护照本地类型错误 [英] passport local type error

问题描述

我正在尝试在我的 Sails 项目中使用本地护照进行身份验证.在我的控制器中:

I'm trying to use passport-local for authentication in my Sails project. In my controller:

passport.authenticate('local', function(err, user, info) {

  if ((err) || (!user)) { res.json({message: 'Unable to authenticate'}); return; }

  req.login(user, function(err) {

    if (err) { res.json({message: 'Unable to login'}); console.log(err); return; }
    res.json({message: 'logging in'});

  });

})(req, res);

在配置文件中:

passport.use(new LocalStrategy(function(username, password, done) {

  User.findOneByUsername(username).done(function(err, user) {

    if (err) { return done(null, err); }
    if (!user) { return done(null, false, { message: 'Incorrect User' }); }

    bcrypt.compare(password, user.password, function(err, res) {

      if (err) { return done(null, err); }
      if (!res) { return done(null, false, { message: 'Invalid Password'}); }

      return done(null, user);

    });
  });
}));

响应是无法登录".控制台输出为:[TypeError: Cannot read property 'id' of undefined]

The response is 'Unable to Login'. The console output is: [TypeError: Cannot read property 'id' of undefined]

我是通行证的新手，我不完全确定它在哪里失败，因为它似乎实际上是在找到用户，并在配置文件中成功比较密码(一些控制台日志似乎表明了这一点).但是 req.login 回调有一个错误，这意味着即使身份验证成功登录也失败.我不知道为什么我会收到这个错误.

I'm new to passport, and I'm not entirely sure where it's failing, since it seems to actually be finding the user, and comparing the passwords successfully in the config file (some console logs seem to indicate as much). But the req.login callback has an error, which means login is failing even though authentication is succeeding. I'm lost as to why I'm getting this error.

推荐答案

原来我是想比教程更聪明.教程是这样的:

Turns out I was trying to outsmart a tutorial. The tutorial is this one:

http://jethrokuan.github.io/2013/12/19/Using-Passport-With-Sails-JS.html

建议使用此护照设置:

passport.serializeUser(function(user, done) {
  done(null, user[0].id);
});

passport.deserializeUser(function(id, done) {
  User.findById(id, function (err, user) {
    done(err, user);
  });
});

passport.use(new LocalStrategy(
  function(username, password, done) {
    User.findByUsername(username).done(function(err, user) {
      if (err) { return done(null, err); }
      if (!user || user.length < 1) { return done(null, false, { message: 'Incorrect User'}); }
      bcrypt.compare(password, user[0].password, function(err, res) {
        if (!res) return done(null, false, { message: 'Invalid Password'});
        return done(null, user);
      });
    });
  })
);

但是正如您从上面的代码中看到的那样，我将其更改为 findOneByUsername，认为教程犯了一些错误.原来没有.错误消息所指的id"是我刚刚发布的代码的第二行，当用户是一个对象时，user[0] 是未定义的，与对象数组相反.

But as you can see from my code above, I changed that to findOneByUsername, thinking that the tutorial had made some mistake. Turns out it hadn't. The 'id' which the error message refers to is the second line of the code I've just posted, where user[0] is undefined when user is an object, as oppose to an array of objects.

然而，在评论中，作者声称他犯了一些错误，包括身份验证然后登录的可能冗余，这在护照文档中是矛盾的.在一个地方，文档推荐它，在另一个地方，他们说这完全没有必要.以及为什么我们要使用一个 ID 从数据存储中提取一堆用户，而在我看来应该只有一个 ID 似乎很愚蠢.

However, in the comments, the author claims he's made some mistakes, including the possible redundancy of authenticating then logging in, which is contradictory in the passport docs. In one place the docs recommend it, in another they say it's completely unnecessary. And why we'd want to pull out a bunch of users from the datastore using one id when there should only be one seems silly to me.

哦，好吧.

这篇关于护照本地类型错误的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！