如何实现在node.js的登录身份验证 [英] how to implement login auth in node.js

问题描述

我有这个节点服务器运行：

I have this node server running :

var server=http.createServer(function(request, responsehttp) {
    if (request.method == 'POST') {
        var body = '';
        request.on('data', function (data) {
            body += data;
        });
        request.on('end', function () {
            var POST = qs.parse(body);
            processquery(POST, request, responsehttp);
        });
    } else {
        var url_parts = url.parse(request.url, true);
        var query = url_parts.query;
        console.log(query);
        processquery(query, request, responsehttp);
    }
});

我要添加登录表单该服务器。所以，当用户进行身份验证，然后它会显示出来。

I want to add login form for this server .so when user is authenticated then it will show .

   function processquery(query, request, responsehttp){
    var returnResult = function (data){
        responsehttp.end(JSON.stringify(data));
    };

    if (!query.command) {
        fileprocess(request, responsehttp);
    }
    responsehttp.writeHead(200, {"Content-Type": "application/json"});
    switch(query.command) {
        case 'logout':
            logout(query, returnResult);
            break;
        case 'login':
            login(query, returnResult);
            break;
    }    
}

在处理查询功能将文件恢复到客户端，如果没有给出任何命令，
这样我就可以从客户端发送登录命令服务器，但是当它收到使用用户名密码，应该怎么到手的登录请求，并返回登录sucess或失败，写这一部分，我需要帮助login命令应该做的服务器。

in process query function returning the files to client if any command is not given , so i can send the login command from client to server , but what server should do when it recieve the login command with username password , how it should hand the login request and return the login sucess or failure, for writing this part i need help .

我试过了。

function login(request, callback) {
    if(request.username==users[request.username] && request.password==users[request.username].password) {
        users[request.username].auth=true;
        var data = {result:'success','message':'login successful'};
        callback(data);
    } else {
        var data = {result:'error','message':'login incorrect'};
        callback(data);
    }
}

请建议我怎么能在这方面，我尝试添加添加会议，要求在登录功能变量和尝试设置的request.session可变它说的request.session是不确定的。

Please suggest how can i add session in this i tried adding , request variable in login function and tried setting request.session variable it says request.session is undefined .

请建议我怎么能写这个登录模块，可以适当地保持登录验证为每个用户。

Please suggest how can i write this login module which can maintain login authentication properly for every user .

推荐答案

下面是我如何与防爆preSS做.js文件：

1）检查，如果用户进行身份验证：我有一个名为CheckAuth中间件功能，我每天都需要用户进行身份验证航线上使用：

1) Check if the user is authenticated: I have a middleware function named CheckAuth which I use on every route that needs the user to be authenticated:

function checkAuth(req, res, next) {
  if (!req.session.user_id) {
    res.send('You are not authorized to view this page');
  } else {
    next();
  }
}

我用这个功能在我的路线是这样的：

I use this function in my routes like this:

app.get('/my_secret_page', checkAuth, function (req, res) {
  res.send('if you are viewing this page it means you are logged in');
});

2）的登录路径：

app.post('/login', function (req, res) {
  var post = req.body;
  if (post.user === 'john' && post.password === 'johnspassword') {
    req.session.user_id = johns_user_id_here;
    res.redirect('/my_secret_page');
  } else {
    res.send('Bad user/pass');
  }
});

3）注销路线：

app.get('/logout', function (req, res) {
  delete req.session.user_id;
  res.redirect('/login');
});      

如果您想了解更多关于防爆press.js这里查看他们的网站：前pressjs。 COM / guide.html
如果需要更复杂的东西，结账 everyauth （它有很多可用的身份验证方法，Facebook，微博等的;好的教程它这里）。

If you want to learn more about Express.js check their site here: expressjs.com/guide.html If there's need for more complex stuff, checkout everyauth (it has a lot of auth methods available, for facebook, twitter etc; good tutorial on it here).

这篇关于如何实现在node.js的登录身份验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！