以下是我的代码
restify = require("restify") passport = require("passport") GoogleStrategy = require("passport-google").Strategy jsonContentType = (req, res, next) -> res.setHeader("content-type", "application/json") next(req, res, next) server = restify.createServer( name: "Sparked API" ) passport.use(new GoogleStrategy({ returnURL: "http://localhost:8080/auth/google/return" realm: "http://localhost:8080/" }, (id, profile, done) -> done() )) server.use(jsonContentType) server.get("/", (req, res, next) -> res.send( message: "hello world!" ) ) server.get("/auth/google", passport.authenticate("google")) server.get("/auth/google/return", passport.authenticate("google", { successRedirect: "/" failureRedirect: "/" })) server.listen(8080, -> console.log("restify listening on 8080"))
看来我即使使用非常简化的版本也会获得重定向循环
server.get("/auth/google/return", passport.authenticate("google", { successRedirect: "/" failureRedirect: "/" }))
/
是未经身份验证的URL,这是如何导致重定向循环的?我也试过加入
server.use(passport.initialize()) server.use(passport.session()) passport.serializeUser((user, done) -> done(null, user) ) passport.deserializeUser((obj, done) -> done(null, obj); )
但无济于事
您的重定向循环正在发生,因为护照无法解析包含许多查询参数的OpenId响应.Restify有一个可以使用的捆绑查询解析器.
server.use restify.queryParser()
虽然restify类似于express,但它没有所有的API护照期望.一个主要的是res.redirect
它采用了failureRedirect
和successRedirect
选项.您需要手动设置标题和状态,如下所示:
server.get "/auth/google/return", passport.authenticate("google"), (req, res, next) -> res.header 'Location', '/' res.send 302 # redirect status
通过这两个添加,我能够让它在本地工作(要点)