Javascript Express和PassportJs-Google OAuth2.0策略不给我req.user对象

我正在为我们的应用程序设置一个身份验证路由，而我似乎无法使用sequelize让PassportJs的Google oAuth 2.0策略为我提供一个req.user对象。下面是我的代码，我只尝试剪出相关部分：）

我的app.js是如何设置的：

//Dependencies
const creds = require('./credentials');
const express = require('express');
const bodyparser = require('body-parser');
const passport = require('passport');
const flash = require('connect-flash');
const Sequelize = require('sequelize');
const cookieParser = require('cookie-parser');
const session = require('express-session');
const SequelizeStore = require('connect-session-sequelize')(session.Store);
const sequelize = new Sequelize(creds.mssqlAuth);

//Routes
const indexRouter = require('./routes/index');
const authRouter = require('./routes/auth');

//Init
const app = express

//View engine setup
app.set('views', path.join(__dirname, 'views'));
app.set('view engine', 'pug');

//Session config
app.use(session({
  secret: 'this is a super secret session sign in string',
  store:  new SequelizeStore({
    db: sequelize,
    checkExpirationInterval: 15 * 60 * 1000,
    expiration: 8 * 60 * 60 * 1000
  }),
  resave: true,
  saveUninitialized: true,
  cookie: { maxAge: 8 * 60 * 60 * 1000, secure : true }
}));

//Init middlewares
app.use(passport.initialize());
app.use(passport.session());

//Init Routes
app.use('/', indexRouter);
app.use('/auth', authRouter);

'use strict';

// Dependencies
const express = require('express');
const passport = require('passport');
const GoogleStrategy = require('passport-google-oauth20').Strategy;
const creds = require('../credentials');
const Models = require('../models');
const Sequelize = require('sequelize');
const sequelize = new Sequelize(creds.mssqlAuth);

//Init router
const router = express.Router();

//Winston logging - dev purposes only
const winston = require('winston');

//Authenticate with Google and get users data
passport.use(new GoogleStrategy({
    clientID: creds.googleAuth.clientID,
    clientSecret: creds.googleAuth.clientSecret,
    callbackURL: 'http://localhost:3000/auth/callback'
  },
  function(accessToken, refreshToken, profile, done) {
    Models.users.findOne({
      where: {
        email: profile.emails[0].value,
      }
    }).then( user =>{
      if (user){

        Models.user.update({
          **Update existing user here...**
          },
          where: { **Update existing user here...**} })

        .then( user =>{

          return Models.users.findOne({
            where: { email: profile.emails[0].value }
          });

        }).then(user =>{
          return done(null, user);

        }).catch(error => { return done(error, null)});
      }
      else if(!user){
        //****For the sake of brevity - Same as above, only create the new user****//
      }

    }).catch(error => { return done(error, null)});

//Serialization
passport.serializeUser(function(user, done) {
  done(null, user.id);
});

passport.deserializeUser(function(id, done) {
  Models.users.findOne({
    where: { id: id }
  })
    .then(user => done(null, user))
    .catch(error => done(error, null));
});

//Initial auth call to Google
router.get('/',
  passport.authenticate('google', {
    hd: 'ourDomain.com',
    scope: ['email'],
    prompt: 'select_account'
  })
);

//Callback - Send user to index or back to auth screen
router.get('/callback', 
  passport.authenticate('google', 
    { failureRedirect: '/auth',
      successRedirect: '/' }
));

这是我的授权路线：

//Dependencies
const creds = require('./credentials');
const express = require('express');
const bodyparser = require('body-parser');
const passport = require('passport');
const flash = require('connect-flash');
const Sequelize = require('sequelize');
const cookieParser = require('cookie-parser');
const session = require('express-session');
const SequelizeStore = require('connect-session-sequelize')(session.Store);
const sequelize = new Sequelize(creds.mssqlAuth);

//Routes
const indexRouter = require('./routes/index');
const authRouter = require('./routes/auth');

//Init
const app = express

//View engine setup
app.set('views', path.join(__dirname, 'views'));
app.set('view engine', 'pug');

