PassportJS-自定义回调并将Session设置为false [英] PassportJS - Custom Callback and set Session to false
问题描述
是否可以使用自定义回调并禁用会话?在文档中,它显示了如何禁用会话和自定义回调,但是如何将它们组合在一起?
Is it possible to use custom callback and disable session? In the documentation it shows how to disable session and custom callbacks, but how do i combine them?
app.get('/login', function(req, res, next) {
passport.authenticate('local', function(err, user, info) {
if (err) { return next(err); }
if (!user) { return res.redirect('/login'); }
req.logIn(user, function(err) {
// I'm getting an error here
// [Error: Failed to serialize user into session]
if (err) { return next(err); }
return res.redirect('/users/' + user.username);
});
})(req, res, next);
});
推荐答案
请确保使用最新版本的passport(今天为0.2.1).
Please make sure you use newest version of passport (which is 0.2.1 for today).
请尝试将{ session: false }作为您的req.logIn()函数的第二个参数传递:
Please try passing { session: false } as a second parameter of your req.logIn() function:
app.get('/login', function (req, res, next) {
passport.authenticate('local', function (err, user, info) {
if (err) { return next(err); }
if (!user) { return res.redirect('/login'); }
req.logIn(user, { session: false }, function (err) {
// Should not cause any errors
if (err) { return next(err); }
return res.redirect('/users/' + user.username);
});
})(req, res, next);
});
原因:
乍看之下,在passport.authenticate()中传递{ session: false }似乎是合理的,因为此方法的源代码如下:
Reason:
At first glance, passing { session: false } in passport.authenticate() seems to be reasonable because sourcecode of this method looks like:
Authenticator.prototype.authenticate = function(strategy, options, callback) {
return this._framework.authenticate(this, strategy, options, callback);
};
因此它应该能够使用第二个参数.但是,如果您开始深入研究函数调用堆栈,您将意识到完全忽略了options参数的session属性.我的意思是,里面没有引用options.session
So it should be able to honor second parameter. But if you start to drill down the function call stack, you realize that session attribute of options parameter is being disregarded completely. I mean, there is no reference to options.session inside
this._framework.authenticate(this, strategy, options, callback);
功能.
因此,基本上,您想在req.logIn()函数中传递它.该函数的源代码如下:
So basically you want to pass it in req.logIn() function. Source code of this function is as follows:
req.logIn = function(user, options, done) {
if (!this._passport) throw new Error('passport.initialize() middleware not in use');
if (!done && typeof options === 'function') {
done = options;
options = {};
}
options = options || {};
var property = this._passport.instance._userProperty || 'user';
var session = (options.session === undefined) ? true : options.session;
this[property] = user;
if (session) { // HERE! It will not try to serialize anything if you pass {session: false}
var self = this;
this._passport.instance.serializeUser(user, function(err, obj) {
if (err) { self[property] = null; return done(err); }
self._passport.session.user = obj;
done();
});
} else {
done && done();
}
}
P.S.请考虑使用npm install [package-name] --save安装您的npm依赖项,而不是手动创建package.json. npm将自动获取最新的稳定版本.
P.S. Please consider installing your npm dependencies using npm install [package-name] --save instead of creating package.json manually. npm will automatically fetch newest stable version.
这篇关于PassportJS-自定义回调并将Session设置为false的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
