护照不按要求公开登录()功能
Passport not exposing login() function on request
在下面的代码中,当我记录请求对象 (console.log('req', req)) 时,我无法在请求中找到 login() 方法。为什么这里请求的登录方法不可用?
// Login User
app.post('/login', (req, res, next) => {
passport.authenticate('local', {}, (err, user, info) => {
console.log('req', req)
if (err) throw err
if (!user) console.log('User does not exist...')
if (user) {
console.log('user confirmed')
req.logIn(user, next)
}
})(req, res, next);
res.send('User logged in...')
});
中间件...
app.use(express.json())
app.use(cors({ origin: ["http://localhost:3000", "http://localhost:3030"], credentials: true }))
app.use(session({
name: 'bucketbadge:sess',
secret: 'secretcat',
resave: true,
saveUninitialized: true,
cookie: { secure: false }
}))
app.use(passport.initialize())
app.use(passport.session())
require('./config/passport-setup')
护照-setup.js...
passport.use(new LocalStrategy((username, password, done) => {
User.findOne({ username: username }, (err, user) => {
console.log('user in User.findOne', user)
if (err) throw err;
if (!user) return done(null, false);
bcrypt.compare(password, user.password, (err, result) => {
if (err) throw err
if (result === true) {
console.log('user:', user)
return done(null, user);
} else {
return done(null, false);
}
})
});
}
));
passport.serializeUser((user, done) => {
console.log('user.id @ serializeUser:', user.id)
done(null, user.id)
})
passport.deserializeUser((id, done) => {
console.log('deserialize user:', id)
User.findById(id, (err, user) => {
done(err, user.id)
});
});
每个 Passport JS 的文档...
Passport 在请求 (also aliased as logIn()) 上公开了一个 login() 函数,可用于建立登录会话。
req.login(user, function(err) {
if (err) { return next(err); }
return res.redirect('/users/' + req.user.username);
});
登录操作完成后,用户将被分配到req.user.
注:
passport.authenticate() 中间件自动调用 req.login()。该功能主要在用户注册时使用,注册时可以调用req.login()自动登录新注册的用户。
login() 方法不应该在 passport.authenticate() 的请求中可用吗?
也许您对 console.log() 将向您展示的内容假设过多。例如:
class Test {
classMethod() { }
}
let object = new Test()
object.instanceMethod = () => { }
console.log(object)
//output
Test { instanceMethod: [Function (anonymous)] } // no "classMethod" property here.
或者:
var object = {
enumerable: "enumerable property"
}
Object.defineProperty(object, "nonenumerable", {
value: "non-enumerable property",
enumerable: false
})
console.log(object)
// output
{ enumerable: 'enumerable property' } // no "nonenumerable" property here.
这些只是一些简单的例子来说明这一点。我假设您同意在这两种情况下,classMethod 和 nonenumerable 属性实际上可用于输出的对象。
在你的例子中,事实证明 login 方法实际上并没有在 req 对象本身上定义——而是在它的原型链上的某个地方。
passport.authenticate('jwt', function (error, payload, info) {
console.log("login" in req)
console.log(req.hasOwnProperty("login"))
console.log(findOwningObject(req, "login"))
// ...
})
function findOwningObject(object, key) {
if (object.hasOwnProperty(key)) {
return object
}
var proto = Object.getPrototypeOf(object)
if (!proto) throw new Error("Property not found")
return findOwningObject(proto, key)
}
// output
true // login property is available on req?
false // login property is owned by req?
Readable { // owning object for login.
setTimeout: [Function: setTimeout],
_read: [Function: _read],
destroy: [Function: destroy],
_addHeaderLines: [Function: _addHeaderLines],
_addHeaderLine: [Function: _addHeaderLine],
_dump: [Function: _dump],
logIn: [Function (anonymous)],
login: [Function (anonymous)],
logOut: [Function (anonymous)],
logout: [Function (anonymous)],
isAuthenticated: [Function (anonymous)],
isUnauthenticated: [Function (anonymous)]
}
在下面的代码中,当我记录请求对象 (console.log('req', req)) 时,我无法在请求中找到 login() 方法。为什么这里请求的登录方法不可用?
