我已经使用next.js构建了一个React应用,并为服务器进行了表达。现在,我尝试添加本地身份验证,但是身份验证每次都会失败。我认为这与未正确将参数传递给策略有关,但我无法弄清楚。
我已经尝试记录错误,但是passport.js不会返回任何有意义的错误消息。
预期行为:
用户存储在MongoDB中。用户应该能够通过登录表单登录,然后用于该用途的会话应保留在cookie中。
当前行为
将POST发送到/ login后,页面将按照authenticate方法中的指定重定向到/ 404。添加日志记录时,似乎根本无法访问用户。
server.js
/// BUNCH OF IMPORTS ///
const initializePassport = require("./passportConfig");
const usersApi = require("./api/handlers/usersApiHandlers");
initializePassport(
passport,email => usersApi.getUserBySearchparam(email),id => usersApi.getUserBySearchparam(id)
);
const sessionconfig = {
secret: uid.sync(18),cookie: {
maxAge: 86400 * 1000 // 24 hours in milliseconds
},resave: false,saveUninitialized: true
};
...
app.prepare().then(() => {
const server = express();
server.use(session(sessionconfig));
server.use(flash());
server.use(passport.initialize());
mongoose.connect(process.env.DATABASE_URL,{ useNewUrlParser: true });
const db = mongoose.connection;
db.on("error",error => console.error(error));
db.once("open",() => console.log("connected to database"));
server.use(cors());
server.post(
"/login/",passport.authenticate("local",{
successRedirect: "/api/swagger-doc",failureRedirect: "/404",failureflash: true
})
);
/// Bunch of routes to the different Pages ///
passportConfig.js
const LocalStrategy = require("passport-local").Strategy;
const bcrypt = require("bcrypt");
function initialize(passport,getUserByEmail,getUserById) {
const authenticateUser = async (email,password,done) => {
const user = getUserByEmail(email);
if (user == null) {
return done(null,false,{ message: "No user with that email" });
}
try {
if (await bcrypt.compare(password,user.password)) {
return done(null,user);
}
return done(null,{ message: "Password incorrect" });
} catch (error) {
return done(error);
}
};
passport.use(new LocalStrategy({ usernameField: "email" },authenticateUser));
passport.serializeuser((user,done) => done(null,user.id));
passport.deserializeuser((user,done) => {
done(null,getUserById(user.id));
});
}
module.exports = initialize;
getUserBySearchparam
const getUserBySearchparam = searchParam => {
return fetch(baseURL + searchParam)
.then(handleResponse)
.catch(handleError);
};
为getUserBySearchparam返回JSON
{
"email": "...","isactivated": true,"imageUrl": "...","name": "...","password": "...","role": "...","_id": "..."
}