【发布时间】:2017-04-03 22:12:06
【问题描述】:
我正在开发一个网络 API。流程应该如下:
用户登录网站 --> Passport 对用户进行身份验证 --> Passport 在持久会话中存储有关用户的信息 --> 只要会话有效,用户就可以访问 API。
很遗憾,我无法让 Passport 来创建持久会话。登录部分有效(只有有效用户才能通过),但 Passport 不会在客户端浏览器中存储有关会话的任何信息。因此,用户从此时起无法访问 API。
与问题相关的代码部分如下所示:
Server.js:
// call the packages we need
var express = require('express'); // call express
var app = express(); // define our app using express
var bodyParser = require('body-parser'); // for accesing data from POST requests
var passport = require('passport'); // for user authentication
var flash = require('connect-flash'); // for session management
var cookieParser = require('cookie-parser');// for reading cookies
// Setup the database connection
var configDB = require('./config/database.js');
var mongoose = require('mongoose');
mongoose.connect(configDB.url);
// Pull schema for training
var Training = require('./models/training');
// configure app
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: false }));
app.use(cookieParser());
// required for passport
require('./config/passport')(passport); // pass passport for configuration
app.use(require('express-session')({
cookie : {
maxAge: 3600000, // see below
secure: false
},
secret: 'khugugjh',
resave: false,
saveUninitialized: true
})); // session secret
app.use(passport.initialize());
app.use(passport.session());
app.use(flash()); // use connect-flash for flash messages stored in session
...
routes.js:
...
// the login route
router.route('/login').post(
passport.authenticate('local-login'),
function(req, res) {
// If this function gets called, authentication was successful.
// `req.user` contains the authenticated user.
console.log('logged in: ' + req.user);
});
...
passport.js:
...
// the serilization and deserilization functions for Passport
passport.serializeUser(function(user, done) {
console.log('Serialize: ' + user);
return done(null, user._id);
});
// used to deserialize the user
passport.deserializeUser(function(id, done) {
console.log('trying to des');
User.findById(id, function(err, user) {
console.log('Deserialize: ' + user);
return done(err, user);
});
});
...
【问题讨论】:
-
您是否使用任何在其他端口中运行的前端框架,例如 localhost:3000 是 express 应用程序,localhost:1234 是 Angular 应用程序
标签: javascript api express cookies passport.js