护照应用为什么不对用户进行身份验证?"/>
我的护照应用为什么不对用户进行身份验证?
我正在构建一个护照应用程序,该应用程序应在mysql数据库中搜索电子邮件,并在密码匹配时对用户进行身份验证。这是我的代码:
const express = require("express")
const session = require("express-session");
const bodyParser = require("body-parser");
const { Model, Sequelize, Datatypes } = require("sequelize");
const passport = require("passport");
const LocalStrategy = require("passport-local");
const sequelize = new Sequelize("edit_site", "root", "Ratman4992", {
"host": "localhost",
"dialect": "mysql",
"port": 3306
});
const port = process.env.PORT || 30001
const app = express();
const User = sequelize.define("user", {
"email": {
"type": Sequelize.STRING,
"allowNull": false
},
"password": {
"type": Sequelize.STRING,
"allowNull": false
}
});
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({"extended": true}));
passport.use(new LocalStrategy({
"usernameField": "email",
"passwordField": "password"
},
(email, password, done) => {
User.findOne({"where": { "email": email }}, (error, user) => {
if (error) {
return done(error);
}
if (!user) {
return done(null, false, {"message": "Incorrect username."});
}
if (!user.validPassword(password)) {
return done(null, false, {"message": "Incorrect password."});
}
return done(null, user);
});
}
));
passport.serializeUser(function(user, done) {
done(null, user.id);
});
passport.deserializeUser(function(id, done) {
User.findById(id, function(err, user) {
done(err, user);
});
});
app.post('/api/login', function(req, res, next) {
passport.authenticate('local', function(err, user, info) {
if (err) {
console.log(err);
return next(err);
}
console.log(info);
if (!user) {
console.log("no user");
return res.redirect('/login');
}
console.log(user);
req.logIn(user, function(err) {
if (err) {
console.log(user);
return next(err);
}
return res.redirect('/users/' + user.email);
});
})(req, res, next);
});
app.post("/api/signup", (req, res) => {
console.log(req.body);
User.create({
"email": req.body.email,
"password": req.body.password
}).then(() => {
res.redirect(307, "/api/login");
}).catch((error) => {
console.log(error);
res.json(error);
});
});
app.use(express.static("public"));
app.use(session({
"secret": "cats",
"resave": false,
"saveUninitialized": true,
"cookie": {"secure": false }
}));
app.use(passport.initialize());
app.use(passport.session());
sequelize.sync().then(() => {
app.listen(port, () => {
console.log("listening to requests on port " + port);
});
});
发布到/ api / signup成功在数据库中创建一个条目。但是,当尝试使用相同的电子邮件和密码登录时,我只会在控制台中收到此消息:
Executing (default): SELECT `id`, `email`, `password`, `createdAt`, `updatedAt` FROM `users` AS `user` WHERE `user`.`email` = '[email protected]' LIMIT 1;
然后当我期望通过身份验证的用户时,对req.user
的测试将返回false
。用户为什么不进行身份验证?
我正在使用Express创建服务器,使用MySQL 80存储电子邮件,密码,会话ID等,Sequelize与数据库接口,以及PassportJS进行身份验证。
回答如下:喜欢吗?没有最后一个(req,res,next)
app.post('/api/login', function(req, res, next) {
passport.authenticate('local', function(err, user, info) {
if (err) {
console.log(err);
return next(err);
}
console.log(info);
if (!user) {
console.log("no user");
return res.redirect('/login');
}
console.log(user);
req.logIn(user, function(err) {
if (err) {
console.log(user);
return next(err);
}
return res.redirect('/users/' + user.email);
});
});
});
更多推荐
我的护照应用为什么不对用户进行身份验证?
发布评论