我想通过用户名和密码进行身份验证。我使用羽毛身份验证来做到这一点,但我不明白在配置我的应用程序后,如何验证我在服务器中的输入数据(用户名和密码),以允许羽毛身份验证使用它?在我的客户端,我有这个代码来发送我的数据(用户名和密码)
app.authenticate({
strategy: 'local',
username: 'k0',//self.state.username,
password:'kk'// self.state.password
}).then(response => {
console.log('Authenticated!', response);
return app.passport.verifyJWT(response.accessToken);
})
.then(payload => {
console.log('JWT Payload', payload);
return app.service('users').get(payload.userId);
})
.then(user => {
app.set('user', user);
console.log('User', app.get('user'));
})
.catch(function(error){
console.error('Error authenticating!', error);
});
但是我有一个错误
"POST http://localhost:4200/authentication 400 (Bad Request)
Error authenticating!
BadRequest {type: "FeathersError", name: "BadRequest", message: "Missing credentials", code: 400, className: "bad-request", …}
className
:
"bad-request"
code
:
400
data
:
{message: "Missing credentials"}
errors
:
{}
message
:
"Missing credentials"
name
:
"BadRequest"
type
:
"FeathersError"
stack
:
"BadRequest: Missing credentials↵ at new BadRequest
__proto__
:
Error"
这是我的服务器.js
var Users=[ {_id:"1",email:"k0",password:"kk"}, {_id:"2",email:"k1",password:"kk"}, {_id:"3",email:"k2",password:"kk"}, {_id:"4",email:"k3",password:"kk"}, {_id:"5",email:"k4",password:"kk"}];
const feathers = require('feathers');
const bodyParser = require('body-parser');
const errors = require('feathers-errors');
const errorHandler = require('feathers-errors/handler');
const rest = require('feathers-rest');
const hooks = require('feathers-hooks');
const auth = require('feathers-authentication');
const local = require('feathers-authentication-local');
const memory = require('feathers-memory');
const jwt = require('feathers-authentication-jwt');
const app = feathers(); app.use(bodyParser.json()) app.use(bodyParser.urlencoded({ extended: true })); var cors = require('cors'); var port= process.env.PORT ||4200;app.use(cors());
`
.use('/users', {
find(params) {
return Promise.resolve(Users);
}
})
.use(errorHandler());
app.service('authentication').hooks({
before: {
create: [
auth.hooks.authenticate('local'),
customizeJWTPayload()
],
remove: [
auth.hooks.authenticate('jwt')
]
}
});
app.service('users').hooks({
before: {
create: [
local.hooks.hashPassword({ passwordField: 'password' })
]
}
`});app.post('/login', auth.express.authenticate('local', { successRedirect: '/app', failureRedirect: '/login' }));
app.get('/app', (req, res, next) => {
res.json({ success: true });
});
app.get('/login', (req, res, next) => {
res.json({ success: "faux" });
});
app.listen(port);`
我强烈建议您使用羽毛生成器它运行得非常好,可以为您节省大量处理这些问题的时间。这样,您就知道在开始自定义之前,基本服务和身份验证将起作用。https://docs.feathersjs.com/guides/step-by-step/generators/readme.html
在下面与Developper讨论后,问题似乎是使用username而不是身份验证usernameField字段的默认email。要么更新代码以使用email,要么创建一个类似于以下内容的default.json文件:
{
"authentication": {
"strategies": [
"local"
],
"local": {
"entity": "user",
"usernameField": "username",
"passwordField": "password"
}
}
}
其次,您的服务可能设置不正确(这就是为什么您会出现the id property must be set on the entity service for authentication错误的原因。
这是我的users.service.js文件:
// Initializes the `users` service on path `/users`
const createService = require('feathers-mongodb');
const hooks = require('./users.hooks');
const filters = require('./users.filters');
module.exports = function () {
const app = this;
const paginate = app.get('paginate');
const mongoClient = app.get('mongoClient');
const options = { paginate };
// Initialize our service with any options it requires
app.use('/users', createService(options));
// Get our initialized service so that we can register hooks and filters
const service = app.service('users');
mongoClient.then(db => {
service.Model = db.collection('users');
});
service.hooks(hooks);
if (service.filter) {
service.filter(filters);
}
};
看起来您的设置是为了处理查询,但这是在mongodb服务中使用钩子处理的:https://docs.feathersjs.com/api/databases/mongodb.html#querying
对于羽毛身份验证如何验证用户名和密码的特定问题,羽毛身份验证使用钩子。如果您使用了feathers generate service并选择了身份验证,那么它会自动调用服务的挂钩文件(通常为SERVICENAME.hooks.js)中的authenticate()。
您可以在这里看到authenticate()函数的实际作用:https://github.com/feathersjs/feathers-authentication/blob/master/src/hooks/authenticate.js