使用postgresSQL设置护照本地策略

时间:2019-08-31 20:05:48

标签: javascript node.js postgresql express passport.js

我在使用服务器设置护照身份验证时遇到问题。我以前使用过passwordjs,但是在mongodb中使用过。我目前正在尝试使用postgressql设置本地策略,但是没有运气。当使用passport.authenticate()进入登录POST路由时,我没有收到向我发送的cookie。我不确定是否可以使用passwordJS和通过Heroku托管的postgres数据库正确设置服务器。

require('dotenv').config(); //In order to gain access to our .env file
//process.env.YELP_API_KEY
const express = require("express");
const app = express();
const bodyParser = require("body-parser");
app.use(bodyParser.json()); //This is going to allow us to access data stored in 'body' when making a post or put request
app.use(bodyParser.urlencoded({extended: true}));
const { Pool } = require('pg');
const fs = require("fs"); //This is needed to convert sql files into a string
let port = process.env.PORT || 5000;

//session-related libraries
const session = require("express-session");
const passport = require("passport"); //This is used for authentication
const LocalStrategy = require("passport-local").Strategy;
const bcrypt = require("bcrypt");


//Setting up our session
app.use(session({
    secret: process.env.SECRET,
    resave: false,
    saveUninitialized: false
}));


//Connection to database
const pool = new Pool({
    connectionString: process.env.DATABASE_URL,
    ssl: true
}); //This is used to connect to our remote postegres database hosted via Heroku


//initializing our session
app.use(passport.initialize());
app.use(passport.session()); //Telling our app to use passport for dealing with our sessions


//setting up our local strategy
passport.use('local', new LocalStrategy({passReqToCallBack: true},( username, password, cb )=> {
    console.log("this is being executed");
    pool.query("SELECT id, username, password from users where username=$1", [username], (err, result) => {
        if(err){
            return cb(err);

        }
        if(result.rows.length > 0){
            const first = result.rows[0];
            bcrypt.compare(password, first.password, (err, res) => {
                if(res){
                    cb(null, {
                        id: first.id,
                        user: first.username
                    })
                }
                else {
                    cb(null, false);
                }
            })
        }
        else {
            cb(null, false);
        }
    })
}));



passport.serializeUser(function(user, done){
    console.log("serialize user is executing")
    done(null, user.id);
})

passport.deserializeUser(function(id, done){
    pool.query('SELECT id, username FROM users WHERE id = $1', [parseInt(id, 10)], (err, results) => {
        if(err) {
          return done(err)
        }

        done(null, results.rows[0])
      });
});


app.post("/api/login", (req, res) => {
    passport.authenticate('local', function(err, user, info){
        console.log(user);
    });
})



app.listen(port, function(){
    console.log("Your app is running on port " + port);
});

预期结果:用户应该能够使用发布路线“ / api / login”登录,但是passport.authenticate无法正常工作?护照本地策略也应该正确设置。

1 个答案:

答案 0 :(得分:0)

在您的路线app.post("/api/login", ....中,passport.authenticate需要访问reqres

有多种方法可以使它起作用。

app.post("/api/login", (req, res) => {
    passport.authenticate('local', function(err, user, info){
        console.log(user);
        // make sure to respond to the request
        res.send(user);
    })(req, res); // <= pass req and res to the passport
})

// or
// use it as a middleware
app.post("/api/login", passport.authenticate('local'), (req, res) => {
    console.log(req.user);
    // make sure to respond to the request
    res.send(req.user);
})
相关问题
最新问题