我可以通过LDAP进行身份验证,但是当用户输入无效的用户名/密码时,我似乎无法弄清楚如何捕获错误。我有failureRedirect和其他东西设置,但是当发生错误时它没有进入authenticate函数中的那一步。我已经尝试过尝试捕获函数而没有运气。
以下是正在使用的身份验证策略的链接: https://www.npmjs.com/package/passport-activedirectory
前端 - 我也尝试将{{#if error}}更改为{{#if failWithError}}。
{{#if error}}
<div class="alert alert-danger">
Warning! {{error}}
</div>
{{/if}}
**显示给用户的错误消息**
InvalidCredentialsError: 80090308: LdapErr: DSID-0C0903C5, comment: AcceptSecurityContext error, data 52e, v2580
at messageCallback (d:\........\node_modules\ldapjs\lib\client\client.js:1419:45)
at Parser.onMessage (d:\........\node_modules\ldapjs\lib\client\client.js:1089:14)
at emitOne (events.js:96:13)
at Parser.emit (events.js:188:7)
at Parser.write (d:\........\node_modules\ldapjs\lib\messages\parser.js:111:8)
at Socket.onData (d:\........\node_modules\ldapjs\lib\client\client.js:1076:22)
at emitOne (events.js:96:13)
at Socket.emit (events.js:188:7)
at readableAddChunk (_stream_readable.js:176:18)
at Socket.Readable.push (_stream_readable.js:134:10)
.. \ node_modules \ ldapjs \ lib \ client \ client.js第1419行
中的代码块if (expect.indexOf(msg.status) === -1) {
return sendResult('error', errors.getError(msg));
}
auth.js
module.exports = function(app,passport) {
let opts = {
failWithError: true,
failureRedirect: '/',
successRedirect: '/dashboard',
failureFlash: true
};
app.post('/login', passport.authenticate('ActiveDirectory', opts), function(req, res) {
res.json(req.user);
}, function(err) {
if (err) res.status(401).send('Not Authenticated');
});
};
passport.js
module.exports = function(passport) {
var ActiveDirectoryStrategy = require('passport-activedirectory');
passport.serializeUser(function (user, done) { done(null, user); });
passport.deserializeUser(function (user, done) { done(null, user); });
passport.use(new ActiveDirectoryStrategy({
integrated: false,
passReqToCallback: true,
ldap: {
url: 'ldap://a.b.awesome:389',
baseDN: 'DC=a,DC=b,DC=awesome',
bindDN: 'CN=rando user,OU=users,DC=a,DC=b,DC=awesome',
bindCredentials: 'ASecret',
searchBase: 'OU=users,DC=a,DC=b,DC=awesome',
searchFilter: '(sAMAccountName={{username}})',
attributes: ['dn', 'displayName', 'givenName', 'sn', 'title', 'userPrincipalName', 'sAMAccountName', 'mail', 'description', 'memberOf'],
logging: {
name: 'ActiveDirectory',
streams: [
{ level: 'debug',
stream: process.stdout }
]
}
}
}, function (req, profile, ad, done) {
ad.isUserMemberOf(profile._json.dn, '123', function (err, isMember) {
if (err) return done(err);
return done (null, profile)
})
}));
};
答案 0 :(得分:1)
所以我能够抓住&#39;错误,不再向用户显示错误消息。 但是,快递把手不想显示我的自定义错误信息,我可能做错了。
捕获错误的答案: https://github.com/bhoriuchi/passport-activedirectory/issues/4
<强> auth.js
app.post('/login', passport.authenticate('ActiveDirectory', opts), function(req, res) {
res.json(req.user);
}, function(err, req, res, next) {
let statusCode = /InvalidCredentialsError/.test(err.stack)
? res.redirect('/') && res.send( {error: 'Invalid Credentials!'} )
: 500;
return res.status(statusCode)
});
修改
我还想出了如何将数据发送到前端以便以良好的方式显示。
新的auth.js
app.post('/login', passport.authenticate('ActiveDirectory', opts), function(req, res) {
res.json(req.user);
}, function(err, req, res, next) {
let statusCode = /InvalidCredentialsError/.test(err.stack)
? res.render('login', {failWithError: true, error: 'Invalid Username or Password!'})
: res.status(500);
return statusCode
});
前端.hbs
{{#if failWithError}}
<div class="alert alert-danger">
<strong>Error!</strong> {{error}}
</div>
{{/if}}
答案 1 :(得分:0)
我使用了您的解决方案一段时间,但我认为这在 IMO 中效果更好:
router.post('/login', (req, res, next) => {
passport.authenticate('ActiveDirectory', opts, (err, user, info) => {
if (err) {
return next(err)
}
if (! user) {
return res.redirect('/login')
}
req.login(user, (err) => {
if(err) {
return next(err)
}
return res.json(req.user)
})
}) (req, res, next)
})