我是新来的,想要为网站建立本地身份验证.我经历了各种来源,这个
https://vickev.com/#!/article/authentication-in-single-page-applications-node-js-passportjs-angularjs是非常有帮助的.当我尝试在本地主机中构建相同的代码时,我的代码进入了一个循环.
原文链接:https://www.f2er.com/angularjs/143017.htmlapp.post(‘/ login’,…..)在响应中返回用户,但在加载管理页面之后,它将检查用户是否通过调用app.get(‘/ loggedin’)登录. ..)和req.isAuthenticated()即使在登录后也返回false,它进入一个循环.我不明白为什么这是发生在帮助我.
服务器端代码
var express = require('express');
var http = require('http');
var path = require('path');
var passport = require('passport');
var LocalStrategy = require('passport-local').Strategy;
//==================================================================
// Define the strategy to be used by PassportJS
passport.use(new LocalStrategy(
function(username,password,done) {
if (username === "admin" && password === "admin") // stupid example
return done(null,{name: "admin"});
return done(null,false,{ message: 'Incorrect username.' });
}
));
// Serialized and deserialized methods when got from session
passport.serializeUser(function(user,done) {
done(null,user);
});
passport.deserializeUser(function(user,user);
});
// Define a middleware function to be used for every secured routes
var auth = function(req,res,next){
if (!req.isAuthenticated())
res.send(401);
else
next();
};
//==================================================================
// Start express application
var app = express();
// all environments
app.set('port',process.env.PORT || 3000);
app.use(express.favicon());
app.use(express.cookieParser());
app.use(express.bodyParser());
app.use(express.methodOverride());
app.use(express.session({ secret: 'securedsession' }));
app.use(passport.initialize()); // Add passport initialization
app.use(passport.session()); // Add passport initialization
app.use(app.router);
app.all('*',function(req,next) {
res.header("Access-Control-Allow-Origin","*");
res.header("Access-Control-Allow-Headers","Origin,X-Requested-With,Content-Type,Accept");
next();
});
// development only
if ('development' == app.get('env')) {
app.use(express.errorHandler());
}
//==================================================================
// routes
app.get('/',res){
res.render('index',{ title: 'Express' });
});
app.get('/users',auth,res){
res.send([{name: "user1"},{name: "user2"}]);
});
//==================================================================
//==================================================================
// route to test if the user is logged in or not
app.get('/loggedin',res) {
res.send(req.isAuthenticated() ? req.user : '0');
});
// route to log in
app.post('/login',passport.authenticate('local'),res) {
res.send(req.user);
});
// route to log out
app.post('/logout',res){
req.logout();
res.send(200);
});
//==================================================================
http.createServer(app).listen(app.get('port'),function(){
console.log('Express server listening on port ' + app.get('port'));
});
客户端Js文件
'use strict';
/**********************************************************************
* Angular Application
**********************************************************************/
var app = angular.module('app',['ngResource','ngRoute'])
.config(function($routeProvider,$locationProvider,$httpProvider) {
//================================================
// Check if the user is connected
//================================================
var checkLoggedin = function($q,$timeout,$http,$location,$rootScope){
// Initialize a new promise
var deferred = $q.defer();
// Make an AJAX call to check if the user is logged in
$http.get('http://localhost:3000/loggedin').success(function(user){
// Authenticated
if (user !== '0')
$timeout(deferred.resolve,0);
// Not Authenticated
else {
$rootScope.message = 'You need to log in.';
$timeout(function(){deferred.reject();},0);
$location.url('/login');
}
});
return deferred.promise;
};
//================================================
//================================================
// Add an interceptor for AJAX errors
//================================================
$httpProvider.responseInterceptors.push(function($q,$location) {
return function(promise) {
return promise.then(
// Success: just return the response
function(response){
return response;
},// Error: check the error status to get only the 401
function(response) {
if (response.status === 401)
$location.url('/login');
return $q.reject(response);
}
);
}
});
//================================================
//================================================
// Define all the routes
//================================================
$routeProvider
.when('/',{
templateUrl: 'views/main.html'
})
.when('/admin',{
templateUrl: 'views/admin.html',controller: 'AdminCtrl',resolve: {
loggedin: checkLoggedin
}
})
.when('/login',{
templateUrl: 'views/login.html',controller: 'LoginCtrl'
})
.otherwise({
redirectTo: '/login'
});
//================================================
}) // end of config()
.run(function($rootScope,$http){
$rootScope.message = '';
// logout function is available in any pages
$rootScope.logout = function(){
$rootScope.message = 'Logged out.';
$http.post('http://localhost:3000/logout');
};
});
/**********************************************************************
* Login controller
**********************************************************************/
app.controller('LoginCtrl',function($scope,$rootScope,$location) {
// This object will be filled by the form
$scope.user = {};
// Register the login() function
$scope.login = function(){
$http.post('http://localhost:3000/login',{
username: $scope.user.username,password: $scope.user.password,})
.success(function(user){
// No error: authentication OK
$rootScope.message = 'Authentication successful!';
$location.url('/admin');
})
.error(function(){
// Error: authentication Failed
$rootScope.message = 'Authentication Failed.';
$location.url('/login');
});
};
});
/**********************************************************************
* Admin controller
**********************************************************************/
app.controller('AdminCtrl',$http) {
// List of users got from the server
$scope.users = [];
// Fill the array to display it in the page
$http.get('http://localhost:3000/users').success(function(users){
for (var i in users)
$scope.users.push(users[i]);
});
});
