0
我正在使用一个nodejs express应用程序,我尝试使用护照本地策略进行身份验证,使用电子邮件和密码,但成功登录后,当我检查req.Authentication()函数它给了我虚假的价值,所以请帮助我更正代码。req.isAuthenticated not working
在我的mvc /控制器/用户/ index.js文件时,当我检查eports.auth方法consloe.log(req.user)它显示的值,但成功重定向后,我没有得到req.user是成为空
我的应用程序结构
mvc(main folder)
-------- db.js
-------- index.js
-------- package.json
----- conrollers (folder)
-----user (folder)
----- views (folder)
----- index.js (js file)
----- lib (folder where middileware, router and other library file exist)
--------- boot.js
----- models (folder)
------user.js
----- node-modules
----- passport(folder)
--------init.js
--------login.js
--------signup.js
----- public (folder)
----- views (folder)
--------4o4.ejs
--------5xx.ejs
--------footer.ejs
--------header.ejs
MVC/index.js
var express = require('./lib/express');
var logger = require('morgan');
var session = require('express-session');
var cookieParser = require('cookie-parser');
var bodyParser = require('body-parser');
var methodOverride = require('method-override');
var mongoose = require('mongoose');
var monk = require('monk');
var app = module.exports = express();
// settings
var dbConfig = require('./db');
//Connect to db
mongoose.connect(dbConfig.url);
var dbMonk = monk(dbConfig.url);
// set our default template engine to "jade"
// which prevents the need for extensions
app.set('view engine', 'ejs');
// set views for error and 404 pages
app.set('views', __dirname + '/views');
// Using the flash middleware provided by connect-flash to store messages in session
// and displaying in templates
/*var flash = require('connect-flash');
app.use(flash());*/
app.use(require('connect-flash')());
app.use(function (req, res, next) {
res.locals.flashMessages = require('express-messages')(req, res);
//console.log('res.locals.flashMessages : ');
//console.log(res.locals.flashMessages);
next();
});
// define a custom res.message() method
// which stores messages in the session
app.response.message = function(msg){
// reference `req.session` via the `this.req` reference
var sess = this.req.session;
// simply add the msg to an array for later
sess.messages = sess.messages || [];
sess.messages.push(msg);
return this;
};
// log
if (!module.parent) app.use(logger('dev'));
// serve static files
app.use(express.static(__dirname + '/public'));
// session support
app.use(session({
resave: false, // don't save session if unmodified
saveUninitialized: false, // don't create session until something stored
secret: 'some secret here'
}));
// parse request bodies (req.body)
app.use(bodyParser.urlencoded({ extended: true }));
// allow overriding methods in query (?_method=put)
app.use(methodOverride('_method'));
// expose the "messages" local variable when views are rendered
app.use(function(req, res, next){
var msgs = req.session.messages || [];
// expose "messages" local variable
res.locals.messages = msgs;
console.log("res.locals.messages : ");
console.log(res.locals.messages);
// expose "hasMessages"
res.locals.hasMessages = !! msgs.length;
console.log("res.locals.hasMessages : ");
console.log(res.locals.hasMessages);
/* This is equivalent:
res.locals({
messages: msgs,
hasMessages: !! msgs.length
});
*/
next();
// empty or "flush" the messages so they
// don't build up
req.session.messages = [];
});
app.use(cookieParser());
//Configure Passport
var passport = require('passport');
app.use(passport.initialize());
app.use(passport.session());
// Initialize passport
var initPassport = require('./passport/init');
initPassport(passport);
// Make our db accessible to our router
app.use(function(req,res,next){
req.db = dbMonk;
next();
});
// Make our passport accessible to our router
app.use(function(req,res,next){
req.passport = passport;
next();
});
// load controllers
require('./lib/boot')(app, { verbose: !module.parent });
app.use(function(err, req, res, next){
// log it
if (!module.parent) console.error(err.stack);
// error page
res.status(500).render('5xx',{title:"500 Error"});
});
// assume 404 since no middleware responded
app.use(function(req, res, next){
res.status(404).render('404', { url: req.originalUrl,title:"404 Page Not Found" });
});
/* istanbul ignore next */
if (!module.parent) {
app.listen(3000);
console.log('Express started on port 3000');
}
的lib/boot.js
/**
* Module dependencies.
