我已经使用羽毛生成器启动了一个非常简单的应用程序。我想如何在身份验证端点上添加一个挂钩,以防止用户在状态设置为“已阻止”的情况下登录。
我知道如何在用户服务上创建钩子,但我想我希望此钩子位于身份验证服务上,我不确定在哪里进行此操作。
谢谢
您可以通过实施自定义策略(doc)来完成此操作>
假设您使用本地策略(电子邮件+密码)
然后您可以执行以下操作:
const { AuthenticationService, JWTStrategy } = require('@feathersjs/authentication');
const { NotAuthenticated } = require('@feathersjs/errors');
const { LocalStrategy } = require('@feathersjs/authentication-local');
// Extend the LocalStrategy
class CustomLocalStrategy extends LocalStrategy {
async authenticate(authentication, params) {
let resp;
// Normal authentication
try {
resp = await super.authenticate(authentication, params);
} catch (e) {
if (e instanceof NotAuthenticated) {
throw new NotAuthenticated('Not authenticated', {
reason: 'invalid'
});
}
}
// Check if user is blocked, blocked should be a bool in the user model
if (resp.user.blocked) {
throw new NotAuthenticated('Not authenticated', {
reason: 'blocked'
});
}
return resp;
}
}
// Register the strategy
module.exports = app => {
const authentication = new AuthenticationService(app);
authentication.register('local', new CustomLocalStrategy());
app.use('/authentication', authentication);
};