我正在尝试创建一个单一登录功能,该功能可检查是否已配置用户,并创建用户或使用最新信息更新数据库。
我已经可以执行更新/插入了,但是现在我无法从查询中返回用户ID(uid或UserID)。
在本节中,我已经尝试评论了几件事。
基本上,执行插入/更新的查询嵌套在另一个内部,该查询位于post_assert内部。我需要刚刚配置的用户的iresults.insertId的值,并将第一级查询的result [0] .nid的结果保存到'cookieData'数组中。
现在,我正在获取cookie的其余部分(名字,姓氏,用户名,电子邮件,wwwid,国家和地区,但就我个人而言,无法将cookieData.userid属性添加到该cookie之前被发送回浏览器。
这是一个expressJS REST API,可将数据发送回VueJS应用程序。
我尝试了回调以及全局变量,但是似乎没有什么可以将新值添加到数组中。
sp.post_assert(idp, options, function (err, saml_response) {
if (err)
res.redirect('https://www.example.com/');
var sessionID = saml_response.response_header.id;
setCookie(res, req, sessionID);
var refererLocation = req.cookies.referLocation;
// Set User Data Variables
const firstName = saml_response.user.attributes.givenName;
const middleName = null;
const lastName = saml_response.user.attributes.sn;
const username = saml_response.user.attributes.uid;
const email = saml_response.user.attributes.mail;
const wwid = saml_response.user.attributes.employeeID;
const country = saml_response.user.attributes.country;
const geo = saml_response.user.attributes.geographicRegion;
/*function setCookieData(val) {
cookieData.userid = val;
}*/
// let userid;
// Check if user exists in DB
res.locals.connection.query('SELECT * FROM users WHERE username = ?', [username], function (error, results, fields) {
if (error) throw error;
// Get the Current Date-Time for insertion
const accessDateTime = new Date();
const adtYear = accessDateTime.getFullYear();
const adtMonth = accessDateTime.getMonth() + 1;
const adtDay = accessDateTime.getDate();
const adtHour = accessDateTime.getHours();
const adtMin = accessDateTime.getMinutes();
const adtSec = accessDateTime.getSeconds();
const dts = `${adtYear}-${adtMonth}-${adtDay} ${adtHour}:${adtMin}:${adtSec}`;
// let userid;
// If results is empty, then the user who just logged in does not currently have
// an account provisioned, so set them up an account.
if (!(results.hasOwnProperty(0))) {
res.locals.connection.query('INSERT INTO users SET ?', {first_name: firstName, middle_name: middleName, last_name: lastName, username: username, email: email, status: 1, created: dts, access: dts, login: dts}, function (ierror, iresults, ifields){
if (ierror) throw ierror;
// Set the User Data Cookie
// res.locals.userid = iresults.insertId;
// setUserIdValue(iresults[0].insertId);
// res.clearCookie('UserInfo');
// res.cookie('UserInfo', cookieData);
// cookieData.userid=iresults[0].insertId;
// res.cookie('UserInfo', cookieData);
app.locals.userid = iresults[0].insertId;
});
// Else, the result was NOT empty, then the user already exists in the DB,
// so just update their Access and Login DATETIME fields.
} else {
res.locals.connection.query('UPDATE users SET login = ?, access = ? WHERE uid = ?', [dts, dts, results[0].uid], function (ierror, iresults, ifields){
if (ierror) throw ierror;
// userid = results[0].uid;
// Set the User Data Cookie
// res.locals.userid = results[0].uid;
// setUserIdValue(results[0].uid);
// res.clearCookie('UserInfo');
// res.cookie('UserInfo', cookieData);
// cookieData.userid=results[0].uid;
// res.cookie('UserInfo', cookieData);
app.locals.userid = results[0].uid;
});
}
});
const cookieData = {
firstName: firstName,
lastName: lastName,
username: username,
email: email,
wwid: wwid,
country: country,
geo: geo,
userid: app.locals.userid,
};
res.cookie('UserInfo', cookieData);
//Add saml ID to database with expiration date
if (refererLocation != undefined) {
res.clearCookie("referLocation");
res.redirect('https://www.example.com' + refererLocation);
} else {
res.redirect('https://www.example.com/uri');
}
// Save name_id and session_index for logout
// Note: In practice these should be saved in the user session, not globally.
