Cookie过期后立即调用Express-Session注销

时间:2019-07-10 03:10:53

标签: javascript node.js passport.js logout express-session

我正在使用Node.js和Express构建一个RESTful应用程序,但是在身份验证方面遇到了一些麻烦。 我正在使用Passport JS和express-session做身份验证部分。登录后,请注销等待响应,直到会话cookie过期为止,这样注销将不起作用。

我已经在寻找passport.js文档,但是注销仍然无法正常工作

<form method="POST" action="/login/">
                    <div class="form-group">
                        <label for="email">Email:</label>
                        <input type="email" class="form-control" id="email" name="email">
                    </div>
                    <div class="form-group">
                        <label for="password">Password:</label>
                        <input type="password" class="form-control" id="password" name="password">
                    </div>
                    <div class="checkbox">
                        <label><input type="checkbox"> Remember me</label>
                    </div>
                    <button type="submit" class="btn btn-default" >Submit</button>
                    <!--onclick="changeToAdmin()"-->
                </form>
                <form method="GET" action="/logout">
                    <button type="submit" class="btn btn-default" >Logout</button>
                </form>

const express = require('express');
const requestHandlers = require("./scripts/requestHandlers.js");
const app = express();
const bodyParser = require('body-parser');
const session = require('express-session');
const passport = require('passport');
const path = require('path');
const cookieParser = require("cookie-parser")
const MySQLStore = require('express-mysql-session')
const Usuario = require('./models/Usuario')
const bcrypt = require('bcrypt');
const LocalStrategy = require('passport-local').Strategy


app.use(bodyParser.json())
app.use(bodyParser.urlencoded({ extended: false }))
app.use(express.static("www"))
app.use(cookieParser())
var options = {
  "host": "localhost",
  "user": "root",
  "database": "proj_pi",
  "password": "t00R"
};

var sessionStore = new MySQLStore(options);
const session_name = 'session'

app.use(session({
    name: session_name,
    secret: 'sportclubeinternacional',
    resave: false,
    store: sessionStore,
    saveUninitialized: false,
    cookie: {maxAge: 60000}
}));

app.use(passport.initialize());
app.use(passport.session());

passport.use(new LocalStrategy(function (username, password, done) {
  User.findOne({ username: username }, function (err, user) {
    if (err) { return done(err); }
    if (!user) {
      return done(null, false, { message: 'Incorrect username.' });
    }
    if (!user.validPassword(password)) {
      return done(null, false, { message: 'Incorrect password.' });
    }
    return done(null, user);
  });
}
));

app.post("/login", function (req, res) {
  let email = req.body.email;
  let password = req.body.password;

  Usuario.findOne({
      where: { email: email}
  })
  .then( function (user) {
      if (!user) {
          res.send("username not found")
      }
      else {
      bcrypt.compare(password, user.palavra_passe, function (err, result) {
          if(err) throw err;
          if (result) {
              req.login(user, function(err){
                  authenticationMiddleware();
                  res.send("Logged in");
              })
          }
          else {
              res.send('Incorrect password');
          }
      });
    }    
  })
});

passport.serializeUser(function (user, done) {
  done(null, user.id_user);
});

passport.deserializeUser(function (user, done) {
  Usuario.findByPk(user.id_user, function (err, user) {
      done(err, user);
  });
});

function authenticationMiddleware() {
  return (req, res, next) => {
      console.log(`req.session.passport.user: ${JSON.stringify(req.session.passport)}`);

      if (req.isAuthenticated()) return next();
      res.render('/')
  }
}

app.get('/logout', function(req, res){
  sessionStore.destroy()
  req.logOut();
  res.redirect('/');
});

0 个答案:

没有答案