Javascript 无法用passport activedirectory捕获InvalidCredentialsError
我可以通过LDAP进行身份验证,但我似乎不知道如何在用户输入无效用户名/密码时捕获错误。我已经设置了failureRedirect和其他东西,但是当出现错误时,它不会进入身份验证函数中的那个步骤。我也尝试过使用try-catch函数,但运气也不好 以下是指向正在使用的身份验证策略的链接: 前端-我也尝试过将{{{if error}}更改为{{{if failWithError}}Javascript 无法用passport activedirectory捕获InvalidCredentialsError,javascript,passport.js,Javascript,Passport.js,我可以通过LDAP进行身份验证,但我似乎不知道如何在用户输入无效用户名/密码时捕获错误。我已经设置了failureRedirect和其他东西,但是当出现错误时,它不会进入身份验证函数中的那个步骤。我也尝试过使用try-catch函数,但运气也不好 以下是指向正在使用的身份验证策略的链接: 前端-我也尝试过将{{{if error}}更改为{{{if failWithError}} {{#if error}} <div class="alert alert-danger">
{{#if error}}
<div class="alert alert-danger">
Warning! {{error}}
</div>
{{/if}}
第1419行..\node\u modules\ldapjs\lib\client\client.js中的代码块
if (expect.indexOf(msg.status) === -1) {
return sendResult('error', errors.getError(msg));
}
auth.js
module.exports = function(app,passport) {
let opts = {
failWithError: true,
failureRedirect: '/',
successRedirect: '/dashboard',
failureFlash: true
};
app.post('/login', passport.authenticate('ActiveDirectory', opts), function(req, res) {
res.json(req.user);
}, function(err) {
if (err) res.status(401).send('Not Authenticated');
});
};
module.exports = function(passport) {
var ActiveDirectoryStrategy = require('passport-activedirectory');
passport.serializeUser(function (user, done) { done(null, user); });
passport.deserializeUser(function (user, done) { done(null, user); });
passport.use(new ActiveDirectoryStrategy({
integrated: false,
passReqToCallback: true,
ldap: {
url: 'ldap://a.b.awesome:389',
baseDN: 'DC=a,DC=b,DC=awesome',
bindDN: 'CN=rando user,OU=users,DC=a,DC=b,DC=awesome',
bindCredentials: 'ASecret',
searchBase: 'OU=users,DC=a,DC=b,DC=awesome',
searchFilter: '(sAMAccountName={{username}})',
attributes: ['dn', 'displayName', 'givenName', 'sn', 'title', 'userPrincipalName', 'sAMAccountName', 'mail', 'description', 'memberOf'],
logging: {
name: 'ActiveDirectory',
streams: [
{ level: 'debug',
stream: process.stdout }
]
}
}
}, function (req, profile, ad, done) {
ad.isUserMemberOf(profile._json.dn, '123', function (err, isMember) {
if (err) return done(err);
return done (null, profile)
})
}));
};
app.post('/login', passport.authenticate('ActiveDirectory', opts), function(req, res) {
res.json(req.user);
}, function(err, req, res, next) {
let statusCode = /InvalidCredentialsError/.test(err.stack)
? res.redirect('/') && res.send( {error: 'Invalid Credentials!'} )
: 500;
return res.status(statusCode)
});
app.post('/login', passport.authenticate('ActiveDirectory', opts), function(req, res) {
res.json(req.user);
}, function(err, req, res, next) {
let statusCode = /InvalidCredentialsError/.test(err.stack)
? res.render('login', {failWithError: true, error: 'Invalid Username or Password!'})
: res.status(500);
return statusCode
});
{{#if failWithError}}
<div class="alert alert-danger">
<strong>Error!</strong> {{error}}
</div>
{{/if}}
passport.js
module.exports = function(app,passport) {
let opts = {
failWithError: true,
failureRedirect: '/',
successRedirect: '/dashboard',
failureFlash: true
};
app.post('/login', passport.authenticate('ActiveDirectory', opts), function(req, res) {
res.json(req.user);
}, function(err) {
if (err) res.status(401).send('Not Authenticated');
});
};
module.exports = function(passport) {
var ActiveDirectoryStrategy = require('passport-activedirectory');
passport.serializeUser(function (user, done) { done(null, user); });
passport.deserializeUser(function (user, done) { done(null, user); });
passport.use(new ActiveDirectoryStrategy({
integrated: false,
passReqToCallback: true,
ldap: {
url: 'ldap://a.b.awesome:389',
baseDN: 'DC=a,DC=b,DC=awesome',
bindDN: 'CN=rando user,OU=users,DC=a,DC=b,DC=awesome',
bindCredentials: 'ASecret',
searchBase: 'OU=users,DC=a,DC=b,DC=awesome',
searchFilter: '(sAMAccountName={{username}})',
attributes: ['dn', 'displayName', 'givenName', 'sn', 'title', 'userPrincipalName', 'sAMAccountName', 'mail', 'description', 'memberOf'],
