我正在护照中运行本地策略,我遇到了一个问题,它似乎可以很好地对用户进行身份验证,并且我可以让该用户在会话中保留在整个网站上,但不能保留管理员。我在 MongoDB 中的单独集合下有用户和管理员帐户。我尝试了很多不同的路线,例如为管理员和用户使用不同的护照以及为管理员和用户使用不同的数据库,但无济于事。我已经站住了。我将不胜感激的建议!
//Passport.js
const LocalStrategy = require('passport-local').Strategy;
const mongoose = require('mongoose')
const bcrypt = require('bcrypt')
// Loads in user model
const User = require('../models/userModel')
//Loads in the admin model
const Admin = require('../models/adminModel')
module.exports = function (authUser){
authUser.use(
'authUser',new LocalStrategy({usernameField: 'username'}, (username, password, done)=>{
//Match user
const user = User.findOne({username: username})
.then(user=>{
if(!user){
return done(null, false, {message: 'Incorrect Username'})
}
//Match password
bcrypt.compare(password, user.password, (err, isMatch)=>{
if(err) throw err;
if (isMatch) {
return done(null, user)
}else {
return done(null, false, {message: 'Incorrect password'})
}
})
})
.catch(err=>console.log(err));
})
)
authUser.serializeUser((user, done) =>{
done(null, user.id);
});
authUser.deserializeUser((id, done) =>{
User.findById(id, (err, user) => {
done(err, user);
});
});
authUser.use(
'admin',new LocalStrategy({usernameField: 'username'}, (username, password, done)=>{
//Match user
const admin = Admin.findOne({username: username})
.then(admin=>{
if(!admin){
return done(null, false, {message: 'Incorrect Username'})
}
//Match password
bcrypt.compare(password, admin.password, (err, isMatch)=>{
if(err) throw err;
if (isMatch) {
return done(null, admin)
}else {
return done(null, false, {message: 'Incorrect password'})
}
})
})
.catch(err=>console.log(err));
})
)
authUser.serializeUser((admin, done) =>{
done(null, admin.id);
});
authUser.deserializeUser((id, done) =>{
Admin.findById(id, (err, admin) => {
done(err, admin);
});
});
}
//Authenticate.js
module.exports = {
checkAuthenticated: function(req, res, next) {
if (req.isAuthenticated()) {
return next()
}
// req.flash('error_msg', 'please login to view this resource')
res.redirect('/Users/Login')
},
checkNotAuthenticated: function(req, res, next) {
if (req.isAuthenticated()) {
return res.redirect('/')
}
// req.flash('error_msg', 'please login to view this resource')
return next()
},
checkAdminAuthenticated: function(req, res, next) {
if (req.isAuthenticated()) {
return next()
}
// req.flash('error_msg', 'please login to view this resource')
res.redirect('http://localhost:3000/Admin/SignIn')
}
}
//Snippet from adminRoute.js
const passport = require('passport')
require('../config/passport.js')(passport)
app.get("/SignIn", checkNotAuthenticated,(req,res) =>{
res.render("adminLogin.ejs")
})
app.get('/Orders', checkAdminAuthenticated, (req, res) => {
Request.find({}).then(results => {
res.render('orders.ejs', {
Orders: results
});
})
})
// Login Handle
app.post('/SignIn', checkNotAuthenticated, (req,res, next)=>{
passport.authenticate('admin',{
successRedirect: '/AdminPage', //On success redirect to home
failureRedirect: '/Admin/SignIn', //On failure redirect back to login page
session: true,
failureFlash: true
})(req,res,next);
})
module.exports = app
//Snippet from userRoute.js
const passport = require('passport')
const authUser = new passport.Passport();
require('../config/passport.js')(authUser)
// DB config
const userDB = require('../config/keys').MongoURI
const User = require('../models/userModel')
app.get("/Login", checkNotAuthenticated,(req,res) =>{
res.render("login.ejs")
})
app.delete('/logout', (req, res) => {
req.logOut()
res.redirect('/Users/Login')
})
app.get('/Register', checkNotAuthenticated, (req,res)=>{
res.render("register.ejs")
})
// Login Handle
app.post('/Login', checkNotAuthenticated,(req,res, next)=>{
authUser.authenticate('authUser',{
successRedirect: '/', //On success redirect to home
failureRedirect: '/Users/Login', //On failure redirect back to login page
session: true,
failureFlash:true
})(req,res,next);
})
module.exports = app
// snippet from app.js
const passport = require('passport')
const authUser = new passport.Passport();
require('./config/passport.js')(authUser)
app.use(authUser.initialize())
app.use(authUser.session())
app.use('/Users', require('./routes/userRoute'))
app.use('/Admin', require('./routes/adminRoute'))
您不需要为管理员和用户创建不同的策略,我尝试过这个并且它工作正常:
//login route
router.post('/', (req, res) =>{
const email = req.body.email;
const password = req.body.password;
//Some validations here, and then:
// for admins im using email addresses which all starting with 'admin'.
// and here i can use slice methods to check if this user is an admin.
const adminCheck = email.slice(0,5);
if(checkAdmin == 'admin'){
passport.authenticate('user', {
successRedirect: '/whereAuthenticatedAdminsAlowed',
failureRedirect: '/login',
failureFlash: true
})(req, res, next);
}
else{
passport.authenticate('user', {
successRedirect: '/whereAuthenticatedUsersAlowed',
failureRedirect: '/login',
failureFlash: true
})(req, res, next);
}
}