Node.js 带ExpressJS的PassportJS多租户
我试图实现一个解决方案,其中我有一个ExpressJS应用程序和两个Mongoose模型供用户使用,一个供标准用户使用,另一个供管理员使用。我正在为用户模型使用Node.js 带ExpressJS的PassportJS多租户,node.js,express,mongoose,passport.js,passport-local,Node.js,Express,Mongoose,Passport.js,Passport Local,我试图实现一个解决方案,其中我有一个ExpressJS应用程序和两个Mongoose模型供用户使用,一个供标准用户使用,另一个供管理员使用。我正在为用户模型使用passport local mongoose。但是,我遇到了一个问题,身份验证会成功,但用户不会保持会话状态(req.user未定义)。我认为使用一个ExpressJS应用程序使用两个Passport本地策略会有冲突。我一直在寻找例子,但没有任何效果。请参阅下面我的代码: index.js 'use strict'; const ex
passport local mongoosereq.userindex.js'use strict';
const express = require('express');
const bodyParser = require('body-parser');
const Passport = require('passport').Passport,
appPass = new Passport(),
adminPass = new Passport();
const mongoose = require('mongoose');
const cookieSession = require('cookie-session');
const path = require('path');
const keys = require('./config/keys');
require('./models/User');
require('./models/AdminUser');
require('./models/EM');
mongoose.Promise = global.Promise;
mongoose
.connect(keys.mongoURI)
.then(() => console.log('DB connection successful'))
.catch(err => console.error(err));
// Create new instances of express
const app = express();
const adminApp = express();
// View engine setup
adminApp.set('views', path.join(__dirname, 'views/admin'));
adminApp.set('view engine', 'pug');
// Tell express to use the body-parser middleware and to not parse extended bodies
adminApp.use(bodyParser.urlencoded({ extended: true }));
adminApp.use(bodyParser.json());
const AdminUser = mongoose.model('AdminUser');
adminPass.use(AdminUser.createStrategy());
adminPass.serializeUser(AdminUser.serializeUser());
adminPass.deserializeUser(AdminUser.deserializeUser());
adminApp.use(
cookieSession({
maxAge: 30 * 24 * 60 * 60 * 1000,
keys: [keys.adminCookieKey]
})
);
adminApp.use(adminPass.initialize());
adminApp.use(adminPass.session());
adminApp.use(express.static('public'));
require('./routes/adminRoutes')(adminApp);
adminApp.listen(5001, function(err) {
if (err) {
console.log(err);
}
console.log('Admin server started on port 5001');
});
// app.use(cors());
// View engine setup
app.set('views', path.join(__dirname, 'views'));
app.set('view engine', 'pug');
// Tell express to use the body-parser middleware and to not parse extended bodies
app.use(bodyParser.urlencoded({ extended: true }));
app.use(bodyParser.json());
const User = mongoose.model('User');
appPass.use(User.createStrategy());
appPass.serializeUser(User.serializeUser());
appPass.deserializeUser(User.deserializeUser());
app.use(
cookieSession({
maxAge: 30 * 24 * 60 * 60 * 1000,
keys: [keys.cookieKey]
})
);
app.use(appPass.initialize());
app.use(appPass.session());
app.use(express.static('public'));
require('./routes/authRoutes')(app);
require('./routes/portalRoutes')(app);
require('./routes/apiRoutes')(app);
if (process.env.NODE_ENV === 'production') {
// Express will serve up production assets
// like our main.js file, or main.css file!