logging: {
name: 'ActiveDirectory',
streams: [
{ level: 'debug',
stream: process.stdout }
]
}
}
}, function (req, profile, ad, done) {
ad.isUserMemberOf(profile._json.dn, '123', function (err, isMember) {
if (err) return done(err);
return done (null, profile)
})
}));
};
app.post('/login', passport.authenticate('ActiveDirectory', opts), function(req, res) {
res.json(req.user);
}, function(err, req, res, next) {
let statusCode = /InvalidCredentialsError/.test(err.stack)
? res.redirect('/') && res.send( {error: 'Invalid Credentials!'} )
: 500;
return res.status(statusCode)
});
app.post('/login', passport.authenticate('ActiveDirectory', opts), function(req, res) {
res.json(req.user);
}, function(err, req, res, next) {
let statusCode = /InvalidCredentialsError/.test(err.stack)
? res.render('login', {failWithError: true, error: 'Invalid Username or Password!'})
: res.status(500);
return statusCode
});
{{#if failWithError}}
<div class="alert alert-danger">
<strong>Error!</strong> {{error}}
</div>
{{/if}}
因此,我能够“捕获”错误,不再向用户显示错误消息。 但是,express Handlebar不想显示我的自定义错误消息,我可能做错了 捕获错误的答案是: auth.js
module.exports = function(app,passport) {
let opts = {
failWithError: true,
failureRedirect: '/',
successRedirect: '/dashboard',
failureFlash: true
};
app.post('/login', passport.authenticate('ActiveDirectory', opts), function(req, res) {
res.json(req.user);
}, function(err) {
if (err) res.status(401).send('Not Authenticated');
});
};
module.exports = function(passport) {
var ActiveDirectoryStrategy = require('passport-activedirectory');
passport.serializeUser(function (user, done) { done(null, user); });
passport.deserializeUser(function (user, done) { done(null, user); });
passport.use(new ActiveDirectoryStrategy({
integrated: false,
passReqToCallback: true,
ldap: {
url: 'ldap://a.b.awesome:389',
baseDN: 'DC=a,DC=b,DC=awesome',
bindDN: 'CN=rando user,OU=users,DC=a,DC=b,DC=awesome',
bindCredentials: 'ASecret',
searchBase: 'OU=users,DC=a,DC=b,DC=awesome',
searchFilter: '(sAMAccountName={{username}})',
attributes: ['dn', 'displayName', 'givenName', 'sn', 'title', 'userPrincipalName', 'sAMAccountName', 'mail', 'description', 'memberOf'],
logging: {
name: 'ActiveDirectory',
streams: [
{ level: 'debug',
stream: process.stdout }
]
}
}
}, function (req, profile, ad, done) {
ad.isUserMemberOf(profile._json.dn, '123', function (err, isMember) {
if (err) return done(err);
return done (null, profile)
})
}));
};
app.post('/login', passport.authenticate('ActiveDirectory', opts), function(req, res) {
res.json(req.user);
}, function(err, req, res, next) {
let statusCode = /InvalidCredentialsError/.test(err.stack)
? res.redirect('/') && res.send( {error: 'Invalid Credentials!'} )
: 500;
return res.status(statusCode)
});
app.post('/login', passport.authenticate('ActiveDirectory', opts), function(req, res) {
res.json(req.user);
}, function(err, req, res, next) {
let statusCode = /InvalidCredentialsError/.test(err.stack)
? res.render('login', {failWithError: true, error: 'Invalid Username or Password!'})
: res.status(500);
return statusCode
});
{{#if failWithError}}
<div class="alert alert-danger">
<strong>Error!</strong> {{error}}
</div>
{{/if}}
编辑
我还研究了如何将数据发送到前端,以便以良好的方式显示
新建auth.js
module.exports = function(app,passport) {
let opts = {
failWithError: true,
failureRedirect: '/',
successRedirect: '/dashboard',
failureFlash: true
};
app.post('/login', passport.authenticate('ActiveDirectory', opts), function(req, res) {
res.json(req.user);
}, function(err) {
if (err) res.status(401).send('Not Authenticated');
});
};
module.exports = function(passport) {
var ActiveDirectoryStrategy = require('passport-activedirectory');
passport.serializeUser(function (user, done) { done(null, user); });
passport.deserializeUser(function (user, done) { done(null, user); });
passport.use(new ActiveDirectoryStrategy({
integrated: false,
