PassportJS kullanıldığında, yerel kimlik doğrulama stratejisine ek form alanları nasıl aktarılır?

99

Ben passportJS kullanıyorum ve sadece daha arz etmek isteyen kulüpler req.body.usernameve req.body.passwordbenim kimlik doğrulama stratejisi (pasaport-yerel) için.

Ben 3 form alanları vardır: username, password, vefoo

req.body.fooYerel stratejimden nasıl erişebilirim ki bu şuna benzer:

passport.use(new LocalStrategy(
  {usernameField: 'email'},
    function(email, password, done) {
      User.findOne({ email: email }, function(err, user) {
        if (err) { return done(err); }
        if (!user) {
          return done(null, false, { message: 'Unknown user' });
        }
        if (password != 1212) {
          return done(null, false, { message: 'Invalid password' });
        }
        console.log('I just wanna see foo! ' + req.body.foo); // this fails!
        return done(null, user, aToken);

      });
    }
));

Bunu rotamın içinde (rota ara yazılımı olarak değil) şöyle çağırıyorum:

  app.post('/api/auth', function(req, res, next) {
    passport.authenticate('local', {session:false}, function(err, user, token_record) {
      if (err) { return next(err) }
      res.json({access_token:token_record.access_token});
   })(req, res, next);

  });
node.js  authentication  express  callback  passport.js 
k00k
kaynak

Yanıtlar:

184

There's a passReqToCallback option that you can enable, like so:

passport.use(new LocalStrategy(
  {usernameField: 'email', passReqToCallback: true},
  function(req, email, password, done) {
    // now you can check req.body.foo
  }
));

When, set req becomes the first argument to the verify callback, and you can inspect it as you wish.

Jared Hanson
kaynak
8
That works great, thanks. Is passReqToCallback in the guide? I didn't see it.
k00k
2
Not yet. I'm behind on adding new features/options to the guide.
Jared Hanson
Thanks, saved me a lot of trouble
binarygiant
9
This is really helpful for implementing multi-tenant / multi-tenancy authentication, but didn't come up in my google searches. Hopefully my comment will help folks find this answer in the future.
Kris Dahl
This is very helpful. But is it possible to set the usernameField according to a condition? I have two options: one is email and the other is phonenumber. and the login table contains these two field along with password.
Mathew John
1

In most common cases we need to provide 2 options for login

  • with email
  • with mobile

Its simple , we can take common filed username and query $or by two options , i posted following snippets,if some one have have same question .

We can also use 'passReqToCallback' is best option too , thanks @Jared Hanson

passport.use(new LocalStrategy({
    usernameField: 'username', passReqToCallback: true
}, async (req, username, password, done) => {
    try {
        //find user with email or mobile
        const user = await Users.findOne({ $or: [{ email: username }, { mobile: username }] });

        //if not handle it
        if (!user) {
            return done(null, {
                status: false,
                message: "That e-mail address or mobile doesn't have an associated user account. Are you sure you've registered?"
            });
        }

        //match password
        const isMatch = await user.isValidPassword(password);
        debugger
        if (!isMatch) {
            return done(null, {
                status: false,
                message: "Invalid username and password."
            })
        }

        //otherwise return user
        done(null, {
            status: true,
            data: user
        });
    } catch (error) {
        done(error, {
            status: false,
            message: error
        });
    }
}));
Bhagvat Lande
kaynak
Sitemizi kullandığınızda şunları okuyup anladığınızı kabul etmiş olursunuz: Çerez Politikası ve Gizlilik Politikası.
Licensed under cc by-sa 3.0 with attribution required.