快速护照检查,如果用户通过身份验证

时间:2018-07-13 10:28:44

标签: node.js express passport.js

我正在使用通行证登录并显示'/ home'。登录有效并重定向到'/ home'。但是此端点不受保护,可以通过在浏览器中键入进行访问。我尝试使用req.isAuthenticated ()(并在此处遇到了多个问题)无济于事。

Routes // index.js

var express = require('express');
var router = express.Router();
var User = require('../models/user');
var passport = require('passport');
var session = require('express-session');
const LocalStrategy = require('passport-local').Strategy;




passport.use(new LocalStrategy(
  function(username, password, done) {
      User.findOne({
        username: username
      }, function(err, user) {
        if (err) {
          return done(err);
        }

        if (!user) {
          return done(null, false);
        }

        if (user.password != password) {
          return done(null, false);
        }
        return done(null, user);        
      });
  }
));





router.get('/', function(req, res, next) {
  res.render('index', { title: 'Express' });
});

router.get('/login', function(req, res, next) {
  res.render('login');
});

router.post('/login', passport.authenticate('local', { failureRedirect : '/', successRedirect : '/home'}))

router.get('/register', function(req, res, next) {
  res.render('register');
});



router.get('/logout', function(req, res){
  req.logout();
  res.redirect('/');
});

router.get('/home', ensureLocalAuthenticated, function(req, res){
  res.render('home', { user: req.user });
});



function ensureLocalAuthenticated(req, res, next) {
  console.log(req.isAuthenticated());
  if (req.isAuthenticated()) { return next(); }
  res.redirect('/login');
}



module.exports = router;

在我的app.js文件中,我已经这样配置了护照:

//passportconfig
app.use(passport.initialize());
app.use(passport.session());

passport.serializeUser(function(user, done){
  done(null, user.id)
})

passport.deserializeUser(function(id, done){
  User.findById(id, function(err, user){
    done(err, user)
  })
})

app.use('/', indexRouter);
app.use('/users', usersRouter);

isAuthenticated总是返回该中间件错误的登录信息。如果删除它,我可以很好地登录,但是所有用户都可以访问'/ home'

1 个答案:

答案 0 :(得分:0)

向app.js添加以下行对我有用:

    buildozer android debug deploy run
    # Check configuration tokens
    # Ensure build layout
    # Check configuration tokens
    # Preparing build
    # Check requirements for android
    # Run 'dpkg --version'
    # Cwd None
    Debian 'dpkg' package management program version 1.19.0.5 (amd64).
    This is free software; see the GNU General Public License version 2 or
    later for copying conditions. There is NO warranty.
    # Search for Git (git)
    #  -> found at /usr/bin/git
    # Search for Cython (cython)
    #  -> found at /usr/bin/cython
    # Search for Java compiler (javac)
    #  -> found at /usr/lib/jvm/java-8-openjdk-amd64/bin/javac
    # Search for Java keytool (keytool)
    #  -> found at /usr/lib/jvm/java-8-openjdk-amd64/jre/bin/keytool
    # Install platform
    # Run 'pip install -q  "appdirs" "colorama>=0.3.3" "sh>=1.10,<1.12.5"       "jinja2" "six"'
    # Cwd None
    # Apache ANT found at /home/amazingratman/.buildozer/android/platform/apache-ant-1.9.4
    # Android SDK found at /home/amazingratman/.buildozer/android/platform/android-sdk-20
    # Android NDK found at /home/amazingratman/Downloads/buildozer-master/.buildozer/android/platform
    # Check application requirements
    # Check garden requirements
    # Compile platform
    # Run '/usr/bin/python -m pythonforandroid.toolchain create --dist_name=myapp --bootstrap=sdl2 --requirements=kivy,python3crystax --ndk-dir /home/amazingratman/Downloads/crystax-ndk-10.3.2-linux-x86_64/crystax-ndk-10.3.2/ --arch armeabi-v7a --copy-libs --color=always --storage-dir=/home/amazingratman/Desktop/python_stuff/.buildozer/android/platform/build'
    # Cwd /home/amazingratman/Desktop/python_stuff/.buildozer/android/platform/python-for-android-new-toolchain

因此,护照的配置如下:

app.use(require('express-session')({
  secret: 'keyboard cat',
  resave: false,
  saveUninitialized: false
}));

使用它们:

var cookieParser = require('cookie-parser');
var bodyParser = require('body-parser');
var passport = require('passport');
var mongoose = require('mongoose');
var User = require('./models/user')
const LocalStrategy = require('passport-local').Strategy;