当我在 Express 中使用 PassportJS 时,它似乎没有对用户进行身份验证。最终我将使用 bcryptjs,但我只想先让它在没有它的情况下工作。我有两个用 .ejs 编写的表单,注册表单工作正常,但是当用户登录主页时,他们应该看到他们的名字。但它只是重定向到主页登录屏幕。
sign-up-form.ejs:
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title></title>
</head>
<body>
<h1>Sign Up</h1>
<form action="" method="POST">
<label for="username">Username</label>
<input name="username" placeholder="username" type="text" />
<label for="password">Password</label>
<input name="password" type="password" />
<button>Sign Up</button>
</form>
</body>
</html>
index.ejs:
<!DOCTYPE html>
<html lang='en'>
<head>
<link rel='stylesheet' href='/stylesheets/style.css' />
</head>
<body>
<% if (user) {%>
<h1>WELCOME BACK <%= user.username %></h1>
<a href="/log-out">LOG OUT</a>
<% } else { %>
<h1>please log in</h1>
<form action="/log-in" method="POST">
<label for="username">Username</label>
<input name="username" placeholder="username" type="text" />
<label for="password">Password</label>
<input name="password" type="password" />
<button>Log In</button>
</form>
<%}%>
</body>
</html>
app.js:
const createError = require('http-errors');
const express = require('express');
const session = require('express-session');
const path = require('path');
const cookieParser = require('cookie-parser');
const logger = require('morgan');
const mongoose = require('mongoose');
const Schema = require('mongoose').Schema;
const dotenv = require('dotenv').config();
const passport = require('passport');
const LocalStrategy = require('passport-local').Strategy;
const helmet = require('helmet');
mongoose.connect(process.env.MONGODB_URI, {useUnifiedTopology: true, useNewUrlParser: true});
const db = mongoose.connection;
db.on('error', console.error.bind(console, 'mongo connection error'));
const User = mongoose.model(
"User",
new Schema({
username: { type: String, required: true },
password: { type: String, required: true }
})
);
// const indexRouter = require('./routes/index');
// const usersRouter = require('./routes/users');
// const signupRouter = require('./routes/sign-up-form');
const app = express();
// view engine setup
app.set('views', path.join(__dirname, 'views'));
app.set('view engine', 'ejs');
passport.use(
new LocalStrategy((username, password, done) => {
User.findOne({ username: username }, (err, user) => {
if (err) {
return done(err);
};
if (!user) {
return done(null, false, { message: "Incorrect username" });
}
if (user.password !== password) {
return done(null, false, { message: "Incorrect password" });
}
return done(null, user);
});
})
);
passport.serializeUser(function(user, done) {
done(null, user.id);
});
passport.deserializeUser(function(id, done) {
User.findById(id, function(err, user) {
done(err, user);
});
});
app.use(session({secret: 'cats', resave: false, saveUninitialized: true}));
app.use(passport.initialize());
app.use(passport.session());
app.use(logger('dev'));
app.use(express.json());
app.use(express.urlencoded({ extended: false })); /*Cannot post extended object*/
app.use(cookieParser());
app.use(express.static(path.join(__dirname, 'public')));
app.use(helmet());
app.get("/", (req, res) => res.render("index", {user: req.user}));
app.get("/sign-up-form", (req, res) => res.render("sign-up-form"));
app.post("/sign-up-form", (req, res, next) => {
const user = new User({
username: req.body.username,
password: req.body.password
}).save(err => {
if (err) {
return next(err);
};
res.redirect("/");
});
});
app.post(
"/log-in",
passport.authenticate("local", {
successRedirect: "/",
failureRedirect: "/"
})
);
app.get("/log-out", (req, res) => {
req.logout();
res.redirect("/");
});
// app.use('/', indexRouter);
// app.use('/users', usersRouter);
// app.use('/sign-up-form', signupRouter);
// catch 404 and forward to error handler
app.use(function(req, res, next) {
next(createError(404));
});
// error handler
app.use(function(err, req, res, next) {
// set locals, only providing error in development
res.locals.message = err.message;
res.locals.error = req.app.get('env') === 'development' ? err : {};
// render the error page
res.status(err.status || 500);
res.render('error');
});
module.exports = app;
不知道为什么用户没有使用他们的用户名重定向到主屏幕,而是被重定向到通用登录屏幕。注册表单在 MongoDB 上存储用户名和密码就好了。任何帮助表示赞赏。