我正在尝试使用 passportjs 使用 google oauth2 做一个基本的身份验证页面。当我单击登录按钮时,会话会正确更新到 redis,我可以在 Redis GUI 工具中看到这一点,但是当我在重定向页面中检查会话 ID 时,每次重新加载时我都会得到一个新的会话 ID,就好像身份验证过程尚未完成。
const express = require('express')
require('dotenv').config()
const app = express()
const session = require('express-session')
const passport = require('passport')
const sessionStore = require('./middlewares/redis.js')
const cors = require('cors')
const flash = require('connect-flash')
const paymentRouter = require('./middlewares/stripe.js')
const authRouter = require('./routes/auth')
const userRouter = require('./routes/users')
require('./config/db')
app.use(
cors({
origin: 'http://localhost:3001',
credentials: true,
methods: ['GET', 'POST', 'PUT', 'DELETE'],
allowedHeaders: ['Content-Type', 'Authorization'],
})
)
app.use(express.json())
app.use(
session({
secret: 'eureka',
resave: false,
saveUninitialized: false,
store: sessionStore,
cookie: {
secure: true,
sameSite: 'none',
httpOnly: false,
maxAge: 600000,
},
proxy: true,
})
)
app.use(passport.initialize())
app.use(passport.session())
app.use(flash())
app.use('/auth', authRouter)
app.use('/users', userRouter)
app.use('/membership', paymentRouter)
app.listen(3000, () => {
console.log('Server is running on port 3000')
})
我在谷歌回调函数中放了一个 console.log() 这就是我得到的。我可以清楚地看到用户对象被正确存储了
[0] google callback, req.session: Session {
[0] cookie: {
[0] path: '/',
[0] _expires: 2023-05-09T19:35:43.013Z,
[0] originalMaxAge: 600000,
[0] httpOnly: false,
[0] secure: true,
[0] sameSite: 'none'
[0] },
[0] passport: { user: '6458c3cd6410491384c3584e' }
[0] }
登录过程后它就消失了
[0] Session id in Redis: yCH5HVLwjSkQqd7wazHX5OJLx-bRMxLx
[0] req.session: Session {
[0] cookie: {
[0] path: '/',
[0] _expires: 2023-05-09T19:35:45.505Z,
[0] originalMaxAge: 600000,
[0] httpOnly: false,
[0] secure: true,
[0] sameSite: 'none'
[0] }
[0] }
添加我的授权码
passport.use(
new GoogleStrategy(
{
clientID: GOOGLE_CLIENT_ID,
clientSecret: GOOGLE_CLIENT_SECRET,
callbackURL: '/auth/google/callback',
passReqToCallback: true,
},
async function (req, accessToken, refreshToken, profile, cb) {
const email = profile.emails[0].value
const existingUser = await User.findOne({ email: email })
console.log('user session', req.session)
if (existingUser) {
existingUser.googleId = profile.id
await existingUser.save()
return cb(null, existingUser)
} else {
const newUser = new User({
email: email,
googleId: profile.id,
})
console.log('new user:', newUser)
await newUser.save()
return cb(null, newUser)
}
}
)
)
router.get(
'/google',
passport.authenticate('google', { scope: ['email', 'profile'] })
)
router.get(
'/google/callback',
passport.authenticate('google', {
failureRedirect: '/login',
failureFlash: true,
}),
async function (req, res) {
console.log('google callback, req.user:', req.user)
console.log('google callback, req.session:', req.session)
if (req.user) {
req.flash('error', 'You are already logged in')
req.session.save(() => {
return res.redirect('http://localhost:3001/membership')
})
} else {
req.session.save(() => {
return res.redirect('http://localhost:3001/membership')
})
}
}
)
可能是什么问题?我只是在过去 3 天里被困住了,我尝试了论坛中的大部分解决方案,但我仍然无法找到解决方案