//Session config
app.use(session({
  secret: 'this is a super secret session sign in string',
  store:  new SequelizeStore({
    db: sequelize,
    checkExpirationInterval: 15 * 60 * 1000,
    expiration: 8 * 60 * 60 * 1000
  }),
  resave: true,
  saveUninitialized: true,
  cookie: { maxAge: 8 * 60 * 60 * 1000, secure : true }
}));

//Init middlewares
app.use(passport.initialize());
app.use(passport.session());

//Init Routes
app.use('/', indexRouter);
app.use('/auth', authRouter);

'use strict';

// Dependencies
const express = require('express');
const passport = require('passport');
const GoogleStrategy = require('passport-google-oauth20').Strategy;
const creds = require('../credentials');
const Models = require('../models');
const Sequelize = require('sequelize');
const sequelize = new Sequelize(creds.mssqlAuth);

//Init router
const router = express.Router();

//Winston logging - dev purposes only
const winston = require('winston');

//Authenticate with Google and get users data
passport.use(new GoogleStrategy({
    clientID: creds.googleAuth.clientID,
    clientSecret: creds.googleAuth.clientSecret,
    callbackURL: 'http://localhost:3000/auth/callback'
  },
  function(accessToken, refreshToken, profile, done) {
    Models.users.findOne({
      where: {
        email: profile.emails[0].value,
      }
    }).then( user =>{
      if (user){

        Models.user.update({
          **Update existing user here...**
          },
          where: { **Update existing user here...**} })

        .then( user =>{

          return Models.users.findOne({
            where: { email: profile.emails[0].value }
          });

        }).then(user =>{
          return done(null, user);

        }).catch(error => { return done(error, null)});
      }
      else if(!user){
        //****For the sake of brevity - Same as above, only create the new user****//
      }

    }).catch(error => { return done(error, null)});

//Serialization
passport.serializeUser(function(user, done) {
  done(null, user.id);
});

passport.deserializeUser(function(id, done) {
  Models.users.findOne({
    where: { id: id }
  })
    .then(user => done(null, user))
    .catch(error => done(error, null));
});

//Initial auth call to Google
router.get('/',
  passport.authenticate('google', {
    hd: 'ourDomain.com',
    scope: ['email'],
    prompt: 'select_account'
  })
);

//Callback - Send user to index or back to auth screen
router.get('/callback', 
  passport.authenticate('google', 
    { failureRedirect: '/auth',
      successRedirect: '/' }
));

我似乎能够对所有这些进行身份验证，甚至可以将一个新用户写入到我们的users表中。但在我的索引路由中，我检查以确保req.user存在。它总是未定义的，这将导致返回到auth路由的循环

我想知道这是否与在//localhost而不是实际服务器下设置有关？这段代码旨在成为一个样板设置，让我们能够快速开始新的项目

奇怪的是，每次运行时，这段代码似乎也会将3个单独的会话写入会话表。我不确定这是否是一个无关的问题，或者这是否是我们问题的原因

---

有人有什么指导吗？

解决这个问题的方法很简单-我将会话cookie设置为安全的

以下是相关文件：

所需的只是更改app.js代码：

//Session config
app.use(session({
  secret: 'this is a super secret session sign in string',
  store:  new SequelizeStore({
    db: sequelize,
    checkExpirationInterval: 15 * 60 * 1000,
    expiration: 8 * 60 * 60 * 1000
  }),
  resave: true,
  saveUninitialized: true,
  cookie: { maxAge: 8 * 60 * 60 * 1000, secure : true },
  secure: true
}));

为此：

//Session config
app.use(session({
  secret: 'this is a super secret session sign in string',
  store:  new SequelizeStore({
    db: sequelize,
    checkExpirationInterval: 15 * 60 * 1000,
    expiration: 8 * 60 * 60 * 1000
  }),
  resave: true,
  saveUninitialized: true,
  cookie: { maxAge: 8 * 60 * 60 * 1000 }
}));

//****************************************//
//***** Note the lack of secure: true ****//
//****************************************//

这是因为应用程序运行在http上（因为它的本地主机）。通过该设置，secure:true可防止cookie被发送到auth路由内的反序列化函数。这会使整个身份验证过程失败。在生产中，显然我们将更改配置，但目前效果良好

---

我希望这能为将来节省一些时间，这里有一行修正：）

我们最终找到了解决方案，这与在localhost上运行应用程序有关。我很快会打一个答复