我正在使用node.js,express.js和node-oidc-provider建立一个OpenID Connect Provider。我一直在https://github.com/panva/node-oidc-provider-example/tree/master/03-oidc-views-accounts的例子中工作,但它从不处理失败的身份验证。如果用户输错密码,如何将用户重定向回登录页面?
expressApp.get('/interaction/:grant', async (req, res) => {
// The initial route hit by the client (Relying Party) that renders the login view if needed.
...
});
expressApp.post('/interaction/:grant/login', parse, (req, res, next) => {
User.authenticate(req.body.email, req.body.password)
.then((users) => {
// returns an array of user objects that match the credentials
if(!users.length)
{
// What now? I can't just redirect back to /interaction/:grant - I get session not found
}
// the rest works well enough (for now)....
...
}).catch(next);
});
就像任何快递应用程序一样。这样想吧。仅解决与成功的交互,或者如果您希望退出交互并将控制权返回给客户端,则会出错。
我倾向于单独开发交互,只在它们完成后才将它们插入oidc-provider。