Passport不调用身份验证策略

时间:2019-07-12 16:03:13

标签: node.js express passport.js passport-local

今天我正试图使护照认证工作。电子邮件和密码现在是静态的,但是稍后我将对其进行更改。我有很多调试消息,但是只有策略之外的消息。没有显示关于护照的错误或警告。

我已经尝试使用不同的正文解析器模式(extented = true,extented = false)。

策略

const LocalStrategy = require('passport-local').Strategy;

module.exports = function(passport) {
  passport.use(
    new LocalStrategy((email, password, done) => {
        console.log('Authentication started');
        var user = null;
        if(email == 'test@mytest.com') {
            if(password == 'test') {
                user = {
                    email
                }
                console.log('Authenticated')
                return done(null, user);
            }
        }
        console.log('Error')
        return done(null, user, {message: 'EMail or Password was wrong'});
    })
  );
  passport.serializeUser(function(user, done) {
    done(null, user.email);
  });

  passport.deserializeUser(function(id, done) {
    done(err, user);
  });
};

app.js(仅包含重要部分)

const express = require('express');
const expressSession = require('express-session')
const bodyParser = require('body-parser');
const expressLayouts = require('express-ejs-layouts');
const app = express();
const https = require('https');
const http = require('http');

app.use(expressSession({ secret: 'secret' }));

// Body Parser
app.use(bodyParser.urlencoded({extended:false}));
app.use(bodyParser.json());


// Passport
const passport = require('passport');
require('./config/passport')(passport);
app.use(passport.initialize());
app.use(passport.session());

// View Engine
app.set('view engine', 'ejs');
app.use(expressLayouts);

app.get('/applications', (req,res) => {
    res.render('applications', {
        user: req.user
    });
});
app.post('/applications', (req, res, next) => {
    console.log(req.body);
    passport.authenticate('local', {
      successRedirect: '/applications',
      failureRedirect: '/',
      failureFlash: false
    })(req, res, next);
  });

https.createServer(httpsOptions, app)
    .listen(7443, () => {
        console.log('HTTPS Server started on Port 7443')
});
http.createServer(app)
    .listen(7080, () => {
        console.log('HTTP Server started on Port 7080')
});

1 个答案:

答案 0 :(得分:0)

确保在POST请求中使用正确的字段。我注意到在您的策略中,您使用了变量emailpassword。尽管变量名并不重要,但在POST请求中发送的字段却很重要。默认情况下,本地护照使用POST字段usernamepassword。如果这些字段之一不存在,则身份验证将失败。您可以将其更改为使用email,如下所示:

passport.use(
  new LocalStrategy({
    usernameField: 'email'
}, (email, password, done) => {
      console.log('Authentication started');
      // Your authentication strategy
  })
);

假设您具有正确的POST字段,为了在请求中使用req.user,必须正确设置passport.deserializeUser函数。测试您的代码,身份验证策略对我来说很好,但是在deserializeUser上收到参考错误。