Javascript nodejs passport基本策略未经授权
我正在尝试使用Javascript nodejs passport基本策略未经授权,javascript,node.js,express,passport.js,Javascript,Node.js,Express,Passport.js,我正在尝试使用BasicStrategy测试一个简单的passport身份验证。我能够创建一个用户与电子邮件和密码(密码是散列)。但是,当我登录时我被授权了 app.js const express = require('express'); const app = express(); var bodyParser = require('body-parser'); var passport = require('passport'); var BasicStrategy = require(
BasicStrategy登录时const express = require('express');
const app = express();
var bodyParser = require('body-parser');
var passport = require('passport');
var BasicStrategy = require('passport-http').BasicStrategy;
const index = require('./routes/index.js');
const userRouter = require('./routes/user');
const User = require('./models/User');
// connect to mongodb
var mongoose = require('mongoose');
mongoose.connect('mongodb://localhost:27017/test', {useNewUrlParser: true})
.then(() => {
console.log('connected to mongodb');
}).catch(err => {
console.log("Connection failed with an error " + err);
});
passport.use(new BasicStrategy(
function (email, password, done) {
User.findUserByEmail(email, function(err, user) {
if (err) {
return done(err);
}
if (!user) {
return done(null, false, {message: 'User not found'});
}
User.comparePassword(password, user.password, function(err, isMatch) {
if (err) {
return done(err);
}
if (isMatch) {
return done(null, user);
} else {
return done(null, {message: 'Invalid password'});
}
});
});
}
));
// Middleware
app.use(passport.initialize());
app.use(bodyParser.urlencoded({ extended: true }));
app.use("/users", userRouter);
app.get('/', index);
app.listen(3000, () => console.log(`Open http://localhost:3000 to see a response.`));
var express = require('express');
var router = express.Router();
var passport = require('passport');
var User = require('../models/User');
router.post('/create', function(req, res) {
var newUser = new User({
name: req.body.name,
email: req.body.email,
password: req.body.password,
role: 'student',
});
User.createUser(newUser, function(err, user) {
if (err) throw err;
res.send(user).end();
});
});
router.post('/signin',
passport.authenticate('basic', {session: false}),
function(req, res) {
res.send({
status: 'success',
});
});
module.exports = router;
var mongoose = require('mongoose');
var bcrypt = require('bcryptjs');
var UserSchema = mongoose.Schema({
name: String,
email: {
type: String,
index: true,
unique: true
},
password: String,
});
var User = module.exports = mongoose.model('User', UserSchema);
module.exports.createUser = function(newUser, callback){
bcrypt.genSalt(10, function(err, salt) {
bcrypt.hash(newUser.password, salt, function(err, hash) {
newUser.password = hash;
newUser.save(callback);
});
});
}
module.exports.findUserByEmail = function(email, callback) {
User.findOne({email: email}, callback);
}
module.exports.comparePassword = function(password, passwordHash ,callback) {
bcrypt.compare(password, passwordHash, function(err, isMatch) {
if (err) throw err;
callback(null, isMatch);
});
}
const express = require('express');
const app = express();
var bodyParser = require('body-parser');
var passport = require('passport');
var BasicStrategy = require('passport-http').BasicStrategy;
const index = require('./routes/index.js');
const userRouter = require('./routes/user');
const User = require('./models/User');
// connect to mongodb
var mongoose = require('mongoose');
mongoose.connect('mongodb://localhost:27017/test', {useNewUrlParser: true})
.then(() => {
console.log('connected to mongodb');
}).catch(err => {
console.log("Connection failed with an error " + err);
});
passport.use(new BasicStrategy(
function (email, password, done) {
User.findUserByEmail(email, function(err, user) {
if (err) {
return done(err);
}
if (!user) {
return done(null, false, {message: 'User not found'});
}
User.comparePassword(password, user.password, function(err, isMatch) {
if (err) {
return done(err);
}
if (isMatch) {
return done(null, user);
} else {
return done(null, {message: 'Invalid password'});
}
});
});
}
));
// Middleware
app.use(passport.initialize());
app.use(bodyParser.urlencoded({ extended: true }));
app.use("/users", userRouter);
app.get('/', index);
app.listen(3000, () => console.log(`Open http://localhost:3000 to see a response.`));
var express = require('express');
var router = express.Router();
var passport = require('passport');
var User = require('../models/User');
router.post('/create', function(req, res) {
var newUser = new User({
