我正在使用NodeJS应用程序,该应用程序在不同的域/端口上具有登录名。 就我而言,我的登录服务器位于localhost:3000上,应用程序位于localhost:3001上。
由于我使用的是PassportJS,因此当我进入localhost:3001 / profile时,我会检查用户是否使用
登录function isLoggedIn(req, res, next)
{
if (req.isAuthenticated())
{
return next();
}
res.redirect('http://localhost:3000/login');
}
登录后,我发送并获取一个SMS代码,验证该代码,然后将我重定向回http://localhost:3001/profile。问题是,一旦返回,我将再次重定向到登录服务器。
app.post('/login', passport.authenticate('local-login',
{
successRedirect: '/sendsms',
failureRedirect: '/login',
failureFlash: true
}),
function (req, res)
{
if (req.body.remember)
{
req.session.cookie.maxAge = 1000 * 60 * 30;
}
else
{
req.session.cookie.expires = false;
}
});
从/ sendsms我重定向到/ validate:
app.post('/validate', function (req, res)
{
console.log("SMS Code: " + req.body.smscode);
if (checkSMSCode(req.body.smscode, req.user))
{
console.log("OK");
res.redirect('http://localhost:3001/profile');
}
else
{
console.log("NOK");
res.redirect('/login');
}
});
这是我的身份验证服务器上的app.js:
'use strict';
var debug = require('debug');
var express = require('express');
var session = require('express-session');
var path = require('path');
var favicon = require('serve-favicon');
var logger = require('morgan');
var cookieParser = require('cookie-parser');
var bodyParser = require('body-parser');
var passport = require('passport');
var flash = require('connect-flash');
var helmet = require('helmet');
var request = require('request');
var connect = require('connect');
var app = express();
/*
* Connect to the database.
* Pass passport for configuration
*/
require('./config/passportHelper')(passport);
/*
* Setup the express application
*/
app.use(logger('dev'));
app.use(cookieParser());
app.use(bodyParser.urlencoded({ extended: true }));
app.use(bodyParser.json());
app.use(helmet());
// Setup ejs templating
app.set('views', path.join(__dirname, 'views'));
app.set('view engine', 'ejs');
// Setup passport sessions
app.use(session(
{
secret: 'mysecretkey',
resave: true,
saveUninitialized: true
}));
app.use(passport.initialize());
app.use(passport.session());
app.use(flash());
/*
* Setup the resources
*/
app.use('/css', express.static(path.join(__dirname, 'public/stylesheets')));
app.use('/js', express.static(path.join(__dirname, 'public/scripts')));
/*
* Setup the routes
*/
require('./routes/index')(app);
require('./routes/login')(app);
require('./routes/signup')(app);
require('./routes/profile')(app);
require('./routes/logout')(app);
require('./routes/redirect')(app);
require('./routes/ticketing')(app);
require('./routes/object')(app);
require('./routes/sendsms')(app);
require('./routes/validate')(app);
/*
* Catch 404 and forward to error handler.
*/
app.use(function (req, res, next)
{
var err = new Error('Not Found');
err.status = 404;
next(err);
});
/*
* Development error handler.
* Will print stacktrace.
*/
if (app.get('env') === 'development')
{
app.use(function (err, req, res, next)
{
res.status(err.status || 500);
console.log("ERROR");
res.render('error',
{
message: err.message,
error: err
});
});
}
/*
* Production error handler.
* No stacktraces leaked to user.
*/
app.use(function (err, req, res, next)
{
res.status(err.status || 500);
res.render('error',
{
message: err.message,
error: {}
});
});
app.set('port', process.env.PORT || 3000);
var server = app.listen(app.get('port'), function ()
{
console.log('Express server listening on port ' + server.address().port);
debug('Express server listening on port ' + server.address().port);
});
我敢肯定我会遗漏一些非常明显的东西,尤其是因为这是我第一次这样做(独立身份验证服务器),但是我无法弄清楚,而且我似乎正在盘旋
起初,所有内容都设计为单个应用程序,并且/ profile位于同一域中,所以没有问题。
有什么想法或提示吗?