我在我的nodejs应用中使用passport
和bcryptjs
进行身份验证。我的身份验证策略是email and password
。
用户可以注册并保存在mongodb罗盘中。注册后,我尝试将用户重定向到主页,但不知何故路线混淆如下:
http://localhost:8000/admin/auth/admin/home
而不是http://localhost:8000/admin/home
对于登录问题,即使我使用了正确的凭据,也始终将请求重定向到注册页面。这是我的auth文件:
const express = require('express');
const router = express.Router();
const bcrypt = require('bcryptjs');
const AdminUser = require('../models/adminUserModel');
const passport = require('passport');
router.get('/login', (req, res) => {
res.render('login');
});
router.post('/login', (req, res, next) => {
passport.authenticate('local',{
successRedirect:'/admin/home',
failureRedirect: '/admin/auth/register',
failureFlash: true
})(req, res, next);
});
router.get('/logout', (req, res) => {
req.logout();
res.render('login');
//res.redirect('/admin/logout');
});
router.get('/register', (req, res) => {
res.render('register');
});
router.post('/register', (req, res) => {
req.checkBody('username', 'Enter Username').notEmpty();
req.checkBody('email', 'Enter Valid Email').isEmail();
req.checkBody('password', 'Enter Your Password').notEmpty();
req.checkBody('confirmPass', 'Passwords Don'\t
Match').equals(req.body.password);
let username = req.body.username;
let email = req.body.email;
let password = req.body.password;
let passwordHash = null;
bcrypt.hash(password, 10, (err, hash) => {
passwordHash = hash;
console.log('Pass Hash:\t' + passwordHash);
let adminUser = new AdminUser({
username: username,
email: email,
password: passwordHash
});
adminUser.save()
.then(admin => {
if (admin) {
let admin_id = admin._id;
console.log('Admin id:\t' + admin_id);
res.redirect('admin/home'); // problem with route I stated above
}
})
.catch(errs => {
throw errs;
});
});
});
module.exports = router;
在我的app.js
文件中,我正在处理路由并在全球范围内设置护照中间件,如:
// routes
app.use('/admin/auth', adminAuth); // for register and login
app.use('/admin/home', adminIndex);
// and passport middleware after
const passport = require('passport');
const passportConfig = require('./config/passport')(passport); // this is not used according to my ide
.../// skip some code...
app.use(passport.initialize()); // should this be passportConfig instead
app.use(passport.session());
app.get('*', (req, res, next) => {
res.locals.user = req.user || null;
next();
});
我编写中间件逻辑的passportConfig
文件:
const LocalStrategy = require('passport-local').Strategy;
const AdminUser = require('../models/adminUserModel');
const bcrypt = require('bcryptjs');
const config = require('../config/db'); // this is also unused according to my ide
module.exports = ( (passport) => {
passport.use(new LocalStrategy((email, password, done) => {
AdminUser.findOne({email: email})
.exec()
.then(user => {
if(!user){
return done(null, false, {message: 'No Such User with Email Exists'});
} else {
bcrypt.compare(password, user.password, (err, match) =>
{
if(err){
throw err;
}
if (match){
return done(null, user, {message: 'User Matched'});
} else {
return done(null, false, {message: 'Passwords Don\'t Match'});
}
});
passport.serializeUser((user, done) => {
done(null, user.id);
});
passport.deserializeUser((id, done) => {
AdminUser.findById({_id: id})
.exec()
.then(user => {
done(null, user);
})
.catch(err => {
throw err;
})
});
}
})
.catch(errs => {
throw errs;
});
}));
});
任何人都可以帮我解决这两个问题,请the resource url after register
和the failure on login
。
感谢
答案 0 :(得分:0)
你可以试试这个而不是' / register'在源
router.post('/register', (req, res) => {
req.checkBody('username', 'Enter Username').notEmpty();
req.checkBody('email', 'Enter Valid Email').isEmail();
req.checkBody('password', 'Enter Your Password').notEmpty();
req.checkBody('confirmPass', 'Passwords Don\'t match').equals(req.body.password);
let username = req.body.username;
let email = req.body.email;
let password = req.body.password;
let passwordHash = null;
bcrypt.hash(password, 10, (err, hash) => {
passwordHash = hash;
console.log('Pass Hash:\t' + passwordHash);
let adminUser = new AdminUser({
username: username,
email: email,
password: passwordHash
});
adminUser.save(function (err) {
// Use resolve and reject when using .then and .catch in controller
if (err) {
// Handling error
} else {
req.login(adminUser, function(err) {
if (err) {
console.log(err);
} else {
console.log('SUCCESSS');
res.redirect('admin/home');
}
});
}
});
});
});