地址或密码的值是正确还是错误,它都会触发failureRedirect护照再次拉出登录页面的方法,我已经放了几个console.log但没有在控制台中打印。如果输入任何随机细节,它应该抛出未知的用户错误。我不确定是什么导致它不起作用,在控制台或浏览器中看不到或找不到错误。
<form class="form-signin" action="/login" method="POST">
<h2 class="form-signin-heading">Please sign in</h2>
<label for="inputEmail" class="sr-only">Email address</label>
<input type="email" id="email" name="email" class="form-control" placeholder="Email address" required autofocus>
<label for="inputPassword" class="sr-only">Password</label>
<input type="password" id="password" name="password" class="form-control" placeholder="Password" required>
<button class="btn btn-lg btn-primary btn-block" type="submit">Sign in</button>
</form>
var express = require('express');
var router = express.Router();
var passport = require('passport');
var LocalStrategy = require('passport-local').Strategy;
var User = require('../models/user');
router.get('/login', function(req, res, next) {
res.render('login', { title: 'login', errors: false });
});
passport.serializeUser(function(user, done) {
done(null, user.id);
});
passport.deserializeUser(function(id, done) {
User.getUserById(id, function(err, user) {
done(err, user);
});
});
passport.use(new LocalStrategy(
function (email, password, done){
console.log("testing... 1");
User.getUserByEmail(email, function(err, user){
if (err) throw err;
if(!user){
console.log('Unknown User');
console.log("testing... 3");
return done(null, false, {message: 'Unknown User'});
}
User.comparePassword(password, user.password, function(err, isMatch){
console.log("testing... 2");
if(err) throw err;
if (isMatch){
return done(null, user);
console.log("testing... 4");
}else{
console.log("Invalid Password");
return done(null,false, {message:'Invalid Password'});
}
});
});
}
));
router.post('/login', passport.authenticate('local', {failureRedirect: '/login', failureFlash: 'Invalid username or password'}), function(req, res) {
console.log('Authentication successful');
//Flash message
req.flash('success','Your credentials match redirecting...');
//Redirect to the dashboard page
res.location('/dashboard');
res.redirect ('/dashboard');
});
var mongoose = require('mongoose');
var bcrypt = require('bcrypt');
mongoose.connect('mongodb://localhost/db_name');
var db = mongoose.connection;
//User Schema
var UserSchema = mongoose.Schema({
name:{
type: String,
index:true
},
email:{
type:String
},
password:{
type:String, required:true, bcrypt:true
}
});
var User = module.exports = mongoose.model('User', UserSchema);
module.exports.comparePassword = function(candidatePassword, hash, callback){
bcrypt.compare(candidatePassword, hash, function(err, isMatch){
if(err) return callback(err);
callback(null, isMatch);
});
}
module.exports.getUserByEmail = function(email, callback){
var query = {email:email};
User.findOne(query, callback);
}
module.exports.getUserById = function(id, callback){
User.findById(id, callback);
}
db.users.find().pretty();
{
"_id" : ObjectId("594c330d520d491b18771425"),
"name" : "John Doe",
"email" : "john@gmail.com",
"password" : "$2a$10$aFt9vfsSVJpFA8CMlCYIaOqQjW.6lV/1i0PibLelC43HscaAIvQPW",
"__v" : 0
}
答案 0 :(得分:1)
passport.serializeUser(function(user, done) {
done(null, user.id);
});
passport.deserializeUser(function(user, done) {
User.getUserById(id, function(err, user) {
done(err, user);
});
});
如果我们序列化用户对象,那么去除用户对象而不仅仅是id
请查看https://github.com/rupalipemare/Mongoose-Demo上的示例,其中有完整的示例演示护照身份验证。
答案 1 :(得分:0)
router.post('/login', passport.authenticate('local', {failureRedirect: '/login', failureFlash: 'Invalid username or password'}), function(req, res) {
不是&#39; ./ login&#39; ?