Passport.js身份验证失败时发送回JSON响应 [英] Sending back a JSON response when failing Passport.js authentication
问题描述
我正在将Node.js
用作iPhone客户端的后端API服务器.我正在使用Passport.js
与local strategy
进行身份验证.相关代码如下:
I'm using Node.js
as a backend API server for an iPhone client. I'm using Passport.js
to authenticate with a local strategy
. The relevant code is below:
// This is in user.js, my user model
UserSchema.static('authenticate', function(username, password, callback) {
this.findOne({ username: username }, function(err, user) {
if (err){
console.log('findOne error occurred');
return callback(err);
}
if (!user){
return callback(null, false);
}
user.verifyPassword(password, function(err, passwordCorrect){
if (err){
console.log('verifyPassword error occurred');
return callback(err);
}
if (!passwordCorrect){
console.log('Wrong password');
return callback(err, false);
}
console.log('User Found, returning user');
return callback(null, user);
});
});
});
和
// This is in app.js
app.get('/loginfail', function(req, res){
res.json(403, {message: 'Invalid username/password'});
});
app.post('/login',
passport.authenticate('local', { failureRedirect: '/loginfail', failureFlash: false }),
function(req, res) {
res.redirect('/');
});
现在,我设法将失败的登录重定向到/loginfail,在其中我将一些JSON发送回iPhone客户端.但是,这没有足够的粒度.我希望能够将适当的错误发送回iPhone客户端,例如:找不到用户"或密码错误".使用我现有的代码,我看不到如何实现此目标.
Right now, I have managed to redirect a failed login to /loginfail, where I send back some JSON to the iPhone client. However, this doesnt have enough granularity. I want to be able to send back the appropriate errors to the iPhone client, such as: "No user found" or "Password is wrong". With my existing code, I don't see how this can be accomplished.
我尝试按照示例进行操作,在passport.js网站上进行了自定义回调,但是由于缺乏节点理解,所以我无法使其正常工作.如何修改我的代码,以便能够发送带有适当错误代码/消息的res.json?
I tried to follow the examples for a custom callback on the passport.js site, but I just cant get it to work due to lack of node understanding. How could I modify my code so that I'd be able to send back a res.json with an appropriate error code/message?
我现在正在尝试类似的事情:
I am trying something like this now:
// In app.js
app.post('/login', function(req, res, next) {
passport.authenticate('local', function(err, user, info) {
if (err) { return next(err) }
if (!user) {
console.log(info);
// *** Display message without using flash option
// re-render the login form with a message
return res.redirect('/login');
}
console.log('got user');
return res.json(200, {user_id: user._id});
})(req, res, next);
});
// In user.js
UserSchema.static('authenticate', function(username, password, callback) {
this.findOne({ username: username }, function(err, user) {
if (err){
console.log('findOne error occurred');
return callback(err);
}
if (!user){
return callback(null, false);
}
user.verifyPassword(password, function(err, passwordCorrect){
if (err){
return callback(err);
}
if (!passwordCorrect){
return callback(err, false, {message: 'bad password'});
}
console.log('User Found, returning user');
return callback(null, user);
});
});
});
但是回到当我尝试console.log(info)时,它只是说未定义.我不知道如何使此自定义回调正常工作...任何帮助将不胜感激!
But back when I try to console.log(info), it just says undefined. I don't know how to get this custom callback working...Any help would be appreciated!
推荐答案
我相信您的身份验证"静态调用(在您的代码中称为回调")的回调函数接受第三个参数-"info"-您的代码可以提供.然后,而不是传入{failureRedirect:...}对象,而是传入一个带有3个参数的函数-err,user和info.您在authenticate方法中提供的信息"将传递给此回调.
I believe the callback function that your 'authenticate' static calls (called 'callback' in your code) accepts a 3rd parameter - "info" - which your code can provide. Then, instead of passing in the { failureRedirect: ...} object, pass in a function which takes 3 arguments - err, user, and info. The "info" you provided in your authenticate method will be passed to this callback.
Passport将此情况称为自定义回调".在这里查看文档: http://passportjs.org/guide/authenticate/
Passport calls this scenario "custom callback". See the docs here: http://passportjs.org/guide/authenticate/
这篇关于Passport.js身份验证失败时发送回JSON响应的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!