I'm trying to use PassportJS to authenticate requests on my site, but it's not working. When I trying to login nothing happening. I'm using MYSQL database to store the user datas and I didn't find a tutorial for this.
APP.JS:
var session = require('express-session');
var routes = require('./routes');
var sha1 = require('sha1');
var cookieParser = require('cookie-parser');
var bodyParser = require('body-parser');
var flash = require('connect-flash');
var RedisStore = require('connect-redis')(session);
var passport = require('passport');
var LocalStrategy = require('passport-local').Strategy;
app.use(cookieParser()); // read cookies (needed for auth)
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({
extended: true
}));
app.use(session({
store: new RedisStore({
host: '127.0.0.1',
port: 6379,
prefix: 'sess'
}),
resave: true,
saveUninitialized: true,
secret: 'xxxxxxx'
}));
app.use(passport.initialize());
app.use(passport.session());
app.use(flash());
passport.use('local-login', new LocalStrategy({
usernameField: 'email',
passwordField: 'password'
},
function(username, password, done){
var connection = mysql.createConnection(
{
host : sql.host,
user : sql.user,
password : sql.password,
database : sql.db_users
}
);
console.log(username);
console.log(password);
connection.connect();
var queryUserCheck = 'SELECT userID, email, password, users WHERE email = "' + username + '"';
connection.query(queryUserCheck, function(err, rows, field) {
if(err){
res.status(500).end(err);
console.log(err);
connection.end();
}else{
user = rows[0];
userID = rows[0].userID;
console.log('Checkpoint 1');
if(!user) { return done(null, false, {message: 'The user is not exist'});}
else if(sha1(password) != user.password) { return done(null, false, {message: "Wrong password"});}
else{
console.log('Checkpoint 2');
return done(null, user);}
connection.end();
}
});
}
));
passport.serializeUser(function(user, done) {
console.log('serializeUser');
done(null, user.id);
});
passport.deserializeUser(function(id, done) {
User.findById(id, function(err, user) {
done(err, user);
});
});
routes.init(app, passport);
I'm actually not really understand the above 2 function. I know it's need to attach and deattach the user from the session, but do I need to change anything on these functions to make it customized or just leave as is?
Router:
exports.init = function(app, passport){
app.post('/login', login);
app.get('/logout', logout);
app.get('/userinfo', checkAuth, require('./users/users/userDetails'));
function login(req, res, next){
passport.authenticate('local-login', function(err, user, info){
if(err){
return next(err);
}
console.log('Authentication is successfull');
});
}
function logout(req, res){
if(req.isAuthenticated()){
req.logout();
req.session.messages = "Log out successfully";
}
res.writeHead(200, { 'Content-Type': 'application/json'});
res.end(true);
}
function checkAuth(req, res, next){
if(req.isAuthenticated) return next();
else{
res.status(401).end("Not Authorized!");
}
}
};
Could somebody help me what I missed? Thank you so much.
Aucun commentaire:
Enregistrer un commentaire