多次刷新时未定义的NodeJS Express req[user]
多次刷新时未定义的NodeJS Express req[user]
提问于 2017-02-22 14:16:33
我的问题类似于使用快速版本4.14.0的this.I am,并且我已经使用.I模块实现了OAuth2 SSO。为了从成功登录的刷新令牌中获得新的访问令牌,我使用"passport-oauth2-refresh"模块。这些模块没有问题。一切都如期而至。但问题在于request.user对象。下面是我的代码
var express = require('express');
var async = require('async');
var cookieParser = require('cookie-parser');
var request = require('request');
var passport = require('passport');
var OAuth2Strategy = require('passport-ping').Strategy;
var refresh = require('passport-oauth2-refresh');
var session = require('express-session');
var bodyParser = require('body-parser');
var Client = require('node-rest-client').Client;
var client = new Client();
var _outputpath = "/build",
_templatePath = "./templates";
var app = express();
app.use(express.static(__dirname + "/"));
app.use(cookieParser());
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: true }));
app.use(session({
secret: "session secret",
resave: true,
saveUninitialized: true
}));
app.use(passport.initialize());
app.use(passport.session());
var port = process.env.port || 8080;
// Allow cross orgin
app.all('*', function (req, res, next) {
res.setHeader('Access-Control-Allow-Origin', '*');
res.setHeader('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE');
res.setHeader('Access-Control-Allow-Headers', 'Origin, Content-Type, X-Auth-Token');
res.setHeader('Access-Control-Allow-Credentials', true);
if (req.method === 'OPTIONS') {
res.status(200);
res.end();
} else {
next();
}
});
passport.serializeUser(function (user, done) {
done(null, user);
});
passport.deserializeUser(function (id, done) {
done(null, id);
});
var strategy = new OAuth2Strategy({
authorizationURL: 'xxx',
tokenURL: 'xxx',
clientID: 'xxx',
clientSecret: 'xxx',
callbackURL: 'http://localhost:8080'
},
function (accessToken, refreshToken, profile, done) {
done(null, { accessToken: accessToken, refreshToken: refreshToken });
}
);
passport.use('oauth-provider', strategy);
refresh.use('oauth-provider', strategy);
var isAuthenticated = function (req, res, next) {
if (req.isAuthenticated()) {
return next();
} else {
res.redirect('/');
}
}
/***************** GET BASE PAGE ************/
app.get('/guide', isAuthenticated, function (req, res) {
async.series({
one: function (callback) {
newAccessToken(req, res, true, function (reqQuery) {
var _reqQuery = reqQuery;
res.cookie('userAccessToken', req["user"].refreshToken, { maxAge: 1 * 24 * 3600000, httpOnly: false });
res.sendFile(__dirname + _outputpath + '/index.html');
callback(null, req["user"]);
})
},
two: function (callback) {
callback(null, 2);
}
},
function (err, results) {
console.log('Completed Guide Page');
});
});
app.get('/', passport.authenticate('oauth-provider', {
successRedirect: '/guide',
failureRedirect: '/error',
pfidpadapterid: 'OAuthAdapterCCDS'
})
);
function newAccessToken(req, res, isParent, callback) {
refresh.requestNewAccessToken('oauth-provider', req["user"].refreshToken, function (err, accessToken, refreshToken) {
var expireAccessToken = new Date();
expireAccessToken.setMinutes(expireAccessToken.getMinutes() + 59);
req["user"].refreshToken = refreshToken;
req["user"].accessToken = accessToken;
req["user"].accessTokenTime = new Date();
req["user"].expireAccessToken = expireAccessToken;
callback(req);
});
}
/***************** START THE SERVER ************/
app.listen(port, function () {
console.log('Server started & listening on port: ' + port);
});在成功登录时,OAuth2Strategy done函数将在req.user中添加以下对象。
{ accessToken: accessToken, refreshToken: refreshToken }对于每个请求,我都使用newAccessToken函数来获得刷新令牌的新访问令牌,并手动使用新的访问令牌和刷新令牌更新req.user对象,如下所示。是否有更好的方法来更新req"user“
req["user"].refreshToken = refreshToken;
req["user"].accessToken = accessToken;
req["user"].accessTokenTime = new Date();
req["user"].expireAccessToken = expireAccessToken;如果用户从浏览器中连续点击刷新,我将获得未定义的req.user。尝试过一些东西,通过论坛,但它的力量发挥作用。任何帮助都是非常感谢的。
回答 1
Stack Overflow用户
回答已采纳
发布于 2017-03-01 07:17:57
在获得新的访问令牌时,我必须正确地处理错误。我更改了新的访问令牌函数,如下所示
function newAccessToken(req, res, isParent, callback) {
refresh.requestNewAccessToken('oauth-provider', req["user"].refreshToken, function (err, accessToken, refreshToken) {
var expireAccessToken = new Date();
expireAccessToken.setMinutes(expireAccessToken.getMinutes() + 59);
req["user"].refreshToken = refreshToken;
req["user"].accessToken = accessToken;
req["user"].accessTokenTime = new Date();
req["user"].expireAccessToken = expireAccessToken;
callback(req);
});
}页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/42394002
复制相关文章
相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号