我是新来的,想要为网站建立本地身份验证.我经历了各种来源,这个
https://vickev.com/#!/article/authentication-in-single-page-applications-node-js-passportjs-angularjs是非常有帮助的.当我尝试在本地主机中构建相同的代码时,我的代码进入了一个循环.
app.post(‘/ login’,…..)在响应中返回用户,但在加载管理页面之后,它将检查用户是否通过调用app.get(‘/ loggedin’)登录. ..)和req.isAuthenticated()即使在登录后也返回false,它进入一个循环.我不明白为什么这是发生在帮助我.
服务器端代码
var express = require('express'); var http = require('http'); var path = require('path'); var passport = require('passport'); var LocalStrategy = require('passport-local').Strategy; //================================================================== // Define the strategy to be used by PassportJS passport.use(new LocalStrategy( function(username,password,done) { if (username === "admin" && password === "admin") // stupid example return done(null,{name: "admin"}); return done(null,false,{ message: 'Incorrect username.' }); } )); // Serialized and deserialized methods when got from session passport.serializeUser(function(user,done) { done(null,user); }); passport.deserializeUser(function(user,user); }); // Define a middleware function to be used for every secured routes var auth = function(req,res,next){ if (!req.isAuthenticated()) res.send(401); else next(); }; //================================================================== // Start express application var app = express(); // all environments app.set('port',process.env.PORT || 3000); app.use(express.favicon()); app.use(express.cookieParser()); app.use(express.bodyParser()); app.use(express.methodOverride()); app.use(express.session({ secret: 'securedsession' })); app.use(passport.initialize()); // Add passport initialization app.use(passport.session()); // Add passport initialization app.use(app.router); app.all('*',function(req,next) { res.header("Access-Control-Allow-Origin","*"); res.header("Access-Control-Allow-Headers","Origin,X-Requested-With,Content-Type,Accept"); next(); }); // development only if ('development' == app.get('env')) { app.use(express.errorHandler()); } //================================================================== // routes app.get('/',res){ res.render('index',{ title: 'Express' }); }); app.get('/users',auth,res){ res.send([{name: "user1"},{name: "user2"}]); }); //================================================================== //================================================================== // route to test if the user is logged in or not app.get('/loggedin',res) { res.send(req.isAuthenticated() ? req.user : '0'); }); // route to log in app.post('/login',passport.authenticate('local'),res) { res.send(req.user); }); // route to log out app.post('/logout',res){ req.logout(); res.send(200); }); //================================================================== http.createServer(app).listen(app.get('port'),function(){ console.log('Express server listening on port ' + app.get('port')); });
客户端Js文件
'use strict'; /********************************************************************** * Angular Application **********************************************************************/ var app = angular.module('app',['ngResource','ngRoute']) .config(function($routeProvider,$locationProvider,$httpProvider) { //================================================ // Check if the user is connected //================================================ var checkLoggedin = function($q,$timeout,$http,$location,$rootScope){ // Initialize a new promise var deferred = $q.defer(); // Make an AJAX call to check if the user is logged in $http.get('http://localhost:3000/loggedin').success(function(user){ // Authenticated if (user !== '0') $timeout(deferred.resolve,0); // Not Authenticated else { $rootScope.message = 'You need to log in.'; $timeout(function(){deferred.reject();},0); $location.url('/login'); } }); return deferred.promise; }; //================================================ //================================================ // Add an interceptor for AJAX errors //================================================ $httpProvider.responseInterceptors.push(function($q,$location) { return function(promise) { return promise.then( // Success: just return the response function(response){ return response; },// Error: check the error status to get only the 401 function(response) { if (response.status === 401) $location.url('/login'); return $q.reject(response); } ); } }); //================================================ //================================================ // Define all the routes //================================================ $routeProvider .when('/',{ templateUrl: 'views/main.html' }) .when('/admin',{ templateUrl: 'views/admin.html',controller: 'AdminCtrl',resolve: { loggedin: checkLoggedin } }) .when('/login',{ templateUrl: 'views/login.html',controller: 'LoginCtrl' }) .otherwise({ redirectTo: '/login' }); //================================================ }) // end of config() .run(function($rootScope,$http){ $rootScope.message = ''; // logout function is available in any pages $rootScope.logout = function(){ $rootScope.message = 'Logged out.'; $http.post('http://localhost:3000/logout'); }; }); /********************************************************************** * Login controller **********************************************************************/ app.controller('LoginCtrl',function($scope,$rootScope,$location) { // This object will be filled by the form $scope.user = {}; // Register the login() function $scope.login = function(){ $http.post('http://localhost:3000/login',{ username: $scope.user.username,password: $scope.user.password,}) .success(function(user){ // No error: authentication OK $rootScope.message = 'Authentication successful!'; $location.url('/admin'); }) .error(function(){ // Error: authentication Failed $rootScope.message = 'Authentication Failed.'; $location.url('/login'); }); }; }); /********************************************************************** * Admin controller **********************************************************************/ app.controller('AdminCtrl',$http) { // List of users got from the server $scope.users = []; // Fill the array to display it in the page $http.get('http://localhost:3000/users').success(function(users){ for (var i in users) $scope.users.push(users[i]); }); });