Hapi身份验证cookie集,但request.auth.credentials为空
Hapi身份验证cookie集,但request.auth.credentials为空
提问于 2019-04-09 01:45:12
我已经阅读了hapi-auth-cookie的文档,试图在我的网站上进行验证。
cookie集,我可以在我的chrome browser dev tools application tab中看到它
但是,当I console.log request.auth.credentials时,结果为null
我想要实现的是将用户限制为http://localhost:3000/restricted,我认为缺少的链接是request.auth.credentials,因为它是空
以下是我的代码
const users = [
{
username: 'john',
password: '$2b$10$nrkw6Mco2j7YyBqZSWRAx.P3XEZsZg3MNfma2ECO8rGMUTcF9gHO.', // 'secret'
name: 'John Doe',
id: '2133d32a'
}
];
await server.register(require('hapi-auth-cookie'));
//strategy
server.auth.strategy('session', 'cookie', {
cookie: {
name: 'sid-example',
password: '!wsYhFA*C2U6nz=Bu^%A@^F#SF3&kSR6',
isSecure: false
},
redirectTo: '/login',
validateFunc: async (request, session) => {
const account = await users.find(
(user) => (user.id === session.id)
);
if (!account) {
return { valid: false };
}
return { valid: true, credentials: account };
}
});
server.auth.default({strategy: 'session', mode: 'try'});
//login post
server.route({
method: 'POST',
path: '/login',
handler: async (request, h) => {
console.log(request.payload)
const { username, password } = request.payload;
const account = users.find(
(user) => user.username === username
);
if (!account || !(await Bcrypt.compare(password, users[0].password))) {
console.log('user or password incorrect')
return h.view('login');
}
request.cookieAuth.set({ id: users.id });
console.log('login successful')
return h.redirect().location("/")
}
})
//restricted
server.route({
method: 'GET',
path: '/restricted',
options: {
auth: {
mode: 'required',
strategy: 'session'
}
},
handler: (request, h) => {
return new Promise ((resolve, reject) => {
let views = () => {
return h.view('restricted');
}
return resolve(views());
});
}
});我尝试在restricted route中将options.auth.mode设置为“try”,并尝试完全删除options。
所有路由都工作正常,但即使我登录也无法打开受限制的路由。
请帮帮忙
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/55578990
复制相关文章
相似问题