node.js 使用 PassportJS,如何将额外的表单字段传递给本地身份验证策略?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/11784233/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Using PassportJS, how does one pass additional form fields to the local authentication strategy?
提问by k00k
I'm using passportJS and I'm wanting to supply more than just req.body.usernameand req.body.passwordto my authentication strategy (passport-local).
我使用passportJS,我想提供的不仅仅是更多的req.body.username和req.body.password我的身份验证策略(护照本地)。
I have 3 form fields: username, password, & foo
我有 3 个表单域:username, password, &foo
How do I go about accessing req.body.foofrom my local strategy which looks like:
我如何req.body.foo从我的本地策略进行访问,如下所示:
passport.use(new LocalStrategy(
{usernameField: 'email'},
function(email, password, done) {
User.findOne({ email: email }, function(err, user) {
if (err) { return done(err); }
if (!user) {
return done(null, false, { message: 'Unknown user' });
}
if (password != 1212) {
return done(null, false, { message: 'Invalid password' });
}
console.log('I just wanna see foo! ' + req.body.foo); // this fails!
return done(null, user, aToken);
});
}
));
I'm calling this inside my route (not as route middleware) like so:
我在我的路由中调用它(而不是路由中间件),如下所示:
app.post('/api/auth', function(req, res, next) {
passport.authenticate('local', {session:false}, function(err, user, token_record) {
if (err) { return next(err) }
res.json({access_token:token_record.access_token});
})(req, res, next);
});
回答by Jared Hanson
There's a passReqToCallbackoption that you can enable, like so:
passReqToCallback您可以启用一个选项,如下所示:
passport.use(new LocalStrategy(
{usernameField: 'email', passReqToCallback: true},
function(req, email, password, done) {
// now you can check req.body.foo
}
));
When, set reqbecomes the first argument to the verify callback, and you can inspect it as you wish.
当 setreq成为验证回调的第一个参数时,您可以根据需要检查它。
回答by Bhagvat Lande
In most common cases we need to provide 2 options for login
在大多数情况下,我们需要提供 2 个登录选项
- with email
- with mobile
- 用电子邮件
- 用手机
Its simple , we can take common filed username and query $or by two options , i posted following snippets,if some one have have same question .
很简单,我们可以使用常见的用户名和查询 $ 或通过两个选项,我发布了以下片段,如果有人有同样的问题。
We can also use 'passReqToCallback' is best option too , thanks @Jared Hanson
我们也可以使用“passReqToCallback”也是最好的选择,谢谢@Jared Hanson
passport.use(new LocalStrategy({
usernameField: 'username', passReqToCallback: true
}, async (req, username, password, done) => {
try {
//find user with email or mobile
const user = await Users.findOne({ $or: [{ email: username }, { mobile: username }] });
//if not handle it
if (!user) {
return done(null, {
status: false,
message: "That e-mail address or mobile doesn't have an associated user account. Are you sure you've registered?"
});
}
//match password
const isMatch = await user.isValidPassword(password);
debugger
if (!isMatch) {
return done(null, {
status: false,
message: "Invalid username and password."
})
}
//otherwise return user
done(null, {
status: true,
data: user
});
} catch (error) {
done(error, {
status: false,
message: error
});
}
}));
