如何在 node.js 中实现登录身份验证 [英] how to implement login auth in node.js
问题描述
我正在运行这个节点服务器:
I have this node server running :
var server=http.createServer(function(request, responsehttp) {
if (request.method == 'POST') {
var body = '';
request.on('data', function (data) {
body += data;
});
request.on('end', function () {
var POST = qs.parse(body);
processquery(POST, request, responsehttp);
});
} else {
var url_parts = url.parse(request.url, true);
var query = url_parts.query;
console.log(query);
processquery(query, request, responsehttp);
}
});
我想为此服务器添加登录表单.因此,当用户通过身份验证时,它将显示.
I want to add login form for this server .so when user is authenticated then it will show .
function processquery(query, request, responsehttp){
var returnResult = function (data){
responsehttp.end(JSON.stringify(data));
};
if (!query.command) {
fileprocess(request, responsehttp);
}
responsehttp.writeHead(200, {"Content-Type": "application/json"});
switch(query.command) {
case 'logout':
logout(query, returnResult);
break;
case 'login':
login(query, returnResult);
break;
}
}
如果没有给出任何命令,进程中的查询函数将文件返回给客户端,所以我可以将登录命令从客户端发送到服务器,但是当服务器收到带有用户名密码的登录命令时应该做什么,它应该如何处理登录请求并返回登录成功或失败,为了编写这部分我需要帮助.
in process query function returning the files to client if any command is not given , so i can send the login command from client to server , but what server should do when it recieve the login command with username password , how it should hand the login request and return the login sucess or failure, for writing this part i need help .
我尝试了什么.
function login(request, callback) {
if(request.username==users[request.username] && request.password==users[request.username].password) {
users[request.username].auth=true;
var data = {result:'success','message':'login successful'};
callback(data);
} else {
var data = {result:'error','message':'login incorrect'};
callback(data);
}
}
请建议我如何在此添加会话我尝试在登录函数中添加请求变量并尝试设置 request.session 变量它说 request.session 未定义.
Please suggest how can i add session in this i tried adding , request variable in login function and tried setting request.session variable it says request.session is undefined .
请建议我如何编写这个可以为每个用户正确维护登录身份验证的登录模块.
Please suggest how can i write this login module which can maintain login authentication properly for every user .
推荐答案
这是我如何使用 Express.js:
1) 检查用户是否已通过身份验证:我有一个名为 CheckAuth 的中间件函数,我在每条需要对用户进行身份验证的路由上使用它:
1) Check if the user is authenticated: I have a middleware function named CheckAuth which I use on every route that needs the user to be authenticated:
function checkAuth(req, res, next) {
if (!req.session.user_id) {
res.send('You are not authorized to view this page');
} else {
next();
}
}
我在我的路线中使用这个功能是这样的:
I use this function in my routes like this:
app.get('/my_secret_page', checkAuth, function (req, res) {
res.send('if you are viewing this page it means you are logged in');
});
2) 登录路径:
app.post('/login', function (req, res) {
var post = req.body;
if (post.user === 'john' && post.password === 'johnspassword') {
req.session.user_id = johns_user_id_here;
res.redirect('/my_secret_page');
} else {
res.send('Bad user/pass');
}
});
3) 注销路径:
app.get('/logout', function (req, res) {
delete req.session.user_id;
res.redirect('/login');
});
如果您想了解有关 Express.js 的更多信息,请在此处查看他们的网站:expressjs.com/en/guide/routing.html如果需要更复杂的东西,请查看 everyauth(它有很多可用的身份验证方法,用于 facebook、twitter 等;很好的教程关于它这里).
If you want to learn more about Express.js check their site here: expressjs.com/en/guide/routing.html If there's need for more complex stuff, checkout everyauth (it has a lot of auth methods available, for facebook, twitter etc; good tutorial on it here).
这篇关于如何在 node.js 中实现登录身份验证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
