Passport 不调用认证策略

Passport does not call the authentication strategy

今天我试图让护照身份验证工作。电子邮件和密码现在是静态的,但我稍后会更改。我有很多调试消息,但只有策略之外的消息。没有显示有关护照的错误或警告。

我已经尝试过使用不同的主体解析器模式(extented = true,extented = false)。

策略

const LocalStrategy = require('passport-local').Strategy;

module.exports = function(passport) {
  passport.use(
    new LocalStrategy((email, password, done) => {
        console.log('Authentication started');
        var user = null;
        if(email == 'test@mytest.com') {
            if(password == 'test') {
                user = {
                    email
                }
                console.log('Authenticated')
                return done(null, user);
            }
        }
        console.log('Error')
        return done(null, user, {message: 'EMail or Password was wrong'});
    })
  );
  passport.serializeUser(function(user, done) {
    done(null, user.email);
  });

  passport.deserializeUser(function(id, done) {
    done(err, user);
  });
};

app.js(只包含重要部分)

const express = require('express');
const expressSession = require('express-session')
const bodyParser = require('body-parser');
const expressLayouts = require('express-ejs-layouts');
const app = express();
const https = require('https');
const http = require('http');

app.use(expressSession({ secret: 'secret' }));

// Body Parser
app.use(bodyParser.urlencoded({extended:false}));
app.use(bodyParser.json());


// Passport
const passport = require('passport');
require('./config/passport')(passport);
app.use(passport.initialize());
app.use(passport.session());

// View Engine
app.set('view engine', 'ejs');
app.use(expressLayouts);

app.get('/applications', (req,res) => {
    res.render('applications', {
        user: req.user
    });
});
app.post('/applications', (req, res, next) => {
    console.log(req.body);
    passport.authenticate('local', {
      successRedirect: '/applications',
      failureRedirect: '/',
      failureFlash: false
    })(req, res, next);
  });

https.createServer(httpsOptions, app)
    .listen(7443, () => {
        console.log('HTTPS Server started on Port 7443')
});
http.createServer(app)
    .listen(7080, () => {
        console.log('HTTP Server started on Port 7080')
});

确保您在 POST 请求中使用了正确的字段。 我注意到在您的策略中,您使用变量 emailpassword。虽然您的变量名称并不重要,但您在 POST 请求中发送的字段很重要。默认情况下,passport-local 使用 POST 字段 usernamepassword。如果这些字段之一不存在,则身份验证将失败。您可以将其更改为使用 email,而不是像这样:

passport.use(
  new LocalStrategy({
    usernameField: 'email'
}, (email, password, done) => {
      console.log('Authentication started');
      // Your authentication strategy
  })
);

假设您有正确的 POST 字段,为了在请求中使用 req.user,您必须正确设置 passport.deserializeUser 函数。测试您的代码,身份验证策略对我来说工作正常,但是我在 deserializeUser.

时收到参考错误