我使用passportjs构建了登录系统,它就像魅力一样。但现在我正在努力解决如何区分登录系统的管理员。因为它在mongoosejs中使用不同的数据库模型模式,我不知道该怎么做。我已经在stackoverflow上搜索并找到了这个帖子Use multiple local strategies in PassportJS,但是,我还是不能完全理解如何将它应用到我当前的护照配置中。在这段代码中:
passport.serializeUser(function(user, done) {
if (isUser(user)) {
// serialize user
} else if (isSponsor(user)) {
// serialize company
}
});
什么是isUser和isSponsor功能呢?我仍然无法得到它以及如何将它应用到我的代码中。
这是我的护照配置。 https://github.com/pepziman/gampangpoll-node-server/blob/master/config/passport.js
目前我仍然对我的用户和管理员登录使用相同的本地登录策略,但它完全失败,因为我的用户也可以使用他们的凭据访问管理页面。我做了一个不同的登录策略,称为admin-login,使用不同的mongoose模型,但无法理解如何更改serializeUser和deserializeUser函数以满足我的需要。任何解决方案将不胜感激。提前谢谢
答案 0 :(得分:0)
您可以按照下面的代码片段进行操作,以拥有两种不同的策略(此处为学生和教师),我们制定了两种本地策略,并对其进行了序列化和反序列化。希望这会有所帮助:)
app.get("/register", function(req, res){
res.render("reg")
})
app.post("/register", function(req, res){
var type = req.body.type
if(type=="student"){
var newUser = new Student({
username: req.body.username,
gender: req.body.gender,
rollnumber: req.body.rollnumber,
dob: req.body.dob,
email: req.body.email,
type: req.body.type,
password: req.body.password
})
req.checkBody('username','UserName is Required').notEmpty();
req.checkBody('rollnumber','Roll Number is Required').notEmpty();
req.checkBody('email','Email Required').notEmpty();
req.checkBody('email','Email Invalid').isEmail();
req.checkBody('password','Password is Required').notEmpty();
req.checkBody('password1','Passwords do not match').equals(req.body.password);
var errors = req.validationErrors();
if(errors){
res.render('Sregister', {errors: errors});
}else{
bcrypt.genSalt(10, function(err, salt){
bcrypt.hash(newUser.password, salt, function(err, hash){
if(!err){
newUser.password = hash;
}
newUser.save(function(err){
if(!err){
console.log("success in reg");
res.redirect("/student/login")
}
})
})
})
}}
else if(type=="teacher"){
var newUser = new Teacher({
username: req.body.username,
gender: req.body.gender,
rollnumber: req.body.rollnumber,
dob: req.body.dob,
email: req.body.email,
type: req.body.type,
password: req.body.password
})
req.checkBody('username','UserName is Required').notEmpty();
req.checkBody('rollnumber','Roll Number is Required').notEmpty();
req.checkBody('email','Email Required').notEmpty();
req.checkBody('email','Email Invalid').isEmail();
req.checkBody('password','Password is Required').notEmpty();
req.checkBody('password1','Passwords do not match').equals(req.body.password);
var errors = req.validationErrors();
if(errors){
res.render('Sregister', {errors: errors});
}else{
bcrypt.genSalt(10, function(err, salt){
bcrypt.hash(newUser.password, salt, function(err, hash){
if(!err){
newUser.password = hash;
}
newUser.save(function(err){
if(!err){
console.log("success in reg");
res.redirect("/teacher/login")
}
})
})
})
}}
})
//strategies
passport.use('student', new LocalStrategy(function(username, password, done){
var query = {username: username};
Student.findOne(query, function(err, student){
if(err) throw err;
if(!student){
return done(null, false);
}
bcrypt.compare(password,student.password, function(err, isMatch){
if(err) throw err;
if(isMatch)
return done(null, student);
else
return done(null,false);
})
})
}))
passport.use('teacher', new LocalStrategy(function(username, password, done){
var query = {username: username};
Teacher.findOne(query, function(err, teacher){
if(err) throw err;
if(!teacher){
console.log("no teach")
return done(null, false);
}
bcrypt.compare(password,teacher.password, function(err, isMatch){
if(err) throw err;
if(isMatch)
return done(null, teacher);
else
return done(null,false);
})
})
}))
//serialize deserizlize
passport.serializeUser(function (entity, done) {
done(null, { id: entity.id, type: entity.type });
});
passport.deserializeUser(function (obj, done) {
switch (obj.type) {
case 'student':
Student.findById(obj.id)
.then(user => {
if (user) {
done(null, user);
}
else {
done(new Error('user id not found:' + obj.id, null));
}
});
break;
case 'teacher':
Teacher.findById(obj.id)
.then(device => {
if (device) {
done(null, device);
} else {
done(new Error('device id not found:' + obj.id, null));
}
});
break;
default:
done(new Error('no entity type:', obj.type), null);
break;
}
});
//login routes
app.get("/student/login", function(req, res){
res.render("slogin")
})
app.get("/teacher/login", function(req, res){
res.render("tlogin")
})
app.post('/student/login',
passport.authenticate('student', { successRedirect: '/student/home', failureRedirect: '/student/login' }));
app.post('/teacher/login',
passport.authenticate('teacher', { successRedirect: '/teacher/home', failureRedirect: '/teacher/login' }));
app.get("/", function(req, res){
res.render("home");
})
app.get("/student/home", function(req, res){
res.send("hi student")
})
app.get("/teacher/home", function(req, res){
res.send("hi teacher")
})