javascript - .isAuthenticated() 总是假 || 护照本地策略
问题描述
有许多与此类似的帖子,但我在那些帮助我解决这个问题的帖子的任何答案中都没有找到合格的解决方案。
编码
"use strict";
require('dotenv').config();
const auth = require('./auth.js');
const express = require('express');
const passport = require('passport');
const bcrypt = require('bcrypt');
const mongo = require('mongodb');
const session = require('express-session');
const cors = require('cors');
const util = require('util');
const app = express();
const port = process.env.PORT || 8080;
app.use(cors());
app.use(express.json());
app.use(express.urlencoded({extended:true}));
app.use(session({
secret: process.env.SESSION_SECRET,
resave: true,
saveUninitialized: true,
cookie: {
secure: false,
maxAge: 1000 * 60 * 60 * 24 * 7
}
}));
app.use(passport.initialize());
app.use(passport.session());
mongo.connect(process.env.DATABASE, {useNewUrlParser: true, useUnifiedTopology: true}, (err, db) => {
if (err) {
console.log('Database error: ' + err);
} else {
console.log('Database connection successful');
auth(app, db);
app.route('/test').get((req, res) => {
res.send('The connection works!')
});
const ensureAuthenticated = (req, res, next) => {
console.log('isAuth() is: ' + req.isAuthenticated());
console.log('session store: ' + util.inspect(req.session, {showHidden: false, depth: null}));
if (req.isAuthenticated()) return next();
res.send('user not authenticated, begone! >:(');
}
app.route('/profile').get(
ensureAuthenticated,
(req, res) => {
res.render({username: req.user.username});
}
);
app.post('/login',
(request, response, next) => {
console.log(request.session)
passport.authenticate('local',
(err, user, info) => {
if(!user){ response.send(info.message);}
else{
request.login(user, function(error) {
if (error) return next(error);
console.log("Request Login supossedly successful.");
return response.send('Login successful');
});
//response.send('Login successful');
}
})(request, response, next);
}
);
app.route('/register').post((req, res, next) => {
const hash = bcrypt.hashSync(req.body.password, 13);
db.db().collection('users').findOne({username: req.body.username}, (err, user) => {
if (err) {
next(err);
} else if (user) {
res.send('user already exists :(');
} else {
db.db().collection('users').insertOne({
username: req.body.username,
password: hash
},
(err, doc) => {
if (err) {
res.send('registration mongo error');
} else {
next(null, user);
}
}
)
}
})
},
passport.authenticate('local', {failureMessage: 'passport authenticate failure'}),
(req, res, next) => {
console.log('registration successful');
req.logIn(req.user, err => {
if (err) next(err)
return console.log("i'm trying: " + req.user);
});
res.send('registration successful!!! :D');
}
);
app.listen(port, () => {console.log(`Listening on port: ${port}`)});
}
});
auth.js
const passport = require('passport');
const LocalStrategy = require('passport-local');
const ObjectID = require('mongodb').ObjectID;
const bcrypt = require('bcrypt');
module.exports = (app, db) => {
passport.use(new LocalStrategy(
(username, password, done) => {
db.db().collection('users').findOne({username: username}, (err, user) => {
console.log(`${username} attempted to log in`);
if (err) return done(err);
if (!user) return done(null, false);
if (!bcrypt.compareSync(password, user.password)) return done(null, false);
console.log('local strategy successful');
return done(null, user);
})
}
));
passport.serializeUser((user, done) => {
console.log(user.username + " serialized");
done(null, user._id);
});
passport.deserializeUser((id, done) => {
db.db().collection('users').findOne(
{_id: new ObjectID(id)},
(err, doc) => {
done(null, doc);
}
);
});
}
问题:
所有的功能都工作得很好,我得到了所有的成功返回消息,甚至注册将用户保存到数据库,登录成功地从数据库加载它。我遇到的唯一问题是req.isAuthenticated()
函数ensureAuthenticated
中总是返回假,正如你所看到的,我真的真的真的需要它是真的,这样我就可以将信息发送给客户端以获取 /profile 路由,然后做所有事情我需要护照的其他东西。我错过了什么?
解决方案
解决方案:我需要添加credentials: true
到 cors(),以及类似于withCredentials:true
客户端中的 http 标头(对于 axios)的内容。我添加这个是因为我知道有一天会有人遇到同样的问题,并且可能会像我一样很难找到这个答案。
额外:在我问过这个问题的大多数论坛中,我得到的答案都是不相信这段代码有效的人,并通过告诉我需要重新学习护照并做出反应来光顾我(如果我得到答案的话 lmao )。
推荐阅读
- python - 如何重新配置此字典以更改其键
- python - pyvips 图像合成未按预期工作
- r - 如何在循环中迭代地添加到数据框
- python - 从 Python Arcade 模块运行 open_window 命令时出现 AttributeError
- dart - 如何使 SwitchListTile 图标可点击?
- backbone.js - 基于标志动态创建骨干路由
- php - 如何用soapclient创建这个请求?
- node.js - 使用 Promise.all 进行异步等待和瓶颈速率限制
- javascript - bootstrap 4 多级下拉菜单 - 第二级先隐藏然后显示
- javascript - 为什么JS在Set中保持插入顺序?