Lui*_*ira 7 node.js passport-local passport.js
编辑我试过两个,重定向,而不是重定向.重定向时,我得到的结果与我直接请求的结果相同/,但是当我不接收时,我得到的是一个包含的对象data = Moved Temporarily. Redirecting to /
鉴于此策略:
var strategy = new LocalStrategy(
{
session: true
},
function (username, password, done) {
User.findOne({ username: username }, function(err, user) {
if (err) { return done(err); }
if (!user) {
return done(null, false, { message: 'Incorrect username.' });
}
if (user.password !== password) {
return done(null, false, { message: 'Incorrect password.' });
}
return done(null, user);
});
});
而这台服务器:
//************ EDIT ****//
function genuuid(req) {
return "Test UID";
}
//************ EDIT ****//
var app = express();
var router = express.Router();
app.use(bodyParser.urlencoded({ extended: false }));
app.use(bodyParser.json());
app.use(passport.initialize());
//************ EDIT ****//
app.use(session({
genid: function(req) {
return genuuid() // use UUIDs for session IDs
},
secret: "somethingSecret",
cookie: {maxAge: 60000 },
resave: true,
saveUninitialized: false }));
//************ EDIT ****//
passport.use(strategy);
passport.serializeUser(function(user, done) {
done(null, user.id);
});
passport.deserializeUser(function(id, done) {
User.findById(id, function(err, user) {
done(err, user);
});
});
app.post('/login', passport.authenticate('local', { successRedirect: '/', failureRedirect: '/login' }));
server = http.createServer(app).listen(port, function(){
console.log('Express server listening on port ' + app.get('port'));
})
我试图从我的客户端(一个摩卡测试)获取生成的令牌,如下所示:
it('Login should redirect to home and return a user token', function(done) {
var postData = querystring.stringify({
username : user,
password : password
});
var options = {
uri: 'http://' + hostname + ':' + port + '/login',
followRedirect: false
};
request.post(options)
.form(postData)
.on('response', function(res) {
res.statusCode.should.equal(302);
})
.on('data',function(data) {
should.exist(data);
should.fail(0,1,'Test not implemented');
done();
})
.on('error', function(e) {
should.fail(0,1,'Problem with request: ' + e.message);
});
});
标题包含
{ 'x-powered-by': 'Express',
location: '/',
vary: 'Accept',
'content-type': 'text/plain; charset=utf-8',
'content-length': '35',
date: 'Tue, 08 Sep 2015 19:46:03 GMT',
connection: 'keep-alive' }
没有饼干或其他什么.我的代币在哪里?
尝试使用会话中间件进行会话,例如express-session:
var session = require('express-session');
// Code to set up your app
var app = express();
// Make sure to replace "somethingSecret" with your own secret value
app.use(session({secret: "somethingSecret", resave: true, saveUnitialized: false}));
我编写了一个与您提供的应用程序非常接近的应用程序,并看到了同样的问题,这对我来说很奇怪,因为我以前多次使用过快递和护照。当我意识到我没有使用任何会话中间件时,我添加了中间件express-session,瞧;set-cookie标头。
但请注意,此代码实际上尚未准备好用于生产。从express-session存储库:
警告默认服务器端会话存储 MemoryStore 并非专为生产环境设计。它在大多数情况下都会泄漏内存,不会扩展到单个进程,并且用于调试和开发。
有关存储列表,请参阅兼容会话存储。
[编辑]
使用此代码(用户被存根以始终返回相同的值):
var bodyParser = require('body-parser');
var express = require('express');
var http = require('http');
var passport = require('passport');
var LocalStrategy = require('passport-local').Strategy;
var session = require('express-session');
// Stub of User schema for testing
var User = {
findOne: function(user, callback) {
callback(null, {
id: 1234,
username: user.username,
password: 'foo'
});
},
findById: function(id, callback) {
callback(null, {
id: 1234,
username: 'user',
password: 'foo'
});
}
};
var strategy = new LocalStrategy(
{
session: true
},
function (username, password, done) {
User.findOne({ username: username }, function(err, user) {
if (err) { return done(err); }
if (!user) {
return done(null, false, { message: 'Incorrect username.' });
}
if (user.password !== password) {
return done(null, false, { message: 'Incorrect password.' });
}
return done(null, user);
});
});
function genuuid(req) {
return "Test UID";
}
var app = express();
var router = express.Router();
app.use(bodyParser.urlencoded({ extended: false }));
app.use(bodyParser.json());
app.use(passport.initialize());
app.use(session({
genid: function(req) {
return genuuid() // use UUIDs for session IDs
},
secret: "somethingSecret",
cookie: {maxAge: 60000 },
resave: true,
saveUninitialized: false }));
passport.use(strategy);
passport.serializeUser(function(user, done) {
done(null, user.id);
});
passport.deserializeUser(function(id, done) {
User.findById(id, function(err, user) {
done(err, user);
});
});
app.post('/login', passport.authenticate('local', { successRedirect: '/', failureRedirect: '/login' }));
server = http.createServer(app).listen(51015, function(){
console.log('Express server listening on port ' + app.get('port'));
});
运行测试:
var should = require('should');
var assert = require('assert');
var request = require('request');
var querystring = require('querystring');
it('Login should redirect to home and return a user token', function(done) {
var postData = querystring.stringify({
username : 'user',
password : 'foo'
});
var options = {
uri: 'http://' + '127.0.0.1' + ':' + '51015' + '/login',
followRedirect: false
};
request.post(options)
.form(postData)
.on('response', function(res) {
console.log(res.headers);
res.statusCode.should.equal(302);
})
.on('data',function(data) {
should.exist(data);
should.fail(0,1,'Test not implemented');
done();
})
.on('error', function(e) {
should.fail(0,1,'Problem with request: ' + e.message);
});
});
给出以下输出;请注意set-cookie包含标题:
mocha
{ 'x-powered-by': 'Express',
location: '/',
vary: 'Accept',
'content-type': 'text/plain; charset=utf-8',
'content-length': '35',
'set-cookie': [ 'connect.sid=s%3ATest%20UID.NC0hY3rYGMdnN560ewpf%2FaJbO%2BNd9M7QLz3gnse0eLs; Path=/; Expires=Wed, 09 Sep 2015 13:08:06 GMT; HttpOnly' ],
date: 'Wed, 09 Sep 2015 13:07:06 GMT',
connection: 'close' }
1) Login should redirect to home and return a user token
0 passing (69ms)
1 failing
1) Login should redirect to home and return a user token:
Uncaught AssertionError: Test not implemented
除了被删除的User架构和硬编码的配置值之外,我的代码应该与您的相同,因此我对您如何无法获取标头感到困惑set-cookie。
您是否使用任何其他可能影响会话或 cookie 的 Express 中间件?
[编辑2]
问题是(在您的存储库session中)您在与执行的范围不同的范围中添加中间件server.listen,因此所做的更改app实际上不会生效。
您不应让服务器在测试组之前开始侦听,而应该让服务器为每个测试启动一次,并立即将所需的所有参数传递给它。我已经向您的存储库提交了一个拉取请求,其中包含我如何执行此操作的详细信息,因为它不是少量代码,并且不太适合粘贴到此处。
请花时间阅读并理解这些更改,因为我只关心发送会话令牌,并且我不保证其他功能是否受到这些更改的影响。