*/
var express = require('../lib/express');
var fs = require('fs');
module.exports = function(parent, options){
var verbose = options.verbose;
fs.readdirSync(__dirname + '/../controllers').forEach(function(name){
verbose && console.log('\n %s:', name);
var obj = require('./../controllers/' + name);
var name = obj.name || name;
var prefix = obj.prefix || '';
var app = express();
var handler;
var method;
var path;
// allow specifying the view engine
if (obj.engine) app.set('view engine', obj.engine);
app.set('views', __dirname + '/../controllers/' + name + '/views');
// generate routes based
// on the exported methods
for (var key in obj) {
// "reserved" exports
if (~['name', 'prefix', 'engine', 'before'].indexOf(key)) continue;
// route exports
switch (key) {
case 'login':
method = 'get',
path = '/'+name+'/login';
break;
case 'logout':
method = 'get',
path = '/'+name+'/logout';
break;
case 'auth':
method = 'post',
path = '/'+name+'/login';
break;
case 'add':
method = 'get',
path = '/'+name+'/add';
break;
case 'save':
method = 'post',
path = '/'+name+'/save';
break;
case 'show':
method = 'get';
path = '/' + name + '/:' + name + '_id';
//path = '/' + name + '/:id';
break;
case 'list':
method = 'get';
path = '/' + name + 's';
break;
case 'edit':
method = 'get';
path = '/' + name + '/:' + name + '_id/edit';
break;
case 'update':
method = 'put';
path = '/' + name + '/:' + name + '_id';
break;
case 'create':
method = 'post';
path = '/' + name;
break;
case 'index':
method = 'get';
path = '/';
break;
default:
/* istanbul ignore next */
throw new Error('unrecognized route: ' + name + '.' + key);
}
// setup
handler = obj[key];
path = prefix + path;
// before middleware support
app[method](path, obj[key]);
verbose && console.log(' %s %s -> %s', method.toUpperCase(), path, key);
/*if (obj.before) {
//app[method](path, obj.before, handler);
app[method](path, obj[key]);
verbose && console.log(' %s %s -> before -> %s', method.toUpperCase(), path, key);
} else {
app[method](path, obj[key]);
verbose && console.log(' %s %s -> %s', method.toUpperCase(), path, key);
}*/
}
// mount the app
parent.use(app);
});
};
控制器/用户/ index.js
/**
* Module dependencies.
*/
var bCrypt = require('bcrypt-nodejs');
var passport = require('passport');
//check authenticated method
var isAuthenticated = function (req,res,next) {
// if user is authenticated in the session, call the next() to call the next request handler
// Passport adds this method to request object. A middleware is allowed to add properties to
// request and response objects
//console.log("req.user : ");console.log(req.session.user);
//if (req.session.user) {
if (req.isAuthenticated()) {
console.log("Authenticated");
return next();
}
console.log("Not Authenticated");
//if user is not authenticated then redirect him to the login page
res.redirect('/user/login');
}
//add one more handler
exports.before = function(req, res, next){
var id = req.params.user_id;
//console.log(id);
if (!id) return next();
// pretend to query a database...
process.nextTick(function(){
var db = req.db;
var collection = db.get('user');
collection.findOne({"_id":id},{},function(e,docs){
if(e){
console.log(e);
} else {
req.user = docs;
console.log(req.user);
}
});
// cant find that user
if (!req.user) return next('route');
// found it, move on to the routes
next();
});
};
//add user
exports.add = function(req,res, next){
res.render('add',{title:"User Registration"});
}
//login user
exports.login = function(req,res,next){
res.render('login',{title:"User Login"});
}
//logout user
exports.logout = function(req,res,next){
req.logout();
//req.session.user = null;
res.redirect('/user/login');
}
//login post
exports.auth = function(req,res,next){
/*req.passport.authenticate('login',{
successRedirect: '/users/',
failureRedirect: '/user/login',
failureFlash : true
})(req, res, next);*/
passport.authenticate('login', function(err, user, info) {
//console.log("userrrrrrrrrrrrrrrrrrrrrrrrrrrrr");
//console.log(user);
if (err) { return next(err); }
if (!user) { return res.redirect('/user/login'); }
req.logIn(user, function(err) {
//console.log("user11111111111111111");
//console.log(user);
//console.log(req);
console.log(req.isAuthenticated());
if (err) { return next(err); }
//console.log("ressssssssssssssssssssssssssss");
//console.log(res);
//req.session.user = req.user;
//req.session.passport = req.user._id;
return res.redirect('/user/' + user._id);
});
})(req, res, next);
}
//save user data
exports.save = function(req,res,next){
/*var body = req.body;
db.users.push({name:body.user.name,pet:[],id:3});*/
var db = req.db;
var userName = req.body.name;
var userEmail = req.body.email;
var userPhone = req.body.phone;
var userOldPassword = req.body.oldpassword;
var userPassword = req.body.password;
var userID = req.body.id;
var collection = db.get('user');
if (userID) {
//if pwd is changed
if((userOldPassword) && (userOldPassword != "")) {
collection.findOne({"_id":userID,"password":createHash(userOldPassword)},{},function(e,docs){
