了解护照序列化反序列化 [英] Understanding passport serialize deserialize

问题描述

您如何向外行解释 Passport 的序列化和反序列化方法的工作流程.

1. passport.serializeUser 被调用后，user.id 去哪里了?
   

2. 我们正在调用 passport.deserializeUser 在它适合工作流程的哪个位置之后?

   //用于为会话序列化用户护照.serializeUser(功能(用户，完成){完成(空，user.id)；//这个 user.id 去哪里了?我们应该在任何地方访问它吗?});//用于反序列化用户护照.deserializeUser(功能(ID，完成){User.findById(id, function(err, user) {完成(错误，用户)；});});

我仍在努力解决这个问题.我有一个完整的应用程序并且没有遇到任何类型的错误.

我只是想了解这里到底发生了什么?

感谢任何帮助.

解决方案

1. passport.serializeUser 被调用后 user.id 去哪里了?

用户 ID(您作为 done 函数的第二个参数提供)保存在会话中，稍后用于通过 deserializeUser 函数检索整个对象.

serializeUser 决定用户对象的哪些数据应该存储在会话中.serializeUser 方法的结果作为 req.session.passport.user = {} 附加到会话.例如，这里将是(因为我们提供用户 ID 作为密钥)req.session.passport.user = {id: 'xyz'}

<块引用>

2. 我们正在调用 passport.deserializeUser 在它适合工作流程的哪个位置之后?

deserializeUser 的第一个参数对应于提供给 done 函数的用户对象的键(参见 1.).所以你的整个对象是在那个键的帮助下检索的.这里的键是用户 ID(键可以是用户对象的任何键，即姓名、电子邮件等).在 deserializeUser 中，该键与内存数组/数据库或任何数据资源匹配.

获取的对象作为 req.user

附加到请求对象

视觉流

passport.serializeUser(function(user, done) {完成(空，user.id)；});│││└───────────────────┬──→ 保存到会话│ req.session.passport.user = {id: '..'}│↓护照.deserializeUser(功能(ID，完成){┌──────────────────┘│↓User.findById(id, function(err, user) {完成(错误，用户)；});└────────────────→ 用户对象作为 req.user 附加到请求});

How would you explain the workflow of Passport's serialize and deserialize methods to a layman.

1. Where does user.id go after passport.serializeUser has been called?
   

2. We are calling passport.deserializeUser right after it where does it fit in the workflow?

   // used to serialize the user for the session
   passport.serializeUser(function(user, done) {
       done(null, user.id); 
      // where is this user.id going? Are we supposed to access this anywhere?
   });
   
   // used to deserialize the user
   passport.deserializeUser(function(id, done) {
       User.findById(id, function(err, user) {
           done(err, user);
       });
   });
   

I'm still trying to wrap my head around it. I have a complete working app and am not running into errors of any kind.

I just wanted to understand what exactly is happening here?

Any help is appreciated.

解决方案

1. Where does user.id go after passport.serializeUser has been called?

The user id (you provide as the second argument of the done function) is saved in the session and is later used to retrieve the whole object via the deserializeUser function.

serializeUser determines which data of the user object should be stored in the session. The result of the serializeUser method is attached to the session as req.session.passport.user = {}. Here for instance, it would be (as we provide the user id as the key) req.session.passport.user = {id: 'xyz'}

2. We are calling passport.deserializeUser right after it where does it fit in the workflow?

The first argument of deserializeUser corresponds to the key of the user object that was given to the done function (see 1.). So your whole object is retrieved with help of that key. That key here is the user id (key can be any key of the user object i.e. name,email etc). In deserializeUser that key is matched with the in memory array / database or any data resource.

The fetched object is attached to the request object as req.user

Visual Flow

passport.serializeUser(function(user, done) {
    done(null, user.id);
});              │
                 │ 
                 │
                 └─────────────────┬──→ saved to session
                                   │    req.session.passport.user = {id: '..'}
                                   │
                                   ↓           
passport.deserializeUser(function(id, done) {
                   ┌───────────────┘
                   │
                   ↓ 
    User.findById(id, function(err, user) {
        done(err, user);
    });            └──────────────→ user object attaches to the request as req.user   
});

这篇关于了解护照序列化反序列化的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！