时间戳

首页 > 解决方案 > Google 策略在 Passport.js 中不起作用

javascript - Google 策略在 Passport.js 中不起作用

问题描述

当我点击链接时,谷歌策略会对我进行身份验证并打印req.user到控制台。

{
  _id: 60c9ef51cb807642b299eab8,
  googleId: 'my-google-id',
  email: 'ouzaysal@gmail.com',
  __v: 0
}

然后重定向命令起作用并将我重定向到 /protected。我的 isLoggedIn 中间件(在 /protected 路由器上)开始工作。中间件返回req.session.passport未定义。但是passport.js 刚刚验证了我。无论如何,然后我无法访问 /protected 页面,我被重定向到 /login 页面。

我认为cookie是用redirect命令重置的。这是我的代码。

const passport       = require("passport");
const GoogleStrategy = require('passport-google-oauth').OAuth2Strategy;

app.use(session({
    name: "sidd",
    secret: "verysafesecret",
    resave: false,
    saveUninitialized: false,
    store: store,
    cookie: {
        httpOnly: true,
        sameSite: true,
        secure: false
    }
}));

passport.use(new GoogleStrategy({
    clientID: 'google-id',
    clientSecret: 'google-secret',
    callbackURL: "http://localhost:1012/auth/google/redirect",
    scope: [
        'openid',
        'https://www.googleapis.com/auth/userinfo.profile',
        'https://www.googleapis.com/auth/userinfo.email'
    ]
  },
  function (accessToken, refreshToken, profile, done) {
    userSchema.findOne({ googleId: profile.id,}).then(function(currentUser){
        if(currentUser){
            done(null, currentUser);
        } else {
            const user = profile;
            new userSchema({
                googleId: profile.id,
                email: profile.emails[0].value
            }).save().then(function(){
            done(null, profile);
            });
        }
    });
  }
));

passport.serializeUser(function (user, done){
    return done(null, user.id);
});

passport.deserializeUser(function (id, done){
    userSchema.findById(id, function (err, user){
       if(err) { 
        done(err, user);
        }
        done(null, user);
    });
});

function isLoggedIn(req, res, next){
    console.log(JSON.stringify(req.session.passport))
    if (req.isAuthenticated()) {
        console.log("logged in") 
        return next();
    } else {
        console.log("not logged in, redirect you")
         res.redirect("/login");
    }
}

app.use(passport.initialize());
app.use(passport.session());

router.get('/auth/google', passport.authenticate('google'));

router.get("/auth/google/redirect",
 passport.authenticate('google', {failureRedirect: "/login"}) , function(req, res){  
    console.log(req.user ,'\n', req.session.passport)); 
    res.redirect("/protected")   
});

router.get("/protected", isLoggedIn, function(req, res){
    const stringSession = JSON.stringify(req.session);
    res.send(`hello and ${stringSession}`);
    res.end();
}); 

<a href="/auth/google">google</a>

标签: javascriptnode.jsexpresspassport.jsgoogle-authentication

解决方案

推荐阅读