Express.js Passport身份validation会自动跳过策略

UPDATE

我已经从护照本地注册内部的代码移动到一个单独的处理程序,它运行良好。 问题在于Passport和本地注册的用法,但我不知道为什么。


我有一个设置与Node.js(Express)+护照进行身份validation和注册。 这是以前使用过的标准程序,但似乎不起作用。 护照注册立即进入failureRedirect。 主要的问题是代码没有击中任何的console.log()语句,因此我认为它甚至不处理第一个请求,并自动失败。 任何想法为什么或如何debugging?

cmd日志:

POST /register 302 4ms - 58b GET / 304 2ms GET /css/bootstrap.css 304 1ms GET /css/main.css 304 1ms GET /javascript/chart.js 304 2ms GET /javascript/bootstrap.js 304 2ms GET /javascript/index.js 304 2ms 

index.html表单:

  <form class="form-register" name="register-form" method="post" action="/register" data-name="register Form" enctype="application/x-www-form-urlencoded"> <div class="ARegistration" style="display:none;"> <input type="email" id="txtOnceEmail" class="form-control" style="width:300px; display:block;" placeholder="One use Email Address" name="AEmail"> <br /> <input type="text" id="txtCodeName" class="form-control" style="width: 200px; display:block;" placeholder="Code Name" name="CodeName"> <br /> <input type="number" id="txtSecretCodeLength" value="10" class="form-control" style="width: 200px; display:block;" placeholder="Secret Code Length" name="SecretCodeLength"> <br /> <textarea id="txtaXInfo" class="form-control" placeholder="Any info" name="aXInfo"></textarea> <button class="btn btn-info btn-xs">Register</button> </div> </form> 

路线:

  app.post('/register', passport.authenticate('local-signup', { successRedirect : '/', // redirect to the secure profile section failureRedirect : '/', // redirect back to the signup page if there is an error failureFlash : true // allow flash messages })); 

护照本地注册:

 // ========================================================================= // LOCAL SIGNUP ============================================================ // ========================================================================= passport.use('local-signup', new LocalStrategy({ // by default, local strategy uses username and password, we will override with email usernameField: 'email', passwordField: 'password', passReqToCallback: true // allows us to pass in the req from our route (lets us check if a user is logged in or not) }, function (req, email, password, done) { // asynchronous process.nextTick(function () { // check if the user is already logged in if (!req.user) { console.log("step1"); User.findOne({ $or: [{ 'valid.email': email }, { 'emailList': email }] }, function (err, user) { // if there are any errors, return the error if (err) return done(err); // check to see if theres already a user with that email if (user) { console.log("step2"); return done(null, false, req.flash('signupMessage', 'That email is already taken.')); } else { console.log("step5"); newUser.anonym.CodeName = req.body.CodeName; newUser.anonym.extraInfo = req.body.aXInfo; newUser.emailList.push(req.body.AEmail); //Generate random string var rString = null; var goOn = false; while (!goOn) { console.log("step6"); rString = randomString(req.body.SecretCodeLength, charSet); User.findOne({ 'emailList': rString }, function (err, user) { // if there are any errors, return the error if (err){ console.log(err); return done(err);} // check to see if theres already a user with that email if (!user) { goOn = true; } }); } console.log("step7"); newUser.anonym.secretCode = rString; rString = null; newUser.save(function (err) { if (err) throw err; return done(null, newUser); }); } // } }); } else { console.log('test5'); } }); })); 

testing它也使用angular.js执行职位,但问题仍然存在。 这绝对是护照的东西。

       

网上收集的解决方案 "Express.js Passport身份validation会自动跳过策略"

问题在这里:

 passport.use('local-signup', new LocalStrategy({ // by default, local strategy uses username and password, we will override with email usernameField: 'email', passwordField: 'password', passReqToCallback: true // allows us to pass in the req from our route (lets us check if a user is logged in or not) 

},

如果emailpassword不提供护照只是自动失败。 我想一些文件将是有用的!

如果您在新的LocalStrategy未标识usernameField ,则会默认将用户username保存在用户username ,如此处所述。

这个策略在函数之前使用一个可选的选项散列,例如new LocalStrategy({/* options */, callback})

可用的选项是:

  • usernameField – 可选,默认为username
  • passwordField – 可选,默认为password

这两个字段定义发送到服务器的POST正文中的属性的名称。