我在node.js中有一个服务器,使用快递和护照和护照本地策略.
我有数据库中的用户,通过护照我可以对它们进行身份验证,不幸的是当第二个请求来自同一个客户端时,req.isAuthenticated()方法返回false.
请求中也没有用户(req.user = undefined).
我也检查过,当我进行身份验证时,虽然我从passport.authenticate(‘本地’…取回了一个用户…我没有得到req.user填充.如果我尝试手动设置它只是没有传播以下请求.
我不明白我做错了什么,这是我的代码.
server.js
var express = require('express'),compass = require('node-compass'),routes = require('./server/routes')
http = require('http'),path = require('path'),passport = require('passport'),LocalStrategy = require('passport-local').Strategy,Database = require('./server/repositories/database'),Configuration = require('./server/config').Config,crypto = require('crypto');
var app = express();
app.enable("jsonp callback");
passport.use(new LocalStrategy(
function(email,password,done) {
process.nextTick(function () {
var userService = new UserService();
userService.login(email,crypto.createHash('md5').update(password).digest("hex"),function(error,user) {
if (error) done(error,user);
else if (!user) return done(null,false,{ message: 'wrong credentials'});
return done(null,user);
});
});
}
));
passport.serializeUser(function(user,done) {
done(null,user._id);
});
passport.deserializeUser(function(id,done) {
var userService = new UserService();
userService.findById(id,function(err,user) {
done(err,user);
});
});
app.configure(function(){
app.set('port',Configuration.Port);
app.set('views',__dirname + '/app/views');
app.set('view engine','ejs');
app.use(express.favicon());
app.use(express.logger('dev'));
app.use(express.cookieParser());
app.use(express.bodyParser());
app.use(express.methodoverride());
app.use(compass({
project: path.join(__dirname,'app'),sass: 'styles'
}));
app.use(express.session({ secret: 'keyboard cat' }));
app.use(function(err,req,res,next){
console.error(err.stack);
res.send(500,'Something broke!');
});
app.use(passport.initialize());
app.use(passport.session());
app.use(app.router);
app.use(express.static(path.join(__dirname,'app')));
});
routes.configure(app);
Database.open(function() {
app.listen(Configuration.Port,function() {
console.log("Express server listening on port " + Configuration.Port);
});
});
routes.js
var Configuration = require('./config').Config; var ApiResult = require('../model/apiResult').ApiResult; var ApiErrorResult = require('../model/apiErrorResult').ApiErrorResult; var ApiReturnCodes = require('../model/apiReturnCodes').ApiReturnCodes; var passport = require('passport'); var usersController = require('./controllers/usersController'); exports.configure = function(app) { function ensureAuthenticated(req,next) { console.log(req.isAuthenticated()); if (req.isAuthenticated()) { return next(); } else {res.send(new ApiErrorResult(ApiReturnCodes.NOT_LOGGED_IN,null));} } app.post('/login',function(req,next) { passport.authenticate('local',user,info) { if (err || !user) { console.log(info); res.send(new ApiErrorResult(ApiReturnCodes.ENTITY_NOT_FOUND,null)); } // If this function gets called,authentication was successful. // `req.user` contains the authenticated user else res.send(new ApiResult(user)); })(req,next); }); app.get('/anotherLink',ensureAuthenticated,next) { res.json({Code:0}); }); }
当我在经过身份验证后点击链接/ anotherLink时,我将res.isAuthenticated()视为false.
另外,当我看到确认已确认后的req.session时,我得到:
{ cookie:
{ path: '/',_expires: null,originalMaxAge: null,httpOnly: true },passport: {} }
我缺少什么来保存用户通过身份验证的信息?
在客户端,我使用Angular只使用没有参数的url进行简单的get.
如果我忘了在这里放东西告诉我,我会更新它.
任何帮助将不胜感激.谢谢