Passport和Passport Local req.isAuthenticated始终返回false [英] Passport and Passport Local req.isAuthenticated always returns false

问题描述

我无法一直追踪下去，但是对于我的设置，即使成功登录后， isAuthenticated 始终返回false。这是护照代码：

I haven't been able to track this down, but for my set up, isAuthenticated always returns false even after a successful login. Here's the passport code:

req.isAuthenticated = function() {
  var property = 'user';
  if (this._passport && this._passport.instance._userProperty) {
    property = this._passport.instance._userProperty;
  }

  return (this[property]) ? true : false;
};

但是快速浏览一下，我看不到 _userProperty 地方策略中的任何地方（抱歉，如果我不够努力的话），所以我想这可能就是为什么它总是返回false的原因。

But in a quick look around I don't see the _userProperty proeprty anywhere in the local strategy (sorry if I didn't look hard enough), so I suppose that might be why it's always returning false?

我会留下我的应用程序代码的代码示例，但是我觉得快速查看进行中的工作的回购可能更容易：
> api api令牌lesssession

I'd leave a code sample of my application code, but I feel it's probably easier to have a quick look at the repo for my work in progress: passport api token sessionless

最终，我的目标是已使该样板项目的注销工作正常（当前尚不成功）。

Ultimately, my goal is to have logout work properly for that boilerplate project (which it currently it doesn't).

推荐答案

如果我的原始问题不是很抱歉，首先很有用，但是...

Apologies if my original question is not that useful in the first place, but...

我发现我的护照，本地护照和本地猫鼬的组合是一个简单的解决方案在我的猫鼬模式上创建一个无效方法拥有 passportLocalMongoose 已插入，当我的 / logout 路由被点击时，我实际上删除了该用户的令牌。这就是这种方法：

I found that my combination of passport, passport-local, and passport-local-mongoose, a solution was to simply create an invalidation method on my mongoose Schema (that has the passportLocalMongoose "plugged in", and when my /logout route gets hit I essentially remove that user's token. Here's that method:

Account.statics.invalidateUserToken = function(email, cb) {
    var self = this;
    this.findOne({email: email}, function(err, usr) {
        if(err || !usr) {
            console.log('err');
        }
        usr.token = null;
        usr.save(function(err, usr) {
            if (err) {
                cb(err, null);
            } else {
                cb(false, 'removed');
            }
        });
    });
};

我认为在上下文中看到它会更有趣，因此请再次参考列出的回购协议有问题的...希望这对某人有帮助。

I presume it's more interesting to see this in context so again please feel free to refer to the repo listed in question...hope this helps someone.

此外，如果上述库之一的核心想提出一个更好的方法，我当然愿意重构我的代码使其变得惯用；如果没有，这种方法似乎行得通。

Also, if a core from one of the aformentioned libs wants to suggest a better way I'd of course love to refactor my code to make it idiomatic; if not, this approach seemed to work.

这篇关于Passport和Passport Local req.isAuthenticated始终返回false的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！