// name_id = saml_response.user.givenName + "," + saml_response.sn;
// session_index = saml_response.user.session_index;
//var first = saml_response.user.attributes.givenName;
//var last = saml_response.user.attributes.sn;
//res.send("Hello, " + first + " " + last);
});
我已将其分解为最简单的概念,但仍然无法获取将“ userid”值返回到cookie中的信息。即使将所有内容都设置为ASYNC和AWAIT。
app.post('/api/v1/saml/acs', function (req, res) {
const options = {
request_body: req.body,
allow_unencrypted_assertion: true
};
sp.post_assert(idp, options, async function (err, saml_response) {
if (err)
res.redirect('https://www.example.com/');
const sessionID = saml_response.response_header.id;
const user = saml_response.user.attributes;
// Set User Data Variables
const firstName = user.givenName;
const middleName = null;
const lastName = user.sn;
const username = user.uid;
const email = user.mail;
const wwid = user.employeeID;
const country = user.country;
const geo = user.geographicRegion;
app.locals.UserData = {
firstName: firstName,
lastName: lastName,
username: username,
email: email,
wwid: wwid,
country: country,
geo: geo,
// userid: '',
};
// Check if user exists in DB
await res.locals.connection.query('SELECT * FROM users WHERE username = ?', [app.locals.UserData.username], async function (error, results, fields) {
if (error) throw error;
// Get the Current Date-Time for insertion
const accessDateTime = new Date();
const adtYear = accessDateTime.getFullYear();
const adtMonth = accessDateTime.getMonth() + 1;
const adtDay = accessDateTime.getDate();
const adtHour = accessDateTime.getHours();
const adtMin = accessDateTime.getMinutes();
const adtSec = accessDateTime.getSeconds();
const dts = `${adtYear}-${adtMonth}-${adtDay} ${adtHour}:${adtMin}:${adtSec}`;
// If results is empty, then the user who just logged in does not currently have
// an account provisioned, so set them up an account.
if (!(results.hasOwnProperty(0))) {
await res.locals.connection.query('INSERT INTO users SET ?', {first_name: app.locals.UserData.firstName, middle_name: app.locals.UserData.middleName, last_name: app.locals.UserData.lastName, username: app.locals.UserData.username, email: app.locals.UserData.email, status: 1, created: dts, access: dts, login: dts}, async function (ierror, iresults, ifields){
if (ierror) throw ierror;
app.locals.UserData.userid = 22;
// app.locals.UserData.userid = iresults.insertID;
});
} else {
await res.locals.connection.query('UPDATE users SET login = ?, access = ? WHERE uid = ?', [dts, dts, results[0].uid], async function (ierror, iresults, ifields){
if (ierror) throw ierror;
app.locals.UserData.userid = 44;
// app.locals.UserData.userid = results[0].uid;
});
}
});
// Set User Session Cookie
res.cookie('UserData', app.locals.UserData);
// Set SAML Session Cookie
setCookie(res, req, sessionID);
// Get the referrer location
var refererLocation = req.cookies.referLocation;
// If it is undefined, then send the user back to where they started the Sign On process.
