我想弄清楚我在这里做错了什么。在查看文档(这是令人伤心的过时)并搜索网页后,我相信我已经正确配置了护照的所有内容,但由于某种原因,serializeUser和deserializeUser都没有被调用,导致req.user永远不会被设置。passportJS serializeUser和反序列化用户从来没有叫
好了,所以这里是我的根server.js文件(总结)
/**
* Module dependencies
*/
var express = require('express'),
app = module.exports = express(),
bodyParser = require('body-parser'),
cookieParser = require('cookie-parser'),
env = process.env.NODE_ENV || 'development',
errorHandler = require('errorhandler'),
http = require('http'),
methodOverride = require('method-override'),
morgan = require('morgan'),
passport = require('passport'),
path = require('path'),
routes = require('./server/routes/index'),
secret = process.env.SESSION_SECRET,
session = require('express-session'),
FileStore = require('session-file-store')(session);
/**
* Configuration
*/
// all environments
app.set('http-port', process.env.PORT || 3000);
app.set('views', __dirname + '/public');
app.engine('.html', require('ejs').renderFile);
app.use(morgan('dev'));
app.use(methodOverride());
app.use(express.static(path.join(__dirname, 'public')));
app.use(cookieParser(secret));
app.use(bodyParser.urlencoded({ extended: true }));
app.use(bodyParser.json());
// development enviornment only
if (env === 'development') {
app.use(session({
cookie: { maxAge: (60 * 60 * 10) }, // User session will expire after 60 minutes.
resave: false,
saveUninitialized: false,
secret: secret,
}));
app.use(errorHandler());
}
app.use(passport.initialize());
app.use(passport.session());
/**
* Routes
*/
routes.SESSION_SECRET = secret; // Set env var for the router;
app.use('/', routes); // Handle defined routes
app.get('/', routes.index); // Serve index
app.get('*', routes.index); // Redirect all others to the index (HTML5 history)
/**
* Start Server
*/
var httpServer = http.createServer(app);
httpServer.listen(app.get('http-port'), function() {
console.log('Express http server listening on port ' + app.get('http-port'));
});
你会发现这条线以上:
routes = require('./server/routes/index'),
这里是路线文件(总结):
var express = require('express');
var router = express.Router();
var auth = require('./modules/auth');
// AUTH ROUTES
router.post('/login', auth.login); // Log a local user into the application using passport
router.post('/ldap-login', auth.ldapLogin); // Log a LDAP user into the application using passport
router.get('/logout', auth.logout); // Log the current user out of the system
router.get('/isLoggedIn', auth.isLoggedIn); // Check is the user is logged in
router.post('/updatePassword', auth.updatePassword); // Updates a users password
同样你会注意到这个参考:
var auth = require('./modules/auth');
这里是auth模块(总结)。
'use strict'
var passport = require('passport');
var secret = process.env.SESSION_SECRET;
var crypto = require('../../crypto');
var models = require('../../models');
var User = models.User;
require('../../passport');
// Log a local user into the application using passport
exports.login = function(req, res, next) {
passport.authenticate('local', function(err, user, info) {
if(err) { return next(err); }
if(user) {
User.find({
where: {
email: user.email
}
})
.then(function(currentUser) {
if(currentUser) {
currentUser.updateAttributes({
last_login: new Date()
});
}
});
user.email = crypto.decrypt(user.email);
user.first_name = crypto.decrypt(user.first_name);
user.last_name = crypto.decrypt(user.last_name);
return res.json({ token: user.generateJWT(secret) });
} else {
return res.status(401).json(info);
}
})(req, res, next);
}
在那个文件中我引用了我的护照配置,其中包含我期望命中的函数。
require('../../passport');
这是在那里引用的护照配置(总结)。
(function() {
var models = require('./models');
var User = models.User;
/**
* Passport authentication
*/
var passport = require('passport');
// Passport Local Strategy
var locStrategy = require('passport-local').Strategy;
passport.use(new locStrategy({
usernameField: 'username'
},
function(username, password, done) {
User.find({
where: {
username: username
}
})
.then(function(user) {
if(!user) {
console.log('No such user found');
return done(null, false);
}
user.verifyPassword(password, function(err, isMatch) {
if(err) {
console.log('Error checking password. Error: ' + err);
return done(err);
} else if(!isMatch) {
// Password did not match
console.log('Passwords did not match');
return done(null, false);
} else {
// Success
console.log('User logged in');
return done(null, user);
}
});
})
.catch(function(err) {
console.log('Error logging user in. Message: ' + err);
return done(err);
});
}
));
passport.serializeUser(function(user, done) {
console.log('serializeUser'); // I expect this to be logged
done(null, user);
});
passport.deserializeUser(function(user, done) {
console.log('deserializeUser'); // I expect this to be logged
done(null, user);
});
exports.isAuthenticated = passport.authenticate(['local', 'ldapauth']);
})();
你会注意到那里的用户模型的引用,但因为工作正常,我不会包括任何代码。
我不知道这里有什么问题阻止我点击上面的passport.serializeUser和passport.deserializeUser方法。我想我可能需要将这些方法包含在server.js根目录中,因此我尝试在会话({})配置和passport.session()调用之后移动方法,并且这两个方法都没有任何影响。