Passport Local Remember Me Strategy

时间:2017-06-12 17:05:36

标签: node.js passport.js mern

I am trying to create a passport remember me strategy but I am not sure how to call it. My overall strategy is to store two tokens in my database and as cookies on the client's computer and compare then to verify that they are real users. I am currently attempting to pass app.use a passport.authenticate strategy so that I can verify success of failure using my strategy.

In my app.js file I have:

    passport.use('rememberMe',new passportLocal.Strategy({ passReqToCallback: true },
  (req, cb) => {
    //check req.cookies['token']...
    return cb(null, (rememberMe.checkPersistance(req.cookies['token'], req.cookies['statictoken'])));
  }));

app.use((req, res) => passport.authenticate('rememberMe'), (req, res) => {
  //successfully logged in!
})

Note: rememberMe.checkPersistance does the comparison against the database and returns a true or false.

My problem is that I don't think I am using the app.use syntax correctly and I am not sure what the correct way to do it. How do I use passport.authenticate when it isn't in a .POST function?

2 个答案:

答案 0 :(得分:0)

我找到了这个问题的答案,总的来说我只有这个问题因为我不明白.get和.post是如何工作的。对于您传递的每个函数,该函数都可以获取请求,响应和下一个。

因此,您可以使用.get替换.post,以获取您将在线查看的大多数护照示例。它们之间的区别在于post被设计为发送数据然后返回某些内容(如登录信息),而get被设计为查询某些信息的方式。 Here是更详细的解释。

答案 1 :(得分:0)

为令牌创建架构

'use strict'
const mongoose = require('mongoose'),
Schema = mongoose.Schema;

const TokenSchema = Schema({
    value: {
        type: String,
        required: true
    },

    user: {
        type: Schema.Types.ObjectId,
        ref: 'users',
        required: true
    }
});

module.exports = mongoose.model('token', TokenSchema);

然后定义您的策略

passport.use(new RememberMeStrategy(
    function(token, done) {
        Token.findOneAndRemove({ value: token })
        .populate('user')
        .exec( function (err, doc) {
            if(err) return done(err);
            if(!doc) return done(null,false);
            return done(null, doc.user);
        });
    },
    function(user, done) {
        crypto.randomBytes(64, (err, buf) => {
            const value = buf.toString('hex');
            const token = new Token({
                value: value,
                user: user._id
            });
            token.save((err) => {
                if (err) return done(err);
                console.log(value);
                return done(null, value)
            });
        });
    }
));

我发现了一个问题:定义此策略并选中“记住我”框后,我无法注销。 我只是想在返回时自动填写表单loggin,但看来此模块没有用,它没有我想要的行为。

相关问题
最新问题