1. 首頁
  2. 問答
  3. 與貝爾哈比未能通過Twitter驗證

與貝爾哈比未能通過Twitter驗證

2017-10-14 53 views
0

我已經建立了一些基本的後端API需要多個身份驗證。現在我試圖使用Bell連接到Twitter API,但問題是顯示的頁面不是讓我驗證應用程序,它顯示錯誤{「statusCode」:500,「error」:「內部服務器錯誤」,「消息 「:」 發生內部服務器錯誤「}與貝爾哈比未能通過Twitter驗證

下面是相關文件:

index.ts

'use strict'; 

import * as hapi from "hapi"; 
import * as boom from "boom"; 
import router from './router/router'; 

const server: hapi.Server = new hapi.Server(); 
server.connection({ port: 3000, host: 'localhost' }); 

// .register(...) registers a module within the instance of the API. The callback is then used to tell that the loaded module will be used as an authentication strategy. 
server.register([require('hapi-auth-jwt'), require('hapi-auth-cookie'), require('bell')], (err) => { 

    // normal server auth strategy using JWT 
    server.auth.strategy('token', 'jwt', { 
     key: 'secretkey', 
     verifyOptions: { 
      algorithms: [ 'HS256' ], 
     }, 
     redirectTo: '/login' 
    }); 

    //Setup the session strategy 
    server.auth.strategy('session', 'cookie', { 
     password: 'secret_cookie_encryption_password', //Use something more secure in production 
     redirectTo: '/login', //If there is no session, redirect here 
     isSecure: false //Should be set to true (which is the default) in production 
    }); 

    //Setup the social Twitter login strategy 
    server.auth.strategy('twitter', 'bell', { 
     provider: 'twitter', 
     password: 'secret_cookie_encryption_password', //Use something more secure in production 
     clientId: 'secretkey', 
     clientSecret: ' secretkey', 
     isSecure: false //Should be set to true (which is the default) in production 
    }); 

    //server.auth.default('token'); 

    // Make sure server get auth first before attach the router 
    router.forEach((router) => { 
     console.log(`attaching ${ router.path }`); 
     server.route(router); 
    }); 

}); 



server.start((err) => { 

    if (err) { 
     throw err; 
    } 
    console.log(`Server running at: ${server.info.uri}`); 
});

router.ts

'use strict'; 

import controllers from '../server/controllers/Index'; 
import models from '../server/models/index'; 
import { compareHashPassword } from '../Helper'; 
import * as jwt from "jsonwebtoken"; 
import * as Boom from "boom"; 

// Init express router saja 
let router; 
let User = models.User; 

// Setting API URL 
router = [ 
    { 
     method: 'GET', 
     path: '/', 
     config: { 
      auth: { 
      strategies: ['token', 'session'],   
     }, //<-- require a session for this, so we have access to the twitter profile 
      handler: function(request, reply) { 

      //Return a message using the information from the session 
      return reply('Hello, ' + request.auth.credentials.displayName + '!'); 
      } 
     } 
    }, 
    { 
     method: 'GET', 
     path: '/login', 
     handler: function(request, reply) { 
      return reply('Please Login to ReviewUr!'); 
     } 
    }, 
    // Authentication route for Token 
    { 
     path: '/auth', 
     method: 'POST', 
     handler: controllers.Auths.list 
    }, 
    // Authentication route for Twitter 
    { 
     method: 'GET', 
     path: '/auth/twitter', 
     config: { 
      auth: 'twitter', 
      handler: function(request, reply) { 

      if (!request.auth.isAuthenticated) { 
       //return reply(Boom.unauthorized('Authentication failed: ' + request.auth.error.message)); 
       return reply('unauthorized!'); 
      } 


      const profile = request.auth.credentials.profile; 

      request.cookieAuth.set({ 
       twitterId: profile.id, 
       username: profile.username, 
       displayName: profile.displayName 
      }); 

      return reply.redirect('/').catch(error => reply(error)); 
      } 
     } 
    }, 
    /////////////////////////////////////// 
]; 

export default router

有什麼我失蹤?

來源

2017-10-14 kola

回答

0

您是否嘗試將'/ auth/twitter'路徑移動到'/ auth'上面,似乎它在'/ auth/twitter'之前處理'/ auth'。 您嘗試在哪條路線上顯示用戶登錄選項? /登錄 ?

你有沒有嘗試沒有jwt或auth-cookie,只是與嘰嘰喳喳?也許其他插件有問題。

這是我從實時應用程序中提取的實現。

APP-auth.js

const Boom = require('boom'); 
const internals = {}; 
const config = require('config'); 

exports.register = function (server, options, next) { 
    server.auth.scheme('basic', internals.implementation); 
    server.auth.strategy('simple', 'basic', true); 

    // handle twitter login errors here 
    server.ext('onPreResponse', function (request, reply) { 
     const req = request.response; 
     if (req.isBoom && request.path === 'login') { 
      // there has been an error occurred during login process, sent user to home page 
      server.log(['error', 'auth', 'twitter'], req.output.payload.error); 
      return reply.redirect('/?error=103&account_error=' + encodeURIComponent(req.output.payload.error)); 
     } 

     return reply.continue(); 
    }); 

    // twitter application registration 
    server.auth.strategy('twitter', 'bell', { 
     provider: 'twitter', 
     password: config.get('twitter.pass'), 
     clientId: config.get('twitter.key'), 
     clientSecret: config.get('twitter.secret'), 
     isSecure: config.get('authSecurity') 
    }); 

    return next(); 
}; 

internals.implementation = function (server, options) { 

    return { 
     authenticate: function (request, reply) { 
      // if there is no session information 
      if (!request.yar.get('auth')) { 
       const headers = request.headers; 
       // if this request is xmlhttp then return as json 
       if (headers['x-requested-with'] === 'XMLHttpRequest') { 
        return reply(Boom.unauthorized("Please sign-in to system.")); 
       } 
       return reply.redirect('/login'); 
      } 
      return reply.continue({credentials: request.yar.get('auth')}); 
     } 
    } 
}; 

exports.register.attributes = { 
    name: 'app_auth',  
    version: require('../package.json').version 
};

Twitter的route.js

exports.view = { 
    description: 'Twitter authentication handler', 
    auth: 'twitter', 
    handler: async (request, reply) => { 
     // something went wrong 
     if (!request.auth.isAuthenticated) { 
      request.yar.flash('ERROR', request.auth.error.message); 
      return reply.redirect('/login_error?error=103&account_error=' + encodeURIComponent(request.auth.error.message)); 
     } 

     // profile information coming from twitter 
     const profile = request.auth.credentials.profile; 

     // do what ever you want with profile 

    } 
};

來源

2017-10-23 13:55:48 metoikos

相關問題

 相關問題