if (refererLocation != undefined) {
res.clearCookie("referLocation");
res.redirect('https://www.example.com' + refererLocation);
} else {
res.redirect('https://www.example.com/uri');
}
});
});
我相信我已经听取了您的建议,但是它仍然没有返回'userid'属性。
我已将'next'参数添加到
app.post('/api/va/saml/acs', function (){...});
并在末尾添加了一个'next()'调用
sp.post_assert(idp, options, async function(...){
// logic here with nested calls trying to update app.locals.UserData
next();
});
我也尝试在post_assert之外尝试'next()'调用,并且得到以下消息:
Error [ERR_HTTP_HEADERS_SENT]: Cannot set headers after they are sent to the client
有关更新的代码,请参见下文。
app.post('/api/v1/saml/acs', function (req, res, next) {
const options = {
request_body: req.body,
allow_unencrypted_assertion: true
};
sp.post_assert(idp, options, async function (err, saml_response) {
if (err)
res.redirect('https://www.example.com/');
const sessionID = saml_response.response_header.id;
const user = saml_response.user.attributes;
// Set User Data Variables
const firstName = user.givenName;
const middleName = null;
const lastName = user.sn;
const username = user.uid;
const email = user.mail;
const wwid = user.employeeID;
const country = user.country;
const geo = user.geographicRegion;
app.locals.UserData = {
firstName: firstName,
lastName: lastName,
username: username,
email: email,
wwid: wwid,
country: country,
geo: geo,
// userid: '',
};
// Check if user exists in DB
await res.locals.connection.query('SELECT * FROM users WHERE username = ?', [app.locals.UserData.username], async function (error, results, fields) {
if (error) throw error;
// Get the Current Date-Time for insertion
const accessDateTime = new Date();
const adtYear = accessDateTime.getFullYear();
const adtMonth = accessDateTime.getMonth() + 1;
const adtDay = accessDateTime.getDate();
const adtHour = accessDateTime.getHours();
const adtMin = accessDateTime.getMinutes();
const adtSec = accessDateTime.getSeconds();
const dts = `${adtYear}-${adtMonth}-${adtDay} ${adtHour}:${adtMin}:${adtSec}`;
// If results is empty, then the user who just logged in does not currently have
// an account provisioned, so set them up an account.
if (!(results.hasOwnProperty(0))) {
await res.locals.connection.query('INSERT INTO users SET ?', {first_name: app.locals.UserData.firstName, middle_name: app.locals.UserData.middleName, last_name: app.locals.UserData.lastName, username: app.locals.UserData.username, email: app.locals.UserData.email, status: 1, created: dts, access: dts, login: dts}, async function (ierror, iresults, ifields){
if (ierror) throw ierror;
app.locals.UserData.userid = 22;
// app.locals.UserData.userid = iresults.insertID;
});
} else {
await res.locals.connection.query('UPDATE users SET login = ?, access = ? WHERE uid = ?', [dts, dts, results[0].uid], async function (ierror, iresults, ifields){
if (ierror) throw ierror;
app.locals.UserData.userid = 44;
// app.locals.UserData.userid = results[0].uid;
});
}
});
// Set User Session Cookie
res.cookie('UserData', app.locals.UserData);
// Set SAML Session Cookie
setCookie(res, req, sessionID);
// Get the referrer location
var refererLocation = req.cookies.referLocation;
// If it is undefined, then send the user back to where they started the Sign On process.
if (refererLocation != undefined) {
res.clearCookie("referLocation");
res.redirect('https://www.example.com' + refererLocation);
} else {
res.redirect('https://www.example.com/uri');
}
next();
});
});
谢谢DMFAY和BennetQuigley。这个问题已经解决。
下面将对工作解决方案进行评论。
app.post('/api/v1/saml/acs', function (req, res, next) {
const options = {
request_body: req.body,
allow_unencrypted_assertion: true
};
sp.post_assert(idp, options, function (err, saml_response) {
if (err)
res.redirect('https://www.example.com/');
// Get the Sessions ID
const sessionID = saml_response.response_header.id;
// Set the returned User Info to a Variable
const user = saml_response.user.attributes;
// Set the app.locals.UserData variable
app.locals.UserData = {
firstName: user.givenName,
middleName: null,
lastName: user.sn,
username: user.uid,
email: user.mail,
wwid: user.employeeID,
country: user.country,
geo: user.geographicRegion,
};
// Check if user exists in DB
res.locals.connection.query('SELECT * FROM users WHERE username = ?', [app.locals.UserData.username], function (error, results, fields) {
if (error) throw error;
// Get the Current Date-Time for Insert/Update of user logon history
const accessDateTime = new Date();
const adtYear = accessDateTime.getFullYear();
const adtMonth = accessDateTime.getMonth() + 1;
const adtDay = accessDateTime.getDate();
const adtHour = accessDateTime.getHours();
const adtMin = accessDateTime.getMinutes();
const adtSec = accessDateTime.getSeconds();
const dts = `${adtYear}-${adtMonth}-${adtDay} ${adtHour}:${adtMin}:${adtSec}`;
// If results is empty, then the user who just logged in does not currently have
// an account provisioned, so set them up an account.
