我正在使用 passport.js 进行身份验证。似乎在成功认证后,passport 不会调用next(),所以我的 Express 路由永远不会执行。对于我实施的两种身份验证策略,我都看到了这种行为。
应用程序.js
app.use(passport.initialize());
passport.use(authentication.local);
passport.use(authentication.bearer);
routes.setup(app, passport);
路由.js
function setup (app, passport) {
// routes.authentication.token not called, despite successful authentication.
app.post('/authentication/token', passport.authenticate('local'),
routes.authentication.token);
}
身份验证.js
var local = new LocalStrategy(
{
usernameField: 'email',
passwordField: 'password'
},
function (email, password, done) {
var user = new User({ email: email });
user.fetch({
success: function (user) {
if (bcrypt.compareSync(password, user.get('encryptedPassword'))) {
// This line shows in the console, but the route after is never executed.
console.log("LocalStrategy success!");
done(null, user); // Tell passport we have success.
} else {
done(null, false, { message: 'The password given was incorrect.' });
}
},
error: function (err) {
done(null, false, { message: 'The email address (' + email + ') does not belong to any user.' });
}
});
}
);
更新
这是该问题的单文件复制,可能比上面不完整的多文件问题更容易理解:
// ----------------------------------------------------------------------------
// Environment/Configuration
// ----------------------------------------------------------------------------
var config = require('./lib/config');
var environment = process.env.NODE_ENV || 'development';
config.load(__dirname + '/config/environment', environment);
config.loadDev(__dirname + '/config/environment', environment);
// ----------------------------------------------------------------------------
// Requirements
// ----------------------------------------------------------------------------
var express = require('express')
, passport = require('passport')
, bcrypt = require('bcrypt')
, LocalStrategy = require('passport-local').Strategy
, User = require('./app/models/user');
// ----------------------------------------------------------------------------
// HTTP Server
// ----------------------------------------------------------------------------
var app = express();
// ----------------------------------------------------------------------------
// Middleware
// ----------------------------------------------------------------------------
app.use(express.bodyParser());
app.use(express.methodOverride());
app.use(app.router);
app.use(passport.initialize());
passport.use(new LocalStrategy(
{
usernameField: 'email',
passwordField: 'password'
},
function (email, password, done) {
console.log("Authenticating user.", email, password);
var user = new User({ email: email });
user.fetch({
success: function (user) {
if (bcrypt.compareSync(password, user.get('encryptedPassword'))) {
// This log statement shows in the console.
console.log("LocalStrategy success!");
done(null, user);
} else {
done(null, false, { message: 'The password given was incorrect.' });
}
},
error: function (err) {
console.log('LocalStrategy failure!');
done(null, false, { message: 'The email address (' + email + ') does not belong to any user.' });
},
complete: function (user, res) {
console.log(res);
}
});
}
));
app.post('/authentication/token', passport.authenticate('local'), function (req, res, next) {
// This line is never reached.
console.log('I\'m authenticated!');
});
// ----------------------------------------------------------------------------
// Boot
// ----------------------------------------------------------------------------
app.listen(process.env.PORT);
console.log('Server started on port: %d', process.env.PORT);