在下面的代码中,当我记录请求对象(console.log('req', req)
(时,我无法在请求中找到login((方法。为什么这里的请求中没有可用的登录方法?
// Login User
app.post('/login', (req, res, next) => {
passport.authenticate('local', {}, (err, user, info) => {
console.log('req', req)
if (err) throw err
if (!user) console.log('User does not exist...')
if (user) {
console.log('user confirmed')
req.logIn(user, next)
}
})(req, res, next);
res.send('User logged in...')
});
中间件。。。
app.use(express.json())
app.use(cors({ origin: ["http://localhost:3000", "http://localhost:3030"], credentials: true }))
app.use(session({
name: 'bucketbadge:sess',
secret: 'secretcat',
resave: true,
saveUninitialized: true,
cookie: { secure: false }
}))
app.use(passport.initialize())
app.use(passport.session())
require('./config/passport-setup')
护照设置.js…
passport.use(new LocalStrategy((username, password, done) => {
User.findOne({ username: username }, (err, user) => {
console.log('user in User.findOne', user)
if (err) throw err;
if (!user) return done(null, false);
bcrypt.compare(password, user.password, (err, result) => {
if (err) throw err
if (result === true) {
console.log('user:', user)
return done(null, user);
} else {
return done(null, false);
}
})
});
}
));
passport.serializeUser((user, done) => {
console.log('user.id @ serializeUser:', user.id)
done(null, user.id)
})
passport.deserializeUser((id, done) => {
console.log('deserialize user:', id)
User.findById(id, (err, user) => {
done(err, user.id)
});
});
Passport JS的文档。。。
Passport在req(also aliased as logIn())
上公开了一个login()
函数,该函数可用于建立登录会话。
req.login(user, function(err) {
if (err) { return next(err); }
return res.redirect('/users/' + req.user.username);
});
登录操作完成后,用户将被分配到req.user.
注意:passport.authenticate()
中间件会自动调用req.login()
。此功能主要用于用户注册时,在此期间可以调用req.login()
自动登录到新注册的用户。
login()
方法不应该在passport.authenticate()
中的请求中可用吗?
也许您对console.log()
将向您展示的内容假设过多。例如:
class Test {
classMethod() { }
}
let object = new Test()
object.instanceMethod = () => { }
console.log(object)
//output
Test { instanceMethod: [Function (anonymous)] } // no "classMethod" property here.
或者:
var object = {
enumerable: "enumerable property"
}
Object.defineProperty(object, "nonenumerable", {
value: "non-enumerable property",
enumerable: false
})
console.log(object)
// output
{ enumerable: 'enumerable property' } // no "nonenumerable" property here.
这只是几个简单的例子来说明这一点。我假设您同意在这两种情况下,classMethod
和nonenumerable
属性在输出的对象上都是可用的。
在您的案例中,login
方法实际上并不是在req
对象本身上定义的,而是在其原型链上的某个地方。
passport.authenticate('jwt', function (error, payload, info) {
console.log("login" in req)
console.log(req.hasOwnProperty("login"))
console.log(findOwningObject(req, "login"))
// ...
})
function findOwningObject(object, key) {
if (object.hasOwnProperty(key)) {
return object
}
var proto = Object.getPrototypeOf(object)
if (!proto) throw new Error("Property not found")
return findOwningObject(proto, key)
}
// output
true // login property is available on req?
false // login property is owned by req?
Readable { // owning object for login.
setTimeout: [Function: setTimeout],
_read: [Function: _read],
destroy: [Function: destroy],
_addHeaderLines: [Function: _addHeaderLines],
_addHeaderLine: [Function: _addHeaderLine],
_dump: [Function: _dump],
logIn: [Function (anonymous)],
login: [Function (anonymous)],
logOut: [Function (anonymous)],
logout: [Function (anonymous)],
isAuthenticated: [Function (anonymous)],
isUnauthenticated: [Function (anonymous)]
}