los*_*ket 7 windows-authentication node.js express
我想在NodeJS应用程序中验证Windows用户.这有什么附加功能吗?有node-krb5,但它不支持Windows呢.
小智 5
如果您通过iisnode https://github.com/auth0/passport-windowsauth在IIS上托管,效果很好!password-windowsauth带有广告集成,但是如果您只想要用户名以实现自己的授权逻辑,则可以这样操作
web.config:
<system.webServer>
<iisnode promoteServerVars="LOGON_USER" />
</system.webServer>
server.js:
var passport = require('passport');
var WindowsStrategy = require('passport-windowsauth');
app.use(passport.initialize());
app.use(passport.session());
passport.serializeUser(function(user, done) {
done(null, user);
});
passport.deserializeUser(function(user, done) {
done(null, user);
});
passport.use(new WindowsStrategy({
integrated: true
}, function(profile,done) {
var user = {
id: profile.id,
};
done(null, user);
}));
app.all("*", passport.authenticate("WindowsAuthentication"), function (request,response,next){
next();
});
那么您可以在其他路由中访问请求对象上的用户ID:
app.get("/api/testAuthentication", function(request, response){
console.log(request.user.id + " is authenticated");
});
如果要使用用户标识实现自己的授权逻辑,可以定义一个中间件功能,如下所示:
app.get("/api/testAuthorization", hasRole("a role"), function(request, response, next){
console.log(request.user.id " is authenticated and authorized");
});
hasRole如下所示:
function hasRole(role) {
return function(request,response,next){
//your own authorzation logic
if(role == "a role")
next();
else
response.status(403).send();
}
}
| 归档时间: |
|
| 查看次数: |
7488 次 |
| 最近记录: |