当用户重置密码时,您需要代表用户对用户进行身份验证。
代码看起来像这样
app.post('/resetpassword', function(req, res, next) {
/*
code to reset the password
*/
// append username and new password to req.body
// assuming passport still uses username and password as field indicator
req.body.username= "user_name";
req.body.password= "user_new_password";
passport.authenticate('local', function(err, user, info) {
if (err) { return next(err); }
if (!user) { return res.sendStatus(401); }
// it is your responsibility to establish the session
req.logIn(user, function(err) {
if (err) { return next(err); }
return res.rediect("to_users_dashboard_path");
});
})(req, res, next);
});
注意:在使用自定义回调时,建立会话是应用程序的责任,请参阅自定义回调