【发布时间】:2016-12-11 07:46:07
【问题描述】:
在测试我的应用程序的 API 时试图让 Postman 工作时,我有点困惑。即,我正在使用 Passport 身份验证;但是,我不知道它默认为哪种类型或在我的代码中使用哪种类型。我怎样才能弄清楚这一点以及我应该在 Postman 中选择哪种类型?
这是相关的护照代码:
var login = require('./login');
var signup = require('./signup');
var User = require('../models/user');
module.exports = function(passport, path, nodemailer, sesTransport, EmailTemplate, templateDir, template){
// Passport needs to be able to serialize and deserialize users to support persistent login sessions
passport.serializeUser(function(user, done) {
//console.log('serializing user: ');console.log(user);
done(null, user._id);
});
passport.deserializeUser(function(id, done) {
User.findById(id, function(err, user) {
//console.log('deserializing user:',user);
done(err, user);
});
});
// Setting up Passport Strategies for Login and SignUp/Registration
login(passport);
signup(passport, path, nodemailer, sesTransport, EmailTemplate, templateDir, template);
}
最后,我几乎所有的 API 点仅在用户登录时才起作用。如何通过保存授权凭据在 Postman 中模拟相同的行为?
编辑:
Perhaps this code is relevant as well:
module.exports = function(passport){
passport.use('login', new LocalStrategy({
passReqToCallback : true,
usernameField: 'email',
passwordField: 'password'
},
function(req, username, password, done) {
// check in mongo if a user with username exists or not
User.findOne({ 'email' : username },
function(err, user) {
// In case of any error, return using the done method
if (err)
return done(err);
// Username does not exist, log the error and redirect back
if (!user){
console.log('User Not Found with username '+username);
return done(null, false, req.flash('message', 'User Not found.'));
}
// User exists but wrong password, log the error
if (!isValidPassword(user, password)){
console.log('Invalid Password');
return done(null, false, req.flash('message', 'Invalid Password')); // redirect back to login page
}
// User and password both match, return user from done method
// which will be treated like success
return done(null, user);
}
);
})
);
var isValidPassword = function(user, password){
return bCrypt.compareSync(password, user.password);
}
}
【问题讨论】:
-
您使用的是哪种护照认证策略?大多数人使用passport-http-bearer。
-
如何确定?我查看了代码,似乎没有任何参数。
-
可以是本地护照吗?
标签: node.js rest passport.js restful-authentication postman