// Login User
app.post('/login', (req, res, next) => {
passport.authenticate('local', {}, (err, user, info) => {
console.log('req', req)
if (err) throw err
if (!user) console.log('User does not exist...')
if (user) {
console.log('user confirmed')
req.logIn(user, next)
}
})(req, res, next);
res.send('User logged in...')
});
中间件...
app.use(express.json())
app.use(cors({ origin: ["http://localhost:3000", "http://localhost:3030"], credentials: true }))
app.use(session({
name: 'bucketbadge:sess',
secret: 'secretcat',
resave: true,
saveUninitialized: true,
cookie: { secure: false }
}))
app.use(passport.initialize())
app.use(passport.session())
require('./config/passport-setup')
护照-setup.js...
passport.use(new LocalStrategy((username, password, done) => {
User.findOne({ username: username }, (err, user) => {
console.log('user in User.findOne', user)
if (err) throw err;
if (!user) return done(null, false);
bcrypt.compare(password, user.password, (err, result) => {
if (err) throw err
if (result === true) {
console.log('user:', user)
return done(null, user);
} else {
return done(null, false);
}
})
});
}
));
passport.serializeUser((user, done) => {
console.log('user.id @ serializeUser:', user.id)
done(null, user.id)
})
passport.deserializeUser((id, done) => {
console.log('deserialize user:', id)
User.findById(id, (err, user) => {
done(err, user.id)
});
});
每个 Passport JS 的文档...
Passport 在请求 (also aliased as logIn()) 上公开了一个 login() 函数,可用于建立登录会话。
req.login(user, function(err) {
if (err) { return next(err); }
return res.redirect('/users/' + req.user.username);
});
登录操作完成后,用户将被分配到req.user.
注:
passport.authenticate() 中间件自动调用 req.login()。该功能主要在用户注册时使用,注册时可以调用req.login()自动登录新注册的用户。
login() 方法不应该在 passport.authenticate() 的请求中可用吗?
也许您对 console.log() 将向您展示的内容假设过多。例如:
class Test {
classMethod() { }
}
let object = new Test()
object.instanceMethod = () => { }
console.log(object)
//output
Test { instanceMethod: [Function (anonymous)] } // no "classMethod" property here.
或者:
var object = {
enumerable: "enumerable property"
}
Object.defineProperty(object, "nonenumerable", {
value: "non-enumerable property",
enumerable: false
})
console.log(object)
// output
{ enumerable: 'enumerable property' } // no "nonenumerable" property here.
这些只是一些简单的例子来说明这一点。我假设您同意在这两种情况下,classMethod 和 nonenumerable 属性实际上可用于输出的对象。
在你的例子中,事实证明 login 方法实际上并没有在 req 对象本身上定义——而是在它的原型链上的某个地方。
passport.authenticate('jwt', function (error, payload, info) {
console.log("login" in req)
console.log(req.hasOwnProperty("login"))
console.log(findOwningObject(req, "login"))
// ...
})
function findOwningObject(object, key) {
if (object.hasOwnProperty(key)) {
return object
}
var proto = Object.getPrototypeOf(object)
if (!proto) throw new Error("Property not found")
return findOwningObject(proto, key)
}
// output
true // login property is available on req?
false // login property is owned by req?
Readable { // owning object for login.
setTimeout: [Function: setTimeout],
_read: [Function: _read],
destroy: [Function: destroy],
_addHeaderLines: [Function: _addHeaderLines],
_addHeaderLine: [Function: _addHeaderLine],
_dump: [Function: _dump],
logIn: [Function (anonymous)],
login: [Function (anonymous)],
logOut: [Function (anonymous)],
logout: [Function (anonymous)],
isAuthenticated: [Function (anonymous)],
isUnauthenticated: [Function (anonymous)]
}