我已经使用next.js构建了一个React应用,并为服务器进行了表达。现在,我尝试添加本地身份验证,但是身份验证每次都会失败。我认为这与未正确将参数传递给策略有关,但我无法弄清楚。
我已经尝试记录错误,但是passport.js不会返回任何有意义的错误消息。
预期行为:
用户存储在MongoDB中。用户应该能够通过登录表单登录,然后用于该用途的会话应保留在cookie中。
当前行为
将POST发送到/ login后,页面将按照authenticate方法中的指定重定向到/ 404。添加日志记录时,似乎根本无法访问用户。
server.js
/// BUNCH OF IMPORTS ///
const initializePassport = require("./passportConfig");
const usersApi = require("./api/handlers/usersApiHandlers");
initializePassport(
passport,
email => usersApi.getUserBySearchparam(email),
id => usersApi.getUserBySearchparam(id)
);
const sessionConfig = {
secret: uid.sync(18),
cookie: {
maxAge: 86400 * 1000 // 24 hours in milliseconds
},
resave: false,
saveUninitialized: true
};
...
app.prepare().then(() => {
const server = express();
server.use(session(sessionConfig));
server.use(flash());
server.use(passport.initialize());
mongoose.connect(process.env.DATABASE_URL, { useNewUrlParser: true });
const db = mongoose.connection;
db.on("error", error => console.error(error));
db.once("open", () => console.log("connected to database"));
server.use(cors());
server.post(
"/login/",
passport.authenticate("local", {
successRedirect: "/api/swagger-doc",
failureRedirect: "/404",
failureFlash: true
})
);
/// Bunch of routes to the different Pages ///
passportConfig.js
const LocalStrategy = require("passport-local").Strategy;
const bcrypt = require("bcrypt");
function initialize(passport, getUserByEmail, getUserById) {
const authenticateUser = async (email, password, done) => {
const user = getUserByEmail(email);
if (user == null) {
return done(null, false, { message: "No user with that email" });
}
try {
if (await bcrypt.compare(password, user.password)) {
return done(null, user);
}
return done(null, false, { message: "Password incorrect" });
} catch (error) {
return done(error);
}
};
passport.use(new LocalStrategy({ usernameField: "email" }, authenticateUser));
passport.serializeUser((user, done) => done(null, user.id));
passport.deserializeUser((user, done) => {
done(null, getUserById(user.id));
});
}
module.exports = initialize;
getUserBySearchparam
const getUserBySearchparam = searchParam => {
return fetch(baseURL + searchParam)
.then(handleResponse)
.catch(handleError);
};
为getUserBySearchparam返回JSON
{
"email": "...",
"isActivated": true,
"imageUrl": "...",
"name": "...",
"password": "...",
"role": "...",
"_id": "..."
}