【问题标题】:Sails.js + Passport.js: passport.initialize() middleware not in useSails.js + Passport.js:passport.initialize() 中间件未使用
【发布时间】:2015-10-13 15:42:09
【问题描述】:

我正在使用 Sails.js 并尝试将 Passport.js 与 REST API 一起使用。 但是当我尝试在我的控制器中调用我的登录功能时,我遇到了以下错误:

    /Users/Michael/Development/DictationProject/sails/20151010/dictee/node_modules/passport/lib/http/request.js:44
    if (!this._passport) { throw new Error('passport.initialize() middleware not in use'); }
                           ^
Error: passport.initialize() middleware not in use
    at IncomingMessage.req.login.req.logIn (/Users/Michael/Development/DictationProject/sails/20151010/dictee/node_modules/passport/lib/http/request.js:44:34)
    at /Users/Michael/Development/DictationProject/sails/20151010/dictee/api/controllers/AuthController.js:20:17
    at Strategy.strategy.success (/Users/Michael/Development/DictationProject/sails/20151010/dictee/node_modules/passport/lib/middleware/authenticate.js:194:18)
    at verified (/Users/Michael/Development/DictationProject/sails/20151010/dictee/node_modules/passport-local/lib/strategy.js:83:10)
    at /Users/Michael/Development/DictationProject/sails/20151010/dictee/config/passport.js:53:18

我的 config/http.js 文件配置如下(Session 在 passportInit 和 passportSession 之前加载):

passportInit    : require('passport').initialize(),
passportSession : require('passport').session(),
flash           : require('connect-flash'),


      order: [
        'startRequestTimer',
        'cookieParser',
        'session',
        'passportInit',     
        'passportSession', 
        'myRequestLogger',
        'bodyParser',
        'handleBodyParserError',
        'compress',
        'methodOverride',
        'poweredBy',
        '$custom',
        'flash',
        'router',
        'www',
        'favicon',
        '404',
        '500'
      ],

不明白怎么回事……

编辑:

它似乎来自 config/passport.js 中的 passport.use() :

passport.use('login', new LocalStrategy({
    passReqToCallback : true,
    usernameField: 'email',
    passwordField: 'password'
  },
  function(req, email, password, done) {
    console.log('In passport.use login');
    // check in mongo if a user with email exists or not
    User.findOne({ 'email' : email }, function (err, user) {
    // In case of any error, return using the done method
      if (err) { 
        console.log('Error passport.use login');
        return done(err);
      }
      // Username does not exist, log error & redirect back
      if (!user) {
        console.log('User Not Found with email '+email);
        return done(null, false, req.flash('message', 'User Not found.'));
      }

      console.log('One user matching this email address found');

      // User exists but wrong password, log the error 
      bcrypt.compare(password, user.password, function (err, res) {
          if (!res) {
            console.log('Invalid Password');
            return done(null, false, req.flash('message', 'Invalid Password'));
          }

        // User and password both match, return user from 
        // done method which will be treated like success
        console.log('One user matching this email address and password found');

          var returnUser = {
            name: user.name,
            email: user.email,
            createdAt: user.createdAt,
            id: user.id
          };

          console.log('Returning User: ' + returnUser);
          return done(null, returnUser,
            req.flash('message', 'Logged In Successfully')
          );
        });
    });
  }
));

【问题讨论】:

    标签: javascript node.js sails.js passport.js


    【解决方案1】:

    遵循 Sails.js 创建者对护照的建议:https://github.com/balderdashy/sails/pull/1224

    通过将 Passport 中间件放在 config/policies.js 文件中解决问题:

    var passport = require('passport');
    
    module.exports.policies = {
        '*': [
            // Initialize Passport
            passport.initialize(),
    
            // Use Passport's built-in sessions
            passport.session()
        ]
    }
    

    【讨论】:

      【解决方案2】:

      我正在使用 Sails.js 并尝试将 Passport.js 与 REST API 一起使用

      你做错了。你不需要调用initialize()session() 方法。如果您真的有 REST API,那么它是无状态的,并且不会在会话中存储有关用户的信息。

      我的中间件配置看起来像这样,并且一切都与护照和许多其他策略(如护照-facebook-token 和护照-google-plus-token)配合得很好。

      order: [
        'compress',
        'keepAlive',
        'bodyParser',
        '$custom',
        'router',
        '404',
        '500'
      ]
      

      【讨论】:

      猜你喜欢
      • 2017-07-13
      • 1970-01-01
      • 1970-01-01
      • 2015-08-22
      • 2013-09-04
      • 1970-01-01
      • 1970-01-01
      • 2014-02-14
      • 2017-12-03
      相关资源
      最近更新 更多