Passportjs 注册在 localhost 中有效,但在 Heroku 中部署后无效。错误可能与cookie有关
Passportjs signup works in localhost but doesn't work after deploying in Heroku. Error probably has something to do with cookies
我正在使用 nodemailer 向用户发送随机代码,然后将他们重定向到验证页面,他们在其中粘贴代码以验证他们的帐户。我正在使用 mongo Altas。
当我 运行 它在本地主机上时,它工作得很好,但是当我部署到我的免费版本的 Heroku 时,注册页面将我重定向到与指示的相同页面以解决任何错误。
Express-session 中间件
app.use(session({
secret: '9131848995',
resave: false,
saveUninitialized: false,
store: new MongoStore({mongooseConnection: mongoose.connection}),
cookie: {
maxAge: 8 * 180 * 60 * 1000,
}
}));
config/passport.js**
passport.use('local.signup', new localStrategy({
usernameField: 'email',
passwordField: 'password',
passReqToCallback: true
}, (req, email, password, done) => {
req.checkBody('email', 'Invalid email').notEmpty().isEmail();
req.checkBody('password', 'Invalid password').notEmpty().isLength({min:6});
let errors = req.validationErrors();
if(errors){
let messages = [];
errors.forEach((error)=>{
messages.push(error.msg);
});
return done(null, false, req.flash('error', messages))
}
User.findOne({'email': email}, (err, user)=> {
if (err) {
return done(err);
}
if (user) {
return done(null, false, {message: 'Email is already in use.'});
}
transporter.sendMail(Mail(email), (error, info)=>{
if(!error){
let newUser = new User();
newUser.email = email;
newUser.password = newUser.encryptPassword(password);
newUser.v_code = v_code;
if (!err) {
newUser.save((err, result)=>{
if (err) {
return done(err);
}
return done(null, newUser);
});
}
} else {
return done(null, false, {message: error});
}
});
})
}));
报名途径
router.get('/signup', (req, res)=> {
let messages = req.flash('error');
res.render('signup', {csrfToken: req.csrfToken(), messages: messages, hasError: messages.length > 0});
});
router.post('/signup', passport.authenticate('local.signup',{
successRedirect: '/user/verify',
failureRedirect: '/user/signup',
failureFlash: true
}));
谢谢。
问题已解决; dotenv 导致了这个问题。删除 dotenv 值并直接放入 nodemailer auth 值解决了问题。
正如 dotenv FAQ 页面所说,
Should I commit my .env file?
No. We strongly recommend against committing your .env file to version
control. It should only include environment-specific values such as
database passwords or API keys. Your production database should have a
different password than your development database.
我正在使用 nodemailer 向用户发送随机代码,然后将他们重定向到验证页面,他们在其中粘贴代码以验证他们的帐户。我正在使用 mongo Altas。
当我 运行 它在本地主机上时,它工作得很好,但是当我部署到我的免费版本的 Heroku 时,注册页面将我重定向到与指示的相同页面以解决任何错误。
Express-session 中间件
app.use(session({
secret: '9131848995',
resave: false,
saveUninitialized: false,
store: new MongoStore({mongooseConnection: mongoose.connection}),
cookie: {
maxAge: 8 * 180 * 60 * 1000,
}
}));
config/passport.js**
passport.use('local.signup', new localStrategy({
usernameField: 'email',
passwordField: 'password',
passReqToCallback: true
}, (req, email, password, done) => {
req.checkBody('email', 'Invalid email').notEmpty().isEmail();
req.checkBody('password', 'Invalid password').notEmpty().isLength({min:6});
let errors = req.validationErrors();
if(errors){
let messages = [];
errors.forEach((error)=>{
messages.push(error.msg);
});
return done(null, false, req.flash('error', messages))
}
User.findOne({'email': email}, (err, user)=> {
if (err) {
return done(err);
}
if (user) {
return done(null, false, {message: 'Email is already in use.'});
}
transporter.sendMail(Mail(email), (error, info)=>{
if(!error){
let newUser = new User();
newUser.email = email;
newUser.password = newUser.encryptPassword(password);
newUser.v_code = v_code;
if (!err) {
newUser.save((err, result)=>{
if (err) {
return done(err);
}
return done(null, newUser);
});
}
} else {
return done(null, false, {message: error});
}
});
})
}));
报名途径
router.get('/signup', (req, res)=> {
let messages = req.flash('error');
res.render('signup', {csrfToken: req.csrfToken(), messages: messages, hasError: messages.length > 0});
});
router.post('/signup', passport.authenticate('local.signup',{
successRedirect: '/user/verify',
failureRedirect: '/user/signup',
failureFlash: true
}));
谢谢。
问题已解决; dotenv 导致了这个问题。删除 dotenv 值并直接放入 nodemailer auth 值解决了问题。
正如 dotenv FAQ 页面所说,
Should I commit my .env file?
No. We strongly recommend against committing your .env file to version control. It should only include environment-specific values such as database passwords or API keys. Your production database should have a different password than your development database.