PassportJs是经过身份验证而非身份验证

Question

我通过Google+登录设置了PassportJS.

谷歌身份验证似乎工作正常,但当我重定向到只有经过身份验证的用户应该有权访问的页面时.护照的isAuthenticated()功能似乎总是回归false

我看到人们提到你应该能够通过控制台日志记录找到用户:req.session.passport.user但是当我控制日志时,req.session我得到的是:

  sessionID: 'Q5NaeyfnAphOK633tKjiGnbbex0KJj7e',
  session:
   Session {
     cookie:
      { path: '/',
        _expires: null,
        originalMaxAge: null,
        httpOnly: true } },

Google Callback路线:

router.get("/google/callback", function(req, res, next) {
    passport.authenticate("google", function(err, user, info) {
        req.session.save(()=>{
            res.redirect("/api/v1/dashboard");
            console.log("after Passport AUTH");
        });
    })(req, res, next);
});

注意:我添加了一本手册req.session.save()以确保正在保存会话.

仪表板路线:

router.get("/", middleware.isLoggedIn , function(req, res) {
    console.log("Request: Get All Dashboard Data!");
    models.PortfolioBalance.findAll({ raw: true }).then(function(
        portfolioBalance
    ) {
        res.render("dashboard/index", { portfoliobalances: portfolioBalance });
    });
});

中间件模块:

module.exports = {
    isLoggedIn: function(req, res, next) {
        console.log("===========================================");
        console.log("isAuthenticated: ", req.isAuthenticated);
        console.log("===========================================");
        if (req.isAuthenticated()) {
            return next();
        }
        console.log("not authenticated");
        res.redirect("/login");
    }
};

序列化和反序列化:

//  used to serialize the user for the session
passport.serializeUser(function(user, done) {
    console.log("SerializeUser:", models.User.userId);
    done(null, user.id);
});

// used to deserialize the user
passport.deserializeUser(function(id, done) {
    console.log("deserializeUser:", models.User.userId);
    models.User.findOne({ where: { userId: id } }).then(function(
        err,
        user
    ) {
        done(err, user);
    });
});

潜在问题:

• 可能是passportJS没有正确序列化和反序列化的问题吗？为什么？因为我从未console.log在身份验证过程中看到消息在任何时候运行.

Answer 1

首先,您需要使用authenticate作为中间件来保护路由和登录.

// put in a separate file and then import where you need it for this example lets say auth.js
module.exports = function (){
    return {
        authenticate: passport.authenticate('google', function (err,user){
            if(err)
                res.redirect('/login');
            if(user)
                res.redirect("/api/v1/dashboard");
        })(req,res);
    }
};

就像你登录一样,你可以这样设置它

// where you have your routing
var auth = require('path_to_auth.js')();

router.post('/login', auth.authenticate);

谷歌策略的内部是您要搜索用户的位置.

// from the passport-google npmjs.com documentation adjust for the actual strategy you use
passport.use(new GoogleStrategy({
    returnURL: 'http://localhost:3000/auth/google/return',
    realm: 'http://localhost:3000/'
  },
  function(identifier, done) {
    User.findByOpenID({ openId: identifier }, function (err, user) {
      return done(err, user);
    });
  }
));

您还应该导入用户模型,然后像这样序列化和反序列化

var User = mongoose.model('User', UserSchema); // adjust to your schema

passport.serializeUser(function(user, done) {
  done(null, user.id);
});

passport.deserializeUser(function(id, done) {
  User.findById(id, function (err, user) {
    done(err, user);
  });
});