koa,passport-http 策略:基本身份验证不起作用
koa, passport-http strategy: basic authentication not working
我不知道如何让 koa 使用基本身份验证。
我对本地策略没有问题。所以我认为我可以轻松实现基本身份验证。
我的主页是 post 到 /login 路由的表单。
这是auth.js:
'use strict';
let passport = require('koa-passport'),
co = require('co'),
monk = require('monk'),
wrap = require('co-monk'),
db = monk('localhost/test'),
users = wrap(db.get('users'));
function *getUser(username, password) {
let user = yield users.findOne({username: username, password: password});
return user;
};
passport.serializeUser(function(user, done) {
done(null, user._id)
})
passport.deserializeUser(function(id, done) {
done(null, id)
})
let BasicStrategy = require('passport-http').BasicStrategy
passport.use(new BasicStrategy(function(username, password, done) {
co(function *(next) {
try {
return yield getUser(username, password);
} catch (ex) {
console.log('error: ', ex);
return null;
}
}).then(function(user) {
done(null, user);
});
}));
这是server.js:
/* jshint node: true */
'use strict';
let koa = require('koa');
let app = koa();
// sessions
let session = require('koa-generic-session');
app.keys = ['your-session-secret'];
app.use(session());
// body parser
let bodyParser = require('koa-bodyparser');
app.use(bodyParser());
// authentication
require('./auth');
let passport = require('koa-passport');
app.use(passport.initialize());
app.use(passport.session());
// append view renderer
let views = require('koa-render');
app.use(views('./views', {
map: { html: 'handlebars' },
cache: false
}))
// public routes
let router = require('koa-router');
let pub = new router();
pub.get('/', function*() {
this.body = yield this.render('login');
})
pub.post('/login',
passport.authenticate('basic', {
session: false
})
)
pub.get('/logout', function*(next) {
this.logout();
this.redirect('/');
})
app.use(pub.routes());
app.use(pub.allowedMethods());
app.use(function*(next) {
if (this.isAuthenticated()) {
yield next
} else {
this.redirect('/')
}
})
var secured = new router()
secured.get('/app', function*(next) {
this.body = yield this.render('app');
})
app.use(secured.routes());
app.use(secured.allowedMethods());
app.listen(3000);
使用节点 4.2.3,这些是我正在使用的包版本:
"dependencies": {
"co": "^4.6.0",
"co-monk": "^1.0.0",
"handlebars": "^4.0.5",
"koa": "^1.1.2",
"koa-bodyparser": "^2.0.1",
"koa-generic-session": "^1.10.1",
"koa-passport": "^1.2.0",
"koa-render": "^0.2.1",
"koa-router": "^5.3.0",
"monk": "^1.0.1",
"passport-http": "^0.3.0"
}
在我编译表单和 post 我收到的有效登录表单后:
Request URL:http://localhost:3000/app
Request Method:GET
Status Code:302 Found
Remote Address:[::1]:300
这只是一个示例,我知道应该对密码进行哈希处理,但我只是想让它正常工作。任何想法将不胜感激。
提前致谢
我找到了解决办法。它甚至相当简单。将它张贴在这里供其他可能感兴趣的人使用。
刚刚评论:
// app.use(function*(next) {
// if (this.isAuthenticated()) {
// yield next
// } else {
// this.redirect('/')
// }
// });
并将安全路由更改为:
secured.get('/app', passport.authenticate('basic', {
session: false}), function*(next) {
this.body = yield this.render('app');
});
这样,只要您尝试访问受保护的路由,就会调用 auth 中间件。
我不知道如何让 koa 使用基本身份验证。 我对本地策略没有问题。所以我认为我可以轻松实现基本身份验证。 我的主页是 post 到 /login 路由的表单。
这是auth.js:
'use strict';
let passport = require('koa-passport'),
co = require('co'),
monk = require('monk'),
wrap = require('co-monk'),
db = monk('localhost/test'),
users = wrap(db.get('users'));
function *getUser(username, password) {
let user = yield users.findOne({username: username, password: password});
return user;
};
passport.serializeUser(function(user, done) {
done(null, user._id)
})
passport.deserializeUser(function(id, done) {
done(null, id)
})
let BasicStrategy = require('passport-http').BasicStrategy
passport.use(new BasicStrategy(function(username, password, done) {
co(function *(next) {
try {
return yield getUser(username, password);
} catch (ex) {
console.log('error: ', ex);
return null;
}
}).then(function(user) {
done(null, user);
});
}));
这是server.js:
/* jshint node: true */
'use strict';
let koa = require('koa');
let app = koa();
// sessions
let session = require('koa-generic-session');
app.keys = ['your-session-secret'];
app.use(session());
// body parser
let bodyParser = require('koa-bodyparser');
app.use(bodyParser());
// authentication
require('./auth');
let passport = require('koa-passport');
app.use(passport.initialize());
app.use(passport.session());
// append view renderer
let views = require('koa-render');
app.use(views('./views', {
map: { html: 'handlebars' },
cache: false
}))
// public routes
let router = require('koa-router');
let pub = new router();
pub.get('/', function*() {
this.body = yield this.render('login');
})
pub.post('/login',
passport.authenticate('basic', {
session: false
})
)
pub.get('/logout', function*(next) {
this.logout();
this.redirect('/');
})
app.use(pub.routes());
app.use(pub.allowedMethods());
app.use(function*(next) {
if (this.isAuthenticated()) {
yield next
} else {
this.redirect('/')
}
})
var secured = new router()
secured.get('/app', function*(next) {
this.body = yield this.render('app');
})
app.use(secured.routes());
app.use(secured.allowedMethods());
app.listen(3000);
使用节点 4.2.3,这些是我正在使用的包版本:
"dependencies": {
"co": "^4.6.0",
"co-monk": "^1.0.0",
"handlebars": "^4.0.5",
"koa": "^1.1.2",
"koa-bodyparser": "^2.0.1",
"koa-generic-session": "^1.10.1",
"koa-passport": "^1.2.0",
"koa-render": "^0.2.1",
"koa-router": "^5.3.0",
"monk": "^1.0.1",
"passport-http": "^0.3.0"
}
在我编译表单和 post 我收到的有效登录表单后:
Request URL:http://localhost:3000/app
Request Method:GET
Status Code:302 Found
Remote Address:[::1]:300
这只是一个示例,我知道应该对密码进行哈希处理,但我只是想让它正常工作。任何想法将不胜感激。 提前致谢
我找到了解决办法。它甚至相当简单。将它张贴在这里供其他可能感兴趣的人使用。
刚刚评论:
// app.use(function*(next) {
// if (this.isAuthenticated()) {
// yield next
// } else {
// this.redirect('/')
// }
// });
并将安全路由更改为:
secured.get('/app', passport.authenticate('basic', {
session: false}), function*(next) {
this.body = yield this.render('app');
});
这样,只要您尝试访问受保护的路由,就会调用 auth 中间件。