我正在使用Node.js和Express构建一个RESTful应用程序,但是在身份验证方面遇到了一些麻烦。 我正在使用Passport JS和express-session做身份验证部分。登录后,请注销等待响应,直到会话cookie过期为止,这样注销将不起作用。
我已经在寻找passport.js文档,但是注销仍然无法正常工作
<form method="POST" action="/login/">
<div class="form-group">
<label for="email">Email:</label>
<input type="email" class="form-control" id="email" name="email">
</div>
<div class="form-group">
<label for="password">Password:</label>
<input type="password" class="form-control" id="password" name="password">
</div>
<div class="checkbox">
<label><input type="checkbox"> Remember me</label>
</div>
<button type="submit" class="btn btn-default" >Submit</button>
<!--onclick="changeToAdmin()"-->
</form>
<form method="GET" action="/logout">
<button type="submit" class="btn btn-default" >Logout</button>
</form>
const express = require('express');
const requestHandlers = require("./scripts/requestHandlers.js");
const app = express();
const bodyParser = require('body-parser');
const session = require('express-session');
const passport = require('passport');
const path = require('path');
const cookieParser = require("cookie-parser")
const MySQLStore = require('express-mysql-session')
const Usuario = require('./models/Usuario')
const bcrypt = require('bcrypt');
const LocalStrategy = require('passport-local').Strategy
app.use(bodyParser.json())
app.use(bodyParser.urlencoded({ extended: false }))
app.use(express.static("www"))
app.use(cookieParser())
var options = {
"host": "localhost",
"user": "root",
"database": "proj_pi",
"password": "t00R"
};
var sessionStore = new MySQLStore(options);
const session_name = 'session'
app.use(session({
name: session_name,
secret: 'sportclubeinternacional',
resave: false,
store: sessionStore,
saveUninitialized: false,
cookie: {maxAge: 60000}
}));
app.use(passport.initialize());
app.use(passport.session());
passport.use(new LocalStrategy(function (username, password, done) {
User.findOne({ username: username }, function (err, user) {
if (err) { return done(err); }
if (!user) {
return done(null, false, { message: 'Incorrect username.' });
}
if (!user.validPassword(password)) {
return done(null, false, { message: 'Incorrect password.' });
}
return done(null, user);
});
}
));
app.post("/login", function (req, res) {
let email = req.body.email;
let password = req.body.password;
Usuario.findOne({
where: { email: email}
})
.then( function (user) {
if (!user) {
res.send("username not found")
}
else {
bcrypt.compare(password, user.palavra_passe, function (err, result) {
if(err) throw err;
if (result) {
req.login(user, function(err){
authenticationMiddleware();
res.send("Logged in");
})
}
else {
res.send('Incorrect password');
}
});
}
})
});
passport.serializeUser(function (user, done) {
done(null, user.id_user);
});
passport.deserializeUser(function (user, done) {
Usuario.findByPk(user.id_user, function (err, user) {
done(err, user);
});
});
function authenticationMiddleware() {
return (req, res, next) => {
console.log(`req.session.passport.user: ${JSON.stringify(req.session.passport)}`);
if (req.isAuthenticated()) return next();
res.render('/')
}
}
app.get('/logout', function(req, res){
sessionStore.destroy()
req.logOut();
res.redirect('/');
});