name: req.body.name,
email: req.body.email,
password: req.body.password,
role: 'student',
});
User.createUser(newUser, function(err, user) {
if (err) throw err;
res.send(user).end();
});
});
router.post('/signin',
passport.authenticate('basic', {session: false}),
function(req, res) {
res.send({
status: 'success',
});
});
module.exports = router;
var mongoose = require('mongoose');
var bcrypt = require('bcryptjs');
var UserSchema = mongoose.Schema({
name: String,
email: {
type: String,
index: true,
unique: true
},
password: String,
});
var User = module.exports = mongoose.model('User', UserSchema);
module.exports.createUser = function(newUser, callback){
bcrypt.genSalt(10, function(err, salt) {
bcrypt.hash(newUser.password, salt, function(err, hash) {
newUser.password = hash;
newUser.save(callback);
});
});
}
module.exports.findUserByEmail = function(email, callback) {
User.findOne({email: email}, callback);
}
module.exports.comparePassword = function(password, passwordHash ,callback) {
bcrypt.compare(password, passwordHash, function(err, isMatch) {
if (err) throw err;
callback(null, isMatch);
});
}
const express = require('express');
const app = express();
var bodyParser = require('body-parser');
var passport = require('passport');
var BasicStrategy = require('passport-http').BasicStrategy;
const index = require('./routes/index.js');
const userRouter = require('./routes/user');
const User = require('./models/User');
// connect to mongodb
var mongoose = require('mongoose');
mongoose.connect('mongodb://localhost:27017/test', {useNewUrlParser: true})
.then(() => {
console.log('connected to mongodb');
}).catch(err => {
console.log("Connection failed with an error " + err);
});
passport.use(new BasicStrategy(
function (email, password, done) {
User.findUserByEmail(email, function(err, user) {
if (err) {
return done(err);
}
if (!user) {
return done(null, false, {message: 'User not found'});
}
User.comparePassword(password, user.password, function(err, isMatch) {
if (err) {
return done(err);
}
if (isMatch) {
return done(null, user);
} else {
return done(null, {message: 'Invalid password'});
}
});
});
}
));
// Middleware
app.use(passport.initialize());
app.use(bodyParser.urlencoded({ extended: true }));
app.use("/users", userRouter);
app.get('/', index);
app.listen(3000, () => console.log(`Open http://localhost:3000 to see a response.`));
var express = require('express');
var router = express.Router();
var passport = require('passport');
var User = require('../models/User');
router.post('/create', function(req, res) {
var newUser = new User({
name: req.body.name,
email: req.body.email,
password: req.body.password,
role: 'student',
});
User.createUser(newUser, function(err, user) {
if (err) throw err;
res.send(user).end();
});
});
router.post('/signin',
passport.authenticate('basic', {session: false}),
function(req, res) {
res.send({
status: 'success',
});
});
module.exports = router;
var mongoose = require('mongoose');
var bcrypt = require('bcryptjs');
var UserSchema = mongoose.Schema({
name: String,
email: {
type: String,
index: true,
unique: true
},
password: String,
});
var User = module.exports = mongoose.model('User', UserSchema);
module.exports.createUser = function(newUser, callback){
bcrypt.genSalt(10, function(err, salt) {
bcrypt.hash(newUser.password, salt, function(err, hash) {
newUser.password = hash;
newUser.save(callback);
});
});
}
module.exports.findUserByEmail = function(email, callback) {
User.findOne({email: email}, callback);
}
module.exports.comparePassword = function(password, passwordHash ,callback) {
bcrypt.compare(password, passwordHash, function(err, isMatch) {
if (err) throw err;
callback(null, isMatch);
});
}
非常感谢你的帮助。谢谢 问题主要在于您使用的是HTTP基本身份验证Passport策略。如果您将登录请求更改为以下内容,它将起作用:
curl -X POST --user test@gmail.com:123456 http://localhost:3000/users/signin
如果您确实希望使用电子邮件和密码正文参数,可以查看 问题主要在于您使用的是HTTP基本身份验证Passport策略。如果您将登录请求更改为以下内容,它将起作用:
curl -X POST --user test@gmail.com:123456 http://localhost:3000/users/signin
如果您确实希望使用电子邮件和密码正文参数,可以查看 您的请求应该是
curl -X POST --user username:password <<loginURL>> or
curl -X POST -u username:password <<loginURL>>
curl-X POST--用户用户名:密码或
curl-X POST-u用户名:密码
curl -X POST --user username:password <<loginURL>> or
curl -X POST -u username:password <<loginURL>>
curl-X POST--用户用户名:密码或
curl-X POST-u用户名:密码
curl-v--user进行了测试test@gmail.com:123456 http://localhost:3000/users/signincurl-v--user进行了测试test@gmail.com:123456 http://localhost:3000/users/signin