node.js - 使用 connect-ensure-login 进行索引时出现 ERR_TOO_MANY_REDIRECTS

标签 node.js express passport.js passport-local

我正在使用passport.js和本地策略,我可以使用connect-ensure-loginensureLoggedIn()方法限制我的路由。

app.use('/login', login);
app.use('/connect', Auth.ensureLoggedIn('/login'), connect);

但是,如果我尝试保护主页,则会收到 ERR_TOO_MANY_REDIRECTS 错误,并且我会被重定向到登录页面:

app.use('/', Auth.ensureLoggedIn('/login'), index);

我试图调试为什么会出现这种情况,但问题似乎只在保护索引时才会出现。如果我从索引路由中删除检查,它就可以正常工作。

任何人都可以发现我出错的地方或建议连接确保登录的替代方法吗?

我的app.js

var express = require('express');
var path = require('path');
var favicon = require('serve-favicon');
var logger = require('morgan');
var cookieParser = require('cookie-parser');
var bodyParser = require('body-parser');
var passport = require('passport');
var LocalStrategy = require('passport-local').Strategy;
var Auth = require('connect-ensure-login');
var oauth1 = require('passport-oauth1');
var session = require('express-session');
var mongoose = require('mongoose');

var dbconf = require('./config/database');
var dbUser = require('./models/user');

var index = require('./routes/index');
var login = require('./routes/login');
var logout = require('./routes/logout');
var connect = require('./routes/connect');
var disconnect = require('./routes/disconnect');

var app = express();

// Database connection
mongoose.connect(dbconf.uri);
mongoose.Promise = global.Promise;
var db = mongoose.connection;
db.on('error',console.error.bind(console,'MongoDB connection error:'));


// view engine setup
app.set('views', path.join(__dirname, 'views'));
app.set('view engine', 'jade');

// uncomment after placing your favicon in /public
//app.use(favicon(path.join(__dirname, 'public', 'favicon.ico')));
app.use(logger('dev'));
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: false }));
app.use(cookieParser());
app.use(express.static(path.join(__dirname, 'public')));


// Setup passport
app.use(session({secret: "Koiasoidpoaksdpoao98as", resave: true, saveUninitialized: false}));
app.use(passport.initialize());
app.use(passport.session());

passport.use(new LocalStrategy({
  usernameField: 'email',
  passwordField: 'password'
  }, (email, password, done) => {
    dbUser.findOne({email: email}, (err, user) => {
      if (err) { return done(err)}
      if (!user) { return done(null, false); }
      if (!user.comparePassword(password)) { return done(null, false); }
      return done(null, user);
    });
  })
);

passport.serializeUser(function(user, done) {
  done(null, user.id);
});

passport.deserializeUser(function(user, done) {
  dbUser.findById(user, (err, founduser) => {
    if (err) { return done(err);}
    done(null, founduser);

  });
});

// set user variables for user detail in global layout
app.use(function(req,res,next){
  let account = ((req.session || {}).etsy || {}).account;
  let etsyval = false;
  if (account) {
    etsyval = true;    
  }
  if (res.locals.connected) {
    res.locals.connected.etsy = etsyval;
  } else {
    res.locals.connected = {etsy: etsyval};
  }

  next();
})

app.use('/', Auth.ensureLoggedIn('/login'), index);
app.use('/logout', logout);
app.use('/login', login);
app.use('/connect', Auth.ensureLoggedIn('/login'), connect);
app.use('/disconnect', Auth.ensureLoggedIn('/login'), disconnect);

// catch 404 and forward to error handler
app.use(function(req, res, next) {
  var err = new Error('Not Found');
  err.status = 404;
  next(err);
});

// error handler
app.use(function(err, req, res, next) {
  // set locals, only providing error in development
  res.locals.message = err.message;
  res.locals.error = req.app.get('env') === 'development' ? err : {};

  // render the error page
  res.status(err.status || 500);
  res.render('error');
});

module.exports = app;

我的login.js(路由)

var express = require('express');
var router = express.Router();
var passport = require('passport');
router.get('/',(req, res, next) => {
    res.render('login', {title:'Login to use Overseer'});
});
router.post('/', passport.authenticate('local', {successReturnToOrRedirect: '/', failureRedirect: '/login'}), (req,res,next) => {
    if (req.body.remember) {
        req.session.cookie.maxAge = 30 * 24 * 60 * 60 * 1000; // Cookie expires after 30 days
    }
    else {
        req.session.cookie.expires = false; // Cookie expires at end of session
    }
    res.redirect('/');

});
module.exports = router;

最佳答案

当你这样做时

app.use('/somepath', Auth.ensureLoggedIn('/login'));

中间件不仅适用于 /somepath,还适用于 /somepath/any/somepath/any/another 等.

因此,安装在 / 的中间件会触发 every request.在您的情况下,当请求重定向到 /login 时,中间件会触发并再次重定向到 /login ,从而导致无限循环。

可能的解决方案是专门在 routes/index.js 中保护 GET/:

router.get('/', Auth.ensureLoggedIn('/login'), (req, res) => ...);

或者重新编码你的处理程序,这样只有 protected 路由才会受到中间件的影响:

app.use('/logout', logout);
app.use('/login', login);

// applies to all below
app.use(Auth.ensureLoggedIn('/login'));

app.use('/', index);
app.use('/connect', connect);
app.use('/disconnect', disconnect);

关于node.js - 使用 connect-ensure-login 进行索引时出现 ERR_TOO_MANY_REDIRECTS,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/50320008/

上一篇:node.js - NodeJS + Nginx + Cloudflare

下一篇:node.js - 带有 Passport NodeJ 的集群

相关文章:

javascript - Eslint 不尊重 jsconfig 路径

javascript - Passport.use 不是一个函数

node.js - 将请求从静态包代理到 Express 后端时,NginX 无法传递 POST 请求正文

node.js - 如何在 Node.js 中获取本地 IP 地址?

javascript - 错误 : Cannot find module 'html' , 无法提供静态文件

json - 如何检查值是否存在作为 hasOwnProperty JSON NodeJs

javascript - 无法使用 Restangular 获取快速删除中的 json 请求?

node.js - 服务器错误以 express 方式发送给客户端

node.js - Passport.js deserializeUser 如何解密哈希 session 数据?

node.js - Passport w/node.js 谷歌错误

©2024 IT工具网  联系我们