护照地方战略和cURL [英] Passport local strategy and cURL
问题描述
我想用CURL测试我的node.js + express + passport.js测试应用程序(RESTful)。我的代码:
I would like to test my node.js + express + passport.js test application (RESTful) with CURL. My code:
var express = require('express');
var routes = require('./routes');
var http = require('http');
var path = require('path');
var passport = require('passport');
var LocalStrategy = require('passport-local').Strategy;
// Define the strategy to be used by PassportJS
passport.use(new LocalStrategy(
function(username, password, done) {
if (username === "admin" && password === "admin") // stupid example
return done(null, {name: "admin"});
return done(null, false, { message: 'Incorrect username.' });
}
));
// Serialized and deserialized methods when got from session
passport.serializeUser(function(user, done) {
done(null, user);
});
passport.deserializeUser(function(user, done) {
done(null, user);
});
// Define a middleware function to be used for every secured routes
var auth = function(req, res, next){
if (!req.isAuthenticated())
res.send(401);
else
next();
};
var app = express();
// all environments
app.set('port', process.env.PORT || 3000);
app.set('views', path.join(__dirname, 'views'));
app.set('view engine', 'ejs');
app.use(express.favicon());
app.use(express.logger('dev'));
app.use(express.json());
app.use(express.urlencoded());
app.use(express.methodOverride());
app.use(passport.initialize());
app.use(passport.session());
app.use(app.router);
app.use(express.static(path.join(__dirname, 'public')));
// development only
if ('development' == app.get('env')) {
app.use(express.errorHandler());
}
app.get('/test', auth, function(req, res){
res.send([{name: "user1"}, {name: "user2"}]);
});
app.post('/login', passport.authenticate('local'), function(req, res) {
res.send(req.user);
});
使用curl和
curl "http://localhost:3000/test"
使用curl和
curl --data "username=admin&password=admin" http://localhost:3000/login
工程。但在下一个请求我的登录是忘记。
这是因为curl无法处理会话?是否有任何解决方法?
我的过程对于RESTful应用程序是否正确?
works. But at the next request my login was "forgotten". Is this because curl can't handle sessions? Is there any workaround? Is my procedure correct for a RESTful application?
推荐答案
code>您在使用
curl --cookie-jar jarfile --data "username=admin&password=admin" http://localhost:3000/login
code> / test :
Read the stored cookies when accessing /test
:
curl --cookie jarfile "http://localhost:3000/test"
在我的机器上运行之前需要对应用程序进行一些修改12.04)与Node.js v0.10.26和Express 3.5.0。我用 express --sessions nodetest
生成了一个新的Express应用程序,并编辑了 app.js
中的代码,见下文。一旦我安装了依赖项,我运行应用程序,它使用 curl
命令。
Some modifications to the app itself were needed before it worked on my machine (Ubuntu 12.04) with Node.js v0.10.26 and Express 3.5.0. I generated a new Express app with express --sessions nodetest
and edited the code in app.js
to be as you see below. Once I had the dependencies installed I ran the app and it worked with the curl
commands.
var express = require('express');
var routes = require('./routes');
var user = require('./routes/user');
var http = require('http');
var path = require('path');
var passport = require('passport');
var LocalStrategy = require('passport-local').Strategy;
var app = express();
// Define the strategy to be used by PassportJS
passport.use(new LocalStrategy(
function(username, password, done) {
if (username === "admin" && password === "admin") // stupid example
return done(null, {name: "admin"});
return done(null, false, { message: 'Incorrect username.' });
}
));
// Serialized and deserialized methods when got from session
passport.serializeUser(function(user, done) {
done(null, user);
});
passport.deserializeUser(function(user, done) {
done(null, user);
});
// Define a middleware function to be used for every secured routes
var auth = function(req, res, next){
if (!req.isAuthenticated())
res.send(401);
else
next();
};
// all environments
app.set('port', process.env.PORT || 3000);
app.set('views', path.join(__dirname, 'views'));
app.set('view engine', 'ejs');
app.use(express.favicon());
app.use(express.logger('dev'));
app.use(express.json());
app.use(express.urlencoded());
app.use(express.methodOverride());
app.use(express.cookieParser('your secret here'));
app.use(express.session());
app.use(passport.initialize());
app.use(passport.session());
app.use(app.router);
app.use(express.static(path.join(__dirname, 'public')));
// development only
if ('development' == app.get('env')) {
app.use(express.errorHandler());
}
app.get('/test', auth, function(req, res){
res.send([{name: "user1"}, {name: "user2"}]);
});
app.post('/login', passport.authenticate('local'), function(req, res) {
res.send(req.user);
});
http.createServer(app).listen(app.get('port'), function(){
console.log('Express server listening on port ' + app.get('port'));
});
curl script
curl script
#!/bin/sh
# curl-login.sh
rm jarfile
echo --- login
curl --cookie-jar jarfile --data "username=admin&password=admin" http://localhost:3000/login
echo --- test
curl --cookie jarfile "http://localhost:3000/test"
具有curl输出的控制台日志
Console log with curl output
$ node app &
$ sh curl-login.sh
--- login
POST /login 200 2ms - 21b
{
"name": "admin"
}--- test
GET /test 200 1ms - 60b
[
{
"name": "user1"
},
{
"name": "user2"
}
]
使用
app.use(express.cookieParser('your secret here'));
app.use(express.session());
<会话没有没有上述两行。
问题中的代码也缺少创建HTTP服务器的部分,这只是一个复制粘贴问题;我指的是
The code in your question also lacks the part where you create an HTTP server but I assume that's just a copy-paste issue; I'm referring to
http.createServer(app).listen(app.get('port'), function(){
console.log('Express server listening on port ' + app.get('port'));
});
这篇关于护照地方战略和cURL的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!