passport.js

问题 (updated code with serialization functions - still redirects to /failedRedirect) I'm trying to get simple username/password authentication going using the passport package, but failing. In the example below I've tried to verify that authentication works by basically always returning a valid authentication (regardless of what gets passed), but for some reason it fails and passport redirects to the failed login link. If anybody could help me out in figuring out how to get this example to simply

问题 Do I implement Serialize and Deserialize? RedisStore is setup as my session store with Express. Does this mean that I DO NOT implement Serialize and Deserialize? Will it happen automatically? When I don't implement these methods I get the following Express error - 500 Error: failed to serialize user into session. When I do implement them I'm not sure what to put in the Deserialize. The code below appears to work but the sessions are not persisting. I need to login everytime I visit the site.

问题 How would I add a variable to the request.user property? Most of my routes involve checking for the authenticated user via "req.userusername". How could I add another field for location. I ask this because I want to add a location field. to the req.user object. 回答1: Either in the deserialization function, before returning the user passport.deserializeUser(function(id, done) { getUser(id).then(function(user) { user.whatever = 'you like'; return done(null, user); }); }); or in an express

问题 I was writing a local-signup strategy and noticed that it doesn't work so I stepped back and tried to authenticate against my empty collection. Every time I submit the form it takes ~30-40s until it results in a timeout. I ensured passport.authenticate() is called but it seems ike it's not doing any redirects and hence it is timing out because I am not rendering something either. Questions: I expected that it would do a redirect to the failureUrl (which is '/signup'), but instead nothing is

问题 I am using TSED - TypeScript Express Decorators (https://tsed.io) and it replaces express code like: server.get('/api/tasks', passport.authenticate('oauth-bearer', { session: false }), listTasks); With an annotated middleware class - https://tsed.io/docs/middlewares.html So now the call to passport.authenticate() is in the use() method like: @OverrideMiddleware(AuthenticatedMiddleware) export class UserAuthMiddleware implements IMiddleware { constructor(@Inject() private authService:

问题 I have a fairly simple API setup on a MEAN stack using PassportJS. I have no problems setting up my routes with no security (grabbing general data) and with user authentication (secure information). However, I cannot seem to find a best practices for granted user-based access. For example: /api/users/:id is a route that requires authentication. So you can never get user information without an access token. However, once I have a token, I can simply send that with a request and someone ELSE's

问题 I'm adding authentication into my app, which uses react-router. I've patterned the client routing after the auth-flow example in react-router, but using passport instead of the localstorage that the example uses. this all works fine. The next step is protecting routes I am defining for express in server.js . I could send a redirect to /#/login , but this feels brittle. What's the best way to derive a URL on the server side to a login route served by react-router? Here's what I have now in my

问题 I'm trying to use AJAX to call a login verification using Passport library on a Express application. Im using local strategy like this: router.post('/login', function(req, res, next) { passport.authenticate('loginUsers', function(err, user, info) { if (err) { return next(err); } // if user is not found due to wrong username or password if (!user) { //return res.render('login', {}); res.json({detail: info}); }//(!user) //passport.js has a logIn user method req.logIn(user, function(err) { if

问题 I have an expressjs application and I am trying to get passportjs set up for simple user authentication. My routes are stored in a separate file. I have a routes file (users.js) for all my user related routes. I also have a controller file called UserController that contains all the functions for user related stuff and deals with my database. My question is, where should I declare the passport strategy so that it follows the MVC pattern? Putting it in any other file besides the routes file

问题 I have an expressjs application and I am trying to get passportjs set up for simple user authentication. My routes are stored in a separate file. I have a routes file (users.js) for all my user related routes. I also have a controller file called UserController that contains all the functions for user related stuff and deals with my database. My question is, where should I declare the passport strategy so that it follows the MVC pattern? Putting it in any other file besides the routes file