我有一个向Vue前端提供数据的Node/Express API,现在正在添加用于身份验证和授权的Passport。我有一个createUser函数,它成功地添加了用户,但在这样做时函数挂起。我肯定这只是我错过的一件愚蠢的事情,比如没有调用next()(尽管我已经调用了),我希望有一个头脑更清醒的人看一下。
//authrotes.js
const router = require('express').Router();
const { createUser } = require('../controllers/authController');
router.route('/auth/register').post(createUser);
module.exports = router;
//authController.js
'use strict';
const authHelpers = require('../auth/_helpers');
const passport = require('../auth/local');
const handleResponse = (res, code, statusMsg) => {
res.status(code).json({ status: statusMsg });
};
const createUser = (req, res, next) => {
// passes correct user and pass
console.log(req.body);
return authHelpers
.createUser(req, res, next)
.then(() => {
passport.authenticate('local', (err, user, info) => {
if (err) {
handleResponse(res, 500, 'error');
console.log(info);
}
if (user) {
handleResponse(res, 200, 'success');
console.log(info);
}
})(req, res, next);
})
.catch(next);
};
module.exports = {
createUser,
};
//auth/_helpers.js
const bcrypt = require('bcryptjs');
const knex = require('../db/connection');
const comparePass = (userPassword, databasePassword) =>
bcrypt.compareSync(userPassword, databasePassword);
const createUser = req => {
const salt = bcrypt.genSaltSync();
const hash = bcrypt.hashSync(req.body.password, salt);
return knex('users')
.insert({
email: req.body.email,
password: hash,
})
.returning('*');
};
module.exports = {
comparePass,
createUser,
};
编辑1:
按照@Cantuket的建议,记录createUser返回的内容将生成user对象,该对象将正确地插入到DB中:
//console.log('res:',result)
{ id: 30,
email: 'boooya@dubay.com',
password:
'$2a$10$WNX.9ur7PlS9ZZvZlJk9Tu9j3lWMjaTlUQ1v7i84dqgHscDupIowW',
admin: false,
created_at: 2019-03-01T18:22:53.120Z,
updated_at: 2019-03-01T18:22:53.120Z,
last_login: null }
```
EDIT 2:
Thanks to [@cantuket][1] for reminding me to get dirty with console logs, I figured it out by switching 'user' with the returned value (here response), and returning nexts. See below for the fix that worked:
const createUser=(req,res,next)=>{return authHelpers.createUser(req,res).then(response=>{passport.authenticate(“local”,(err,user,info)=>{if(err){console.error(err);console.info(info);handleResponse(res,500,“错误”);返回next(err);}if(!response){console.error(err);console.info(info);handleResponse(res,500,“无用户”);返回next(err);}if(响应){handleResponse(res,200,'success');next();}})(req,res,next);}).catch(err=>{console.error(err);console.info(info);handleResponse(res,500,“error”);return next(err);});};
[1]: https://meta.stackexchange.com/users/461693/cantuket
没有回答:
我要做的第一件事是检查createuser()->knex().insert()返回的内容...
.then(result => {
console.log('createUser:', result)
passport.authenticate('local', (err, user, info) => {
if (err) {
handleResponse(res, 500, 'error');
console.log(info);
}
if (user) {
handleResponse(res, 200, 'success');
console.log(info);
}
})(req, res, next);
})
.catch(err=> {
console.log('err createUser:', err)
next();
});
我可以看到您正在验证passport而不是已注册的用户。确保在您的主条目文件app.js中使用passport,如下所示。
const passport = require('passport')
app.use(passport.initialize())
app.use(passport.session())
passport.use(User.createStrategy())
passport.serializeUser((user, done)=>done(null, user.id));
passport.deserializeUser((id, done)=>User.findById(id, (err, user)=>done(err, user)))
app.use((req, res, next)=>{
res.locals.currentUser = req.user;
res.locals.title = 'Conforti';
res.locals.success = req.session.success || '';
delete req.session.success;
res.locals.error = req.session.error || '';
delete req.session.error;
res.locals.csrfToken= req.csrfToken();
req.session.cookie.expires = new Date(Date.now() + 3600000)
req.session.cookie.maxAge = 3600000
next();
});
在您的控制器中,您应该导入用户模型并对其进行身份验证,如下所示:
const User = require('../models/users')
这是postLogin函数:
postLogin: async (req, res, next)=>{
const {username, password} = req.body;
const {user, error} = await User.authenticate()(username, password);
if(!user && error) return next(error);
req.login(user, (err)=>{
if(err) return next(err);
req.session.success = `Welcome back, ${user.username}`;
const redirectUrl = req.session.redirectTo || '/';
delete req.session.redirectTo;
res.redirect(redirectUrl);
});
},
这可能不是全部代码,但它可以帮助您发现错误。
您也可以在npmjs.com上查看passport文档
