Node Passport邀请策略 [英] Node Passport invitation strategy

问题描述

我正在创建一个多用户应用，其中只有管理员可以通过邀请添加新用户.我查看了Passport，但没有找到一种实施邀请策略"的方法(类似于RoR中的Devise)；有什么想法吗?

I’m creating a multi-user app where only the admin can add new users through an invitation. I looked at Passport but I don’t see a way to implement a kind of "invitation strategy" (similar to Devise in RoR); any ideas ?

推荐答案

此策略是您对某人进行身份验证的方式，其中邀请涉及用户的注册方式.这是您应用程序中需要关注的两个不同领域.

The Strategy is how you authenticate someone, where Invitations are about how users register. They're two different areas of concern in your app.

我要做的是由管理员创建邀请，依此类推，当用户单击其邀请的链接时，中间件不受Passport的限制，但是我验证令牌是正确的(是否有). t过期等)，然后将其定向到可以设置密码的页面.

What I do is have the Invitation be created by the admin and so on, and when the user clicks on the link to their invitation the middleware isn't restricted by Passport, but I verify that the token is correct (hasn't expired, etc), and then direct them to a page where they can set their password.

根据我想要的用户体验，我通常将邀请设置为与用户不同的实际模型，因此在该人接受邀请之前，没有用户模型实例，但是如果您不希望额外"对象，您始终可以将用户密码设置为某个随机字符串，然后让他们将其重置为注册的一部分.

Depending on the user experience I want, I normally have the invitation be an actual separate model from the User, so that there's no user model instance until the person accepts the invitation, but if you don't want the 'extra' object, you can always set the user password to some random string and then let them reset it as part of the registration.

这篇关于Node Passport邀请策略的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！