passport.js

问题 Just getting started with Passport JS and so far can have a user login, restrict pages depending on user role etc. One things I have noticed though is I can login via multiple devices using the same credentials. This is of concern to me as the same login can be shared which is not something I want. My questions is how can i stop this? My current set up is just an express app running on a single instance (not got as far as load balancing across multiple instances as not required as yet, when I

问题 I'm implementing an application using the full MEAN stack. I created a login page to signup with facebook to be able to show a profile page. But I discovered some problems. For this reason, I created a smaller version of my webapp, maintaining the same project structure. The complete code, executable (only replacing "client id" and "secret") with "npm install" and after "nodemon" is available here: https://github.com/Ks89/MEAN-OAuth_Example If I'll call (with a browser) the rest API that I

问题 I'm newbie and trying to start writing authorization API with graphql and passport, mostly my google search results are used the trendy JWT approach but I'm not sure if it safe, this article https://dev-blog.apollodata.com/a-guide-to-authentication-in-graphql-e002a4039d1 is good for me to start but I have some struggles in my mind: I need to write API only, so the method app.post('/login', passport.authenticate('local', { successRedirect: '/', failureRedirect: '/login', failureFlash: true })

问题 I'm building an application using Node that uses Passport.js to handle user login using a local database. So I have the following code that gets called when a user goes to /profile. After successfully logging in the user gets redirected to /profile. Which does happen according to morgan. app.get('/profile', passport.authenticate('local-login', { session : false, failureRedirect : '/login' }), function(req, res) { console.log("testnow"); res.render('profile.ejs', { user : req.user // get the

问题 I have a simple, generic express app. It logs the req.sessionID whenever a certain route is hit. I would expect that refreshing the client page would result in the same sessionID being logged again. This works, if I've imported passport and added the passport middleware after the session middleware . If I either don't use passport at all, or I add passport middleware before the session middleware, then the sessionID is different every time. I can accept that the ordering of middleware can be

问题 I am using a MEAN stack and trying to set up a basic authentication. The authentication works just fine. Process goes like this: Angular posts user details to "/login". Passport is doing the authentication and redirecting to either "/login/success" or "/login/failure" Both routes return a different simple JSON depending on the result so either: res.json({success:true,user:req.session.passport.user}); or return res.json({success:false}); Now, when I console.log the result from Angular I get

问题 I'm using Express JS and Passport JS for my app. I want to give a new user the opportunity to automatically login, once, by a specific URL. I can get the user from the database with the information from the URL, so I have an User object (with id, email, hashed password etc.) but I don't know how I can use passport to authenticate the user and login. I tried executing below function with the user object I got from the database: req.login(user, function(err) { if (err) { return next(err); }

问题 The code for my Logout Mechanism is app.get('/logout', isLoggedIn, function(req, res) { req.logout(); res.redirect('/'); }); Am using a Express-session package using a secret key, haven't set Cookies anywhere. While I click the browser Back button after logout, It still allows the user to go back to the page being authenticated. How do I terminate this session entirely? isLoggedIn is just authenticating via PassportJS's isAuthenticated method. What is the way out here? Please help. Thanks in

问题 Background: I have a angular-cli running on port 4200, and server sided api node.js running on 3000. I find out that the session passport value wont save after logging in with the passport-local. so when i try to navigate to another page after logging in, its not holding the passport, variable in sessions as it is supposed to, required to call req.user For some reason, the server is not calling deserialize user. Req.user wont work after login and redirecting to page /test. Update: To login i

问题 I am not able to do a sign up and login using passort.js and express.js, locally this works very fine but when I deploy the app on a remote server the login fails to redirect me after logging. It does not even flash the failure messages. I also noted that when I do a signup on the remote server it works fine but does not flash message. req.isAuthenticated() always returns false. I am using MongoDB as my datasource app.use(session({secret : '3T67774A-R649-4D44-9735-43E296ZZ980F',