nodejs运用passport和passport-local分离本地登录
1 var express = require('express'); 2 var cookieParser = require('cookie-parser'); 3 var bodyParser = require('body-parser'); 4 var session = require('express-session'); 5 var swig = require('swig'); 6 var user = require('./modules/user'); 7 var app = express(); 8 9 10 11 //设置swig模板方法; 12 app.engine('html', swig.renderFile); 13 app.set('view engine', 'html'); 14 app.set('views', __dirname + '/views'); 15 16 //console.log(user) 17 app.use(session({ 18 secret: 'hubwiz app', //secret的值建议使用随机字符串 19 saveUninitialized: true, 20 //此处的cookie设置需要注意; 21 cookie: { 22 secure: false 23 } // 过期时间(毫秒) 24 })); 25 app.use(bodyParser.json()); 26 app.use(bodyParser.urlencoded({ extended: true })); 27 app.use(cookieParser()); 28 29 30 //引入插件并配置; 31 32 var passport = require('passport') 33 , LocalStrategy = require('passport-local').Strategy; 34 35 36 app.use(passport.initialize()); 37 app.use(passport.session()); 38 passport.use('local', new LocalStrategy( 39 function (username, password, done) { 40 var user = { 41 id: '1', 42 username: '123', 43 password: '123' 44 }; 45 46 if (username !== user.username) { 47 return done(null, false, { message: 'Incorrect username.' }); 48 } 49 if (password !== user.password) { 50 return done(null, false, { message: 'Incorrect password.' }); 51 } 52 //验证成功后,传入后面的流程; 53 return done(null, user); 54 } 55 )); 56 57 passport.serializeUser(function (user, done) { 58 //此处设置session中保存用户的信息,这里保存ID; 59 done(null, user.id); 60 }); 61 62 passport.deserializeUser(function (user, done) { 63 done(null, user); 64 }); 65 66 app.get('/users',function(req,res){ 67 res.send("ok"); 68 }); 69 70 app.get('/',function(req,res){ 71 res.send("fail"); 72 }); 73 74 75 app.get('/login', function (req, res) { 76 res.render('index', {title: 'index'}); 77 }); 78 79 80 //登录入口验证;前面配置的数据处理流,在这里传入验证函数里面;用户信息会保存在session里,并标记登录状态; 81 app.post('/login', passport.authenticate('local', { 82 successRedirect: '/users', 83 failureRedirect: '/' 84 }),function(req,res){ 85 console.log(req.body); 86 }); 87 88 89 app.get('/logout', function (req, res) { 90 req.logout(); 91 res.redirect('/'); 92 }); 93 94 //登录验证函数;通过此函数验证用户是否登录; 95 function isLoggedIn(req, res, next) { 96 if (req.isAuthenticated()) 97 return next(); 98 console.log(req.session); 99 res.send("未登录"); 100 } 101 102 103 app.get("/app",isLoggedIn,function(req,res){ 104 console.log(req.session); 105 res.send("登录app"); 106 }); 107 108 109 app.listen(8080);
相关资源