首次设置护照。 isAuthenticated()始终返回false

时间:2020-02-29 08:15:03

标签: node.js express passport.js

我正在通过有关身份验证和安全性的学习模块,正在尝试启动和运行护照,但似乎遇到了麻烦。所有包含在下面的代码都可以按您期望的方式工作,除了将用户从/ register发布路由重定向到/ secrets路由时,尽管.register()起作用了,但未通过身份验证(否则, route会将我重定向到/ register get路由,而不是通过secrets路由重定向到登录页面。)

require("dotenv").config();
const express = require("express");
const bodyParser = require("body-parser");
const mongoose = require("mongoose");
const ejs = require("ejs");
const session = require("express-session");
const passport = require("passport");
const passportLocalMongoose = require("passport-local-mongoose");
const app = express();

app.use(bodyParser.urlencoded({ extended: true }));
app.use(bodyParser.json());
app.use(express.static("public"));
app.set("view engine", "ejs");

app.use(
 session({
   secret: "Our little secret.",
   resave: false,
   saveUninitialized: false
 })
);

app.use(passport.initialize());
app.use(passport.session());

mongoose.connect("mongodb://localhost:27017/userDB", { useNewUrlParser: true });
mongoose.set("useCreateIndex", true);

const userSchema = new mongoose.Schema({
 username: String,
 password: String
});

userSchema.plugin(passportLocalMongoose);

const Users = new mongoose.model("Users", userSchema);
passport.serializeUser(Users.serializeUser());
passport.deserializeUser(Users.deserializeUser());

app.listen(3000, (req, res) => {
 console.log("Listening on port 3000.");
});

app.get("/", (req, res) => {
 res.render("home");
});

app.get("/login", (req, res) => {
 res.render("login");
});

app.get("/register", (req, res) => {
 res.render("register");
});

app.get("/secrets", (req, res) => {
 console.log(req.isAuthenticated())
 if (req.isAuthenticated()) {
   res.render("secrets");
 } else {
   res.redirect("/login");
 }
});

app.post("/register", (req, res) => {
 console.log(req.body.username)
 console.log(req.body.password)
 Users.register(
   { username: req.body.username },
   req.body.password,
   (error, user) => {
     if (error) {
       console.log('there was an error: ', error);
       res.redirect("/register");
     } else {
       passport.authenticate("local")(req, res, () => {  //////////////not authenticating
         res.redirect("/secrets");
       });
     }
   }
 );
});

app.post("/login", (req, res) => {});

弄清楚isAuthenticaed()为什么返回false的任何帮助将不胜感激。谢谢:)

1 个答案:

答案 0 :(得分:0)

您必须定义自己的本地策略:

var passport = require('passport')
  , LocalStrategy = require('passport-local').Strategy;

passport.use(new LocalStrategy(
  function(username, password, done) {
    User.findOne({ username: username }, function (err, user) {
      if (err) { return done(err); }
      if (!user) {
        return done(null, false, { message: 'Incorrect username.' });
      }
      if (!user.validPassword(password)) {
        return done(null, false, { message: 'Incorrect password.' });
      }
      return done(null, user);
    });
  }
));

如果成功响应,它将在数据库中查询用户信息(例如Mongodb)。

相关问题
最新问题