passport.deserializeUser永远不会打电话

时间:2017-07-03 14:28:11

标签: node.js express passport.js express-session

请帮助我使用passportjs本地策略。当我尝试登录时,我的护照流程是:serialize,Success auth并重定向到'/',其中req.user未定义。在护照流程中,反序列化是在每次序列化后调用,但在我的永远。我不知道bug在哪里,谢谢你的帮助。

要求:

    var express = require('express');
    var bodyParser = require('body-parser');
    var objection = require('objection');
    var Model = objection.Model;
    var Knex = require('knex');
    var bcrypt = require('bcrypt');
    var expressValidator = require('express-validator');
    var passport = require('passport');
    var cookieParser = require('cookie-parser');
    var session = require('express-session');
    var LocalStrategy = require('passport-local').Strategy;
    var api = express();

战略中间件:

passport.use(new LocalStrategy(
        async function (username, password, done) {
            var user = await User.findOne(username);
            if (!user) {
                return done(null, false, {message: 'Incorrect username.'});
            }
            if (!bcrypt.compareSync(password, user.password)) {
                return done(null, false, {message: 'Incorrect password.'});
            } else {
                return done(null, user);
            }
        }
    ));

序列化反序列化方法:

    passport.serializeUser(function (user, done) {
        console.log("serialialize");
        done(null,user.id);
    });

    passport.deserializeUser(async function (id, done) {
        console.log("deserialialize");
        let user = await User.findById(id);
        if (user) {
            done(null, user);
        }
    });

中间件:

    api.use((req, res, next) => {
        res.setHeader('Access-Control-Allow-Origin', '*');
        res.setHeader('Access-Control-Allow-Headers', 'Origin, X-Requested-With, Content-Type, Accept');
        next();
    });

    api.use(bodyParser.json());
    api.use(expressValidator());
    api.use(cookieParser()); // required before session.
    api.use(session({secret: 'keyboard cat', resave: false, saveUninitialized: false}));
    api.use(passport.initialize());
    api.use(passport.session());

数据库配置:

    var knex = Knex({
        client: 'pg',
        connection: {
            user: 'marossmrek',
            password: '12345',
            database: 'ita-js'
        }
    });

    Model.knex(knex);

    class Base extends Model {

        static get tableName() {
            return this.name.toLowerCase();
        }

        static async findById(id) {

            return await this.query().where({id: id}).limit(1).first();
        }
    }

    class User extends Base {

        static async findOne(username) {
            return await this.query().where({username: username}).limit(1).first();
        }
    }

用户登录路线:

    api.post('/login',
        passport.authenticate('local', { failureRedirect: '/login' }),
        function(req, res) {
            console.log('Success auth');
            res.redirect('/');
        });

    api.get('/logout', (req, res) => {
        req.logout();
        res.end();
    });

    api.get('/', (req,res)=> {
        console.log("After redirect: " +req.user);
        res.end();
    });

    api.listen(5000, () => {
        console.log("I listen on port 5000");
    });

1 个答案:

答案 0 :(得分:-2)

如果序列化整个用户,则反序列化整个用户对象而不仅仅是id。

passport.serializeUser(function (user, done) {
    done(null, user);
});

passport.deserializeUser(function (user, done) {
    done(null, user);
});
相关问题
最新问题