我正在使用护照和mongodb进行身份验证。 Everythin可以按预期工作(登录/注册/受保护的页面等。),但是如果用户希望使用相同的帐户在第二台设备上登录,它将登录但页面永远不会加载。我在页面上有axios请求,这些请求不会触发,但仍可在登录的第一台设备上使用。
这是我的设置:
注意:我仍在学习,所以很抱歉,因为大多数有关身份验证的代码均来自相关库的文档
passport.js
const LocalStrategy = require('passport-local').Strategy
const mongoose = require('mongoose')
const bcrypt = require('bcryptjs')
const User = require('../models/User')
module.exports = function(passport) {
passport.use(
new LocalStrategy({ usernameField: 'email' }, (email, password, done) => {
User.findOne({ email: email })
.then(user => {
if(!user){
return done(null, false, { message: 'some message' })
}
if(user.active === false){
return done(null, false, { message: 'some message' })
}
bcrypt.compare(password, user.password, (err, isMatch) => {
if(err) throw err
if(isMatch){
return done(null, user)
} else {
return done(null, false, { message: 'some message' })
}
})
})
.catch(err => console.log(err))
})
)
passport.serializeUser(function(user, done) {
done(null, user.id)
})
passport.deserializeUser(function(id, done) {
User.findById(id, function(err, user) {
done(err, user)
})
})
}
建模user.js
const mongoose = require('mongoose')
const UserSchema = new mongoose.Schema({
name: {
type: String,
required: true
},
email: {
type: String,
required: true
},
password: {
type: String,
required: true
},
date: {
type: Date,
default: Date.now
},
active: {
type: Boolean,
default: false // check if user clicked on email link
},
confirm: {
type: String // for token validation from email
}
})
const User = mongoose.model('User', UserSchema)
module.exports = User
auth.js
module.exports = {
ensureAuthenticated: function(req, res, next) {
if(req.isAuthenticated()) {
return next()
}
req.flash('error_msg', 'some message')
res.redirect('/login')
}
}
server.js
const express = require('express')
const next = require('next')
const session = require('express-session')
const bodyParser = require('body-parser')
const path = require('path')
const pathMatch = require('path-match')
const app = next({ dev })
const handle = app.getRequestHandler()
const { parse } = require('url')
const mongoose = require('mongoose')
const flash = require('connect-flash')
const passport = require('passport')
const bcrypt = require('bcryptjs')
const User = require('./models/User')
const MongoStore = require('connect-mongo')(session);
require('./config/passport')(passport)
const { ensureAuthenticated } = require('./config/auth')
app.prepare()
.then(() => {
const server = express()
const db = require('./config/keys').MongoURI
mongoose.connect(db, { useNewUrlParser: true })
.then(() => console.log('MongoDB connected'))
.catch(err => console.log(err))
server.use(express.urlencoded({ extended: false }))
server.use(bodyParser.json())
server.use(session({
cookie: {
maxAge: 3600000
},
secret: 'some session secret',
resave: false,
saveUninitialized: true,
store: new MongoStore({ mongooseConnection: mongoose.connection })
}))
server.use(passport.initialize())
server.use(passport.session())
const route = pathMatch()
server.get('/someprotectedpage', ensureAuthenticated, (req, res) => {
return handle(req, res)
})
server.post('/login', (req, res, next) => {
passport.authenticate('local', function (err, user, info) {
if (err) {
return next(err)
} else if (!user) {
req.flash('error_msg', info.message)
return app.render(req, res, '/login', req.flash())
} else {
req.logIn(user, function (err) {
if (err) {
return next(err)
}
return app.render(req, res, '/index')
});
}
})(req, res, next)
})
server.listen(3000, (err) => {
if (err) throw err;
console.log('Server ready on http://localhost:3000')
})
})
.catch((ex) => {
console.error(ex.stack)
process.exit(1)
})