我正在使用带有快速会话和MySQL数据库的Passport.JS来处理用户身份验证。一切都工作正常,直到我从数据库'sessions'中删除了所有会话,并从数据库'users'中删除了所有用户。从那以后,我一直收到错误:
'无法将用户反序列化为会话'
deserialize()函数中的user_id似乎是一个bool,这是真的。在删除用户和会话之前,这是一个允许我从数据库中获取用户的ID。
这是我的代码:
SETUP
var express = require('express'),
app = express(),
bodyParser = require('body-parser'),
mysql = require('mysql'),
generator = require('generate-password'),
cookieParser = require('cookie-parser'),
expressValidator = require('express-validator'),
session = require('express-session'),
passport = require('passport'),
MySQLStore = require('express-mysql-session')(session),
LocalStrategy = require('passport-local').Strategy,
bcrypt = require('bcrypt');
const saltRounds = 10;
app.set("view engine", "ejs");
app.use(express.static(__dirname + "/public"));
app.use(bodyParser.urlencoded({extended: true}));
app.use(expressValidator());
app.use(cookieParser());
var options = {
host : 'localhost',
user : 'eliasal',
database : "c9",
password : ""
};
var sessionStore = new MySQLStore(options);
app.use(session({
secret: 'dfsfjdssdvsdvawdslepsv',
resave: true,
store: sessionStore,
saveUninitialized: true
}));
app.use(passport.initialize());
app.use(passport.session());
//Start MYSQL database
var connection = mysql.createConnection({
host : 'localhost',
user : 'eliasal',
database : "c9",
password : "",
multipleStatements: true
});
connection.connect(function(err){
if(!err) {
console.log("Database is connected ...");
} else {
console.log("Error connecting database ...");
}
});
登录路线
//login
app.post("/login", passport.authenticate('local', {
successRedirect: '/',
failureRedirect: '/login',
}), function(req, res, info){
res.render('/');
});
序列化,反序列化和本地策略
passport.serializeUser(function(user_id, done){
console.log(user_id);
done(null, user_id);
});
passport.deserializeUser(function(user_id, done){
console.log('USER ID : ' + user_id);
connection.query('SELECT * FROM users WHERE id = ?', [user_id], function (err, rows){
console.log('RESULT : ' + rows);
done(err, rows[0]);
});
});
//Authenticate users
passport.use(new LocalStrategy(
function(username, password, done) {
connection.query('SELECT password, salt FROM users WHERE email = ?', [username], function(err, results, fields){
//DB error
if(err) {done(err)};
//no user was found
if(results.length === 0) {
done(null, false);
} else {
var salt = results[0].salt;
if(bcrypt.hashSync(password, salt) === results[0].password) {
//Success
return done(null, true);
} else {
//Wrong password
return done(null, false);
}
}
});
}
));
function isAuthenticated(req, res, next) {
if (req.isAuthenticated())
return next();
res.redirect('/login');
}
USER TABLE
CREATE TABLE `users` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`first_name` varchar(100) COLLATE utf8_unicode_ci NOT NULL,
`last_name` varchar(100) COLLATE utf8_unicode_ci NOT NULL,
`email` varchar(100) COLLATE utf8_unicode_ci NOT NULL,
`password` varchar(255) COLLATE utf8_unicode_ci NOT NULL,
`salt` varchar(255) COLLATE utf8_unicode_ci NOT NULL,
`created` datetime NOT NULL,
`modified` datetime NOT NULL,
`user_role` varchar(100) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;
会话表
CREATE TABLE IF NOT EXISTS `sessions` (
`session_id` varchar(128) COLLATE utf8mb4_bin NOT NULL,
`expires` int(11) unsigned NOT NULL,
`data` text COLLATE utf8mb4_bin,
PRIMARY KEY (`session_id`)
) ENGINE=InnoDB;
答案 0 :(得分:0)
我找到了解决方案。当地的战略是在成功后回归:
return done(null, true);
何时返回:
return done(null, results[0].id);
答案 1 :(得分:0)
在数据库上重新创建会话后,我遇到了同样的问题,然后我清除了浏览器的存储数据,一切又恢复了。