0

我被困住了。

带有 Passport 的 Featherjs 可以使用本地策略进行身份验证并且未启用会话吗?

当我启用会话时,第一个请求未获得授权,但第二个请求是因为使用了第一个请求中的 cookie。我不想使用 cookie。

我已经设置了我的代码,例如:

var hooks = require('feathers-hooks');
var bodyParser = require('body-parser');
var session = require('express-session');
var passport = require('passport');
var feathers = require('feathers');
var feathersPassport = require('feathers-passport');
var LocalStrategy = require('passport-local').Strategy;

var app = feathers();
var LocalStrategy = require('passport-local').Strategy;

passport.use(new LocalStrategy(function (username, password, done) {
    done(null, "userid here");
}));


//Use the id to serialize the user
passport.serializeUser(function (user, done) {
    done(null, user);
});

// Deserialize the user retrieving it form the user service
passport.deserializeUser(function (id, done) {
    done(null, "userid here");
});


var myService = {
    find: function (params, callback) {
        if (params.user) {
           console.log('yeh');
        }
        else {
            callback('not authorized', null);
        }
    }
};

// A shared session store must be provided.
//TODO This MemoryStore is not recommended for production
var store = new session.MemoryStore();

// Initialize the application
app.configure(feathers.rest())
    .configure(hooks())
    .configure(feathersPassport({
        secret: 'feathers-rocks',
        store: store
    }));

app.use(bodyParser.urlencoded({extended: true}));

app.use('/should/be/protected', passport.authenticate('local', {session: true}), myService);

app.listen(4000);
4

1 回答 1

1

羽毛护照实际上已被弃用。Feathers 绝对支持没有会话的身份验证(这实际上是它现在正式支持的全部)。有一个名为feathers-authentication 的新模块。您可能想查看http://docs.feathersjs.com/authentication/readme.html

于 2016-05-19T04:12:28.147 回答