koa,护照-http策略:基本身份验证无效
koa,护照-http策略:基本身份验证无效
提问于 2015-12-25 23:10:43
我想不出如何使koa与基本身份验证一起工作。我对当地的策略没有异议。所以我想我可以很容易地实现基本需求。我的主页是一个表单,它发布到/login路由。
这是auth.js:
'use strict';
let passport = require('koa-passport'),
co = require('co'),
monk = require('monk'),
wrap = require('co-monk'),
db = monk('localhost/test'),
users = wrap(db.get('users'));
function *getUser(username, password) {
let user = yield users.findOne({username: username, password: password});
return user;
};
passport.serializeUser(function(user, done) {
done(null, user._id)
})
passport.deserializeUser(function(id, done) {
done(null, id)
})
let BasicStrategy = require('passport-http').BasicStrategy
passport.use(new BasicStrategy(function(username, password, done) {
co(function *(next) {
try {
return yield getUser(username, password);
} catch (ex) {
console.log('error: ', ex);
return null;
}
}).then(function(user) {
done(null, user);
});
}));这是server.js:
/* jshint node: true */
'use strict';
let koa = require('koa');
let app = koa();
// sessions
let session = require('koa-generic-session');
app.keys = ['your-session-secret'];
app.use(session());
// body parser
let bodyParser = require('koa-bodyparser');
app.use(bodyParser());
// authentication
require('./auth');
let passport = require('koa-passport');
app.use(passport.initialize());
app.use(passport.session());
// append view renderer
let views = require('koa-render');
app.use(views('./views', {
map: { html: 'handlebars' },
cache: false
}))
// public routes
let router = require('koa-router');
let pub = new router();
pub.get('/', function*() {
this.body = yield this.render('login');
})
pub.post('/login',
passport.authenticate('basic', {
session: false
})
)
pub.get('/logout', function*(next) {
this.logout();
this.redirect('/');
})
app.use(pub.routes());
app.use(pub.allowedMethods());
app.use(function*(next) {
if (this.isAuthenticated()) {
yield next
} else {
this.redirect('/')
}
})
var secured = new router()
secured.get('/app', function*(next) {
this.body = yield this.render('app');
})
app.use(secured.routes());
app.use(secured.allowedMethods());
app.listen(3000);使用节点4.2.3 (以下是我使用的包版本):
"dependencies": {
"co": "^4.6.0",
"co-monk": "^1.0.0",
"handlebars": "^4.0.5",
"koa": "^1.1.2",
"koa-bodyparser": "^2.0.1",
"koa-generic-session": "^1.10.1",
"koa-passport": "^1.2.0",
"koa-render": "^0.2.1",
"koa-router": "^5.3.0",
"monk": "^1.0.1",
"passport-http": "^0.3.0"
}在我编译表单并张贴有效的登录表单后,我收到:
Request URL:http://localhost:3000/app
Request Method:GET
Status Code:302 Found
Remote Address:[::1]:300这只是一个示例,我知道密码应该被散列,但我只是想让它工作。任何想法都将受到极大的赞赏。提前感谢
回答 1
Stack Overflow用户
回答已采纳
发布于 2015-12-26 10:57:53
我找到了解决办法。甚至相当简单。寄给其他可能感兴趣的人。
只需评论:
// app.use(function*(next) {
// if (this.isAuthenticated()) {
// yield next
// } else {
// this.redirect('/')
// }
// });并将安全路线更改为:
secured.get('/app', passport.authenticate('basic', {
session: false}), function*(next) {
this.body = yield this.render('app');
});这样,每当您尝试访问受保护的路由时,都会调用auth中间件。
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/34467219
复制相关文章
相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号