Express 路由器使用 Passport.js 发送 HTML headers 而不是 JSON

Question

我有一个 API router.post 正在发送错误的 headers，我需要将 headers 设置为 application/json; charset=utf-8 但是他们正在发送超过 text/html; charset=utf-8 所以我一直得到 400 error。我怎样才能确保他们以 JSON 正确发送，以便我可以处理 POST 和必要的错误？

路由器

const express = require('express');
const router = express.Router();
const User = require('../models/user');
const passport = require('passport');

router.post('/signup', (req, res, next) => {
    User.register(new User({
        username: req.body.username,
        email: req.body.email
    }),
    req.body.password, (err, user) => {
        if (err) {
            res.statusCode = 500;
            res.setHeader('Content-Type', 'application/json');
            res.json({
                err: err
            });
        } else {
            passport.authenticate('local')(req, res, () => {
                User.findOne({
                    username: req.body.username
                }, (err, person) => {
                    res.statusCode = 200;
                    res.setHeader('Content-Type', 'application/json');
                    res.json({
                        success: true,
                        status: 'Registration Successful!',
                    });
                });
            })
        }
    })
});

router.post('/login', passport.authenticate('local'), (req, res) => {
    User.findOne({
        username: req.body.username
    }, (err, person) => {
        res.statusCode = 200;
        res.setHeader('Content-Type', 'application/json');
        res.json({
            success: true,
            status: 'You are successfully logged in!'
        });
    })
});

router.get('/logout', (req, res, next) => {
    if (req.session) {
        req.logout();
        req.session.destroy((err) => {
            if (err) {
                console.log(err);
            } else {
                res.clearCookie('session-id');
                res.json({
                    message: 'You are successfully logged out!'
                });
            }
        });
    } else {
        var err = new Error('You are not logged in!');
        err.status = 403;
        next(err);
    }
});

App.js

const express = require('express');
const path = require('path');
const bodyParser = require("body-parser");
const passport = require('passport');
const LocalStrategy = require('passport-local').Strategy;

const usersRouter = require('./routes/users');

const app = express();

// view engine setup
app.set('views', path.join(__dirname, 'views'));
app.set('view engine', 'ejs');

// Middleware
app.use(bodyParser.json());
app.use(express.urlencoded({ extended: false }));
app.use(passport.initialize());
app.use(session({
    name: '...',
    secret: '...',
    saveUninitialized: false,
    resave: false
}));
app.use(passport.initialize());
app.use(passport.session());

//Passport
passport.use(new LocalStrategy(User.authenticate()));
passport.serializeUser(User.serializeUser());
passport.deserializeUser(User.deserializeUser());

app.use('/', indexRouter);
app.use('/users', usersRouter);

Answer 1

I have an API router.post that is sending the wrong headers, I need the headers to be set to application/json; charset=utf-8 however they are sending over as text/html; charset=utf-8 so I keep getting a 400 error. How can I make sure they are sending over as JSON correctly so I can handle the POST and the errors necessary?

400 错误显然来自护照中间件：

passport.authenticate('local', { failWithError: true })

在您的路线定义中：

router.post('/login', passport.authenticate('local'), (req, res) => {

您需要检查本地策略的代码。根据定义 passport.authenticate('local') 需要非常特定类型的传入数据。如果它没有找到该数据，它将断定这是一个错误的请求。

if req.body.username is empty then the error sent back is Bad Request 400

您可以在 passport 中间件之前添加您自己的中间件以进行健全性检查 req.body.username 并发回您想要的错误，或者您可以自定义您的本地策略以 return 想要的错误。

---

在我看来，您在护照本地策略的数据库中查找用户，然后在您的路线中再次查找，这对我来说似乎也很奇怪。你不应该那样做。您应该配置并使用护照来进行身份验证、请求失败或将错误传递给您自己的错误处理代码。您不必通过再次查找用户来验证 passport 是否完成了它的工作。