问题是当我登录时,passport会多次运行它的反序列化函数。虽然这对事情没有任何影响,但据我所知。让它这样做以后可能会有问题。日志如下:
Bloodmorphed has been Serialized
Bloodmorphed has been deserialized
Bloodmorphed has been deserialized
Bloodmorphed has been deserialized
Bloodmorphed has been deserialized
Bloodmorphed has been deserialized
Bloodmorphed has been deserialized
这是护照:
/*jshint esversion: 6 */
const LocalStrategy = require('passport-local').Strategy;
const db = require('../config/db');
const bcrypt = require('bcryptjs');
let io = require('./io');
module.exports = (passport) => {
// =========================================================================
// passport session setup ==================================================
// =========================================================================
// used to serialize the user for the session
passport.serializeUser((user, done) => {
console.log(user.username + ' has been Serialized');
done(null, user.id);
});
// used to deserialize the user
passport.deserializeUser((id, done) => {
let sql = 'SELECT * FROM users, users_meta WHERE users.id = ? AND users_meta.id =?';
db.query(sql, [id, id]).then(results => {
var userdata = results[0];
console.log(userdata.username + ' has been deserialized');
done(null, userdata);
});
});
// Local Strategy login
passport.use('local-login', new LocalStrategy({
passReqToCallback: true,
}, (req, username, password, done) => {
// Match Username
let sql = 'SELECT * FROM users WHERE username = ?';
db.query(sql, [username]).then(results => {
if (!results.length) {
return done(null, false, {
type: 'loginMessage',
message: 'Wrong Login',
});
}
// Match Password
bcrypt.compare(password, results[0].password, (err, isMatch) => {
if (isMatch) {
var userData = results[0];
sql = 'SELECT * FROM users_meta WHERE id = ?';
db.query(sql, userData.id).then(results => {
Object.assign(userData, results[0]);
return done(null, userData);
});
} else {
return done(null, false, {
type: 'loginMessage',
message: 'Wrong Login',
});
}
});
});
}));
};
虽然到目前为止这还不是一个高优先级的问题,但我希望解决它,或者如果它确实正常发生的话。
发布于 2018-06-20 04:08:40
请参考https://github.com/jaredhanson/passport/issues/14#issuecomment-4863459
静态文件的服务应该在passport.session
之前完成。
例如,根据引用的来源:
app.configure(function() {
app.use(express.session({ secret: 'keyboard cat' }));
app.use(passport.initialize());
// passport session is triggered, causing deserializeUser to be invoked
app.use(passport.session());
// but request was for a static asset, for which authentication is not
// necessary
app.use(express.static(__dirname + '/../../public'));
});
应更改为:
app.configure(function() {
app.use(express.logger())
// requests for static assets will be handled immediately and will not continue
// down the middleware stack
app.use(express.static(__dirname + '/../../public'));
// any request that gets here is a dynamic page, and benefits from session
// support
app.use(express.session({ secret: 'keyboard cat' }));
app.use(passport.initialize());
app.use(passport.session());
});
https://stackoverflow.com/questions/50920970
复制相似问题