问题描述
我正在努力让 passport-http 与我的应用程序配合使用,使其符合 RESTful 原则.
I'm working to get passport-http working with my application to make it comply with RESTful principles.
现在的默认设置是浏览器通过自己的提示提示用户输入用户名和密码.
Right now the default is that the browser prompts the user for a username and password with it's own prompt.
使用 Node.js 和 PassportJS 是否可以使用我自己的登录表单?如果用户尝试访问他们未经身份验证的页面,那么我会将他们重定向到该表单.还是这本身就违反了 RESTful 设计的原则?
With Node.js and PassportJS is it possible to use my own login form? In the case that a user tries to access a page that they are not authenticated for then I would redirect them to that form. Or is this in itself violating the principles of RESTful design?
推荐答案
REST 定义了 Web 服务.服务与 UI 无关.
REST defines web services. Services are UI agnostic.
理论上,您应该使用诸如 fiddler、firebug、postman 或类似工具之类的工具来测试您的服务.
In theory, you should be testing your services with a tool such as fiddler, firebug, postman or something similar.
您的 UI 选择是完全独立的.
Your UI choices are completely separate.
如果您需要某人能够进行身份验证,那么您将需要处理对用户进行身份验证的请求的视觉呈现.
If you need someone to be able to authenticate, then you will need to handle the visual presentation of the request to user to authenticate.
如果您查看护照文档,它们会显示一个基本身份验证示例:
If you look at the documentation of passport, they show an example of basic authentication:
app.post('/login', passport.authenticate('local', { successRedirect: '/', failureRedirect: '/login'}));
在这种情况下,如果成功,authenticate 会将用户重定向到在网站根目录定义的页面,否则用户将被重定向到/login 提供的页面.
In this case, the authenticate will redirect the user to the page defined at the root of the website if successful, else the user will be redirected to a page served at /login.
在任何一种情况下,登录尝试都是来自网络服务器提供的页面的 post 方法.
In either case, the login attempt is a post method that comes from a page served by the webserver.
这篇关于带有passport-http的RESTful Node.js应用程序的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!