BrD*_*aHa 1 javascript node.js express passport.js
我一定漏掉了一些东西,但是根据我找到的所有教程,这就是使用expressand passport+对节点应用程序进行基本身份验证的方式passport-local。我知道这不符合最佳实践,我只是想让 POC 运行:
'use strict'
var express = require('express');
var passport = require('passport');
var LocalStrategy = require('passport-local').Strategy
var app = express();
var users = { 'user': 'secretpass'};
passport.use(new LocalStrategy(
function(username, password, done) {
console.log('Username:', username, 'password:', password);
if (!users[username] || users[username] != password) {
console.log('Username:', username, 'password:', password);
return done (null, false);
}
return done(null, {username: username});
}
));
app.use(passport.initialize());
app.get('/', function (req, res) {
res.send ('GET request to root');
});
app.post('/', function (req, res) {
res.send ('POST request to root');
});
app.get('/unauthorized', function (req, res) {
res.status(200).send('GET Forbidden');
});
app.post('/unauthorized', function (req, res) {
res.status(200).send('Post Forbidden');
});
app.post('/webhook',
passport.authenticate('local', { successRedirect: '/', failureRedirect: '/unauthorized'}),
function (req, res) {
res.send ('authenticated!');
}
);
var server = app.listen(8081, function() {
console.log('Server listening at', server.address().address, 'on port', server.address().port);
});
奇怪的是,我什LocalStrategy至没有在构造函数中得到那些 console.log() 语句来显示任何东西,所以我猜我真的只是错过了一些东西。我尝试使用 DHC 和 Postman 发送 POST 请求,
对于基本身份验证,您需要passport-http, not passport-local(这意味着通过表单数据进行身份验证)。
尝试这个:
var BasicStrategy = require('passport-http').BasicStrategy;
...
passport.use(new BasicStrategy(...));
...
app.post('/webhook',
passport.authenticate('basic', {
session : false,
successRedirect : '/',
failureRedirect : '/unauthorized'
}), function (req, res) {
// FWIW, this isn't useful because it's never reached, because Passport
// will always issue a redirect (either to / or to /unauthorized)
res.send ('authenticated!');
}
);
| 归档时间: |
|
| 查看次数: |
7133 次 |
| 最近记录: |