passport.js

问题 Okay, so using passport.js works, and works well, from what I've seen. However, I'm not sure how to properly exclude certain users. If the application is intended to have restricted access, rather than just providing the user a method for logging in, how can I restrict the login through passport.js? As it stands, users can just visit /login and log in with their Google account, thereby getting access to the internals. 回答1: Here is one way to do this, with comments throughout. The main thing

问题 I'm making a project with Sequelize and I'm stucked in this step. The problem is that when I try to log in and the passport-local code is executed, when it reaches the User.findAll(...) it throws that findAll is not a function . If I make console.log(User) it shows [function]. My structure: /config/config.js /config/passport.js /models/index.js /models/nuke_users.js (generated by sequelize-auto) /index.js config.js: //Setting up the config var Sequelize = require('sequelize'); var sequelize =

问题 I have a multi-step Angular.js form for signup that saves all the users input into: $scope.user = {}; Then I use ng-submit like so: <form class="css-form" name="myForm" ng-submit="signup()" novalidate> The Signup function then makes a POST request to my Node.JS API on the /signup route like so: $scope.signup = function(){ return $http.post('/signup',$scope.user). success(function(data, status, headers, config) { // this callback will be called asynchronously // when the response is available

问题 I have passport local strategy set up as the following, either of the failure cases work fine. However in the case where I authenticate the server logs "d1" and then hangs, with the request remaining in a "pending" state: passport.use( new LocalStrategy({ usernameField: 'email', passwordField: 'password' }, function(email, password, done) { User.getUser(email, password).then(function(users){ if(users && users.length == 1) { console.log('d1') return done(null,users[0]) ; } else { console.log(

问题 This is my socket config: // set authorization for socket.io io.set('authorization', passportSocketIo.authorize({ cookieParser: express.cookieParser, key: 'connect.sid', // the name of the cookie where express/connect stores its session_id secret: '1234', // the session_secret to parse the cookie store: sessionStore, // we NEED to use a sessionstore. no memorystore please success: function (data, accept) { console.log('successful connection to socket.io'); // The accept-callback still allows

问题 I have an express Router set up for the url that starts from /auth . Inside the file where the /auth routes are defined I am sending a whole html page to start my React app. In the html page I have many static resources that must reference the public folder. Unfortunately it is not happening. I think I need to additionally redirect or set static resources for the Router file itself. Here is the main app.js file relevant code: var express = require('express'); var app = express(); app.use

问题 On one working project I downloaded from internet... In one location of the code I have the following: passport.use(new JwtStrategy({ secretOrKey: credentials.secret, jwtFromRequest: ExtractJwt.fromAuthHeader(), }, function(payload, done) { User.findById( payload._id, function(err, user) { if (err) { return done(err, false); } if (user) { return done(null, user); } else { return done(null, false); } } ); } )); In other location of the code I have the following: var requireAuth = passport

问题 I asked this at https://github.com/AzureAD/passport-azure-ad/issues/427 but have had no response. I feel it is a bug that is preventing me from completing my work so I am reaching farther and wider to get an answer. Is it something I'm doing or a bug? I am writing the question different to I had before since I have done some more investigation in to the problem (I will indicate where the differences start). Passport-Azure-AD version 4.1.0 - https://www.npmjs.com/package/passport-azure-ad#52

问题 I asked this at https://github.com/AzureAD/passport-azure-ad/issues/427 but have had no response. I feel it is a bug that is preventing me from completing my work so I am reaching farther and wider to get an answer. Is it something I'm doing or a bug? I am writing the question different to I had before since I have done some more investigation in to the problem (I will indicate where the differences start). Passport-Azure-AD version 4.1.0 - https://www.npmjs.com/package/passport-azure-ad#52

问题 I have a ExpressJS app that is using Passportjs to authenticate with Facebook and everything is working as expected exception for one issue. I have vehicle.js under /routes/ which contains some routes (router.gets and router.posts) that need authentication and some that don't. If user is logged in then every request handled by vehicle.js causes User de-serialization which is a Mongoose lookup. How can I avoid these unnecessary Mongoose lookups when request is made to a router.get and/or