如何用feathersjs验证用户名和密码?

时间:2017-10-08 11:01:46

标签: feathersjs

我想通过用户名和密码进行身份验证。我使用羽毛身份验证来执行此操作但我在配置我的应用程序后无法理解,如何在我的服务器中验证我的输入数据(用户名和密码)以允许羽毛验证使用它? 在我的客户端,我有这个代码发送我的数据(用户名和密码)

app.authenticate({
    strategy: 'local',
    username: 'k0',//self.state.username,
    password:'kk'// self.state.password
  }).then(response => {
    console.log('Authenticated!', response);
  return app.passport.verifyJWT(response.accessToken);
})
.then(payload => {
  console.log('JWT Payload', payload);
  return app.service('users').get(payload.userId);
})
.then(user => {
  app.set('user', user);
  console.log('User', app.get('user'));
})
.catch(function(error){
  console.error('Error authenticating!', error);
});

但我有错误

"POST http://localhost:4200/authentication 400 (Bad Request)
Error authenticating! 
BadRequest {type: "FeathersError", name: "BadRequest", message: "Missing credentials", code: 400, className: "bad-request", …}
className
:
"bad-request"
code
:
400
data
:
{message: "Missing credentials"}
errors
:
{}
message
:
"Missing credentials"
name
:
"BadRequest"
type
:
"FeathersError"
stack
:
"BadRequest: Missing credentials↵    at new BadRequest 
__proto__
:
Error"

这是我的server.js

var Users=[ {_id:"1",email:"k0",password:"kk"}, {_id:"2",email:"k1",password:"kk"}, {_id:"3",email:"k2",password:"kk"}, {_id:"4",email:"k3",password:"kk"}, {_id:"5",email:"k4",password:"kk"}]; 
const feathers = require('feathers'); 
const bodyParser = require('body-parser'); 
const errors = require('feathers-errors'); 
const errorHandler = require('feathers-errors/handler'); 
const rest = require('feathers-rest'); 
const hooks = require('feathers-hooks'); 
const auth = require('feathers-authentication'); 
const local = require('feathers-authentication-local'); 
const memory = require('feathers-memory'); 
const jwt = require('feathers-authentication-jwt');
 const app = feathers(); app.use(bodyParser.json()) app.use(bodyParser.urlencoded({ extended: true })); var cors = require('cors'); var port= process.env.PORT ||4200;app.use(cors());
`

.use('/users', {
find(params) {
return Promise.resolve(Users);
}
})
.use(errorHandler());
app.service('authentication').hooks({
before: {
create: [
auth.hooks.authenticate('local'),
customizeJWTPayload()
],
remove: [
auth.hooks.authenticate('jwt')
]
}
});
app.service('users').hooks({
before: {

create: [
  local.hooks.hashPassword({ passwordField: 'password' })
]
}
`});app.post('/login', auth.express.authenticate('local', { successRedirect: '/app', failureRedirect: '/login'     }));

app.get('/app', (req, res, next) => {
res.json({ success: true });
});

app.get('/login', (req, res, next) => {
res.json({ success: "faux" });
});
app.listen(port);`

1 个答案:

答案 0 :(得分:1)

我强烈建议您使用羽毛生成器。它的效果非常好,可以为您节省大量时间。这样您就知道在开始自定义之前基本服务和身份验证将起作用。 https://docs.feathersjs.com/guides/step-by-step/generators/readme.html

在下面与Developper讨论后,似乎问题是使用username而不是默认email用于身份验证usernameField字段。更新代码以使用email或使用以下内容创建default.json文件:

{
  "authentication": {
    "strategies": [
      "local"
    ],
    "local": {
      "entity": "user",
      "usernameField": "username",
      "passwordField": "password"
    }
  }
}

其次,您的服务可能未正确设置(这就是您收到the id property must be set on the entity service for authentication错误的原因。

这是我的users.service.js文件:

// Initializes the `users` service on path `/users`
const createService = require('feathers-mongodb');
const hooks = require('./users.hooks');
const filters = require('./users.filters');

module.exports = function () {
  const app = this;
  const paginate = app.get('paginate');
  const mongoClient = app.get('mongoClient');
  const options = { paginate };

  // Initialize our service with any options it requires
  app.use('/users', createService(options));

  // Get our initialized service so that we can register hooks and filters
  const service = app.service('users');

  mongoClient.then(db => {
    service.Model = db.collection('users');
  });

  service.hooks(hooks);

  if (service.filter) {
    service.filter(filters);
  }
};

看起来你的设置是为了处理查询,但是使用hooks在mongodb服务中处理了这个问题:https://docs.feathersjs.com/api/databases/mongodb.html#querying

有关羽毛身份验证如何验证用户名和密码的特定问题,Feathers身份验证使用挂钩。如果您使用feathers generate service并选择了身份验证,那么它会自动在您服务的挂钩文件(通常是authenticate())中调用SERVICENAME.hooks.js

您可以在此处查看authenticate()函数实际执行的操作:https://github.com/feathersjs/feathers-authentication/blob/master/src/hooks/authenticate.js