Node.js 为什么get/post方法会抛出未经授权的(401)错误?
我有一个用于登录和注册的项目,注册部分我在其中使用了Express Validator,而登录部分我使用的是Passport.JS但是,当我在app.JS中添加Passport JS时,会抛出未经授权的错误401 app.js(导致问题的行) 这两行代码导致了这个问题,当我对它们进行注释时,它可以工作,但在这种情况下,我将无法使用Passport.js app.js(所有代码行) index.jsNode.js 为什么get/post方法会抛出未经授权的(401)错误?,node.js,mongodb,express,passport.js,express-validator,Node.js,Mongodb,Express,Passport.js,Express Validator,我有一个用于登录和注册的项目,注册部分我在其中使用了Express Validator,而登录部分我使用的是Passport.JS但是,当我在app.JS中添加Passport JS时,会抛出未经授权的错误401 app.js(导致问题的行) 这两行代码导致了这个问题,当我对它们进行注释时,它可以工作,但在这种情况下,我将无法使用Passport.js app.js(所有代码行) index.js var express = require('express'); var router = e
var express = require('express');
var router = express.Router();
const product = require('../model/product');
const users = require('../model/users');
const { check, validationResult } = require('express-validator');
const passport = require('passport');
/* GET home page. */
router.get('/', function(req, res, next) {
product.find({}, (err, doc)=>{
if(err){
console.log('ERR while searching in DB =>' + err);
}
var grid = 3;
var arr = [];
for(var i = 0; i<doc.length; i+=grid){
arr.push(doc.slice(i , i+grid));
}
console.log(arr)
res.render('index', { title: 'Express', product : arr });
})
});
/* router.post('/', function(req, res, next) {
}); */
//GET login
router.get('/login', (req, res, next)=>{
res.render('login')
});
router.post('/login', passport.authenticate('local', {
failureRedirect: '/login',
successRedirect: '/',
failureFlash: true,
}));
router.get('/signup', function (req, res, next){
const msg = req.flash('error')
res.render('signup', {messages : msg});
});
router.post('/signup', [
// password must be at least 5 chars long
check('password').isLength({ min: 5 }).withMessage('Please enter Password with more than 5 letters!'),
// username must be an email
check('username').not().isNumeric().withMessage('please fill username with STRING only'),
// password must be at least 5 chars long
check('email').not().isEmpty().withMessage('please fill email with STRING only'),
check('email').not().isEmail().withMessage('please enter valid email'),
// password must be at least 5 chars long
check('password').not().isEmpty().withMessage('Please fill password fie'),
check('repassword').custom((val, {req})=>{
if(val !== req.body.password){
throw new Error('Password is not equal to confirm password');
}
return true;
})
],
function (req, res, next){
// Finds the validation errors in this request and wraps them in an object with handy functions
const errors = validationResult(req);
if (!errors.isEmpty()) {
var validationMessage = [];
for(var i = 0; i<errors.errors.length; i++){
validationMessage.push(errors.errors[i].msg);
}
req.flash('error', validationMessage)
res.redirect('signup')
}
const newUser = new users({
username : req.body.username,
password : new users().hashPassword(req.body.password)
});
users.findOne({username : req.body.username}, (err, doc)=>{
if(err){
console.log('ERR while getting username =>' + err);
return ;
}
if(doc){
console.log('this email is already exist')
}
});
newUser.save((err, doc)=>{
if(!err){
console.log('err')
}else{
console.log('ERR in saving users =>' + err);
}
})
});
module.exports = router;
您只需要将授权中间件应用于您的私有路由 谢谢大家,回答: app.js(两行导致问题)必须是: 来自
//passport
app.use(passport.authorize());
app.use(passport.session());
//passport
app.use(passport.initialize());
app.use(passport.session());
这是因为您正在将授权中间件应用于每个路由。
{
"name": "market",
"version": "0.0.0",
"private": true,
"scripts": {
"start": "node ./bin/www"
},
"dependencies": {
"bcrypt": "^4.0.0",
"connect-flash": "^0.1.1",
"cookie-parser": "~1.4.4",
"debug": "~2.6.9",
"express": "~4.16.1",
"express-session": "^1.17.0",
"express-validator": "^6.4.0",
"hbs": "~4.0.4",
"http-errors": "~1.6.3",
"mongoose": "^5.9.2",
"morgan": "~1.9.1",
"nodemon": "^2.0.2",
"passport": "^0.4.1",
"passport-local": "^1.0.0"
}
}
//passport
app.use(passport.authorize());
app.use(passport.session());
//passport
app.use(passport.initialize());
app.use(passport.session());