我无法让我的系统注销PassportJS.似乎正在调用注销路由,但它不会删除会话.如果用户没有以特定路线登录,我希望它返回401.我调用authenticateUser来检查用户是否已登录.
非常感谢!
/******* This in index.js *********/
// setup passport for username & passport authentication
adminToolsSetup.setup(passport);
// admin tool login/logout logic
app.post("/adminTool/login",
passport.authenticate('local', {
successRedirect: '/adminTool/index.html',
failureRedirect: '/',
failureFlash: false })
);
app.get('/adminTool/logout', adminToolsSetup.authenticateUser, function(req, res){
console.log("logging out");
console.log(res.user);
req.logout();
res.redirect('/');
});
// ******* This is in adminToolSetup ********
// Setting up user authentication to be using user name and passport as authentication method,
// this function will fetch the user information from the user name, and compare the password …我正在使用护照通过discord oauth2 对我的用户进行身份验证。我希望它们被重定向回原来的页面,而不是主页或仪表板。
我尝试将 URL 存储在会话中,如此处所述,但它不会保留到下一个请求。
我的页面需要身份验证的中间件:
module.exports = (req, res, next) => {
if (req.user) {
next();
}
else {
req.session.returnTo = req.originalUrl;
res.redirect('/auth');
}
};
认证路线:
router.get("/auth", passport.authenticate("discord"));
router.get("/auth/redirect", passport.authenticate("discord", {
failureRedirect: "/auth/forbidden"
}), (req, res) => {
console.log(req.session); // doesnt have returnTo inside anymore ?
res.redirect(req.session.returnTo || '/');
delete req.session.returnTo;
});
console.log 显示用户已成功通过身份验证,但 returnTo 字段不再存在。