if (!(results.hasOwnProperty(0))) {
res.locals.connection.query('INSERT INTO users SET ?', {
first_name: app.locals.UserData.firstName,
middle_name: app.locals.UserData.middleName,
last_name: app.locals.UserData.lastName,
username: app.locals.UserData.username,
email: app.locals.UserData.email,
status: 1,
created: dts,
access: dts,
login: dts
}, function (ierror, iresults, ifields){
if (ierror) throw ierror;
// set the app.locals.UserData.userid value to the newly inserted ID
app.locals.UserData.userid = `["${iresults.insertID}"]`;
// From here to 'next()' has to be repeated in both cases
// 'next()' must be used to return the values and actions to the parent
// Call.
// Set User Session Cookie
res.cookie('UserData', app.locals.UserData);
// Set SAML Session Cookie
setCookie(res, req, sessionID);
// Get the referrer location
var refererLocation = req.cookies.referLocation;
// If it is undefined, then send the user back to where they started the Sign On process.
if (refererLocation != undefined) {
res.clearCookie("referLocation");
res.redirect('https://clpstaging.mcafee.com' + refererLocation);
} else {
res.redirect('https://clpstaging.mcafee.com/clp');
}
// Tell the callback to move forward with the actions.
next();
});
} else {
res.locals.connection.query('UPDATE users SET login = ?, access = ? WHERE uid = ?', [dts, dts, results[0].uid], function (ierror, iresults, ifields){
if (ierror) throw ierror;
// Set the app.locals.UserData.userid to the Users PK
app.locals.UserData.userid = results[0].uid;
// From here to 'next()' has to be repeated in both cases
// 'next()' must be used to return the values and actions to the parent
// Call.
// Set User Session Cookie
res.cookie('UserData', app.locals.UserData);
// Set SAML Session Cookie
setCookie(res, req, sessionID);
// Get the referrer location
var refererLocation = req.cookies.referLocation;
// If it is undefined, then send the user back to where they started the Sign On process.
if (refererLocation != undefined) {
res.clearCookie("referLocation");
res.redirect('https://www.example.com' + refererLocation);
} else {
res.redirect('https://www.example.com/uri');
}
// Tell the callback to move forward with the actions.
next();
});
}
});
});
});
答案 0 :(得分:1)
您的post_assert回调是异步的,但您的路由回调不是,因此路由逻辑在post_assert回调可以完成之前完成。使用Express的最简单的方法可能是使用app.post(url, function (req, res, next) {...})签名,并在完成cookie的设置并设置重定向之后,在post_assert回调的最后一步调用next()。
答案 1 :(得分:1)
如dmfay所说,post_assert在查询可以完成并设置userid字段之前完成并设置cookie。
我发现解决此类问题的最佳方法是使用Promises。
摘自Google关于Promises的文档:
var promise = new Promise(function(resolve, reject) {
// query the database to get the user id
if (/* everything turned out fine */) {
resolve("Stuff worked!"); //resolve (return) the user id here
}
else {
reject(Error("It broke"));
}
});
然后您将要利用Promise的返回结果。
promise.then(function(result) {
console.log(result); // Set the cookie with the user id here
}, function(err) {
console.log(err); // Error
});