passport-github如何提取會話cookie以知道用戶已經登錄

Question

我正在爲我的應用程序構建passport-github身份驗證。但我認爲目前我不知道如何從請求中提取cookie，以表示用戶已經登錄。所以每次當我轉到主頁時，我將重定向到/登錄。

我的代碼大致是這樣的：

passport.use(new GitHubStrategy({ 
    clientID: authConfig.GITHUB_CLIENT_ID, 
    clientSecret: authConfig.GITHUB_CLIENT_SECRET, 
    callbackURL: "http://127.0.0.1:8080/auth/github/callback" 
    }, 
    function(accessToken, refreshToken, profile, done) { 
    // asynchronous verification, for effect... 
    return db.user.findOne({where:{github_id:profile.id}}) 
    .then(data=>{ 
     if (data) { 
     return done(null,data); 
     } else { 
     return db.user.build({ github_id: profile.id }).save() 
     .then(()=>{ 
      return db.user.findOne({where:{github_id:profile.id}}) 
     }) 
     .then(data=>{ 
      return done(null,data); 
     }) 
     } 
    }); 
    } 
)); 

// Passport session setup. 
// To support persistent login sessions, Passport needs to be able to 
// serialize users into and deserialize users out of the session. Typically, 
// this will be as simple as storing the user ID when serializing, and finding 
// the user by ID when deserializing 
passport.serializeUser(function(user, done) { 
    console.log("serialize>>>>>", user.github_id); 
    done(null, user.github_id); 
}); 

passport.deserializeUser(function(id, done) { 
    console.log("deserialize>>>>", id); 
    db.user.findOne({where:{github_id: id}}) 
    .then(user=>{ 
    done(null, user.toJSON()); 
    }) 
}); 

我已經建立了會議：

app.use(session({ secret: 'keyboard cat', resave: false, saveUninitialized: false })); 
app.use(passport.initialize()); 
app.use(passport.session()); 

而且我有一個isAuthenticated功能檢查REQ信息：

function isAuthenticated (req, res, next) { 
    // If the user is logged in, continue with the request to the restricted route 
    console.log("req.user is>>>>", req); 
    if (req.isAuthenticated()) { 
    return next(); 
    } 
    // If the user isnt' logged in, redirect them to the login page 
    return res.redirect("/index"); 
} 

我正在使用這個passport-github lib。我無法從req一些有用的信息似乎

更新，包括路線： 這裏是路線：

const isAuthenticated = require('./middleware/isAuthenticated.js'); 
router 
    .get('/index', query.renderIndex) 
    .get('/', isAuthenticated, query.displayRepos) 
    .post('/', query.queryRepoTopic) 
    .post('/trending', query.addRepo) 
    .post('/addTopic', query.addTopic) 
    .get('trending', query.updateScore); 

router.get('/login', auth.loginPage) 
    .get('/auth/github', 
    passport.authenticate('github', { scope: [ 'user:email' ] }), 
    function(req, res){} 
) 
    .get('/auth/github/callback', 
    passport.authenticate('github', { failureRedirect: '/login' }), 
    auth.signInRedirect 
) 
    .get('/logout', auth.logout); 

這裏是控制函數，它的邏輯：

const loginPage = (req, res) => { 
    res.render('index'); 
} 

// signin a user in 
const signInRedirect = (req, res) => { 
    console.log("here in callback>>>"); 
    console.log("req.user is>>>>", req.user); 
    //res.json("you have successfully logged in!"); 
    res.redirect('/'); 
} 

const logout = (req, res) => { 
    req.logout(); 
    res.redirect('/index'); 
} 

Answer 1

我見您有此路線配置：

const isAuthenticated = require('./middleware/isAuthenticated.js'); 
    router 
     .get('/index', query.renderIndex) 
     .get('/', isAuthenticated, query.displayRepos) 
... 

如果你想打電話localhost:3000，並重定向到auth/github，當你還沒有登錄，你可以改變isAuthenticated function這樣的：

function isAuthenticated (req, res, next) { 
    // If the user is logged in, continue with the request to the restricted route 
    console.log("req.user is>>>>", req); 
    if (req.isAuthenticated()) { 
    return next(); 
    } 
    // If the user isnt' logged in, redirect them to the github login page. 
    return res.redirect("/auth/github"); 
} 

至極意味着，當你試圖調用'/'，在isAuthenticated將檢查設置了req.user（if (req.isAuthenticated())），如果不是，則重定向到/auth/github路由。

你試過這個嗎？

有它可以幫助！