Question

我在我的nodejs应用中使用passport和bcryptjs进行身份验证。我的身份验证策略是email and password。

用户可以注册并保存在mongodb罗盘中。注册后，我尝试将用户重定向到主页，但不知何故路线混淆如下：

http://localhost:8000/admin/auth/admin/home

而不是http://localhost:8000/admin/home

对于登录问题，即使我使用了正确的凭据，也始终将请求重定向到注册页面。这是我的auth文件：

const express = require('express');
const router = express.Router();
const bcrypt = require('bcryptjs');
const AdminUser = require('../models/adminUserModel');
const passport = require('passport');

router.get('/login', (req, res) => {
    res.render('login');
});

router.post('/login', (req, res, next) => {

    passport.authenticate('local',{
        successRedirect:'/admin/home',
        failureRedirect: '/admin/auth/register',
        failureFlash: true
    })(req, res, next);

});

router.get('/logout', (req, res) => {
    req.logout();
    res.render('login');
    //res.redirect('/admin/logout');
});

router.get('/register', (req, res) => {
    res.render('register');
});

router.post('/register', (req, res) => {

    req.checkBody('username', 'Enter Username').notEmpty();
    req.checkBody('email', 'Enter Valid Email').isEmail();
    req.checkBody('password', 'Enter Your Password').notEmpty();
    req.checkBody('confirmPass', 'Passwords Don'\t 
     Match').equals(req.body.password);

   let username = req.body.username;
   let email = req.body.email;
   let password = req.body.password;

   let passwordHash = null;
   bcrypt.hash(password, 10, (err, hash) => {
       passwordHash = hash;
       console.log('Pass Hash:\t' + passwordHash);

       let adminUser = new AdminUser({
            username: username,
            email: email,
            password: passwordHash
       });

       adminUser.save()
           .then(admin => {
               if (admin) {
                    let admin_id = admin._id;
                    console.log('Admin id:\t' + admin_id);

                    res.redirect('admin/home'); // problem with route I stated above

                }
            })
            .catch(errs => {
                throw errs;
            });

   });

});

module.exports = router;

在我的app.js文件中，我正在处理路由并在全球范围内设置护照中间件，如：

// routes
app.use('/admin/auth', adminAuth); // for register and login
app.use('/admin/home', adminIndex);

// and passport middleware after
const passport = require('passport');
const passportConfig = require('./config/passport')(passport);  // this is not used according to my ide


.../// skip some code...


app.use(passport.initialize());  // should this be passportConfig instead
app.use(passport.session());
app.get('*', (req, res, next) => {
   res.locals.user = req.user || null;
   next();
});

我编写中间件逻辑的passportConfig文件：

const LocalStrategy = require('passport-local').Strategy;
const AdminUser = require('../models/adminUserModel');
const bcrypt = require('bcryptjs');
const config = require('../config/db');  // this is also unused according to my ide

module.exports = ( (passport) => {
    passport.use(new LocalStrategy((email, password, done) => {
         AdminUser.findOne({email: email})
            .exec()
            .then(user => {
                if(!user){
                    return done(null, false, {message: 'No Such User with Email Exists'});
                } else {
                    bcrypt.compare(password, user.password, (err, match) => 
                       {
                          if(err){
                          throw err;
                       }

                       if (match){
                           return done(null, user, {message: 'User Matched'});
                        } else {
                           return done(null, false, {message: 'Passwords Don\'t Match'});
                        }
                    });

                    passport.serializeUser((user, done) => {
                        done(null, user.id);
                    });

                    passport.deserializeUser((id, done) => {
                        AdminUser.findById({_id: id})
                           .exec()
                           .then(user => {
                               done(null, user);
                           })
                           .catch(err => {
                               throw err;
                           })
                    });

                }
            })
            .catch(errs => {
                throw errs;
            });
     }));
 });

任何人都可以帮我解决这两个问题，请the resource url after register和the failure on login。感谢

Answer 1

你可以试试这个而不是＆＃39; / register＆＃39;在源

router.post('/register', (req, res) => {

  req.checkBody('username', 'Enter Username').notEmpty();
  req.checkBody('email', 'Enter Valid Email').isEmail();
  req.checkBody('password', 'Enter Your Password').notEmpty();
  req.checkBody('confirmPass', 'Passwords Don\'t match').equals(req.body.password);

  let username = req.body.username;
  let email = req.body.email;
  let password = req.body.password;

  let passwordHash = null;
  bcrypt.hash(password, 10, (err, hash) => {
      passwordHash = hash;
      console.log('Pass Hash:\t' + passwordHash);

      let adminUser = new AdminUser({
          username: username,
          email: email,
          password: passwordHash
      });

      adminUser.save(function (err) {

            // Use resolve and reject when using .then and .catch in controller

            if (err) {   
                    // Handling error
            } else {

                req.login(adminUser, function(err) {
                    if (err) {
                      console.log(err);
                    } else {
                        console.log('SUCCESSS');
                        res.redirect('admin/home');
                    }

                });
            }                   
        });
   });
 });

Passport登录始终重定向到failureUrl

1 个答案: