http://localhost:3005/api/users/survey 401(未经授权)
客户端 - “此代码用于在用户尚未完成调查时显示模式。”
useEffect(() => {
async function getSurvery() {
const response = await fetch('http://localhost:3005/api/users/survey', {
method: 'GET',
credentials: 'include',
headers: {
Authorization: `Bearer ${authInfo.token}`,
},
})
if (response.status !== 200) {
console.log('response is not ok')
return
}
const data = await response.json()
console.log(data)
openModal()
}
getSurvery()
}, [authInfo.token, openModal])
服务器-
var createError = require('http-errors')
var express = require('express')
var path = require('path')
var cookieParser = require('cookie-parser')
var logger = require('morgan')
var expressLayouts = require('express-ejs-layouts')
require('dotenv').config()
const cors = require('cors')
var session = require('express-session')
// swagger
const swaggerUi = require('swagger-ui-express')
const swaggerJsdoc = require('swagger-jsdoc')
const swaggerDefinition = require('./swagger/swaggerDef')
// passport
const passport = require('passport')
const passportConfig = require('./passport/index.js')
var indexRouter = require('./routes/index')
var usersAPIRouter = require('./routes/userAPI')
var commonAPIRouter = require('./routes/commonAPI')
var collegeAPIRouter = require('./routes/collegeAPI')
var sportsAPIRouter = require('./routes/sportsAPI')
var sequelize = require('./models/index.js').sequelize
var app = express()
sequelize.sync()
const corsOptions = {
origin: 'http://localhost:5173',
credentials: true,
}
app.use(cors(corsOptions))
// passport
passportConfig(passport)
app.use(
session({
resave: false,
saveUninitialized: false,
secret: process.env.COOKIE_SECRET,
cookie: {
httpOnly: true,
secure: false,
maxAge: 1000 * 60 * 60 * 24, // 1 day
},
}),
)
const options = {
swaggerDefinition,
apis: ['./routes/*.js', './swagger/*'],
}
const swaggerSpec = swaggerJsdoc(options)
app.use('/api-docs', swaggerUi.serve, swaggerUi.setup(swaggerSpec))
app.use(passport.initialize())
app.use(passport.session())
// view engine setup
app.set('views', path.join(__dirname, 'views'))
app.set('view engine', 'ejs')
// app.set('layout', 'layout')
// app.set('layout extractScripts', true)
// app.set('layout extractStyles', true)
// app.set('layout extractMetas', true)
// app.use(expressLayouts)
app.use(logger('dev'))
app.use(express.json())
app.use(express.urlencoded({ extended: false }))
app.use(cookieParser())
app.use(express.static(path.join(__dirname, 'public')))
app.use('/', indexRouter)
app.use('/api/users', usersAPIRouter)
app.use('/api/common', commonAPIRouter)
app.use('/api/college', collegeAPIRouter)
app.use('/api/sports', sportsAPIRouter)
app.use('/public', express.static('public'))
// catch 404 and forward to error handler
app.use(function (req, res, next) {
next(createError(404))
})
// error handler
app.use(function (err, req, res, next) {
// set locals, only providing error in development
res.locals.message = err.message
res.locals.error = req.app.get('env') === 'development' ? err : {}
// render the error page
res.status(err.status || 500)
res.render('error')
})
module.exports = app
passport index.js
const local = require('./localStrategy')
const kakao = require('./kakaoStrategy')
const admin = require('./adminStrategy')
const db = require('../models/index')
// serializeUser: pass user_id
// deserializeUser: find user by user_id and pass user data
// user data includes [user_id, email, name, nickname, profile_img, phone, birth_date]
module.exports = (passport) => {
passport.serializeUser((userSessionData, done) => {
const id = userSessionData.admin_id
? { type: 'admin', id: userSessionData.admin_id }
: { type: 'user', id: userSessionData.user_id }
console.log('serializeUser:', id)
done(null, id)
})
passport.deserializeUser(async (userId, done) => {
console.log('deserializeUser:', userId)
try {
if (userId.type === 'admin') {
const admin = await db.Admins.findOne({
where: { admin_id: userId.id },
attributes: ['admin_id', 'id', 'name', 'email'],
})
done(null, admin)
return
}
const user = await db.Users.findOne({
where: { user_id: userId },
attributes: ['user_id', 'email', 'name', 'nickname', 'profile_img', 'phone', 'birth_date'],
})
done(null, user)
} catch (error) {
console.error(error)
done(error, null)
}
})
local(passport)
admin(passport)
kakao(passport)
}
var bcrypt = require('bcryptjs')
const LocalStrategy = require('passport-local').Strategy
var db = require('../models/index')
const enums = require('../common/enums.js')
const { Op } = require('sequelize')
// passport-local
// if success, return userSessionData / if fail, return message
// userSessionData: { user_id, email, name, nickname, profile_img, phone, birth_date }
module.exports = (passport) => {
passport.use(
'user_local',
new LocalStrategy(
{
usernameField: 'email',
passwordField: 'password',
},
async (email, password, done) => {
try {
const user = await db.Users.findOne({
where: {
email: email,
use_status_code: {
[Op.ne]: enums.USE_STATUS_CODE.WITHDRAWAL,
},
},
})
if (!user) {
return done(null, false, {
message: '존재하지 않는 사용자입니다.',
})
}
const isMatch = await bcrypt.compare(password, user.password)
if (!isMatch) {
return done(null, false, {
message: '비밀번호가 일치하지 않습니다.',
})
}
var userSessionData = {
user_id: user.user_id,
is_user_verified: user.is_user_verified,
email: user.email,
name: user.name,
nickname: user.nickname,
profile_img: user.profile_img,
phone: user.phone,
birth_date: user.birth_date,
}
return done(null, userSessionData)
} catch (error) {
console.error(error)
return done(error)
}
},
),
)
}
“期待:
虽然我们确认令牌在开发者工具网络中正确传递,但 req.isAuthenticated() 在后端返回 false。
尝试:
验证了 req.login 的使用。 检查 CORS 设置。 确认会话的初始化及其放置。”
首先必须将授权后得到的token放入localStorage中。在useEffect函数之后你必须得到这个token