我正在使用通行证登录并显示'/ home'。登录有效并重定向到'/ home'。但是此端点不受保护,可以通过在浏览器中键入进行访问。我尝试使用req.isAuthenticated ()(并在此处遇到了多个问题)无济于事。
Routes // index.js
var express = require('express');
var router = express.Router();
var User = require('../models/user');
var passport = require('passport');
var session = require('express-session');
const LocalStrategy = require('passport-local').Strategy;
passport.use(new LocalStrategy(
function(username, password, done) {
User.findOne({
username: username
}, function(err, user) {
if (err) {
return done(err);
}
if (!user) {
return done(null, false);
}
if (user.password != password) {
return done(null, false);
}
return done(null, user);
});
}
));
router.get('/', function(req, res, next) {
res.render('index', { title: 'Express' });
});
router.get('/login', function(req, res, next) {
res.render('login');
});
router.post('/login', passport.authenticate('local', { failureRedirect : '/', successRedirect : '/home'}))
router.get('/register', function(req, res, next) {
res.render('register');
});
router.get('/logout', function(req, res){
req.logout();
res.redirect('/');
});
router.get('/home', ensureLocalAuthenticated, function(req, res){
res.render('home', { user: req.user });
});
function ensureLocalAuthenticated(req, res, next) {
console.log(req.isAuthenticated());
if (req.isAuthenticated()) { return next(); }
res.redirect('/login');
}
module.exports = router;
在我的app.js文件中,我已经这样配置了护照:
//passportconfig
app.use(passport.initialize());
app.use(passport.session());
passport.serializeUser(function(user, done){
done(null, user.id)
})
passport.deserializeUser(function(id, done){
User.findById(id, function(err, user){
done(err, user)
})
})
app.use('/', indexRouter);
app.use('/users', usersRouter);
isAuthenticated总是返回该中间件错误的登录信息。如果删除它,我可以很好地登录,但是所有用户都可以访问'/ home'
答案 0 :(得分:0)
向app.js添加以下行对我有用:
buildozer android debug deploy run
# Check configuration tokens
# Ensure build layout
# Check configuration tokens
# Preparing build
# Check requirements for android
# Run 'dpkg --version'
# Cwd None
Debian 'dpkg' package management program version 1.19.0.5 (amd64).
This is free software; see the GNU General Public License version 2 or
later for copying conditions. There is NO warranty.
# Search for Git (git)
# -> found at /usr/bin/git
# Search for Cython (cython)
# -> found at /usr/bin/cython
# Search for Java compiler (javac)
# -> found at /usr/lib/jvm/java-8-openjdk-amd64/bin/javac
# Search for Java keytool (keytool)
# -> found at /usr/lib/jvm/java-8-openjdk-amd64/jre/bin/keytool
# Install platform
# Run 'pip install -q "appdirs" "colorama>=0.3.3" "sh>=1.10,<1.12.5" "jinja2" "six"'
# Cwd None
# Apache ANT found at /home/amazingratman/.buildozer/android/platform/apache-ant-1.9.4
# Android SDK found at /home/amazingratman/.buildozer/android/platform/android-sdk-20
# Android NDK found at /home/amazingratman/Downloads/buildozer-master/.buildozer/android/platform
# Check application requirements
# Check garden requirements
# Compile platform
# Run '/usr/bin/python -m pythonforandroid.toolchain create --dist_name=myapp --bootstrap=sdl2 --requirements=kivy,python3crystax --ndk-dir /home/amazingratman/Downloads/crystax-ndk-10.3.2-linux-x86_64/crystax-ndk-10.3.2/ --arch armeabi-v7a --copy-libs --color=always --storage-dir=/home/amazingratman/Desktop/python_stuff/.buildozer/android/platform/build'
# Cwd /home/amazingratman/Desktop/python_stuff/.buildozer/android/platform/python-for-android-new-toolchain
因此,护照的配置如下:
app.use(require('express-session')({
secret: 'keyboard cat',
resave: false,
saveUninitialized: false
}));
使用它们:
var cookieParser = require('cookie-parser');
var bodyParser = require('body-parser');
var passport = require('passport');
var mongoose = require('mongoose');
var User = require('./models/user')
const LocalStrategy = require('passport-local').Strategy;