passReqToCallback: true,
ldap: {
url: 'ldap://a.b.awesome:389',
baseDN: 'DC=a,DC=b,DC=awesome',
bindDN: 'CN=rando user,OU=users,DC=a,DC=b,DC=awesome',
bindCredentials: 'ASecret',
searchBase: 'OU=users,DC=a,DC=b,DC=awesome',
searchFilter: '(sAMAccountName={{username}})',
attributes: ['dn', 'displayName', 'givenName', 'sn', 'title', 'userPrincipalName', 'sAMAccountName', 'mail', 'description', 'memberOf'],
logging: {
name: 'ActiveDirectory',
streams: [
{ level: 'debug',
stream: process.stdout }
]
}
}
}, function (req, profile, ad, done) {
ad.isUserMemberOf(profile._json.dn, '123', function (err, isMember) {
if (err) return done(err);
return done (null, profile)
})
}));
};
app.post('/login', passport.authenticate('ActiveDirectory', opts), function(req, res) {
res.json(req.user);
}, function(err, req, res, next) {
let statusCode = /InvalidCredentialsError/.test(err.stack)
? res.redirect('/') && res.send( {error: 'Invalid Credentials!'} )
: 500;
return res.status(statusCode)
});
app.post('/login', passport.authenticate('ActiveDirectory', opts), function(req, res) {
res.json(req.user);
}, function(err, req, res, next) {
let statusCode = /InvalidCredentialsError/.test(err.stack)
? res.render('login', {failWithError: true, error: 'Invalid Username or Password!'})
: res.status(500);
return statusCode
});
{{#if failWithError}}
<div class="alert alert-danger">
<strong>Error!</strong> {{error}}
</div>
{{/if}}
前端.hbs
module.exports = function(app,passport) {
let opts = {
failWithError: true,
failureRedirect: '/',
successRedirect: '/dashboard',
failureFlash: true
};
app.post('/login', passport.authenticate('ActiveDirectory', opts), function(req, res) {
res.json(req.user);
}, function(err) {
if (err) res.status(401).send('Not Authenticated');
});
};
module.exports = function(passport) {
var ActiveDirectoryStrategy = require('passport-activedirectory');
passport.serializeUser(function (user, done) { done(null, user); });
passport.deserializeUser(function (user, done) { done(null, user); });
passport.use(new ActiveDirectoryStrategy({
integrated: false,
passReqToCallback: true,
ldap: {
url: 'ldap://a.b.awesome:389',
baseDN: 'DC=a,DC=b,DC=awesome',
bindDN: 'CN=rando user,OU=users,DC=a,DC=b,DC=awesome',
bindCredentials: 'ASecret',
searchBase: 'OU=users,DC=a,DC=b,DC=awesome',
searchFilter: '(sAMAccountName={{username}})',
attributes: ['dn', 'displayName', 'givenName', 'sn', 'title', 'userPrincipalName', 'sAMAccountName', 'mail', 'description', 'memberOf'],
logging: {
name: 'ActiveDirectory',
streams: [
{ level: 'debug',
stream: process.stdout }
]
}
}
}, function (req, profile, ad, done) {
ad.isUserMemberOf(profile._json.dn, '123', function (err, isMember) {
if (err) return done(err);
return done (null, profile)
})
}));
};
app.post('/login', passport.authenticate('ActiveDirectory', opts), function(req, res) {
res.json(req.user);
}, function(err, req, res, next) {
let statusCode = /InvalidCredentialsError/.test(err.stack)
? res.redirect('/') && res.send( {error: 'Invalid Credentials!'} )
: 500;
return res.status(statusCode)
});
app.post('/login', passport.authenticate('ActiveDirectory', opts), function(req, res) {
res.json(req.user);
}, function(err, req, res, next) {
let statusCode = /InvalidCredentialsError/.test(err.stack)
? res.render('login', {failWithError: true, error: 'Invalid Username or Password!'})
: res.status(500);
return statusCode
});
{{#if failWithError}}
<div class="alert alert-danger">
<strong>Error!</strong> {{error}}
</div>
{{/if}}
{{{#如果失败}
错误强>{{error}
{{/if}
我使用了您的解决方案一段时间,但我认为这在我看来效果更好:
router.post('/login', (req, res, next) => {
passport.authenticate('ActiveDirectory', opts, (err, user, info) => {
if (err) {
return next(err)
}
if (! user) {
return res.redirect('/login')
}
req.login(user, (err) => {
if(err) {
return next(err)
}
return res.json(req.user)
})
}) (req, res, next)
})
您的第一行回答是:“我使用了您的解决方案一点”。谁是“你的”在这里:)。此外,如果您能解释为什么您的解决方案工作得更好,这将是很有帮助的。