我在使用cookie会话与Google oauth2建立持久身份验证系统时遇到了麻烦。 我正在使用以下软件包:
这是我的主要应用
const express = require('express');
const config = require('./config.json');
const cors = require('cors');
const cookieSession = require('cookie-session');
const passport = require('passport');
const path = require('path');
const auth = require('./middleware/auth.service');
const app = express();
app.use(express.json());
app.use(express.urlencoded({ extended: false }));
app.use(cors());
app.use(cookieSession({
name: 'session',
keys: config.session.keys,
secret: config.secretkey,
cookie: {
secure: false,
httpOnly: true,
path: 'cookie',
expires: new Date(Date.now() + 60 * 60 * 1000 * 24 * 365)
}
}))
passport.use(require('./middleware/passport.service'));
app.use(passport.initialize());
app.use(passport.session());
app.set('view engine', 'ejs');
app.set('views', path.join(__dirname, 'views'));
app.use(express.static(path.join(__dirname, 'views')));
app.use('/auth', auth.router);
app.get('/', auth.isAuthenticated, (req,res)=>{
res.json(req.session.passport);
});
app.listen(3001,()=>{
console.log("Listening on port 3001...");
});
这是我的身份验证服务:
const express = require('express');
const passport = require('passport');
const router = express.Router();
router.get('/login',(req,res)=>{
res.render('login');
});
router.get('/google',
passport.authenticate('google', { scope:
[ 'email', 'profile' ] }
));
router.get('/google/failure',(req,res)=>{
res.redirect('/auth/login');
});
router.get( '/google/callback',
passport.authenticate( 'google', { failureRedirect: '/auth/google/failure', successRedirect: '/' }));
function isAuthenticated(req, res, next) {
if(req.session.passport){
next();
} else {
res.redirect('/auth/login');
}
}
module.exports = {
router,
isAuthenticated
}
基本上,身份验证是有效的,但它不是持久性的,这意味着当我关闭浏览器时,用户会话到期,您知道我可能在哪里错了吗?
答案 0 :(得分:0)
我发现了问题,但我不知道为什么,基本上我将程序包从cookie-session切换到express-session,重新安排了会话代码,然后它开始工作,也许护照和cookie-session之间存在一些不兼容的地方我不知道???无论如何,以下代码有效。
const express = require("express");
const config = require("./config.json");
const cors = require("cors");
var session = require("express-session");
const passport = require("passport");
const path = require("path");
const auth = require("./middleware/auth.service");
const app = express();
app.use(express.json());
app.use(express.urlencoded({ extended: false }));
app.set("trust proxy", 1);
app.use(cors());
app.use(
session({
secret: config.secretKey,
resave: false,
saveUninitialized: true,
cookie: {
secure: false,
maxAge: 60 * 60 * 1000 * 24 * 365,
},
})
);
app.use(passport.initialize());
app.use(passport.session());
passport.use(require("./middleware/passport.service"));
app.set("view engine", "ejs");
app.set("views", path.join(__dirname, "views"));
app.use(express.static(path.join(__dirname, "views")));
app.use("/auth", auth.router);
app.get("/", auth.isAuthenticated, (req, res) => {
res.json(req.session.passport);
});
app.listen(3001, () => {
console.log("Listening on port 3001...");
});