本文介绍了Nodejs和PassportJs:如果身份验证失败,则在passport.authenticate之后重定向中间件不被调用的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

限时删除!!

我没有登录页面,而是在每个页面上都有一个登录表单.我想将用户重定向回他们所在的同一页面,无论身份验证是否成功(使用适当的 flash 消息)

I have no login page but rather I have a login form that appears on every page. I want to redirect user back to the same page they were on regardless of whether authentication was successful (with appropriate flash messages)

获取以下代码:

app.post('/login', validateLogin, passport.authenticate('local-login'), function(req, res) {

    var redirectUrl = '/';

    if(req.body.to.length > 0){
        redirectUrl = req.body.to;
    }

    console.log("THIS IS ONLY CALLED IF passport.authenticate() IS SUCCESSFUL");
    res.redirect(redirectUrl);
});

我只看到上面的最终中间件在身份验证通过时被调用.如果失败,那么passport 似乎以get 请求的形式将我重定向到/login.在我的应用中,此页面不存在.

I only see the final middleware above being called if authentication is passed. If it fails then passport appears to be redirecting me to /login in the form of a get request. In my app this page doesn't exist.

如果我在护照身份验证函数中传递一个额外的选项对象作为参数,那么这有效:

If I pass an additional options object as a parameter in the passport authenticate function then this works:

app.post('/login', validateLogin, passport.authenticate('local-login', {

successRedirect : '/', // redirect to the secure profile section
    failureRedirect : '/signup', // redirect back to the signup page. THIS IS JUST FOR TESTING TO SEE IF THE REDIRECT ON FAIL WORKS.
    failureFlash : true, // allow flash messages

}


));

但是这样做我失去了选择将用户重定向到哪里的能力.如果身份验证失败,护照似乎可以控制用户重定向到的位置.我怎样才能解决这个问题?或者这是一个错误?如果身份验证失败,护照身份验证必须是链中的最后一个中间件吗?

But in doing this I lose the ability to choose where to redirect the user to. It seems that passport takes control over where the user is redirected to if authentication fails. How can I fix this? Or is it a bug? Must passport authenticate be the last middleware in the chain if authentication fails?

这是我的本地策略函数调用:

This is my local strategy function call:

//LOCAL LOGIN

passport.use('local-login', new LocalStrategy({
    // by default, local strategy uses username and password, we will override with email
    usernameField : 'email',
    passwordField : 'password',
    passReqToCallback : true // allows us to pass back the entire request to the callback
},
function(req, email, password, done) { // callback with email and password from our form


    console.log("IN PASSPORT");

   if(email.length == 0 || password.length == 0){

       console.log("FIELDS ARE EMPTY");
      return done(null, false, req.flash('loginMessage', 'Fill in all values.'));

   }

    // find a user whose email is the same as the forms email
    // we are checking to see if the user trying to login already exists
    User.findOne({ 'local.email' :  email }, function(err, user) {
        // if there are any errors, return the error before anything else



        if (err){
            return done(err);
        console.log("db err");
        }
        // if no user is found, return the message
        if (!user){
            console.log("not user");
            return done(null, false, req.flash('loginMessage', 'Incorrect details.')); // req.flash is the way to set flashdata using connect-flash
        }
        // if the user is found but the password is wrong

        if (!user.validPassword(password)){
            console.log("invalid pw");
            return done(null, false, req.flash('loginMessage', 'Incorrect details.')); // create the loginMessage and save it to session as flashdata
        }
        // all is well, return successful user
        console.log("All OK");
        return done(null, user);
    });

}));

推荐答案

您可以使用上一段中所述的自定义身份验证回调 http://passportjs.org/guide/authenticate/.

You could use a custom authentication callback as described in the last paragraph there http://passportjs.org/guide/authenticate/.

app.post('/login', function(req, res, next) {
  passport.authenticate('local', function(err, user, info) {
    if (err) { return next(err); }
    // Redirect if it fails
    if (!user) { return res.redirect('/login'); }
    req.logIn(user, function(err) {
      if (err) { return next(err); }
      // Redirect if it succeeds
      return res.redirect('/users/' + user.username);
    });
  })(req, res, next);
});

这篇关于Nodejs和PassportJs:如果身份验证失败,则在passport.authenticate之后重定向中间件不被调用的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

1403页,肝出来的..

09-06 16:29