Passport.js多种反序列化方法 [英] passport.js multiple de/serialize methods

问题描述

我正在建立一个由两部分组成的登录系统.用户将登录到主帐户 Account 模型的位置，此帐户将拥有对许多团队 Team 模型的访问权限，并且每个帐户每个团队最多可以有1个用户用户模型.问题是我可以使用护照定义 Account 登录策略，但是我只能使用 Account 模型进行序列化和反序列化，但是当我想要重定向或登录时帐户以及与 Team 有关的 User 特定数据我无法使用护照进行记录.我需要一些想法或解决方案，也许有一些我可以使用的护照策略.PS:将其视为松弛的登录系统之类的工作，主帐户(电子邮件)可以容纳多个团队或聊天组，每个团队或聊天组都有特定的详细信息.

解决方案

如果我正确地理解了您的需求，我相信您有两个选择-注册多个(反)序列化器，或在(反)序列化实现中添加更多逻辑./p>

虽然没有真正记载，但是您可以注册多次序列化和反序列化函数.如果第一个函数不成功，则应调用 done('pass'); 使执行继续到下一个(反)序列化器.(请注意，这些代码示例就不在我的脑海中了):

  passport.deserializeUser((obj，done)=> {Account.deserialize(obj).then((account)=> done(null，account)).catch((err)=> done('pass'));});password.deserializeUser((obj，done)=> {User.deserialize(obj).then((user)=> done(null，user))}); 

您不仅限于使用您选择的ORM/ODM的显然内置的(反)序列化.因此，您可以在序列化功能中执行所需的任何自定义逻辑.例如，在序列化中将模型实例ID和类型放入对象中，并在反序列化时使用它们.

  passport.serializeUser((obj，done)=> {如果(帐户的instance instance){done(null，{id:obj.id，类型:'Account'});} 别的 {done(null，{id:obj.id，类型:'User'});}});password.deserializeUser((obj，done)=> {如果(obj.type ==='帐户'){Account.get(obj.id).then((account)=> done(null，account));} 别的 {User.get(obj.id).then((user)=> done(null，user));}}); 

I'm building a 2 parts login system. Where the a user will login to a main account Account model, this account will hold access to many teams Team model, and an account can have 1 user per team User model. The problem is that I can define an Account login strategy with passport but I will only be able to serialize and deserialize using Account model, but when I want to redirect or login the Account with their User specific data related to a Team I can't log them using passport. I need some ideas or solutions, maybe there's some passport strategy out there I could use. PS: think of this like a slack login system kind of works, main account (email) can hold multiple teams or chat groups with speific details on each.

解决方案

If I understood your need correctly I believe you have two options - register multiple (de)serializers, or put more logic into your (de)serialization implementations.

While not really documented, you can register multiple serialize and deserialize functions. If the first function is not successful it should call done('pass'); to have the execution continue to the next (de)serializer, eg. (note that the code examples are just off the top of my head):

passport.deserializeUser((obj, done) => {
  Account.deserialize(obj)
    .then((account) => done(null, account))
    .catch((err) => done('pass'));
});

passport.deserializeUser((obj, done) => {
  User.deserialize(obj).then((user) => done(null, user))
});

You are not limited to using the apparently builtin (de)serialization of the ORM/ODM of your choice. Thus you can do any custom logic you need in the serialization functions. For example, put the model instance ID and type into an object in serialization, and use them when deserializing.

passport.serializeUser((obj, done) => {
  if (obj instanceof Account) {
    done(null, { id: obj.id, type: 'Account' });
  } else {
    done(null, { id: obj.id, type: 'User' });
  }
});

passport.deserializeUser((obj, done) => {
  if (obj.type === 'Account') {
    Account.get(obj.id).then((account) => done(null, account));
  } else {
    User.get(obj.id).then((user) => done(null, user));
  }
});

这篇关于Passport.js多种反序列化方法的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！