All users of new express.js (4.x and higher) together with passport.js could experience 'Missing credentials' trouble just because POST data is not parsed by default. To fix it install body-parser npm install body-parserand use in your code:

新 express.js（4.x 及更高版本）和passport.js 的所有用户都可能会遇到“缺少凭据”的问题，因为POST 数据默认不解析。要修复它，请安装 body-parsernpm install body-parser并在您的代码中使用：

var bodyParser = require( 'body-parser' );
app.use( bodyParser.urlencoded({ extended: true }) );

Good point from @ivarni: app.use( bodyParser.urlencoded({ extended: true }) );must be placed beforeinjecting any passport middleware.

@ivarni 的优点：app.use( bodyParser.urlencoded({ extended: true }) );必须在注入任何护照中间件之前放置。

What does your index.html or login page look like? On your post you need to make sure you are sending at least something in the body with a usernameand a passwordfield. If you send a post without those, you'll get a Missing credentialserror message. If you want to change those, you can modify the parameters as shown on this guide.

您的 index.html 或登录页面是什么样的？在您的文章，你需要确保你发送至少东西在身上带一个username和password领域。如果您发送没有这些内容的帖子，您将收到一条Missing credentials错误消息。如果您想更改这些，您可以修改本指南中显示的参数。

You can inspect this yourself by adding a route to capture a login error, and specify that route on your call to passport.authenticate.

您可以通过添加一个捕获登录错误的路由来自己检查这一点，并在调用passport.authenticate.

app.post('/login', 
  passport.authenticate('local', { failureRedirect: '/loginerror', failureFlash: true }),
  function(req, res) {
    res.redirect('/');
  });

app.get('/loginerror') function(req,res) {
    console.log(req.flash('error'));
    res.redirect('/login');
}

I've modified your example to add the necessary forms. In addition, if there is any error, then it gets rendered on the login page. For example, if you just input a username and not a password, you'll see the "Missing credentials" error message. Hope this helps!

我已经修改了您的示例以添加必要的表单。此外，如果有任何错误，则会在登录页面上呈现。例如，如果您只输入用户名而不是密码，您将看到“缺少凭据”错误消息。希望这可以帮助！

var http = require('http'),
    express = require('express'),
    passport = require('passport'),
    LocalStrategy = require('passport-local').Strategy,
    flash = require('connect-flash');

var port = process.env.PORT || 8080;

passport.serializeUser(function(user, done) {
    done(null, user);
});

passport.deserializeUser(function(obj, done) {
    done(null, obj);
});

passport.use(new LocalStrategy(
    function(username, password, done) {
        console.log("LocalStrategy working...");
        return done(null, { id: 1, username: 'Joe', password: 'schmo'});
    }
));

var app = express();

app.configure(function(){
    app.use(express.static(__dirname + '/app'));
    app.use(express.cookieParser('big secret'));
    app.use(express.bodyParser());
    app.use(express.methodOverride());
    app.use(express.cookieSession());
    app.use(flash());
    app.use(passport.initialize());
    app.use(passport.session());
    app.use(app.router);
});

app.get('/', function(req, res){

    var username = "not logged in";

    if (req.user) {
        username = req.user.username;
    }

    var body = '<html><body>';
    body = body + '<p>' + username + '</p>';
    body = body + '<a href="/login">login</a>'
    body = body + '</body></html>'

    res.send(body);
});

app.get('/login', function(req, res){

    var message = req.flash('error');
    var body = '<div><p>' + message + '</p></div>';
    body = body + '<form action="/login" method="post">';
    body = body + '<div><label>Username:</label>';
    body = body + '<input type="text" name="username"/><br/></div>';
    body = body + '<div><label>Password:</label>';
    body = body + '<input type="password" name="password"/></div>';
    body = body + '<div><input type="submit" value="Submit"/></div></form>';
    res.send(body);
});

app.post('/login', 
    passport.authenticate('local', { failureRedirect: '/login', failureFlash: true }),
    function(req, res) {
        res.redirect('/');
});

app.listen(port);

To anyone still receiving this error, double check the fields you send are indeed username& password. If not, you need to pass in extra parameters as suggested in the documentation. E.g

对于仍然收到此错误的任何人，请仔细检查您发送的字段确实是username& password。如果没有，您需要按照文档中的建议传入额外的参数。例如

passport.use( new passportLocal({
  usernameField: 'email',
  passwordField: 'passwd'
}, func..));

I don't think the existing answers explicitly explain the problem which is: Passport Local Strategy will complain about missing credentials if req.body.usernameand req.body.passwordare missing.

我不认为现有的答案明确解释了这个问题：Passport Local Strategy 会抱怨缺少凭据如果req.body.username和req.body.password丢失。

Often the mistake is that the POST data has not been parsed, and that can be fixed by using body-parser.

通常的错误是 POST 数据没有被解析，这可以通过使用body-parser.