angularjs – NodeJs Passport isAuthenticated()返回false即使在登录后

我是新来的,想要为网站建立本地身份验证.我经历了各种来源,这个 https://vickev.com/#!/article/authentication-in-single-page-applications-node-js-passportjs-angularjs是非常有帮助的.当我尝试在本地主机中构建相同的代码时,我的代码进入了一个循环.

app.post(‘/ login’,…..)在响应中返回用户,但在加载管理页面之后,它将检查用户是否通过调用app.get(‘/ loggedin’)登录. ..)和req.isAuthenticated()即使在登录后也返回false,它进入一个循环.我不明白为什么这是发生在帮助我.

服务器端代码

var express = require('express');
var http = require('http');
var path = require('path');
var passport = require('passport');
var LocalStrategy = require('passport-local').Strategy;
 
//==================================================================
// Define the strategy to be used by PassportJS
passport.use(new LocalStrategy(
  function(username,password,done) {
    if (username === "admin" && password === "admin") // stupid example
      return done(null,{name: "admin"});
 
    return done(null,false,{ message: 'Incorrect username.' });
  }
));
 
// Serialized and deserialized methods when got from session
passport.serializeUser(function(user,done) {
    done(null,user);
});
 
passport.deserializeUser(function(user,user);
});
 
// Define a middleware function to be used for every secured routes
var auth = function(req,res,next){
  if (!req.isAuthenticated()) 
    res.send(401);
  else
    next();
};
//==================================================================
 
// Start express application
var app = express();
 
// all environments
app.set('port',process.env.PORT || 3000);
app.use(express.favicon());
app.use(express.cookieParser()); 
app.use(express.bodyParser());
app.use(express.methodOverride());
app.use(express.session({ secret: 'securedsession' }));
app.use(passport.initialize()); // Add passport initialization
app.use(passport.session());    // Add passport initialization
app.use(app.router);
 
app.all('*',function(req,next) {
  res.header("Access-Control-Allow-Origin","*");
  res.header("Access-Control-Allow-Headers","Origin,X-Requested-With,Content-Type,Accept");
  next();
});
 
// development only
if ('development' == app.get('env')) {
  app.use(express.errorHandler());
}
 
//==================================================================
// routes
app.get('/',res){
  res.render('index',{ title: 'Express' });
});
 
app.get('/users',auth,res){
  res.send([{name: "user1"},{name: "user2"}]);
});
//==================================================================
 
//==================================================================
// route to test if the user is logged in or not
app.get('/loggedin',res) {
  res.send(req.isAuthenticated() ? req.user : '0');
});
 
// route to log in
app.post('/login',passport.authenticate('local'),res) {
  res.send(req.user);
});
 
// route to log out
app.post('/logout',res){
  req.logout();
  res.send(200);
});
//==================================================================
 
http.createServer(app).listen(app.get('port'),function(){
  console.log('Express server listening on port ' + app.get('port'));
});

客户端Js文件

'use strict';
 
/**********************************************************************
 * Angular Application
 **********************************************************************/
var app = angular.module('app',['ngResource','ngRoute'])
  .config(function($routeProvider,$locationProvider,$httpProvider) {
    //================================================
    // Check if the user is connected
    //================================================
    var checkLoggedin = function($q,$timeout,$http,$location,$rootScope){
      // Initialize a new promise
      var deferred = $q.defer();
 
      // Make an AJAX call to check if the user is logged in
      $http.get('http://localhost:3000/loggedin').success(function(user){
        // Authenticated
        if (user !== '0')
          $timeout(deferred.resolve,0);
 
        // Not Authenticated
        else {
          $rootScope.message = 'You need to log in.';
          $timeout(function(){deferred.reject();},0);
          $location.url('/login');
        }
      });
 
      return deferred.promise;
    };
    //================================================
 
    //================================================
    // Add an interceptor for AJAX errors
    //================================================
    $httpProvider.responseInterceptors.push(function($q,$location) {
      return function(promise) {
        return promise.then(
          // Success: just return the response
          function(response){
            return response;
          },// Error: check the error status to get only the 401
          function(response) {
            if (response.status === 401)
              $location.url('/login');
            return $q.reject(response);
          }
        );
      }
    });
    //================================================
 
    //================================================
    // Define all the routes
    //================================================
    $routeProvider
      .when('/',{
        templateUrl: 'views/main.html'
      })
      .when('/admin',{
        templateUrl: 'views/admin.html',controller: 'AdminCtrl',resolve: {
          loggedin: checkLoggedin
        }
      })
      .when('/login',{
        templateUrl: 'views/login.html',controller: 'LoginCtrl'
      })
      .otherwise({
        redirectTo: '/login'
      });
    //================================================
 
  }) // end of config()
  .run(function($rootScope,$http){
    $rootScope.message = '';
 
    // logout function is available in any pages
    $rootScope.logout = function(){
      $rootScope.message = 'Logged out.';
      $http.post('http://localhost:3000/logout');
    };
  });
 
 
/**********************************************************************
 * Login controller
 **********************************************************************/
app.controller('LoginCtrl',function($scope,$rootScope,$location) {
  // This object will be filled by the form
  $scope.user = {};
 
  // Register the login() function
  $scope.login = function(){
    $http.post('http://localhost:3000/login',{
      username: $scope.user.username,password: $scope.user.password,})
    .success(function(user){
      // No error: authentication OK
      $rootScope.message = 'Authentication successful!';
      $location.url('/admin');
    })
    .error(function(){
      // Error: authentication Failed
      $rootScope.message = 'Authentication Failed.';
      $location.url('/login');
    });
  };
});
 
 
 
/**********************************************************************
 * Admin controller
 **********************************************************************/
app.controller('AdminCtrl',$http) {
  // List of users got from the server
  $scope.users = [];
 
  // Fill the array to display it in the page
  $http.get('http://localhost:3000/users').success(function(users){
    for (var i in users)
      $scope.users.push(users[i]);
  });
});

您需要允许将Cookie设置为跨域

在快递

res.header('Access-Control-Allow-Credentials',true);

并在ajax设置

xhrFields: {
     withCredentials: true
 }

您可以找到相关的答案here和here

angularjs – NodeJs Passport isAuthenticated()返回false即使在登录后

猜你在找的Angularjs相关文章