Sails.js + Passport.js：passport.initialize() 中间件未使用

Question

我正在使用 Sails.js 并尝试将 Passport.js 与 REST API 一起使用。 但是当我尝试在我的控制器中调用我的登录功能时，我遇到了以下错误：

    /Users/Michael/Development/DictationProject/sails/20151010/dictee/node_modules/passport/lib/http/request.js:44
    if (!this._passport) { throw new Error('passport.initialize() middleware not in use'); }
                           ^
Error: passport.initialize() middleware not in use
    at IncomingMessage.req.login.req.logIn (/Users/Michael/Development/DictationProject/sails/20151010/dictee/node_modules/passport/lib/http/request.js:44:34)
    at /Users/Michael/Development/DictationProject/sails/20151010/dictee/api/controllers/AuthController.js:20:17
    at Strategy.strategy.success (/Users/Michael/Development/DictationProject/sails/20151010/dictee/node_modules/passport/lib/middleware/authenticate.js:194:18)
    at verified (/Users/Michael/Development/DictationProject/sails/20151010/dictee/node_modules/passport-local/lib/strategy.js:83:10)
    at /Users/Michael/Development/DictationProject/sails/20151010/dictee/config/passport.js:53:18

我的 config/http.js 文件配置如下（Session 在 passportInit 和 passportSession 之前加载）：

passportInit    : require('passport').initialize(),
passportSession : require('passport').session(),
flash           : require('connect-flash'),


      order: [
        'startRequestTimer',
        'cookieParser',
        'session',
        'passportInit',     
        'passportSession', 
        'myRequestLogger',
        'bodyParser',
        'handleBodyParserError',
        'compress',
        'methodOverride',
        'poweredBy',
        '$custom',
        'flash',
        'router',
        'www',
        'favicon',
        '404',
        '500'
      ],

不明白怎么回事……

编辑：

它似乎来自 config/passport.js 中的 passport.use() ：

passport.use('login', new LocalStrategy({
    passReqToCallback : true,
    usernameField: 'email',
    passwordField: 'password'
  },
  function(req, email, password, done) {
    console.log('In passport.use login');
    // check in mongo if a user with email exists or not
    User.findOne({ 'email' : email }, function (err, user) {
    // In case of any error, return using the done method
      if (err) { 
        console.log('Error passport.use login');
        return done(err);
      }
      // Username does not exist, log error & redirect back
      if (!user) {
        console.log('User Not Found with email '+email);
        return done(null, false, req.flash('message', 'User Not found.'));
      }

      console.log('One user matching this email address found');

      // User exists but wrong password, log the error 
      bcrypt.compare(password, user.password, function (err, res) {
          if (!res) {
            console.log('Invalid Password');
            return done(null, false, req.flash('message', 'Invalid Password'));
          }

        // User and password both match, return user from 
        // done method which will be treated like success
        console.log('One user matching this email address and password found');

          var returnUser = {
            name: user.name,
            email: user.email,
            createdAt: user.createdAt,
            id: user.id
          };

          console.log('Returning User: ' + returnUser);
          return done(null, returnUser,
            req.flash('message', 'Logged In Successfully')
          );
        });
    });
  }
));

Answer 1

遵循 Sails.js 创建者对护照的建议：https://github.com/balderdashy/sails/pull/1224

通过将 Passport 中间件放在 config/policies.js 文件中解决问题：

var passport = require('passport');

module.exports.policies = {
    '*': [
        // Initialize Passport
        passport.initialize(),

        // Use Passport's built-in sessions
        passport.session()
    ]
}

Answer 2

我正在使用 Sails.js 并尝试将 Passport.js 与 REST API 一起使用

你做错了。你不需要调用initialize() 和session() 方法。如果您真的有 REST API，那么它是无状态的，并且不会在会话中存储有关用户的信息。

我的中间件配置看起来像这样，并且一切都与护照和许多其他策略（如护照-facebook-token 和护照-google-plus-token）配合得很好。

order: [
  'compress',
  'keepAlive',
  'bodyParser',
  '$custom',
  'router',
  '404',
  '500'
]