if(e){
console.log(e);
} else {
//update user with new pwd
collection.update({"_id":userID},{"name":userName,"email":userEmail,"phone":userPhone,"password":createHash(userPassword) }, function(err, result) {
if (err) {
// If it failed, return error
res.send("There was a problem updating the information to the database.");
} else {
res.message('User Updated!');
// And forward to success page
res.redirect('/users/');
}
});
}
});
} else {
//update user without pwd
collection.update({"_id":userID},{"name":userName,"email":userEmail,"phone":userPhone }, function(err, result) {
if (err) {
// If it failed, return error
res.send("There was a problem updating the information to the database.");
}
else {
res.message('User Updated!');
// And forward to success page
res.redirect('/users/');
}
});
}
} else {
collection.insert({
"name":userName,
"email":userEmail,
"phone":userPhone,
"password" : userPassword,
"status" : "inactive",
"created" : Date.now()
}, function (err, doc) {
if (err) {
// If it failed, return error
res.send("There was a problem adding the information to the database.");
} else {
res.message('User Added!');
// If it worked, set the header so the address bar doesn't still say /adduser
//res.location("https://stackoverflow.com/users/");
// And forward to success page
res.redirect('/users/');
}
});
}
}
//show user list
exports.list = function(req, res, next){
console.log("req in +++++++++++++++++++++++++++=");
console.log(req.user);
//check authentication
isAuthenticated(req, res, next);
var db = req.db;
var collection = db.get('user');
collection.find({},{},function(e,docs){
if(e){
console.log(e);
} else {
console.log("user list : "+docs);
res.render('list', {"users" : docs, title: 'User List'});
}
});
//res.render('list', { users: db.users, title : "Users List" });
};
exports.edit = function(req, res, next){
var id = req.params.user_id;
console.log(req.params.user_id);
var db = req.db;
var collection = db.get('user');
collection.findOne({"_id":id},{},function(e,docs){
if(e){
console.log(e);
} else {
res.render('edit', { user: docs , title : "Edit User"});
}
});
};
exports.show = function(req, res, next){
console.log("??????????/??????");
console.log(req.isAuthenticated());
console.log(req.params["user_id"]);
isAuthenticated(req, res, next);
var id = req.params.user_id;
console.log(req.params.user_id);
var db = req.db;
var collection = db.get('user');
collection.findOne({"_id":id},{},function(e,docs){
if(e){
console.log(e);
} else {
res.render('show', { user: docs, title : "Show User" });
}
});
};
exports.update = function(req, res, next){
var body = req.body;
req.user.name = body.user.name;
res.message('Information updated!');
res.redirect('/user/' + req.user.id);
};
// Generates hash using bCrypt
var createHash = function(password){
return bCrypt.hashSync(password, bCrypt.genSaltSync(10), null);
}
护照/ init.js
var login = require('./login');
var signup = require('./signup');
var User = require('../models/user');
module.exports = function(passport){
// Passport needs to be able to serialize and deserialize users to support persistent login sessions
passport.serializeUser(function(user, done) {
console.log('serializing user: ');console.log(user);
done(null, user._id);
});
passport.deserializeUser(function(id, done) {
User.findById(id, function(err, user) {
console.log('deserializing user:',user);
done(err, user);
});
});
// Setting up Passport Strategies for Login and SignUp/Registration
login(passport);
signup(passport);
}
护照/ login.js
var LocalStrategy = require('passport-local').Strategy;
var User = require('../models/user');
var bCrypt = require('bcrypt-nodejs');
module.exports = function(passport){
passport.use('login', new LocalStrategy({
usernameField : 'email',
passwordField : 'password',
passReqToCallback : true
},
function(req, email, password, done) {
var db = req.db;
var collection = db.get('user');
collection.findOne({ 'email' : email },
function(err, user) {
// In case of any error, return using the done method
if (err)
return done(err);
// Username does not exist, log the error and redirect back
if (!user){
console.log('User Not Found with email '+email);
//return done(null, false, req.flash('message', 'User Not found.'));
return done(null, false, req.flash('info', 'User Not found.'));
}
console.log('check before valid password');
// User exists but wrong password, log the error
if (!isValidPassword(user, password)){
console.log('Invalid Password');
//return done(null, false, req.flash('message', 'Invalid Password')); // redirect back to login page
return done(null, false, req.flash('info', 'Invalid Password')); // redirect back to login page
}
// User and password both match, return user from done method
// which will be treated like success
return done(null, user);
}
);
})
);
var isValidPassword = function(user, password){
//console.log("Hashed Pwd : "+password);
return bCrypt.compareSync(password, user.password);
}
}
为什么不提供**甚至更多的上下文? –