2017-08-30 87 views
0

我目前正在使用create-react-app鍋爐板並嘗試添加auth。我使用axios作爲基於React.js的基於HTTP的libray。我一直在後端使用快遞,快遞,護照和護照本地節點。node.js - 護照不持續瀏覽器請求,與郵遞員一起工作

下面是一些exlusions我server.js文件:

const express = require('express'); 
const mysql = require('mysql'); 
const app = express(); 
const cors = require('cors'); 
const session = require('express-session'); 
const passport = require('passport'); 
const morgan = require('morgan'); 
const bodyParser = require('body-parser'); 
const cookieParser = require('cookie-parser'); 
const LocalStrategy = require('passport-local').Strategy; 

// Express only serves static assets in production 
if (process.env.NODE_ENV === 'production') { 
    app.use(express.static('client/build')); 
} 

app.set('port', (process.env.PORT || 3001)); 

app.use(cors({ 
    credentials: true, 
    origin: 'http://localhost:3000' 
})); 
app.use(morgan('dev')); 
app.use(bodyParser.urlencoded({ extended: true })); 
app.use(bodyParser.json()); 
app.use(cookieParser()); 
app.use(session({ 
    secret: 'topsecretpassword', 
    resave: true, 
    saveUninitialized: false, 
    cookie: { 
    path: '/', 
    originalMaxAge: 1000 * 60 * 60 * 24, 
    httpOnly: true, 
    secure: false 
    } 
})); 
app.use(passport.initialize()); 
app.use(passport.session()); 


// Setup Database connection 
const connection = mysql.createConnection({ 
    host : 'localhost', 
    user : 'root', 
    password : '', 
    database : 'mvy_db' 
}); 

passport.serializeUser(function(user, done) { 
    done(null, user.id); 
}); 

passport.deserializeUser(function(user, done) { 
    connection.query('SELECT * FROM users WHERE id=?', user, function(err, userId) { 
    if (err) { 
     res.status(400).json({ 
     error: 'Database Error', 
     id: userId[0] 
     }); 
    } 

    done(err, userId[0]); 
    }); 
}); 

passport.use(new LocalStrategy({ 
    usernameField: 'email', 
    passwordField: 'password', 
    }, 
    function(email, password, done) { 
    connection.query('SELECT * FROM users WHERE email=?', email, function(err, user) { 
     if (err) { 
     return done(err); 
     } 
     if (!user.length) { 
     return done(null, false, { message: 'Incorrect email.' }); 
     } 
     if (user[0].password !== password) { 
     return done(null, false, { message: 'Incorrect password.' }); 
     } 
     return done(null, user[0]); 
    }); 
    } 
)); 

app.post('/signin', passport.authenticate('local'), function(req, res) { 
    console.log(req.session); 
    return res.send('login success!'); 
}); 

function isAuthenticated (req,res,next){ 
    console.log(req.session); 
    if(req.session.passport.user) 
    return next(); 
    else 
    return res.status(401).json({ 
     error: 'User not authenticated' 
    }) 

} 

app.get('/checkauth', isAuthenticated, function(req,res) { 
    res.status(200).json({ 
    status: 'User Authenticated!' 
    }); 
}) 

app.get('/signout', function(req,res) { 
    req.session.destroy(); 
    res.status(200).json({ success: 'successfully signed out' }); 
}) 

使用郵差(甚至在瀏覽器上),我能夠成功登錄,下面是在req.session對象舉行:

cookie: 
    { path: '/', 
     _expires: null, 
     originalMaxAge: 86400000, 
     httpOnly: true, 
     secure: false }, 
     passport: { user: 1 } } 

用我的登錄請求Axios公司:

return axios.post(ROOT_URL + 'signin', { 
     email: e.target.email.value, 
     password: e.target.password.value 
    }).then((response) => { 
     if (response.status === 200) { 
     console.log(response); 
     } 
    }) 

我checkAuth要求USI NG愛可信(這是我得到一個500錯誤返回):

axios.get(ROOT_URL + 'checkauth', { withCredentials: true }) 
    .then((response) => { 
     if (response.status === 200) { 
     return true; 
     } else { 
     return false; 
     } 
    }); 

錯誤信息之前檢查認證後req.session對象,請注意護照對象不存在了:

Session { 
    cookie: 
    { path: '/', 
     _expires: null, 
     originalMaxAge: 86400000, 
     httpOnly: true, 
     secure: false } } 

這是錯誤消息我得到的控制檯上,當我試圖檢查用戶被授權:

TypeError: Cannot read property 'user' of undefined 
    at isAuthenticated (/server.js:94:26) 

我一直在敲打我的頭幾個小時,試圖解決這個問題。我認爲這可能與CORS有關,但經過幾個小時的演練似乎並非如此。這仍然是一個CORS問題,但令我震驚的是,它與Postman完全兼容,但不適用於我的Chrome瀏覽器。任何幫助表示讚賞!

回答

0

好的,所以我找到了解決我的問題的方法。這似乎是axios和我的獲取請求的配置問題。出於某種原因,使用結構axios.get(URL) .then(response)不能與withCredentials屬性一起使用。

相反,我只好送我的要求是:

axios(ROOT_URL + 'checkauth', { method: 'get', withCredentials: true }) .then((response) => { if (response.status === 200) { return true; } else { return false; } });

相關問題