Passport本地策略和cURL

 拍友2502920603 发布于 2023-01-19 13:53
  • curl
  • node.js
  • express
  • port
  • js
  • restful

    • 我想用CURL测试我的node.js + express + passport.js测试应用程序(RESTful).我的代码:

    var express = require('express');
var routes = require('./routes');
var http = require('http');
var path = require('path');
var passport = require('passport');
var LocalStrategy = require('passport-local').Strategy;

// Define the strategy to be used by PassportJS
passport.use(new LocalStrategy(
    function(username, password, done) {
        if (username === "admin" && password === "admin") // stupid example
            return done(null, {name: "admin"});

        return done(null, false, { message: 'Incorrect username.' });
    }
));

// Serialized and deserialized methods when got from session
passport.serializeUser(function(user, done) {
    done(null, user);
});

passport.deserializeUser(function(user, done) {
    done(null, user);
});

// Define a middleware function to be used for every secured routes
var auth = function(req, res, next){
    if (!req.isAuthenticated())
        res.send(401);
    else
        next();
};

var app = express();

// all environments
app.set('port', process.env.PORT || 3000);
app.set('views', path.join(__dirname, 'views'));
app.set('view engine', 'ejs');
app.use(express.favicon());
app.use(express.logger('dev'));
app.use(express.json());
app.use(express.urlencoded());
app.use(express.methodOverride());
app.use(passport.initialize());
app.use(passport.session());
app.use(app.router);
app.use(express.static(path.join(__dirname, 'public')));

// development only
if ('development' == app.get('env')) {
    app.use(express.errorHandler());
}

app.get('/test', auth, function(req, res){
    res.send([{name: "user1"}, {name: "user2"}]);
});

app.post('/login', passport.authenticate('local'), function(req, res) {
    res.send(req.user);
});

    用curl和.调用/测试

    curl "http://localhost:3000/test"

    返回"未授权"(到目前为止这是正确的).

    用curl和.调用/登录(POST)

    curl --data "username=admin&password=admin" http://localhost:3000/login

    作品.但在下次请求时,我的登录信息被"遗忘"了.这是因为curl无法处理会话吗?有没有解决方法?我的程序对于RESTful应用程序是否正确?

    1 个回答

    • 首先,curl在登录时进行保存cookie

      curl --cookie-jar jarfile --data "username=admin&password=admin" http://localhost:3000/login

      访问时读取存储的cookie /test:

      curl --cookie jarfile "http://localhost:3000/test"

      在使用Node.js v0.10.26和Express 3.5.0在我的机器(Ubuntu 12.04)上工作之前,需要对应用程序本身进行一些修改.我生成了一个新的Express应用程序express --sessions nodetest并编辑了代码,app.js如下所示.一旦我安装了依赖项,我运行了应用程序并使用了 curl命令.

      app.js

      var express = require('express');
var routes = require('./routes');
var user = require('./routes/user');
var http = require('http');
var path = require('path');
var passport = require('passport');
var LocalStrategy = require('passport-local').Strategy;

var app = express();

// Define the strategy to be used by PassportJS
passport.use(new LocalStrategy(
    function(username, password, done) {
        if (username === "admin" && password === "admin") // stupid example
            return done(null, {name: "admin"});

        return done(null, false, { message: 'Incorrect username.' });
    }
));

// Serialized and deserialized methods when got from session
passport.serializeUser(function(user, done) {
    done(null, user);
});

passport.deserializeUser(function(user, done) {
    done(null, user);
});

// Define a middleware function to be used for every secured routes
var auth = function(req, res, next){
    if (!req.isAuthenticated())
        res.send(401);
    else
        next();
};

// all environments
app.set('port', process.env.PORT || 3000);
app.set('views', path.join(__dirname, 'views'));
app.set('view engine', 'ejs');
app.use(express.favicon());
app.use(express.logger('dev'));
app.use(express.json());
app.use(express.urlencoded());
app.use(express.methodOverride());
app.use(express.cookieParser('your secret here'));
app.use(express.session());
app.use(passport.initialize());
app.use(passport.session());
app.use(app.router);
app.use(express.static(path.join(__dirname, 'public')));

// development only
if ('development' == app.get('env')) {
    app.use(express.errorHandler());
}

app.get('/test', auth, function(req, res){
    res.send([{name: "user1"}, {name: "user2"}]);
});

app.post('/login', passport.authenticate('local'), function(req, res) {
    res.send(req.user);
});

http.createServer(app).listen(app.get('port'), function(){
  console.log('Express server listening on port ' + app.get('port'));
});

      卷曲脚本

      #!/bin/sh
# curl-login.sh
rm jarfile
echo --- login
curl --cookie-jar jarfile --data "username=admin&password=admin" http://localhost:3000/login
echo --- test
curl --cookie jarfile "http://localhost:3000/test"

      控制台日志与卷曲输出

      $ node app &
$ sh curl-login.sh
--- login
POST /login 200 2ms - 21b
{
  "name": "admin"
}--- test
GET /test 200 1ms - 60b
[
  {
    "name": "user1"
  },
  {
    "name": "user2"
  }
]

      注意使用

      app.use(express.cookieParser('your secret here'));
app.use(express.session());

      app.js.没有上述两行,会话就无法运作.

      您的问题中的代码也缺少创建HTTP服务器的部分,但我认为这只是一个复制粘贴问题; 我指的是

      http.createServer(app).listen(app.get('port'), function(){
  console.log('Express server listening on port ' + app.get('port'));
});

      2023-01-19 13:56 回答
    撰写答案
    今天,你开发时遇到什么问题呢?
    立即提问
    热门标签
    PHP1.CN | 中国最专业的PHP中文社区 | PNG素材下载 | DevBox开发工具箱 | json解析格式化 |PHP资讯 | PHP教程 | 数据库技术 | 服务器技术 | 前端开发技术 | PHP框架 | 开发工具 | 在线工具
    Copyright © 1998 - 2020 PHP1.CN. All Rights Reserved 京公网安备 11010802041100号 | 京ICP备19059560号-4 | PHP1.CN 第一PHP社区 版权所有