我正在使用通行证库来处理用户的登录,但是当前遇到了问题。用户登录后不久就可以注销,这是错误的用户体验。
我是否缺少使用户登录保持不变的功能?
以下是我的代码:
Passport.js
// load all the things we need
var passport = require('passport');
var LocalStrategy = require('passport-local').Strategy;
var TwitterStrategy = require('passport-twitter').Strategy;
// include the user model
var User = require('../app/model/user');
// include the auth credentials
var configAuth = require('./auth');
require('../app/model/upload');
module.exports = function(passport) {
// used to serialize the user for the session
passport.serializeUser(function(user, done) {
done(null, user.id);
});
// used to deserialize the user
passport.deserializeUser(function(id, done) {
User.findById(id, function(err, user) {
done(err, user);
});
});
// code for login (use('local-login', new LocalStategy))
// code for signup (use('local-signup', new LocalStategy))
// code for facebook (use('facebook', new FacebookStrategy))
// =========================================================================
// TWITTER =================================================================
// =========================================================================
passport.use(new TwitterStrategy({
consumerKey: configAuth.twitterAuth.consumerKey,
consumerSecret: configAuth.twitterAuth.consumerSecret,
callbackURL: configAuth.twitterAuth.callbackURL,
userProfileURL: "https://api.twitter.com/1.1/account/verify_credentials.json?include_email=true",
includeEmail: true,
profileFields: ['emails']
},
function(token, tokenSecret, profile, done) {
// make the code asynchronous
// User.findOne won't fire until we have all our data back from Twitter
process.nextTick(function() {
User.findOne({
'member.id': profile.id
}, function(err, user) {
// if there is an error, stop everything and return that
// ie an error connecting to the database
if (err)
return done(err);
// if the user is found then log them in
if (user) {
return done(null, user); // user found, return that user
} else {
//declare emails as an array
//var emails = [];
// if there is no user, create them
var newUser = new User();
newUser.member.id = profile.id;
newUser.member.token = profile.token;
newUser.member.username = profile.username;
newUser.member.displayName = profile.displayName;
newUser.member.email = profile.emails[0].value;
newUser.member.medium = 'Twitter';
newUser.member.picture = profile._json.profile_image_url.replace('_original', '');
// save user credentials into the database
newUser.save(function(err) {
if (err)
throw err;
return done(null, newUser);
// res.cookie('username', newUser.twitter.username).send('Hello');
});
}
});
});
}));
};
一些教程说我应该使用我曾经使用过的护照,但是什么都没有改变:
Server.js
//read cookies (needed for auth)
app.use(cookieParser());
// get information from html forms
app.use(bodyParser());
//persistent login
app.use(session({ secret: 'keyboard cat' }));
app.use(passport.initialize());
// persistent login sessions
app.use(passport.session());
答案 0 :(得分:0)
这里有两件事。
如果在服务器重新启动后用户注销,则需要一个“存储”。
如果一段时间后用户自动登录,即使您没有重新启动服务器,也需要设置会话或cookie的到期日期。
您可以使用connect
中间件:
http://www.senchalabs.org/connect/session.html
.use(connect.session({ secret: 'SUPER SECRET', cookie: { maxAge: 86400000 }}))
这应该使会话有效24小时(在此处设置您自己的电话号码)
OR express-session
中间件:
https://github.com/expressjs/session
两者都有store
概念。简而言之,它指定详细信息的存储位置。如果内存在内存中(不建议使用),则在服务器重新启动后,您将失去会话。