app.use(express.static('client/build'));
// Express will serve up the index.html file
// if it doesn't recognize the route
app.get('*', (req, res) => {
res.sendFile(path.resolve(__dirname, 'client', 'build', 'index.html'));
});
}
const PORT = process.env.PORT || 5000;
app.listen(PORT, function(err) {
if (err) {
console.log(err);
}
console.log('Server started on port 5000');
});
module.exports = {
adminPass: adminPass,
appPass: appPass
};
var Index = require('../index');
var admin = require('../controllers/AdminController.js');
module.exports = app => {
// route to admin dashboard page
app.get('/adminDB', admin.adminDB);
// route to admin login page
app.get('/adminLogin', admin.adminLogin);
// route for admin login action
app.post(
'/adminLogin',
Index.adminPass.authenticate('local'),
admin.adminDoLogin
);
// route for admin logout action
app.get('/adminLogout', admin.adminLogout);
};
adminRoutes.js'use strict';
const express = require('express');
const bodyParser = require('body-parser');
const Passport = require('passport').Passport,
appPass = new Passport(),
adminPass = new Passport();
const mongoose = require('mongoose');
const cookieSession = require('cookie-session');
const path = require('path');
const keys = require('./config/keys');
require('./models/User');
require('./models/AdminUser');
require('./models/EM');
mongoose.Promise = global.Promise;
mongoose
.connect(keys.mongoURI)
.then(() => console.log('DB connection successful'))
.catch(err => console.error(err));
// Create new instances of express
const app = express();
const adminApp = express();
// View engine setup
adminApp.set('views', path.join(__dirname, 'views/admin'));
adminApp.set('view engine', 'pug');
// Tell express to use the body-parser middleware and to not parse extended bodies
adminApp.use(bodyParser.urlencoded({ extended: true }));
adminApp.use(bodyParser.json());
const AdminUser = mongoose.model('AdminUser');
adminPass.use(AdminUser.createStrategy());
adminPass.serializeUser(AdminUser.serializeUser());
adminPass.deserializeUser(AdminUser.deserializeUser());
adminApp.use(
cookieSession({
maxAge: 30 * 24 * 60 * 60 * 1000,
keys: [keys.adminCookieKey]
})
);
adminApp.use(adminPass.initialize());
adminApp.use(adminPass.session());
adminApp.use(express.static('public'));
require('./routes/adminRoutes')(adminApp);
adminApp.listen(5001, function(err) {
if (err) {
console.log(err);
}
console.log('Admin server started on port 5001');
});
// app.use(cors());
// View engine setup
app.set('views', path.join(__dirname, 'views'));
app.set('view engine', 'pug');
// Tell express to use the body-parser middleware and to not parse extended bodies
app.use(bodyParser.urlencoded({ extended: true }));
app.use(bodyParser.json());
const User = mongoose.model('User');
appPass.use(User.createStrategy());
appPass.serializeUser(User.serializeUser());
appPass.deserializeUser(User.deserializeUser());
app.use(
cookieSession({
maxAge: 30 * 24 * 60 * 60 * 1000,
keys: [keys.cookieKey]
})
);
app.use(appPass.initialize());
app.use(appPass.session());
app.use(express.static('public'));
require('./routes/authRoutes')(app);
require('./routes/portalRoutes')(app);
require('./routes/apiRoutes')(app);
if (process.env.NODE_ENV === 'production') {
// Express will serve up production assets
// like our main.js file, or main.css file!
app.use(express.static('client/build'));
// Express will serve up the index.html file
// if it doesn't recognize the route
app.get('*', (req, res) => {
res.sendFile(path.resolve(__dirname, 'client', 'build', 'index.html'));
});
}
const PORT = process.env.PORT || 5000;
app.listen(PORT, function(err) {
if (err) {
console.log(err);
}
console.log('Server started on port 5000');
});
module.exports = {
adminPass: adminPass,
appPass: appPass
};
var Index = require('../index');
var admin = require('../controllers/AdminController.js');
module.exports = app => {
// route to admin dashboard page
app.get('/adminDB', admin.adminDB);
// route to admin login page
app.get('/adminLogin', admin.adminLogin);
// route for admin login action
app.post(
'/adminLogin',
Index.adminPass.authenticate('local'),
admin.adminDoLogin
);
// route for admin logout action
app.get('/adminLogout', admin.adminLogout);
};
当我运行此命令时,我得到一个错误,即
身份验证无法在未定义的上调用。也许我离正确的解决方案还有很远的路要走,但我不知道如何使用前面的方法解决req.user
问题。是否有人知道如何实现多租户,最好只使用一个ExpressJS应用程序?这看起来非常复杂;与更传统的访问控制方案相比,您认为这样做有什么好处?@Paul by access control scheme,您的意思是在用户模型中添加角色属性吗?我不想使用相同的用户模型,因为应用程序用户的属性链接到AdminUser没有的其他模型。一个人通常如何为一个站点实现一个管理门户呢?通常我看到这样做是通过将登录名(身份)从配置文件(用户属性)中分离出来的。因此,登录只是直接与身份验证和授权类型相关的信息(角色可能是另一个与登录/身份完全相关的模型)。或者,您也可以使用来统一查找,同时维护不同的模式。谢谢,分离属性绝对是最简单的解决方案。我采取了这种方法。