使用 postgresQL 设置护照本地策略
setting up passport local strategy with postgresSQL
我在使用我的服务器设置护照身份验证时遇到问题。我以前使用过 passportjs,但使用的是 mongodb。我目前正在尝试使用 postgressql 设置我的本地策略,但没有成功。当使用 passport.authenticate() 进入登录 POST 路由时,我没有收到发回给我的 cookie。我不确定我是否使用 passportJS 和通过 Heroku 托管的 postgres 数据库正确设置了我的服务器。
require('dotenv').config(); //In order to gain access to our .env file
//process.env.YELP_API_KEY
const express = require("express");
const app = express();
const bodyParser = require("body-parser");
app.use(bodyParser.json()); //This is going to allow us to access data stored in 'body' when making a post or put request
app.use(bodyParser.urlencoded({extended: true}));
const { Pool } = require('pg');
const fs = require("fs"); //This is needed to convert sql files into a string
let port = process.env.PORT || 5000;
//session-related libraries
const session = require("express-session");
const passport = require("passport"); //This is used for authentication
const LocalStrategy = require("passport-local").Strategy;
const bcrypt = require("bcrypt");
//Setting up our session
app.use(session({
secret: process.env.SECRET,
resave: false,
saveUninitialized: false
}));
//Connection to database
const pool = new Pool({
connectionString: process.env.DATABASE_URL,
ssl: true
}); //This is used to connect to our remote postegres database hosted via Heroku
//initializing our session
app.use(passport.initialize());
app.use(passport.session()); //Telling our app to use passport for dealing with our sessions
//setting up our local strategy
passport.use('local', new LocalStrategy({passReqToCallBack: true},( username, password, cb )=> {
console.log("this is being executed");
pool.query("SELECT id, username, password from users where username=", [username], (err, result) => {
if(err){
return cb(err);
}
if(result.rows.length > 0){
const first = result.rows[0];
bcrypt.compare(password, first.password, (err, res) => {
if(res){
cb(null, {
id: first.id,
user: first.username
})
}
else {
cb(null, false);
}
})
}
else {
cb(null, false);
}
})
}));
passport.serializeUser(function(user, done){
console.log("serialize user is executing")
done(null, user.id);
})
passport.deserializeUser(function(id, done){
pool.query('SELECT id, username FROM users WHERE id = ', [parseInt(id, 10)], (err, results) => {
if(err) {
return done(err)
}
done(null, results.rows[0])
});
});
app.post("/api/login", (req, res) => {
passport.authenticate('local', function(err, user, info){
console.log(user);
});
})
app.listen(port, function(){
console.log("Your app is running on port " + port);
});
预期结果:用户应该能够使用 post 路由“/api/login”登录,但 passport.authenticate 无法正常工作?护照本地策略也应该正确设置。
在您的路线 app.post("/api/login", .... 中,passport.authenticate 需要访问 req 和 res。
实现它的方法不止一种。
app.post("/api/login", (req, res) => {
passport.authenticate('local', function(err, user, info){
console.log(user);
// make sure to respond to the request
res.send(user);
})(req, res); // <= pass req and res to the passport
})
// or
// use it as a middleware
app.post("/api/login", passport.authenticate('local'), (req, res) => {
console.log(req.user);
// make sure to respond to the request
res.send(req.user);
})
我在使用我的服务器设置护照身份验证时遇到问题。我以前使用过 passportjs,但使用的是 mongodb。我目前正在尝试使用 postgressql 设置我的本地策略,但没有成功。当使用 passport.authenticate() 进入登录 POST 路由时,我没有收到发回给我的 cookie。我不确定我是否使用 passportJS 和通过 Heroku 托管的 postgres 数据库正确设置了我的服务器。
require('dotenv').config(); //In order to gain access to our .env file
//process.env.YELP_API_KEY
const express = require("express");
const app = express();
const bodyParser = require("body-parser");
app.use(bodyParser.json()); //This is going to allow us to access data stored in 'body' when making a post or put request
app.use(bodyParser.urlencoded({extended: true}));
const { Pool } = require('pg');
const fs = require("fs"); //This is needed to convert sql files into a string
let port = process.env.PORT || 5000;
//session-related libraries
const session = require("express-session");
const passport = require("passport"); //This is used for authentication
const LocalStrategy = require("passport-local").Strategy;
const bcrypt = require("bcrypt");
//Setting up our session
app.use(session({
secret: process.env.SECRET,
resave: false,
saveUninitialized: false
}));
//Connection to database
const pool = new Pool({
connectionString: process.env.DATABASE_URL,
ssl: true
}); //This is used to connect to our remote postegres database hosted via Heroku
//initializing our session
app.use(passport.initialize());
app.use(passport.session()); //Telling our app to use passport for dealing with our sessions
//setting up our local strategy
passport.use('local', new LocalStrategy({passReqToCallBack: true},( username, password, cb )=> {
console.log("this is being executed");
pool.query("SELECT id, username, password from users where username=", [username], (err, result) => {
if(err){
return cb(err);
}
if(result.rows.length > 0){
const first = result.rows[0];
bcrypt.compare(password, first.password, (err, res) => {
if(res){
cb(null, {
id: first.id,
user: first.username
})
}
else {
cb(null, false);
}
})
}
else {
cb(null, false);
}
})
}));
passport.serializeUser(function(user, done){
console.log("serialize user is executing")
done(null, user.id);
})
passport.deserializeUser(function(id, done){
pool.query('SELECT id, username FROM users WHERE id = ', [parseInt(id, 10)], (err, results) => {
if(err) {
return done(err)
}
done(null, results.rows[0])
});
});
app.post("/api/login", (req, res) => {
passport.authenticate('local', function(err, user, info){
console.log(user);
});
})
app.listen(port, function(){
console.log("Your app is running on port " + port);
});
预期结果:用户应该能够使用 post 路由“/api/login”登录,但 passport.authenticate 无法正常工作?护照本地策略也应该正确设置。
在您的路线 app.post("/api/login", .... 中,passport.authenticate 需要访问 req 和 res。
实现它的方法不止一种。
app.post("/api/login", (req, res) => {
passport.authenticate('local', function(err, user, info){
console.log(user);
// make sure to respond to the request
res.send(user);
})(req, res); // <= pass req and res to the passport
})
// or
// use it as a middleware
app.post("/api/login", passport.authenticate('local'), (req, res) => {
console.log(req.user);
// make sure to respond to the request
res.send(req.user);
})