使用护照.js登录后未创建会话 [英] session not create after login using passport .js

问题描述

我使用console.log(user.id)进行序列化，当我登录时显示用户ID，但是在浏览器中当我进入应用程序时，会话存储为空.它没有显示任何键和值

i use console.log(user.id) in serialize it show user id when i login but in browser when i go in application, session storage is empty. it not show any key and value

Passport.js

Passport.js

const LocalStrategy = require('passport-local').Strategy

const mongoose = require('mongoose')

const bcrypt = require('bcrypt')

const User = require('../models/User')

module.exports = function(passport) {

    passport.use("local",

        new LocalStrategy({usernameField:"email"}, (email, password, done)=>{

            User.findOne({email:email})

                .then(user=>{

                    if(!user){

                        return done(null, false,{message:"That email is not registered"})

                    }

                    bcrypt.compare(password, user.password, (err, isMatch)=>{

                        if(err) throw err

                        if(isMatch){

                            return done(null, user)

                        }else {

                            return done (null, false,{message:"password incorrect"})

                        }
                    })
                })

                .catch(err=>console.log(err))

        })
    )

    passport.serializeUser(function (user, done) {

        done(null, user.id)

    })
    passport.deserializeUser(function (id, done) {

        User.findById(id, function (err, user) {

            done(err, user)

        })
    })
}

Login.js

router.post('/login', function(req, res, next) {

    passport.authenticate('local', function(err, user, info) {

        if (err){

            return next(err);

        }
        if (!user) {

            return res.redirect('/login');

        }

        req.logIn(user, function(err) {

            if (err) { return next(err); }

            req.session.isLoggedIn = true

            req.session.user = user

            req.session.save(err=>{

                console.log(err)

                return res.redirect('/');
            })

        });

    })
(req, res, next);
});

app.js

const session = require('express-session')

const passport = require("passport");

require('./config/passport')(passport)

app.use(bodyParser.urlencoded({extended : false}))

//express session

app.use(session({

    secret:'secret',

    resave: false,

    saveUninitialized: true,

}))

app.use(passport.initialize())

app.use(passport.session())

推荐答案

在connect.sid下的application/cookie中，第一部分是会话ID，第二部分是护照为序列化添加的内容，如果您删除Cookie，除非您使用中间件来限制仅在登录后才能访问页面，否则您不会发现任何区别

You will find in application/cookies under connect.sid the first part of it is the session id and the second part is what passport adds for serialization, if you delete the cookie you won't notice any difference unless you use a middleware to restrict access to the page only when you are logged in

这篇关于使用护照.js登录后未创建会话的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！